Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
Zimperium
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
true
๐4๐2๐ฅ1
The Flipper One: Hacking Gadget is Becoming a Pocket Linux PC [video]
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
๐10
Comparing 3D printed Flipper One model to Zero
https://www.youtube.com/shorts/qHS_kmxJKow
https://www.youtube.com/shorts/qHS_kmxJKow
YouTube
Flipper One is Becoming a Pocket Linux PC
Flipper OneBigger. More powerful. Way more capable.Flipper One is...
๐ฅ9๐3โก1
OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight
https://cyble.com/blog/overlayphantom-android-banking-trojan/
https://cyble.com/blog/overlayphantom-android-banking-trojan/
Cyble
OverlayPhantom-android-banking-trojan-hiding In Plain Sight
Cyble analyzes OverlayPhantom, an Android banking trojan targeting 180+ apps across 10 countries, stealing credentials via fake overlays and real-time screen streaming.
โค8๐4
BTMOB: A stealthy RAT burrowing deep into Android devices
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
Welivesecurity
BTMOB: A stealthy RAT burrowing deep into Android devices
The BTMOB malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise.
โค11๐2
IRIS (Intent Runtime Inspection System) - tool for observing Android Intent activity from a rooted device
https://github.com/Ch0pin/iris
https://github.com/Ch0pin/iris
GitHub
GitHub - Ch0pin/iris: Intent Runtime Inspection System
Intent Runtime Inspection System. Contribute to Ch0pin/iris development by creating an account on GitHub.
โค10๐4๐1
Technical overview of how commercial forensic tools compromise mobile devices
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
osservatorionessuno.org
Osservatorio Nessuno
Demystifying phone unlocking tools: A technical overview
๐9๐2
Bypassing SSL Pinning in Flutter-Based iOS Applications
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
Medium
Bypassing SSL Pinning in Flutter-Based iOS Applications
Hello folks,
โค12๐5๐5
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
Medium
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
During Flutter mobile application assessments, reFlutter is often the fastest option for bypassing TLS/SSL verification and redirectingโฆ
๐9โค3๐1
Bypassing SSL Pinning on Play Store Android Device Emulators without Frida
https://www.mfumis.com/posts/bypassing-ssl-pinning-on-play-store-avds-without-frida/
https://www.mfumis.com/posts/bypassing-ssl-pinning-on-play-store-avds-without-frida/
Mateo Fumis (hackermater)
Bypassing SSL Pinning on Play Store AVDs without Frida
๐ฒ ๐ Bypassing SSL Pinning on Play Store Android Device Emulators without Frida
โก6โค3๐ฅ1
A $300 Creative speaker can be hacked over Bluetooth (no pairing) to install malicious firmware and silently turn into a BadUSB keyboard that can takes over USB connected PC.
Creative donโt consider it a vulnerability - it is not patched!
https://blog.nns.ee/2026/06/03/katana-badusb/
Creative donโt consider it a vulnerability - it is not patched!
https://blog.nns.ee/2026/06/03/katana-badusb/
blog.nns.ee
Pwnd Blaster: Hacking your PC using your speaker without ever touching it | nns.ee
Abusing an unauthenticated Bluetooth protocol to turn a PC speaker into a Rubber Ducky.
โก8๐ฅ2
Android.MagicAd displays background ads without SYSTEM_ALERT_WINDOW.
