The State of iOS Jailbreaking in 2025
[slides] https://github.com/alfiecg24/Presentations/blob/main/The%20State%20of%20iOS%20Jailbreaking%20in%202025.pdf

This Video Can Exploit Your iPhone (CVE-2025-31200)
https://youtu.be/nTO3TRBW00E

Bypassing MTE with CVE-2025-0072
https://github.blog/security/vulnerability-research/bypassing-mte-with-cve-2025-0072/
Exploit: https://github.com/github/securitylab/tree/main/SecurityExploits/Android/Mali/CVE-2025-0072

Emulating a Bike Sensor
https://eybisi.run/Emulating-a-Bike-Sensor/

A strict iOS app that analyzes link safety like a nutrition label (no AI, offline)
https://github.com/sigfault-byte/LegitURL

Boost your Android threat detection capabilities 🤖

Modern mobile threats require dynamic tools for dynamic threats. With ANY.RUN’s Interactive Sandbox now supports Android, you can:
✅ Instantly detect threats with interactive analysis
✅ Understand APK behavior with fast access to threat details
✅ Extract IOCs and generate detailed reports in seconds
🎁 Special offer: Get extra Sandbox licenses to level up your mobile threat hunting.

Hurry up to get #ANYRUN birthday deals, ending May 31  👉 here is the link.

Analysis of GhostSpy Android RAT: Advanced Persistent RAT with Stealthy Remote Control and Uninstall Resistance
https://www.cyfirma.com/research/ghostspy-web-based-android-rat-advanced-persistent-rat-with-stealthy-remote-control-and-uninstall-resistance/

Zanubis: Tracing the active evolution of the Android banking malware
https://securelist.com/evolution-of-zanubis-banking-trojan-for-android/116588/

How to load unsigned or fake-signed apps on iOS
https://www.pentestpartners.com/security-blog/how-to-load-unsigned-or-fake-signed-apps-on-ios/

Vulnerabilities Found in Preinstalled apps on Android Smartphones
3rd party app installed on a device could misuse vulnerabilities to:
✅perform factory reset of device
✅exfiltrate PIN code
✅inject an arbitrary intent with system-level privileges
https://www.mobile-hacker.com/2025/06/02/security-issues-found-in-android-smartphones/

Reverse Engineer Android Apps for API Keys
https://pwn.guide/free/forensics/re-android

Analysis of CoreAudio ITW vulnerability (CVE-2025-31200) patched in iOS 18.4.1
https://blog.noahhw.dev/posts/cve-2025-31200/

Crocodilus Mobile Malware: Evolving Fast, Going Global
https://www.threatfabric.com/blogs/crocodilus-mobile-malware-evolving-fast-going-global

Android malware trends: Stealthier, easier-to-use
https://intel471.com/blog/android-malware-trends-stealthier-easier-to-use

Covert Web-to-App Tracking via Localhost on Android
A novel tracking method by Meta and Yandex potentially affecting billions of Android users
https://localmess.github.io/

Analysis of Spyware That Helped to Compromise a Syrian Army from Within
Smartphone espionage doesn’t need expensive exploits. Cheap tools like SpyMax with targeted phishing a social engineering can breach even military targets - no 0-days required
https://www.mobile-hacker.com/2025/06/05/analysis-of-spyware-that-helped-to-compromise-a-syrian-army-from-within/

Emulating an iPhone in QEMU
Part 1: https://eshard.com/posts/emulating-ios-14-with-qemu
Part 2: https://eshard.com/posts/emulating-ios-14-with-qemu-part2

Lightweight Time Travel Analysis with Frida: faster Android emulation
https://eshard.com/posts/frida-tracer-lightweight-time-travel-analysis

Mobile statistics: IT threat evolution in Q1 2025
https://securelist.com/malware-report-q1-2025-mobile-statistics/116676/

Cellebrite to acquire mobile testing firm Corellium in $200 million deal
https://cyberscoop.com/cellebrite-correllium-acquisition-ios-android/

Solo: A Pixel 6 Pro Story (When one bug is all you need)
https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/