Shizuku unlocks advanced functionality on any Android
Using Shizuku app your Android gains ADB (Shell) privileges to remove bloatware, list running processes, open listening ports, view stored Wi-Fi passwords, inspect logcat of other apps, enable/disable specific Android app components etc.
https://www.mobile-hacker.com/2025/07/14/shizuku-unlocking-advanced-android-capabilities-without-root/
Using Shizuku app your Android gains ADB (Shell) privileges to remove bloatware, list running processes, open listening ports, view stored Wi-Fi passwords, inspect logcat of other apps, enable/disable specific Android app components etc.
https://www.mobile-hacker.com/2025/07/14/shizuku-unlocking-advanced-android-capabilities-without-root/
❤29🔥2👏1
eSIM might not be as safe as you think: researchers hack and clone numbers
https://security-explorations.com/esim-security.html
https://security-explorations.com/esim-security.html
👍10❤1🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
Include computers into Bluetooth mesh network for Bitchat app
✅️ More devices = more nodes
✅️ Wider communication range https://github.com/kaganisildak/bitchat-python
✅️ More devices = more nodes
✅️ Wider communication range https://github.com/kaganisildak/bitchat-python
🌚5❤4👍2🔥1
Fake Android Money Transfer App Targeting Bengali-Speaking Users
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-android-money-transfer-app-targeting-bengali-speaking-users/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-android-money-transfer-app-targeting-bengali-speaking-users/
McAfee Blog
Fake Android Money Transfer App Targeting Bengali-Speaking Users | McAfee Blog
Authored by Dexter Shin McAfee’s Mobile Research Team discovered a new and active Android malware campaign targeting Bengali-speaking users, mainly
🌚7
RaspyJack
Turn a Raspberry Pi Zero 2 W + Waveshare 1.44″ LCD into a pocket-sized, SharkJack-style network multitool.
Key features:
• Recon: Multi-profile Nmap scans
• Shells: Reverse-shell launcher (pick IP on the fly or use a preset)
• Creds Capture: Responder, ARP MITM + sniff, DNS-spoof phishing
• Loot Viewer: Read Nmap / Responder / DNSSpoof logs on the screen
https://github.com/7h30th3r0n3/Raspyjack
Turn a Raspberry Pi Zero 2 W + Waveshare 1.44″ LCD into a pocket-sized, SharkJack-style network multitool.
Key features:
• Recon: Multi-profile Nmap scans
• Shells: Reverse-shell launcher (pick IP on the fly or use a preset)
• Creds Capture: Responder, ARP MITM + sniff, DNS-spoof phishing
• Loot Viewer: Read Nmap / Responder / DNSSpoof logs on the screen
https://github.com/7h30th3r0n3/Raspyjack
🔥18❤7
Konfety Returns: Classic Mobile Threat with New Evasion Techniques
https://zimperium.com/blog/konfety-returns-classic-mobile-threat-with-new-evasion-techniques
https://zimperium.com/blog/konfety-returns-classic-mobile-threat-with-new-evasion-techniques
Zimperium
Konfety Returns: Classic Mobile Threat with New Evasion Techniques
New Konfety malware variant uses advanced evasion techniques to target Android devices, complicating detection and analysis for security professionals. Learn about its sophisticated tactics and impacts.
❤8🌚1
Keyboard Input Injection vulnerability in Air Keyboard iOS App Still Unpatched
https://www.mobile-hacker.com/2025/07/17/remote-input-injection-vulnerability-in-air-keyboard-ios-app-still-unpatched/
https://www.mobile-hacker.com/2025/07/17/remote-input-injection-vulnerability-in-air-keyboard-ios-app-still-unpatched/
❤9🌚2👏1
Remote Code Execution Discovered in XTool AnyScan App: Risks to Phones and Vehicles
https://www.nowsecure.com/blog/2025/07/16/remote-code-execution-discovered-in-xtool-anyscan-app-risks-to-phones-and-vehicles/
https://www.nowsecure.com/blog/2025/07/16/remote-code-execution-discovered-in-xtool-anyscan-app-risks-to-phones-and-vehicles/
Nowsecure
Remote Code Execution Discovered in XTool AnyScan App: Risks to Phones and Vehicles - NowSecure
Learn how NowSecure has identified an app whose developers violated security guidelines, bypassing recommended procedures exposing systems to remote control.
❤6🌚1😴1
This media is not supported in your browser
VIEW IN TELEGRAM
Sending bitcoin over Bluetooth between Bitchat Android and iPhone. Both have a native cashu ecash wallet built in.
The ecash travels directly from phone to phone. the sender needs no internet. It is instant and untraceable digital cash.
