Bypass PIN codes for Visa contactless payments
A successful attack requires four components: (1+2) two Android smartphones, (3) a special Android app developed by the research team, and (4) a Visa contactless card.
The entire idea behind the attack is that the POS emulator asks the card to make a payment, modifies transaction details, and then sends the modified data via WiFi to the second smartphone that makes a large payment without needing to provide a PIN (as the attacker has modified the transaction data to say that the PIN is not needed).
Info: https://www.zdnet.com/article/academics-bypass-pins-for-visa-contactless-payments/
Research: https://arxiv.org/pdf/2006.08249.pdf
Video demo: https://youtu.be/JyUsMLxCCt8

Transparent Tribe: Evolution analysis
Part 1: https://securelist.com/transparent-tribe-part-1/98127/
Part 2 (Android): https://securelist.com/transparent-tribe-part-2/98233/

Cerberus Banking Trojan Research
https://github.com/ics-iot-bootcamp/cerberus_research

Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/

TERRACOTTA Android Malware: A Technical Study
https://www.whiteops.com/blog/terracotta-android-malware-a-technical-study

iblessing is an iOS security exploiting toolkit

https://github.com/Soulghost/iblessing

ThiefBot: A New Android Banking Trojan Targeting Turkish Banking Users
https://business.xunison.com/thiefbot-a-new-android-banking-trojan-targeting-turkish-banking-users/

Google removes Android app that was used to spy on Belarusian protesters
https://www.zdnet.com/article/google-removes-android-app-that-was-used-to-spy-on-belarusian-protesters/

Mobile threat statistics for Q2 2020 by Kaspersky
https://securelist.com/it-threat-evolution-q2-2020-mobile-statistics/98337/

India yesterday banned 118 Chinese apps
List of app in the link
https://drive.google.com/file/d/1NRcC49uKIvwA4-sDmubC5aC2LmHggKoG/view

Android Permission (Notification Permission) Can Be Lethal [Android Malware Series]
https://youtu.be/PzhDEV7rpP0

Threema Goes Open Source
https://threema.ch/en/blog/posts/open-source-and-new-partner

WhatsApp discloses six previously undisclosed flaws
https://www.whatsapp.com/security/advisories/2020/

ARM64 Reversing and Exploitation
Part 1: http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/
Part 2: http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-2-use-after-free/
Part 3: http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-3-a-simple-rop-chain/

From Android Static Analysis to RCE on Prod

https://blog.dixitaditya.com/from-android-app-to-rce/

TikTok Spyware (SpyNote) Analysis
https://www.zscaler.com/blogs/research/tiktok-spyware

AndroidProjectCreator #slides
https://maxkersten.nl/wp-content/uploads/2020/09/ConfidenceConference2020_AndroidProjectCreator.pdf

Android bypass SSL pinning using Frida
https://www.docdroid.net/file/download/zokUC70/android-ssl-pinning-pdf.pdf

Three persistent and one theft of arbitrary files vulnerabilities have been discovered in the TikTok Android app
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw
https://www.zdnet.com/google-amp/article/billions-of-devices-vulnerable-to-new-blesa-bluetooth-security-flaw/

Vulnerability that allows to persistently launch Intent on every device on the same LAN that had vulnerable version of Firefox for Android (68.11.0 and below)
Report: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/tree/master/firefox-android-2020
PoC code: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/blob/master/firefox-android-2020/ffssdp.py