Sophisticated phishing method targeted mobile users via Progressive Web Apps (iOS, Android) and WebAPKs (Android) to mimic banking apps. Installing WebAPK apps doesn't warn the victim about installing a third-party application and they even appear to have been installed from the Google Play store
https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/

New Android malware - NGate - relays NFC data from victims’ payment cards, via victims’ compromised mobile phones, to attacker's device waiting at an ATM to withdraw cash
https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/

Technical Analysis of Copybara
https://threatlabz.zscaler.com/blogs/security-research/technical-analysis-copybara

How to root an Android device for analysis and vulnerability assessment
https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/

Intercepting iHealth app traffic with Caido and Frida
iHealth Nexus Pro Body Composition Scale only communicates via Bluetooth Low Energy (BLE) to a iHealth mobile app
Blog: https://brownfinesecurity.com/blog/intercepting-mobile-traffic-with-caido-and-frida/
Video: https://youtu.be/GvRi7chKMPI

Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF) could allow malicious actors to execute code remotely on servers running MobSF (CVE-2024-43399)
https://securityonline.info/cve-2024-43399-critical-zip-slip-vulnerability-discovered-in-mobile-security-framework-mobsf

Rocinante: Analysis of new Android banking trojan
https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante

Reverse Engineering Obfuscated Flutter App
https://youtu.be/0uUSwMg2suk

New Phishing Campaign Spreads EagleSpy Android Malware
https://www-d3lab-net.translate.goog/nuova-campagna-di-phishing-diffonde-malware-android-eaglespy/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en

GPUAF Using a general GPU exploit tech to attack Pixel 8
We developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploited a vulnerability in the Pixel series, achieving Kernel Code Execution.
https://www.youtube.com/watch?v=Mw6iCqjOV9Q

New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/

Attempted cyberattacks on Ukrainian military systems using mobile malware
https://cert.gov.ua/article/6280563

How to intercepting Android at runtime on non-rooted devices using frida-gadget
https://dispatchersdotplayground.hashnode.dev/intercepting-android-at-runtime-on-non-rooted-devices

[$12000] How I found 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security issues in TikTok’s system
https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3

Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos
https://labs.taszk.io/articles/post/there_will_be_bugs/

A new TrickMo saga: from Banking Trojan to Victim's Data Leak
https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak

Exploiting JavaScript Interface for Unauthorized Access in a Kucoin cryptocurrency exchange Android app
https://hulkvision.github.io/blog/javanoscript-interface/exploiting-javanoscript-interface/

Android banking trojan - Ajina - attacks Central Asia: Story of an Uzbek Android Pandemic
https://www.group-ib.com/blog/ajina-malware

Android Vo1d malware infected over a million Android TV boxes
It is a backdoor that puts its components in the system storage and, when commanded by attackers, is capable of secretly downloading and installing third-party software
https://news.drweb.com/show/?i=14900&lng=en

Diving into ADB protocol internals (1/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12

Wild vulnerabilities discovered in mobile dating app - Feeld with 1 Million installs on Google Play
-Disclosure of profile information to non-premium users
-Read other people’s messages
-access to other people’s photos & videos from their chats
-delete, recover and edit other people’s messages
-Update someone else’s profile information
-Send messages in other people’s chat
-Get a ‘Like’ from any user profile
https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/