Analysis of Android Worm that spreads via WhatsApp messages as Huawei Mobile app
https://youtu.be/XXi29noe2NE

Different Android security lock states and their trade-offs
https://www.mayrhofer.eu.org/post/android-tradeoffs-2-lockstates/

Update your iOS!
iOS 0days chain /RCE+LPE/ is being exploited ITW. The fix is available.
https://support.apple.com/en-us/HT212146

Apparently new Android banking Trojan called "Oscorp" spreads in Italy
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fcert-agid.gov.it%2Fnews%2Foscorp-il-solito-malware-per-android%2F

Demo of technique used by Android malware that prevents victim to uninstall it from device (how to fix it)
https://youtu.be/YvfiKPpMoaU

Useful insight on Android's Special App Accesses, since they are treated and mitigated differently as regular app permissions
https://medium.com/mitre-attack/mobile-attack-mitigating-android-abuse-50516fb7de85

Security Fixes and Rewards for Chrome for Android
https://chromereleases.googleblog.com/2020/10/chrome-for-android-update_31.html

Investigation Xoth: Smartphone location tracking
https://www.expressvpn.com/digital-security-lab/investigation-xoth

Reverse Engineering iMessage: Leveraging the Hardware to Protect the Software
https://www.nowsecure.com/blog/2021/01/27/reverse-engineering-imessage-leveraging-the-hardware-to-protect-the-software/

Android Penetration Testing: Frida https://www.hackingarticles.in/android-penetration-testing-frida/

Vulnerability found in Facebook for Android that could trigger malicious deep links, run arbitrary JavaScript or replace URLs to phishing pages
https://ash-king.co.uk/blog/Launching-internal-non-exported-deeplinks-on-Facebook

Reverse engineering Flutter for Android + Doldrums (Doldrums is a reverse engineering tool for Flutter apps)
https://rloura.wordpress.com/2020/12/04/reversing-flutter-for-android-wip/
https://github.com/rscloura/Doldrums

Dissecting a MediaTek BootROM exploit
https://tinyhack.com/2021/01/31/dissecting-a-mediatek-bootrom-exploit/

Data Driven Security Hardening in Android
https://security.googleblog.com/2021/01/data-driven-security-hardening-in.html

Hackers tried to trick iPhone users into installing a fake version of WhatsApp to spy on them.
How: By tricking users into installing configuration files or so-called Mobile Device Management (MDM) profiles, which can then potentially push malware onto a target device.
https://www.vice.com/en/article/akdqwa/a-spyware-vendor-seemingly-made-a-fake-whatsapp-to-hack-targets

New Android DDoS botnet called - Matryosh - communicates over TOR and infect devices via enabled ADB port
https://blog.netlab.360.com/matryosh-botnet-is-spreading-en/

CVE-2020-27932: iOS Kernel privesc with turnstiles
https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html

Analysis of Android downloader
https://cryptax.medium.com/an-apparently-benign-app-distribution-scheme-which-has-all-it-takes-to-turn-very-ugly-f733be528535

Barcode Scanner app on Google Play infects 10 million users with one update
https://blog.malwarebytes.com/android/2021/02/barcode-scanner-app-on-google-play-infects-10-million-users-with-one-update/

Insecure Data Storage: Clear Text Storage of Sensitive Information (Hard-coded strings, credentials, tokens & keys)
https://medium.com/mobis3c/insecure-data-storage-clear-text-storage-of-sensitive-information-hard-coded-strings-fb7b056c0d0

Domestic Kitten (APT-C-50) – An Inside Look at the Iranian Surveillance Operations
https://research.checkpoint.com/2021/domestic-kitten-an-inside-look-at-the-iranian-surveillance-operations/