Android runs on Java amongst other things.
Android's use of Java is special in several ways. The Android API differs greatly from other standard Java J2SE and J2ME APIs. Secondly, the use of the Dalvik VM means that Android packages cannot just be run under desktop operating systems such as Linux, Windows, or ... Read more »
The front page of Slashdot today tells us that another Java 0-day has been found. It works in Metasploit and is being used in the wild. Turn off the Java plugin now! Never turn it back on.
[article]
The analysis of this seems to point to the getField function of sun.awt.SunToolkit. See the code below ... Read more »
The first applets to discover are the Demo Applets. If you have installed the JDK, they can be found in demo/applets. Note that the JDK 7 distributes the demos in a separate package. Alphabetically, we can start with Animator example 1. If you want to run it natively instead of in a browser for now, ... Read more »
Quequero recently reverse-engineered RootSmart Android Malware which explains a facet of Android malware.
Dinesh Shetty walks through reverse-engineering a piece of Android malware in Demystifying Android Malware.
Read more »