Qardio Heart Health IOS and Android Application and QardioARM A100
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-044-01
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-044-01
🌚3
Bettercap on Android
60-pages guide on how to use bettercap on mobile device
https://www.mobile-hacker.com/2025/02/21/bettercap-on-android-a-portable-network-security-toolkit/
60-pages guide on how to use bettercap on mobile device
https://www.mobile-hacker.com/2025/02/21/bettercap-on-android-a-portable-network-security-toolkit/
Mobile Hacker
Bettercap on Android: A Portable Network Security Toolkit
This setup is not only lightweight and portable but also ensures that a pentester can operate in plain sight, appearing as just another person on their phone. In this guide, we'll show you how to install, configure, and use bettercap on Android, unlocking…
👍20😁6👏3🔥2
SpyLend Android malware downloaded 100,000 times from Google Play
https://www.cyfirma.com/research/spylend-the-android-app-available-on-google-play-store-enabling-financial-cyber-crime-extortion/
https://www.cyfirma.com/research/spylend-the-android-app-available-on-google-play-store-enabling-financial-cyber-crime-extortion/
CYFIRMA
SPYLEND: The Android App Available on Google Play Store: Enabling Financial Cyber Crime & Extortion - CYFIRMA
EXECUTIVE SUMMARY At CYFIRMA, we are dedicated to providing current insights into prevalent threats and strategies employed by malicious entities...
😱10🌚3👍1👻1
Android trojan TgToxic updates its capabilities
https://intel471.com/blog/android-trojan-tgtoxic-updates-its-capabilities
https://intel471.com/blog/android-trojan-tgtoxic-updates-its-capabilities
👍8🌚4🔥3❤1
How to build portable Kali box with Raspberry Pi and Touchscreen
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
https://www.mobile-hacker.com/2025/02/26/building-a-portable-kali-box-with-raspberry-pi-and-touchscreen/
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
https://www.mobile-hacker.com/2025/02/26/building-a-portable-kali-box-with-raspberry-pi-and-touchscreen/
Mobile Hacker
Building a Portable Kali Box with Raspberry Pi and Touchscreen
In this guide, I will walk you through the process of setting up a Raspberry Pi with a 3.5-inch touchscreen running Kali Linux. This compact yet powerful setup is perfect for on-the-go penetration testing and cybersecurity research. I’ll cover everything…
👍23🌚3👎1
Exploiting the iOS Kernel by Spraying IOSurfaces (part 2)
https://youtu.be/Y-UI4dEFXFk
https://youtu.be/Y-UI4dEFXFk
🌚10🔥4
nRootTag: 1.5 Billion iPhones Used for Malicious Tracking
nRootTag vulnerability allows remote tracking through Apple's Find My network using Bluetooth technology
https://securityonline.info/nroottag-1-5-billion-iphones-used-for-malicious-tracking/
nRootTag vulnerability allows remote tracking through Apple's Find My network using Bluetooth technology
https://securityonline.info/nroottag-1-5-billion-iphones-used-for-malicious-tracking/
Daily CyberSecurity
nRootTag: 1.5 Billion iPhones Used for Malicious Tracking
Learn how the nRootTag vulnerability allows remote tracking through Apple's Find My network using Bluetooth technology.
🌚9
Long Live The Vo1d Botnet: New Variant Hits 1.6 Million TV Globally
https://blog.xlab.qianxin.com/long-live-the-vo1d_botnet/
https://blog.xlab.qianxin.com/long-live-the-vo1d_botnet/
奇安信 X 实验室
Long Live The Vo1d Botnet: New Variant Hits 1.6 Million TV Globally
Prologue
On February 24, 2025, NBC News reported: "Unauthorized AI-generated footage suddenly played on televisions at the U.S. Department of Housing and Urban Development (HUD) headquarters in Washington, D.C. The video showed President Donald Trump bowing…
On February 24, 2025, NBC News reported: "Unauthorized AI-generated footage suddenly played on televisions at the U.S. Department of Housing and Urban Development (HUD) headquarters in Washington, D.C. The video showed President Donald Trump bowing…
❤10👍4🔥2🌚1
Cellebrite zero-day exploit used to target phone of Serbian student activist to install Android spyware
https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/
https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/
Amnesty International Security Lab
Cellebrite zero-day exploit used to target phone of Serbian student activist - Amnesty International Security Lab
Amnesty International’s Security Lab uncovers sophisticated Cellebrite zero-day exploit, impacting billions of Android devices.
🔥17👍3😁1💩1
Trigon: developing a deterministic kernel exploit for iOS
https://alfiecg.uk/2025/03/01/Trigon.html
https://alfiecg.uk/2025/03/01/Trigon.html
Alfie CG
Trigon: developing a deterministic kernel exploit for iOS (part 1)
Background Vulnerability Experimentation Arbitrary physical mapping Dynamically finding our mapping base Finding the kernel base A10(X) A11 Non-KTRR devices Virtual kernel read/write Page table panic Brandon Azad’s method PV head table (again) IOSurface kernel…
🔥11🌚2👍1👏1
Mobile malware evolution in 2024
https://securelist.com/mobile-threat-report-2024/115494/
https://securelist.com/mobile-threat-report-2024/115494/
Securelist
The mobile threat landscape in 2024
❤10👍2👎1🥱1🌚1
EvilLoader: Yesterday was published PoC for unpatched vulnerability affecting Telegram for Android.
