Modern iOS Security Features – A Deep Dive into SPTM, TXM, and Exclaves
https://arxiv.org/pdf/2510.09272
https://arxiv.org/pdf/2510.09272
❤10👍3⚡2
[beginners] Android Intents: operation, security and examples of attacks
https://mobeta-fr.translate.goog/android-intent-hijacking-pentest-mobile/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
https://mobeta-fr.translate.goog/android-intent-hijacking-pentest-mobile/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
Mobeta
Intents Android (1/2) : fonctionnement, sécurité et exemples d'attaques | Mobeta
Les Intents Android mal configurés peuvent exposer vos données. Découvrez comment éviter l’intent hijacking et sécuriser vos applications.
🔥19😁5❤1
New Android BEERUS framework for dynamic analysis & reverse engineering
BEERUS brings Frida auto-injection, sandbox exfiltration, memory dumps, Magisk integration and more for on device app analysis.
https://github.com/hakaioffsec/beerus-android
BEERUS brings Frida auto-injection, sandbox exfiltration, memory dumps, Magisk integration and more for on device app analysis.
https://github.com/hakaioffsec/beerus-android
👍22🔥14❤4🤣4👎1
0-click vulnerability in Dolby's DDPlus decoder affected Android (CVE-2025-54957)
A malformed audio file can trigger an out-of-bounds write due to integer overflow in evolution data handling—leading to memory corruption and crashes.
Android decodes audio messages locally, making this exploitable without user interaction.
Reproduction: Just send a crafted RCS voice message (dolby_android_crash.mp4)
Details: https://project-zero.issues.chromium.org/issues/428075495
A malformed audio file can trigger an out-of-bounds write due to integer overflow in evolution data handling—leading to memory corruption and crashes.
Android decodes audio messages locally, making this exploitable without user interaction.
Reproduction: Just send a crafted RCS voice message (dolby_android_crash.mp4)
Details: https://project-zero.issues.chromium.org/issues/428075495
🤯24❤11😁4👍3🔥3
MCGDroid: An Android Malware Classification Method Based on Multi-Feature Class-Call Graph Characterization
https://www.sciencedirect.com/science/article/abs/pii/S016740482500402X
https://www.sciencedirect.com/science/article/abs/pii/S016740482500402X
⚡12👍4🤔3🥰1🌚1
EnFeSTDroid: Ensembled feature selection techniques based Android malware detection
https://www.sciencedirect.com/science/article/pii/S0045790625007062
https://www.sciencedirect.com/science/article/pii/S0045790625007062
👍10🌚2
A vulnerability in DuckDuckGo’s Android browser allows file exfiltration via malicious intent:// URLs to gain access to a victim’s Sync account data such as account credentials and email protection information (CVE-2025-48464)
https://tuxplorer.com/posts/dont-leave-me-outdated/
https://tuxplorer.com/posts/dont-leave-me-outdated/
🔥29🌚6👍3🤡3
Account takeover in Android app via JavaScript bridge
A misconfigured addJavanoscriptInterface + flawed domain validation + javanoscript:// trick enabled full cookie exfiltration via WebView.
Exploit chain: JSB dispatcher → file access handler → bypass via newline injection.
Payload:
Delivered via deeplink.
Executed JSB call to toBase64.
Read Cookies file from app sandbox.
Exfiltrated session data via callback.
https://tuxplorer.com/posts/account-takeover-via-jsb/
A misconfigured addJavanoscriptInterface + flawed domain validation + javanoscript:// trick enabled full cookie exfiltration via WebView.
Exploit chain: JSB dispatcher → file access handler → bypass via newline injection.
Payload:
Delivered via deeplink.
Executed JSB call to toBase64.
Read Cookies file from app sandbox.
