CVE-2025-10184 is permission bypass that affects multiple OnePlus devices running OxygenOS 12–15 (NOT FIXED) with PoC
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
https://www.rapid7.com/blog/post/cve-2025-10184-oneplus-oxygenos-telephony-provider-permission-bypass-not-fixed/
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
https://www.rapid7.com/blog/post/cve-2025-10184-oneplus-oxygenos-telephony-provider-permission-bypass-not-fixed/
🌚17🤣9😁5❤3🔥2
Finding vulnerabilities in the Binder kernel driver through fuzzing
https://androidoffsec.withgoogle.com/posts/binder-fuzzing/
https://androidoffsec.withgoogle.com/posts/binder-fuzzing/
Withgoogle
Binder Fuzzing - Android Offensive Security Blog
In our previous blog posts, we explored Android Binder’s intricacies, from exploiting a vulnerability (CVE-2023-20938) for kernel code execution to examining its inner workings. In this post, we shift our focus to finding vulnerabilities in the Binder kernel…
❤8👍2🌚1
Obtain a root shell on Unisoc unpatched devices (CVE-2025-31710)
https://github.com/Skorpion96/unisoc-su/tree/main?tab=readme-ov-file
https://github.com/Skorpion96/unisoc-su/tree/main?tab=readme-ov-file
GitHub
GitHub - Skorpion96/unisoc-su: A method for CVE-2025-31710 and to connect to cmd_skt to obtain a root shell on unisoc unpatched…
A method for CVE-2025-31710 and to connect to cmd_skt to obtain a root shell on unisoc unpatched models - Skorpion96/unisoc-su
🔥18❤1
Banker Trojan Targeting Indonesian and Vietnamese Android Users
https://dti.domaintools.com/banker-trojan-targeting-indonesian-and-vietnamese-android-users/
https://dti.domaintools.com/banker-trojan-targeting-indonesian-and-vietnamese-android-users/
DomainTools Investigations | DTI
Banker Trojan Targeting Indonesian and Vietnamese Android Users - DomainTools Investigations | DTI
A group has been targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate payment and government identity applications. The operators exhibit distinct domain registration patterns with a strong operational focus during…
❤13⚡5
This media is not supported in your browser
VIEW IN TELEGRAM
Triggered WhatsApp 0-click on iOS/macOS/iPadOS
CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300.
Analysis of Samsung CVE-2025-21043 is also ongoing
Source: https://x.com/DarkNavyOrg/status/1972260639101034950
CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300.
Analysis of Samsung CVE-2025-21043 is also ongoing
Source: https://x.com/DarkNavyOrg/status/1972260639101034950
❤15☃6😁3😢2🤯1👨💻1🎅1🎄1
Writeup for CVE-2025-24085, an ITW iOS mediaplaybackd vulnerability patched earlier this year
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-24085/CVE-2025-24085.md
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-24085/CVE-2025-24085.md
GitHub
n-days/CVE-2025-24085/CVE-2025-24085.md at main · b1n4r1b01/n-days
Contribute to b1n4r1b01/n-days development by creating an account on GitHub.
🌚6❤2👍2🤡2
Exploring Android Accessibility Malware | Droidcon Italy 2024
https://www.youtube.com/watch?v=xCHW8ql3vi0
https://www.youtube.com/watch?v=xCHW8ql3vi0
YouTube
Exploring Android Accessibility Malware | Droidcon Italy 2024
Android Accessibility Malware EXPOSED: What Hackers Don’t Want You to Know—this eye-opening session from Droidcon Italy 2024 reveals how cybercriminals exploit Android’s Accessibility Services and combine them with credential stuffing to infiltrate user accounts…
🌚8👍3
Analysis of Android DHCSpy operated by the Iranian APT MuddyWater
https://shindan.io/blog/dhcspy-discovering-the-iranian-apt-muddywater
https://shindan.io/blog/dhcspy-discovering-the-iranian-apt-muddywater
shindan.io
Blog - DHCSpy - Discovering the Iranian APT MuddyWater
Shindan est une application SaaS, mobile et desktop qui détecte les compromissions et vulnérabilités sur smartphones et tablettes, sans accès aux données personnelles. Obtenez un diagnostic rapide et précis pour protéger vos VIP et collaborateurs.
