Unidbg to production
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html

Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/

Fully-remote (0-click) bug on the Samsung S24 if Google Messages is configured for RCS (the default configuration on this device), as the trannoscription service decodes incoming audio before a user interacts with the message for trannoscription purposes. Issue is fixed now.
https://project-zero.issues.chromium.org/issues/368695689

Analysis of Autel MaxiCharger Android app to reviewing the attack surface
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two

Android malware in DoNot APT operations
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/

USB Army Knife: Close Access Penetest Tool
It is capable of: remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/

Vulnerability of hotel room Android kiosk tablets
It was possible to execute ADB commands, unlock bootloader and possibly escalate privileges to root. Pull kiosk apps for reverse engineering and obtain servers (pivot) or hardcoded secrets.
As a result attacker could pose as another guest room terminal and control the air conditioning and lights, place orders, display bills, and eavesdrop on chats
https://devblog.lac.co.jp/entry/20250124

Analysis of TrickMo Android malware campaign targeting Poland
https://www.sirt.pl/atak-na-uzytkownikow-androida-falszywa-aplikacja-olx/

Android Tria stealer: malware that exfiltrates data and hijack accounts
https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/

Understanding WiFi Karma attacks or how and why devices can auto-reconnect to untrusted networks
https://www.mobile-hacker.com/2025/02/05/hacking-on-the-go-wi-fi-karma-attacks-with-mobile-devices/

SparkCat malware: OCR crypto stealers in Google Play and App Store
https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/

Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach
https://www.zimperium.com/blog/mobile-indian-cyber-heist-fatboypanel-and-his-massive-data-breach/

Frida noscript to bypass root detection & SSL certificate pinning
https://github.com/0xCD4/SSL-bypass

Unpacking the BADBOX Botnet with Censys
https://censys.com/unpacking-the-badbox-botnet/

Exploiting the iOS Kernel by Spraying IOSurfaces
https://youtu.be/Y-UI4dEFXFk?si=6UpFUyABAX7htCWn

Evil Crow RF: A Portable Radio Frequency Device compatible with Flipper Zero Sub-GHz file format
https://www.mobile-hacker.com/2025/02/11/evil-crow-rf-a-portable-radio-frequency-device/

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites
https://cyble.com/blog/btmob-rat-newly-discovered-android-malware/

Network Security Issues in RedNote app
https://citizenlab.ca/2025/02/network-security-issues-in-rednote/

Using capa Rules for Android Malware Detection
https://cloud.google.com/blog/topics/threat-intelligence/capa-rules-android-malware-detection/

First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200)
https://blog.quarkslab.com/first-analysis-of-apples-usb-restricted-mode-bypass-cve-2025-24200.html

Introduction to Fuzzing Android Native Components: Strategies for Harness Creation
https://blog.convisoappsec.com/en/introduction-to-fuzzing-android-native-components-strategies-for-harness-creation/