The ecash travels directly from phone to phone. the sender needs no internet. It is instant and untraceable digital cash.
👍34👏12🤨7❤4🔥3😁3⚡1🥰1🤔1🌚1
How To Turn Old Android Smartphone into Travel Router With NAS
https://www.mobile-hacker.com/2025/07/21/how-to-turn-old-android-smartphone-into-travel-router-with-nas/
https://www.mobile-hacker.com/2025/07/21/how-to-turn-old-android-smartphone-into-travel-router-with-nas/
Mobile Hacker
How To Turn Old Android Smartphone into Travel Router With NAS Mobile Hacker
It’s not perfect, but it works—a clever DIY project that blends portability, privacy, and practicality.
🌚10❤6👍2
Android Misconfiguration Leading to Task Hijacking in Caller ID app with 10M+ installs (CVE-2025-7889) + demo
https://github.com/KMov-g/androidapps/blob/main/caller.id.phone.number.block.md
https://github.com/KMov-g/androidapps/blob/main/caller.id.phone.number.block.md
GitHub
androidapps/caller.id.phone.number.block.md at main · KMov-g/androidapps
Contribute to KMov-g/androidapps development by creating an account on GitHub.
🌚10❤7
Lookout Discovers Massistant Chinese Mobile Forensic Tooling
https://www.lookout.com/threat-intelligence/article/massistant-chinese-mobile-forensics
https://www.lookout.com/threat-intelligence/article/massistant-chinese-mobile-forensics
Lookout
Lookout Discovers Massistant Chinese Mobile Forensic Tooling | Threat Intel
Massistant is a mobile forensics application used by law enforcement in China to collect extensive information from mobile devices.
🌚6❤1
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unmasking-malicious-apks-android-malware-blending-click-fraud-and-credential-theft/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/unmasking-malicious-apks-android-malware-blending-click-fraud-and-credential-theft/
Trustwave
Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft
Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns.
🌚6
Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict
https://www.lookout.com/threat-intelligence/article/lookout-discovers-iranian-dchsy-surveillanceware
https://www.lookout.com/threat-intelligence/article/lookout-discovers-iranian-dchsy-surveillanceware
Lookout
Lookout Discovers MuddyWater Leveraging DCHSpy For Israel-Iran Conflict | Threat Intel
Lookout discovered four new samples of DCHSpy one week after the start of the Israel-Iran conflict. It is likely developed and maintained by MuddyWater, part of Iran's MOIS
🌚11❤4
Deobfuscating Android Apps with Androidmeda LLM: A Smarter Way to Read Obfuscated Code
✅As a bonus, example of deobfuscating Crocodilus Malware
https://www.mobile-hacker.com/2025/07/22/deobfuscating-android-apps-with-androidmeda-a-smarter-way-to-read-obfuscated-code/
✅As a bonus, example of deobfuscating Crocodilus Malware
https://www.mobile-hacker.com/2025/07/22/deobfuscating-android-apps-with-androidmeda-a-smarter-way-to-read-obfuscated-code/
❤15👍5😁3🌚1
Insecure authentication due to missing brute-force protection and runtime manipulation in Two App Studio Journey v5.5.9 for iOS (CVE-2025-41459)
Journey is a journaling app for iOS that stores personal entries and media
https://cirosec.de/en/news/vulnerability-in-two-app-studio-journey/
Journey is a journaling app for iOS that stores personal entries and media
https://cirosec.de/en/news/vulnerability-in-two-app-studio-journey/
cirosec
Vulnerability in Two App Studio Journey (CVE-2025-41459) - cirosec
July 21, 2025 - Journey is a journaling app for iOS that stores personal entries and media.
🌚7❤4
The Dark Side of Romance: SarangTrap Extortion Campaign
https://zimperium.com/blog/the-dark-side-of-romance-sarangtrap-extortion-campaign
https://zimperium.com/blog/the-dark-side-of-romance-sarangtrap-extortion-campaign
Zimperium
The Dark Side of Romance: SarangTrap Extortion Campaign
true
👏9🌚3
🚨 Meet Guardio - a powerful online protection tool that keeps you safe while you browse, shop, and live your digital life.
✅ Blocks scam sites, phishing & malicious pop-ups
✅ Alerts you instantly if your personal info or SSN is leaked
✅ Protects your identity, accounts & mobile in real-time
🎁 Try it FREE for 7 days – plus get up to 72% discount! Give it a try now
✅ Blocks scam sites, phishing & malicious pop-ups
✅ Alerts you instantly if your personal info or SSN is leaked
✅ Protects your identity, accounts & mobile in real-time
🎁 Try it FREE for 7 days – plus get up to 72% discount! Give it a try now
👎25🤡10❤3💩3👍2🎉1🌚1