👍6🌚3
Security Evaluation Of Android Apps In Budget African Mobile Devices
The study examined 1,544 APKs collected from seven African smartphones. The analysis revealed that 145 applications (9%) disclose sensitive data, 249 (16%) expose critical components, and many present additional risks: 226 execute privileged or dangerous commands, 79 interact with SMS messages (read, send, or delete), and 33 perform silent installation operations
https://arxiv.org/pdf/2509.18800
The study examined 1,544 APKs collected from seven African smartphones. The analysis revealed that 145 applications (9%) disclose sensitive data, 249 (16%) expose critical components, and many present additional risks: 226 execute privileged or dangerous commands, 79 interact with SMS messages (read, send, or delete), and 33 perform silent installation operations
https://arxiv.org/pdf/2509.18800
👍11🤬5🤣5🌚4👀3🥴1🍓1
Datzbro: RAT Hiding Behind Senior Travel Scams
https://www.threatfabric.com/blogs/datzbro-rat-hiding-behind-senior-travel-scams
https://www.threatfabric.com/blogs/datzbro-rat-hiding-behind-senior-travel-scams
ThreatFabric
Datzbro: RAT Hiding Behind Senior Travel Scams
In this research article by ThreatFabric, we expose Datzbro: a new RAT that hides behind senior travel scams.
🌚9👍2❤1
Klopatra: exposing a new Android banking trojan operation with roots in Turkey
https://www.cleafy.com/cleafy-labs/klopatra-exposing-a-new-android-banking-trojan-operation-with-roots-in-turkey
https://www.cleafy.com/cleafy-labs/klopatra-exposing-a-new-android-banking-trojan-operation-with-roots-in-turkey
Cleafy
Klopatra: exposing a new Android banking trojan operation with roots in Turkey | Cleafy LABS
In late August 2025, Cleafy's Threat Intelligence team discovered Klopatra, a new, highly sophisticated Android malware currently targeting banking users primarily in Spain and Italy. The number of compromised devices has already exceeded 1,000. Read the…
👍14❤4🌚2
Silent Smishing : The Hidden Abuse of Cellular Router APIs
Cellular router’s API was exploited to send malicious SMS messages containing phishing URLs
https://blog.sekoia.io/silent-smishing-the-hidden-abuse-of-cellular-router-apis/
Cellular router’s API was exploited to send malicious SMS messages containing phishing URLs
https://blog.sekoia.io/silent-smishing-the-hidden-abuse-of-cellular-router-apis/
Sekoia.io Blog
Silent Smishing : The Hidden Abuse of Cellular Router APIs
How attackers abuse Milesight cellular router APIs to run smishing at scale via unauthenticated SMS endpoints—targeting Belgium (CSAM/eBox).
❤13🔥6🌚2
Phones auto-connecting to "FreeWiFi_Secure" Wi-Fi network leak full IMSI in cleartext during EAP-SIM exchange
Anyone nearby with sniffer could capture it → track users, or correlate identities.
Fixed pushed disabling FreeWiFi_Secure on legacy boxes starting Oct 1, 2025.
https://7h30th3r0n3.fr/the-vulnerability-that-killed-freewifi_secure/
Anyone nearby with sniffer could capture it → track users, or correlate identities.
