If you fired up Pokemon Go yesterday just to find that you weren't able to connect, there's one potentially good reason behind it. It appears that Google recently updated how their SafetyNet detections work, and the new changes are able to pick up some previous root-hiding methods. If you are using Magisk, the current workaround is to set it to operate in "core only" mode via settings in Magisk Manager.
Magisk developer topjohnwu issued a statement on the subject earlier today, in which he waxed for a bit on the perpetual cat-and-mouse game of hiding from SafetyNet checks. He stated that he has found a workaround for the new detection policy, but to wait for the next beta. It appears that the most likely method for detection now is app based. Rather than checking if su is present when it shouldn't be or if it can be invoked, it appears that Google might just be checking to see if a root manager application is installed.
— John Wu (@topjohnwu) June 14, 2017
It's such a simple check that it's difficult to prevent since any app can call up a list of apps on the device, and technically it doesn't even check if a device has been modified or tampered with since a root manager can be present without having root. He could easily fix that by simply tweaking the name of his application, but that's not an ideal fix, as detection could just as easily change the name it looks for.
Chainfire's suhide seems to be able to escape package name detection for the time being, as it uses another method to work, though the downloads page for suhide says it isn't currently working. So in the meantime, if you've been hiding root, right now you'll have to move Magisk over into core only mode for the time being if you still want to pass SafetyNet checks. We've reached out to topjohnwu for more information about a future workaround for the SafetyNet changes, or a release schedule for any fixes, and we will add any relevant information to this post when we get it.
- XDA Developers