Hidden Links: Analyzing Secret Families of VPN Apps
https://www.petsymposium.org/foci/2025/foci-2025-0008.pdf
https://www.petsymposium.org/foci/2025/foci-2025-0008.pdf
🌚13
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa
https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa
Zscaler
Anatsa’s Latest Updates | ThreatLabz
This analysis explores the latest updates to the Anatsa Android malware family.
🌚9👍4
ELEGANTBOUNCER: Catch iOS 0-click exploits without having the samples.
Features iOS backup forensics & messaging app scanning for iMessage, WhatsApp, Signal, Telegram & Viber attachments.
https://www.msuiche.com/posts/elegantbouncer-when-you-cant-get-the-samples-but-still-need-to-catch-the-threat/
Features iOS backup forensics & messaging app scanning for iMessage, WhatsApp, Signal, Telegram & Viber attachments.
https://www.msuiche.com/posts/elegantbouncer-when-you-cant-get-the-samples-but-still-need-to-catch-the-threat/
Msuiche
ELEGANTBOUNCER: When You Can't Get the Samples but Still Need to Catch the Threat | Matt Suiche
The story of how ELEGANTBOUNCER was born from the frustration of not having access to in-the-wild exploit samples, and why structural analysis beats signatures for advanced mobile threats
❤15👍2🌚1
Fake Website Pages Used to Spread SpyNote Android Malware
https://dti.domaintools.com/spynote-malware-part-2/
https://dti.domaintools.com/spynote-malware-part-2/
DomainTools Investigations | DTI
SpyNote Malware Part 2 - DomainTools Investigations | DTI
This report highlights the resurfacing of SpyNote activity by the same actor in a previous DTI report and provides additional information around the recent activity and changes in tactics since the prior report.
👍11
Forwarded from The Bug Bounty Hunter
Revealing Hidden iOS Apps: Exploring System Applications on Jailbroken Devices
https://reversethat.app/posts/revealing-hidden-system-ios-apps/
https://reversethat.app/posts/revealing-hidden-system-ios-apps/
Apps RE
Revealing Hidden iOS Apps: Exploring System Applications on Jailbroken Devices
Apple’s iOS ecosystem is renowned for its sleek user interface and curated app experience, prominently displaying stock apps like Safari, Photos, and Calendar on the Home screen. However, beneath this polished surface lies a treasure trove of internal system…
👍12
CADroid: A Cross-combination Attention based Framework for Android Malware Detection
https://www.sciencedirect.com/science/article/abs/pii/S0957417425030623
https://www.sciencedirect.com/science/article/abs/pii/S0957417425030623
👍6
iOS 18.6.1 0-click RCE POC (CVE-2025-43300)
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
GitHub
n-days/CVE-2025-43300.md at main · b1n4r1b01/n-days
Contribute to b1n4r1b01/n-days development by creating an account on GitHub.
👍7🌚4❤3
Hook Version 3: The Banking Trojan with The Most Advanced Capabilities
https://zimperium.com/blog/hook-version-3-the-banking-trojan-with-the-most-advanced-capabilities
https://zimperium.com/blog/hook-version-3-the-banking-trojan-with-the-most-advanced-capabilities
Zimperium
Hook Version 3: The Banking Trojan with The Most Advanced Capabilities
true
❤12🌚2👍1
Sotap — A lightweight .so library for logging the behavior of JNI libraries
https://github.com/RezaArbabBot/SoTap
https://github.com/RezaArbabBot/SoTap
GitHub
GitHub - RezaArbabBot/SoTap: sotap is an open source project in line with so(jni) logging. Any use is at your own risk. You can…
sotap is an open source project in line with so(jni) logging. Any use is at your own risk. You can customize the c file then build and get the output - RezaArbabBot/SoTap
🌚8👍2❤1🔥1
GodFather - Part 1 - A multistage dropper
https://shindan.io/blog/godfather-part-1-a-multistage-dropper
https://shindan.io/blog/godfather-part-1-a-multistage-dropper
shindan.io
Blog - GodFather - Part 1 - A multistage dropper
Shindan est une application SaaS, mobile et desktop qui détecte les compromissions et vulnérabilités sur smartphones et tablettes, sans accès aux données personnelles. Obtenez un diagnostic rapide et précis pour protéger vos VIP et collaborateurs.
❤11👍3🌚3🤮1
Threat Actors Use Facebook Ads to Deliver Android Malware
https://www.bitdefender.com/en-us/blog/labs/malvertising-campaign-on-meta-expands-to-android-pushing-advanced-crypto-stealing-malware-to-users-worldwide
https://www.bitdefender.com/en-us/blog/labs/malvertising-campaign-on-meta-expands-to-android-pushing-advanced-crypto-stealing-malware-to-users-worldwide
Bitdefender Labs
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide
Many people believe that smartphones are somehow less of a target for threat actors.
