Submitted via IRC for SoyCow8317
A vulnerability in the Android (CVE-2017-13156) mobile OS could result in tampering with applications’ code without altering their signature.
Source: http://www.securityweek.com/vulnerability-allows-modification-signed-android-apps [securityweek.com]