The leak of Samsung Android platform signing keys seems like a pretty big deal.

What's interesting is there seems to be evidence of it being abused years ago as well.l, but that remains to be seen and fully investigated.

Play detects the malicious signed keys but those people that side load apps, hopefully this pushes v3 signing for platforms