Fixed pushed disabling FreeWiFi_Secure on legacy boxes starting Oct 1, 2025.
https://7h30th3r0n3.fr/the-vulnerability-that-killed-freewifi_secure/
🔥12🥱4❤2🌚2
Attacking telecom: security bugs from 2G to 5G, SMS exploits, and SS7 & Diameter protocols
[presentation] https://www.youtube.com/watch?v=364R1SoGGJ4
[presentation] https://www.youtube.com/watch?v=364R1SoGGJ4
🔥15🌚2
Two spyware strains - ProSpy & ToSpy - masquerade as Signal and ToTok to infect Androids
https://www.welivesecurity.com/en/eset-research/new-spyware-campaigns-target-privacy-conscious-android-users-uae/
https://www.welivesecurity.com/en/eset-research/new-spyware-campaigns-target-privacy-conscious-android-users-uae/
Welivesecurity
New spyware campaigns target privacy-conscious Android users in the UAE
ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates.
👍9🌚4🤬2
iOS Crypto Heist: iMessage Zero-Click RCE Chain (CVE-2025-31200, CVE-2025-31201)
CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025)
Info: https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201
PoC exploit: https://www.dropbox.com/scl/fi/oerpnhq1ui3xfswsszfh2/Audio-clip.amr?rlkey=7n54m1o84poezyipxvd2f9slx&e=3&st=b1tkonvr&dl=0
CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025)
Info: https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201
PoC exploit: https://www.dropbox.com/scl/fi/oerpnhq1ui3xfswsszfh2/Audio-clip.amr?rlkey=7n54m1o84poezyipxvd2f9slx&e=3&st=b1tkonvr&dl=0
GitHub
GitHub - JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201: CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s…
CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalati...
🔥16🤡5❤1
Exploit for a vulnerability in the Nothing Phone 2a/CMF Phone 1 secure boot chain (and possibly other MediaTek devices)
Info + PoC: https://github.com/R0rt1z2/fenrir
Info + PoC: https://github.com/R0rt1z2/fenrir
👍13
Patch Diffing CVE-2024-23265: An iOS Kernel Memory Corruption Vulnerability
https://8ksec.io/patch-diffing-ios-kernel/
https://8ksec.io/patch-diffing-ios-kernel/
🔥12
Android Physical Memory: CVE-2025-21479 Rights Elevation Record
https://dawnslab.jd.com/android_gpu_attack_cve_2025_21479/
https://dawnslab.jd.com/android_gpu_attack_cve_2025_21479/
京东獬豸信息安全实验室
漫步安卓物理内存:CVE-2025-21479 提权实录
背景 在大多数用户的印象里,GPU(图形处理器)是游戏流畅、视频绚丽的保障,是沉浸在虚拟世界背后的无名英雄。然而,在现代移动计算架构,尤其是在安卓生态中,GPU的角色早已超越了“图形画师”的范畴。它通过诸如OpenCL、Vulkan等通用计算框架,深度参与到机器学习、图像处理、甚至安全计算等关键任务中,成为了SoC(系统级芯片)中与CPU平起平坐的“第二颗大脑”。 正是这种权限与复杂性的与日俱增
❤10🔥4🌚4
ClayRat: A New Android Spyware Targeting Russia
https://zimperium.com/blog/clayrat-a-new-android-spyware-targeting-russia
https://zimperium.com/blog/clayrat-a-new-android-spyware-targeting-russia
Zimperium
ClayRat: A New Android Spyware Targeting Russia
true
🔥10🌚5👍2👎2
Media is too big
VIEW IN TELEGRAM
New Pixnapping Attack allows any Android app without permissions to leak info displayed by other apps exploiting Android APIs and a hardware side channel (CVE-2025-48561)
Pixnapping is not fixed and probably affects all Androids.
PoC: Not available yet.
Video demonstrates stealing 2FA codes from Google Authenticator. It's like taking screenshot. Pixnapping exploits a side channel that allows the malicious app to map the pixels at those coordinates to letters, numbers, or shapes.
Info: https://www.pixnapping.com/
Pixnapping is not fixed and probably affects all Androids.
PoC: Not available yet.
Video demonstrates stealing 2FA codes from Google Authenticator. It's like taking screenshot. Pixnapping exploits a side channel that allows the malicious app to map the pixels at those coordinates to letters, numbers, or shapes.
Info: https://www.pixnapping.com/
🤯28👍8👏3❤2