FluHorse – Newly Discovered Android Malware Disguised as Popular Android Apps Targeting East Asia to steal victim credentials and 2FA codes
https://research.checkpoint.com/2023/eastern-asian-android-assault-fluhorse/

Mobile Threats Report for Q1/2023 by Avast
https://decoded.avast.io/threatresearch/avast-q1-2023-threat-report/#mobile

Fleckpe - A new family of Trojan subscribers discovered on Google Play #Jocker #Harly
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/

Bypass Tiktok SSL pinning on Android devices
https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass

Meta (Facebook) Adversarial Threat Report for Q1 2023 (Android threats included)
https://about.fb.com/wp-content/uploads/2023/05/Meta-Quarterly-Adversarial-Threat-Report-Q1-2023.pdf

Analysis of Android SpyNote spyware targeting Indian Railway Catering and Tourism Corporation (IRCTC) users
https://labs.k7computing.com/index.php/spynote-targets-irctc-users/

GSMA Mobile Telecommunications Security Landscape in 2022
(ransomware, malware, smsishing, spyware, SIM swap, eSIM fraud, supply chain attacks, critical national infrastructure attacks, human threat...)
https://www.gsma.com/security/wp-content/uploads/2023/02/GSMA-Mobile-Telecommunications-Security-Landscape-2023_v1_for-website.pdf

Three ways how to dynamically load code into an Android application at runtime
https://erev0s.com/blog/3-ways-for-dynamic-code-loading-in-android/

DroidFrida: Android app for executing frida noscripts directly on your android device
https://github.com/ac3ss0r/DroidFrida/

JAMBOREE: Portable all in one tool to install essential Android tools (Java, Android tools, Magisk, BurpSuit, Objection, Root Emulator, Frida etc.)
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy

I/O 2023: What's new in Android security and privacy
-Safe Browsing: faster more intelligent protection
-Passkeys helps move users beyond passwords
-new API that lets developers limit accessibility services from interacting with their apps
-Data safety section in Google Play last year to help you see how developers collect, share, and protect user data
-Better control and protection over your photos and videos
http://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html

Advanced Frida Usage Part 1 – iOS Encryption Libraries
https://8ksec.io/advanced-frida-usage-part-1-ios-encryption-libraries-8ksec-blogs/

Converso app: How I accidentally breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger called Converso
https://crnkovic.dev/testing-converso/

Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App (CVE-2023-28153, CVE-2023-29078, CVE-2023-29079)
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/

Revisiting Stealthy Sensitive Information Collection from Android Apps [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-Bai-Stealthy-Sensitive-Information-Collection-from-Android-Apps.pdf

Two Bugs With One PoC: Rooting Pixel 6 From Android 12 to Android 13 [slides] #BlackHatAsia23
http://i.blackhat.com/Asia-23/AS-23-WANG-Two-bugs-with-one-PoC-Rooting-Pixel-6-from-Android-12-to-Android-13.pdf

Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors [slides] #BlackHatAsia23
http://i.blackhat.com/Asia-23/AS-23-Valsamaras-Dirty-Stream-Attack-Turning-Android.pdf

Weaponizing Mobile Infrastructure: Are Politically Motivated Cyber Attacks a Threat to Democracy? [slides] #BlackHatAsia23
http://i.blackhat.com/Asia-23/AS-23-Saleem-Weaponizing-mobile-Infrastructure.pdf

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices
https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html

Hacking Chess.com: Unlocking Premium Bots on the Android App
https://medium.com/@icebre4ker/hacking-chess-com-my-journey-to-unlock-premium-bots-on-the-android-app-d8cac9d25094

Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel
This paper presents an exploit for a unique Binder kernel use-after-free (UAF) vulnerability which was disclosed recently (CVE-2022-20421)
Write-up: https://0xkol.github.io/assets/files/Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
Slides: https://0xkol.github.io/assets/files/OffensiveCon23_Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
PoC: https://github.com/0xkol/badspin