There’s always some new security flaw that needs patching. It’s been revealed that some Broadcom chips allow rogue Wi-Fi signals to execute code of attacker’s choosing. Google has fixed this in the April security update but it can take a while before devices receive it and some devices won’t get the update at all.
The Broadcom chip is used in both iOS and Android devices. Apple already patched the vulnerability, but Google is still in the process of releasing the fix. The lack of security protections in the Broadcom chip made it a prime target. It’s a pretty severe vulnerability, so make sure you update your device as soon as possible.