Exfiltrated session data via callback.
https://tuxplorer.com/posts/account-takeover-via-jsb/
🌚12🔥5❤2
Forwarded from The Bug Bounty Hunter
Practical Android Pentesting: A Case Study on TikTok RCE
https://dphoeniixx.medium.com/practical-android-pentesting-a-case-study-on-tiktok-rce-4a82e79cc7c6
https://dphoeniixx.medium.com/practical-android-pentesting-a-case-study-on-tiktok-rce-4a82e79cc7c6
Medium
Practical Android Pentesting: A Case Study on TikTok RCE
From Universal XSS to native library hijacking: A comprehensive guide to Android exploitation using WebViews, Intent abuse, and Zip Slip.
❤24🔥8👍1
Patching Android ARM64 library initializers for easy Frida instrumentation and debugging
https://blog.nviso.eu/2025/10/14/patching-android-arm64-library-initializers-for-easy-frida-instrumentation-and-debugging/
https://blog.nviso.eu/2025/10/14/patching-android-arm64-library-initializers-for-easy-frida-instrumentation-and-debugging/
NVISO Labs
Patching Android ARM64 libraries for Frida instrumentation
Discover techniques for Android ARM64 library patching and Frida instrumentation.
❤21👍5🌚3
HyperRat – A New Android RAT Sold On Cybercrime Networks
https://iverify.io/blog/hyperrat-a-new-android-rat-sold-on-cybercrime-networks
https://iverify.io/blog/hyperrat-a-new-android-rat-sold-on-cybercrime-networks
iverify.io
HyperRat – A New Android RAT Sold On Cybercrime Networks
Discover HyperRat, an Android remote access tool being sold on cybercrime forums. Learn about its features, how it operates, and its impact on cybersecurity.
❤15🤨4🤬2👍1🔥1💩1🤡1
Android backdoor hijacks Telegram accounts, gaining complete control over them
https://news.drweb.com/show/?i=15076&lng=en&c=5
https://news.drweb.com/show/?i=15076&lng=en&c=5
Dr.Web
Baohuo, the gray eminence. Android backdoor hijacks Telegram accounts, gaining complete control over them
Doctor Web has identified a dangerous backdoor, <a href="https://vms.drweb.com/search/?q=Android.Backdoor.Baohuo.1.origin&lng=en"><b>Android.Backdoor.Baohuo.1.origin</b></a>, in maliciously modified versions of the Telegram X messenger. In addition to being…
❤12🌚4😱3👍1
How 1-click iOS exploit chains work (WebKit exploitation basics)
https://youtu.be/o6mVgygo-hk
https://youtu.be/o6mVgygo-hk
YouTube
How 1-Click Can Hack Your iPhone
Are you a security researcher or reverse engineer?
For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **
*License discounts are only valid for individuals…
For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **
*License discounts are only valid for individuals…
👍16❤12🌚2
Vulnerability in Google Messages for Wear OS resulted in invoking intents to send messages without permission (CVE-2025-12080) and awarded $2,250.00 by Google
Blog: https://towerofhanoi.it/writeups/cve-2025-12080/
PoC: https://github.com/io-no/CVE-Reports/tree/main/CVE-2025-12080
Blog: https://towerofhanoi.it/writeups/cve-2025-12080/
PoC: https://github.com/io-no/CVE-Reports/tree/main/CVE-2025-12080
❤23👍5🔥4
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection
https://www.threatfabric.com/blogs/new-android-malware-herodotus-mimics-human-behaviour-to-evade-detection
https://www.threatfabric.com/blogs/new-android-malware-herodotus-mimics-human-behaviour-to-evade-detection
ThreatFabric
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection
ThreatFabric has uncovered Herodotus, a new mobile malware family that aims to disrupt how fraud is done and tries to act human.
👍8❤3
GhostGrab is a new Android malware blending crypto mining with banking credential theft.
It hijacks SMS OTPs, harvests PII, and runs a hidden Monero miner—draining battery while stealing funds.
It compromised over 30 devices and C&C server leaks over 2800 victim SMS
https://www.cyfirma.com/research/ghostgrab-android-malware/
It hijacks SMS OTPs, harvests PII, and runs a hidden Monero miner—draining battery while stealing funds.
It compromised over 30 devices and C&C server leaks over 2800 victim SMS
https://www.cyfirma.com/research/ghostgrab-android-malware/
😱18❤6👍4🌚4🎃1