Bypasses restrictions via system media controls abuse, vendor-specific intents, and Binder IPC abuse on Xiaomi/Vivo/Amazon devices. Distributed in 50+ apps via GetApps/Galaxy Store
https://news.drweb.com/show/?i=15262&c=5&lng=en
Bypasses restrictions via system media controls abuse, vendor-specific intents, and Binder IPC abuse on Xiaomi/Vivo/Amazon devices. Distributed in 50+ apps via GetApps/Galaxy Store
https://news.drweb.com/show/?i=15262&c=5&lng=en
๐ฅ10โก4
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html
https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html
โค9โก1๐คฎ1
NFCShare evolves: from a banking phishing APK to a GitHub-hosted Android NFC fraud campaign
https://www.d3lab.net/nfcshare-evolves-from-a-banking-phishing-apk-to-a-github-hosted-android-nfc-fraud-campaign/
https://www.d3lab.net/nfcshare-evolves-from-a-banking-phishing-apk-to-a-github-hosted-android-nfc-fraud-campaign/
D3Lab
NFCShare evolves: from a banking phishing APK to a GitHub-hosted Android NFC fraud campaign
A new NFCShare Android malware campaign distributed through an Intesa Sanpaolo-themed phishing flow, short URLs, and GitHub-hosted APKs. The recent samples keep the same NFC card-theft logic but introduce stronger anti-analysis packaging, brand rotation,โฆ
๐9
Tested the raw socket layer of a pre-production POS system. Found 4 critical/high vulnerabilities โ including a replay attack, cross-merchant IDOR, ghost transactions, and card identity bypass
https://m4kr0.vercel.app/posts/iso-8583-under-fire-finding-vulnerabilities-in-a-payment-socket
https://m4kr0.vercel.app/posts/iso-8583-under-fire-finding-vulnerabilities-in-a-payment-socket
M4KR0 Blog
ISO 8583 Under Fire: Finding Vulnerabilities in a Payment Socket - M4KR0 Blog
A hands-on walkthrough of security testing an ISO 8583 payment socket โ from reversing the app and enabling hidden debug mode, to finding four critical vulnerabilities in the processor layer
๐ฅ10โก6โค2
FirefUXSS 0-day: Universal XSS in Firefox Focus for iOS via Redirect-Scheme Validation Race Condition - not patched yet
https://github.com/v12-security/pocs/tree/main/firefox
https://github.com/v12-security/pocs/tree/main/firefox
GitHub
pocs/firefox at main ยท v12-security/pocs
poc it like it's hot. Contribute to v12-security/pocs development by creating an account on GitHub.
โค10๐2
I tested Nearby Glasses app to detect "spy" smart glasses - I explained why it is not working reliably and how the app can be even spoofed with fake Bluetooth signals
https://www.mobile-hacker.com/2026/06/14/smart-glasses-can-record-you-and-detecting-them-isnt-so-simple/
https://www.mobile-hacker.com/2026/06/14/smart-glasses-can-record-you-and-detecting-them-isnt-so-simple/
Mobile Hacker
Smart Glasses Can Record You - And Detecting Them Isnโt So Simple - Mobile Hacker
Smart glasses with camera are becoming more common, fitting into everyday life. They look like normal sunglasses โ but they can record video, capture audio, and take photos at any moment.
โค9๐4
Local Privilege Escalation (LPE) vulnerability in MEmu Android Emulator 9.2.7.0 (CVE-2026-36213)
https://github.com/sec-zone/CVE-2026-36213
https://github.com/sec-zone/CVE-2026-36213
GitHub
GitHub - sec-zone/CVE-2026-36213: CVE-2026-36213 | Local Privilege Escalation in MEmu Android Emulator 9.2.7.0 via Insecure Serviceโฆ
CVE-2026-36213 | Local Privilege Escalation in MEmu Android Emulator 9.2.7.0 via Insecure Service Binary Permissions | Patched in 9.3.2 - sec-zone/CVE-2026-36213
๐8
Rokarolla : Android Banker with Complete Device Takeover Capabilities
https://zimperium.com/blog/rokarolla-android-banker-with-complete-device-takeover-capabilities
https://zimperium.com/blog/rokarolla-android-banker-with-complete-device-takeover-capabilities
Zimperium
Rokarolla : Android Banker with Complete Device Takeover Capabilities
true
๐11๐ฅ2
[slides] OffensiveCon 2026: Tile-Based Deferred Rooting: When Your GPU Starts Rendering To Kernel Code Space! (CVE-2025-25180)
https://androidoffsec.withgoogle.com/slides/art_imagination_gpu_offensivecon_2026.pdf
https://androidoffsec.withgoogle.com/slides/art_imagination_gpu_offensivecon_2026.pdf
๐7๐1