🌚9👍4❤2🤡2
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
https://gbhackers.com/whatsapp-zero-day-vulnerability-exploited-with-0-click-attacks/
https://gbhackers.com/whatsapp-zero-day-vulnerability-exploited-with-0-click-attacks/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
WhatsApp zero-day vulnerability CVE-2025-55177 is currently under active exploitation, with a critical advisory issued as attackers target iOS and Mac devices.
🌚7👍5🔥2❤1
SikkahBot Malware Campaign Lures and Defrauds Students in Bangladesh
https://cyble.com/blog/sikkahbot-malware-defrauds-students-in-bangladesh/
https://cyble.com/blog/sikkahbot-malware-defrauds-students-in-bangladesh/
Cyble
SikkahBot Malware Campaign Defrauds Students In Bangladesh
Cyble Research and Intelligence Labs (CRIL) has uncovered “SikkahBot”, a new Android malware campaign targeting students in Bangladesh since July 2024.
❤10👍2👏1
SSLPinDetect: Advanced SSL Pinning Detection for Android Security Analysis
Blog: https://petruknisme.medium.com/sslpindetect-advanced-ssl-pinning-detection-for-android-security-analysis-1390e9eca097
Tool: https://github.com/aancw/SSLPinDetect
Blog: https://petruknisme.medium.com/sslpindetect-advanced-ssl-pinning-detection-for-android-security-analysis-1390e9eca097
Tool: https://github.com/aancw/SSLPinDetect
Medium
SSLPinDetect: Advanced SSL Pinning Detection for Android Security Analysis
In the ever-evolving landscape of mobile application security, SSL pinning has become a crucial defense mechanism against man-in-the-middle…
❤15👍5🌚4🔥3
Android Droppers: The Silent Gatekeepers of Malware
https://www.threatfabric.com/blogs/android-droppers-the-silent-gatekeepers-of-malware
https://www.threatfabric.com/blogs/android-droppers-the-silent-gatekeepers-of-malware
ThreatFabric
Android Droppers: The Silent Gatekeepers of Malware
In our latest research we describe how droppers on Android are the silent malware gate keepers.
👀10👍7🌚3
Critical CVE-2025-48539 Android RCE allows an attacker within physical or network proximity, such as Bluetooth or WiFi range, to execute arbitrary code on the device without any user interaction or privileges
https://osv.dev/vulnerability/ASB-A-406785684
https://grok.com/s/bGVnYWN5_f5103b21-64a1-4b1c-beaf-184a290ca23d
https://osv.dev/vulnerability/ASB-A-406785684
https://grok.com/s/bGVnYWN5_f5103b21-64a1-4b1c-beaf-184a290ca23d
osv.dev
OSV - Open Source Vulnerabilities
Comprehensive vulnerability database for your open source projects and dependencies.
🤯19🔥9👍6😱4❤2👏2
Reverse engineering of Apple's iOS 0-click CVE-2025-43300
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
Quarkslab
Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter - Quarkslab's blog
On August 20th, Apple released an out-of-band security fix for its main operating systems. This patch allegedly fixes CVE-2025-43300, an out-of-bounds write, addressed with improved bounds checking in the ImageIO framework. In this blog post we provide a…
🔥10👍5
[beginners] Building an Android Bug Bounty lab - guide to configuring emulators, real devices, proxies, Magisk, Burp, Frida
https://www.yeswehack.com/learn-bug-bounty/android-lab-mobile-hacking-tools
https://www.yeswehack.com/learn-bug-bounty/android-lab-mobile-hacking-tools
YesWeHack
The bug hunter’s guide to building an Android mobile hacking lab
Covering the pros and cons of emulators versus real devices, and how to configure Magisk, Burp, Frida, Medusa and other mobile hacking tools.
🔥25👏3👍1👌1🥱1
Agentic Discovery and Validation of Android App Vulnerabilities
https://arxiv.org/pdf/2508.21579v1
https://arxiv.org/pdf/2508.21579v1
🔥9🌚3
CoRCTF 2025 - CoRPhone: Android Kernel Pwn
CoRPhone is an Android kernel exploitation challenge created for CoRCTF 2025. It simulates a scenario in which a kernel exploit is delivered as shellcode and executed in memory by an untrusted Android app.
https://github.com/0xdevil/corphone/tree/main
CoRPhone is an Android kernel exploitation challenge created for CoRCTF 2025. It simulates a scenario in which a kernel exploit is delivered as shellcode and executed in memory by an untrusted Android app.
https://github.com/0xdevil/corphone/tree/main
GitHub
GitHub - 0xdevil/corphone: CoRCTF 2025 - CoRPhone: Android Kernel Pwn
CoRCTF 2025 - CoRPhone: Android Kernel Pwn. Contribute to 0xdevil/corphone development by creating an account on GitHub.
👍17❤9🤩3