Military service members have been receiving physical smartwatches in the mail. Smartwatches can auto-connect to Wifi and began connecting to cell phones unprompted, access voice and cameras
https://www.cid.army.mil/Media/Press-Center/Article-Display/Article/3429159/cid-lookout-unsolicited-smartwatches-received-by-mail/

Reversing Flutter-based Android Malware “Fluhorse”
https://www.fortinet.com/blog/threat-research/fortinet-reverses-flutter-based-android-malware-fluhorse

How to manually unpack native Android packer called KangaPack
https://cryptax.medium.com/inside-kangapack-the-kangaroo-packer-with-native-decryption-3e7e054679c4

Four Anatsa (also known as TeaBot) Android banking Trojans were discovered on Google Play Store with over 30,000 installs targeting almost 600 financial app
https://www.threatfabric.com/blogs/anatsa-hits-uk-and-dach-with-new-campaign

Interesting hardening technique of Android financial apps
Put custom permission on their components such as activities, services, etc, so banking Trojans can't launch and interact with them
This prevents malware to perform on device fraudulent transactions
https://debugactiveprocess.medium.com/strengthening-android-security-mitigating-banking-trojan-threats-fe94ae9e2f02

Android SELinux Internals Part I Understand how Android SELinux works, along with its functionalities and benefits
https://8ksec.io/android-selinux-internals-part-i-8ksec-blogs/

A modified version of the Telegram Androis app found to be maliciously patched with Triada malware
https://blog.checkpoint.com/security/dont-be-fooled-by-app-earances-check-point-researchers-spot-hidden-malwares-behind-legitimate-looking-apps/

Kunai - library for analyzing Dalvik Executable Files (DEX)
https://farena.in/android/analysis/kunai-lib/

Intercepting Android App Traffic using BurpSuite
Video tutorial shows how to setup Android emulator, installing Burp Certificate in the System Store, proxy app traffic through BurpSuite, and bypass certificate pinning using Frida
https://youtu.be/xp8ufidc514

Bringing NFC contactless payment to CASIO F-91W watch
https://medium.com/@matteo.pisani.91/how-i-hacked-casio-f-91w-digital-watch-892bd519bd15

Introduction to Kali NetHunter Hacker series: Which NetHunter fits you best?
https://www.mobile-hacker.com/2023/07/04/introduction-of-kali-nethunter-hacker-series-and-which-nethunter-fits-you-best/

Analysis of account takeover discovered in Android app with 100M+ installs from Google Play ($1000 bounty)
https://medium.com/@amolbhavar/how-i-get-1000-bounty-for-discovering-account-takeover-in-android-application-3c4f54fbde39

Analysis of Android EverSpy 2 Malware which source code price is $4,000
https://www.theobservator.net/everspy-2-malware-reverse-engineering/

Android ASCWG CTF Challenge
https://0xmkr24.medium.com/android-challenge-in-ascwg-finals-109c03c66055

Using MLIR for Dalvik Bytecode Analysis
Using intermediate representations allows analysts to write optimizations and code analysis passes easier than parsing binary or bytecode directly. Kunai is a library intended for static analysis of dalvik bytecode, in a newer version of the library, the idea is to use the capabilities and possibilities offered by MLIR, writing a new dialect centered on Dalvik instructions.
Presentation: https://youtu.be/hfqOivYdD40
Slides: https://llvm.org/devmtg/2023-05/slides/Lightning-Talks/01-Eduardo-EuroLLVM2023.pdf

Exploit Google Pixel 7

In detail analysis of exploiting CVE-2023-21400 on Google Pixel 7 with Dirty Pagetable exploit that uses file UAF and pid UAF vulnerabilities
https://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html

Android malware installed directly from a website can bypass "installation from untrusted sources" warning using WebAPK technology
WebAPK enables creation Android native apps from web applications
https://www.linkedin.com/pulse/using-webapk-technology-phishing-attacks-csirt-knf

The Turkish Government Masqueraded Site Distributing Android RAT
https://blog.cyble.com/2023/07/10/the-turkish-government-masqueraded-site-distributing-android-rat/

How to install Kali NetHunter on rootless Android via Termux and how to set it up as a portable Kali Linux workstation
Blog: https://www.mobile-hacker.com/2023/07/11/nethunter-hacker-i-installation-of-rootless-kali-nethunter/
Video tutorial: https://youtu.be/fqaSEbaYkJQ

Letscall – new sophisticated Vishing toolset consists of three malicious stages
https://www.threatfabric.com/blogs/letscall-new-sophisticated-vishing-toolset

Obfuscation in Mobile Apps https://speakerdeck.com/marcobrador/droidcon-berlin-2023-obfuscation-in-mobile-apps