The XLoader Android malware, operated by the threat actor known as Roaming Mantis, has been found to automatically execute on infected devices without requiring user interaction.