The exploit has been sold on underground forum since January 2025.✅Don't install external players if requested by received corrupted video file on Telegram.
https://www.mobile-hacker.com/2025/03/05/evilloader-unpatched-telegram-for-android-vulnerability-disclosed/
The exploit has been sold on underground forum since January 2025.✅Don't install external players if requested by received corrupted video file on Telegram.
https://www.mobile-hacker.com/2025/03/05/evilloader-unpatched-telegram-for-android-vulnerability-disclosed/
Mobile Hacker
EvilLoader: Unpatched Telegram for Android Vulnerability Disclosed
A newly disclosed in Telegram for Android, dubbed EvilLoader, allows attackers to disguise malicious APKs as video files, potentially leading to unauthorized malware installations on users' devices.
👍19❤4🔥3🌚2👎1
BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0/
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0/
HUMAN Security
Satori Threat Intelligence Disruption: BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes - HUMAN Security
HUMAN's Satori Threat Intelligence and Research Team uncovered BADBOX 2.0, a major expansion and adaptation of the earlier BADBOX operation.
👍13🔥5👏3❤1
[analysis] PlayPraetor trojan spreads through fake Play Store pages to steal user data
https://cdn.prod.website-files.com/66fbdb04ee8bb0436308fc15/67c83686e642fa846565699c_CTM360%20Report_%20PlayPraetor%20Trojan%20-%20Clear%20TLP.pdf
https://cdn.prod.website-files.com/66fbdb04ee8bb0436308fc15/67c83686e642fa846565699c_CTM360%20Report_%20PlayPraetor%20Trojan%20-%20Clear%20TLP.pdf
🌚10👍1
KoSpy: New Android Spyware was discovered on Google Play Store, operated by North Korea TA and attributed to APT37.
KoSpy app is still available on alternative app stores.
https://www.lookout.com/threat-intelligence/article/lookout-discovers-new-spyware-by-north-korean-apt37
KoSpy app is still available on alternative app stores.
https://www.lookout.com/threat-intelligence/article/lookout-discovers-new-spyware-by-north-korean-apt37
Lookout
Lookout Discovers North Korean APT37 Mobile Spyware | Threat Intel
Lookout researchers have discovered a novel Android surveillance tool dubbed KoSpy. It is attributed to APT 37 aka ScarCruft.
🌚7👍3❤2
Android Banking Trojan – OctoV2, masquerading as Deepseek AI
https://labs.k7computing.com/index.php/android-banking-trojan-octov2-masquerading-as-deepseek-ai/
https://labs.k7computing.com/index.php/android-banking-trojan-octov2-masquerading-as-deepseek-ai/
K7 Labs
Android Banking Trojan – OctoV2, masquerading as Deepseek AI
The world is moving from human reality to artificial reality aka advanced artificial intelligence (AI). In January 2025, Deepseek, an […]
🌚11❤1👍1🥱1😴1
It works! The first real smartwatch with Wi-Fi injection, capturing a WPA2 handshake! Using Kali NetHunter running Hijacker app on TicWatch Pro 3 smartwatch. All of that is possible thanks to @yesimxev, one of NetHunter developers! Video credits to @yesimxev (X)
https://www.instagram.com/reel/DHK8eahN2IZ/
https://www.instagram.com/reel/DHK8eahN2IZ/
🔥17👍3🌚3❤1👏1
🚨 Android Threat Hunters, Your Job Just Got Easier!
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://goo.su/GH7WO
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://goo.su/GH7WO
👍16❤3
Vapor malware: Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Blog: https://www.bitdefender.com/en-us/blog/labs/malicious-google-play-apps-bypassed-android-security
PDF report: https://go.integralads.com/rs/469-VBI-606/images/AMER_VAPOR_THREAT_REPORT_IAS.pdf
Blog: https://www.bitdefender.com/en-us/blog/labs/malicious-google-play-apps-bypassed-android-security
PDF report: https://go.integralads.com/rs/469-VBI-606/images/AMER_VAPOR_THREAT_REPORT_IAS.pdf
Bitdefender Labs
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Bitdefender's security researchers have found a huge ad fraud campaign with hundreds of malicious apps in the Google Play Store
👍10🌚2
Analysis of Paragon’s Graphite Spyware Operations misusing WhatsApp Zero-Click exploit
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
🔥18👏3❤1👍1
Looks like there is a demand for Telegram RCE exploit
https://techcrunch.com/2025/03/21/russian-zero-day-seller-is-offering-up-to-4-million-for-telegram-exploits/
https://techcrunch.com/2025/03/21/russian-zero-day-seller-is-offering-up-to-4-million-for-telegram-exploits/
🔥24😁6👍2❤1👏1🤮1💩1🤡1