Statements like this make me question if #BleepingComputer is actually a useful info source:

"Since APKs downloaded from outside Google Play cannot be vetted, the best way to protect against these threats is to avoid installing Android apps from third-party sites in the first place." https://www.bleepingcomputer.com/news/security/thousands-of-android-apks-use-compression-trick-to-thwart-analysis/

#FDroid not only vets the binaries it ships, it also vets the source code. #GooglePlay is not the safest source of apps on #Android.