Google Keep is one of seven note-taking applications targeted by the Perseus Android banking trojan, which abuses Android Accessibility Services to scan note content for stored passwords and cryptocurrency wallet recovery phrases; no vulnerability in the Google Keep application itself is being exploited, and no patch is applicable. The risk is behavioral: users storing credentials or recovery phrases in Keep are directly exposed to credential theft if Perseus is installed on their device. Organizations should distribute advisories prohibiting credential storage in Keep and audit MDM telemetry for Accessibility Service grants held by non-system applications.