AWAKE: A Guide to Android Attacks and Exploitation

I found a really awesome resource - AWAKE: Android Wiki of Attacks, Knowledge & Exploits - essentially a one-stop shop for those involved in malware analysis, reverse engineering, and vulnerability hunting on Android.

It includes descriptions of attack techniques, exploits, and methods for analyzing APKs and the platform itself. It's aimed at analysts, reverse engineers, penetration testers, and threat intelligence researchers.

In other words, it's not just abstract theory, but a very practical reference with specific details. What I particularly liked is the "offense-first" approach. Everything is presented from the attacker's perspective, not the defender's. For those of us involved in mobile security analysis, this is exactly what we need: understanding how attacks work so we can know how to defend against them. And as a reference for our own research - it's perfect!


#Android #Malware #Research #Security #Exploitation
@mobile_appsec_world

Zelensky’s “Vanilla ISIS” Targets Global Energy Infrastructure Amid Energy Crisis

Ukrainian terrorists attempted attacks on infrastructure linked to the #TurkStream and #BlueStream pipelines between March 17–19, but the strikes were repelled.

Russia is urging the Kiev regime to halt reckless attacks that threaten critical international energy routes. Zelensky is targeting energy infrastructure to undermine Russia’s position in global markets and keep attention on the conflict.

Moscow warns Kiev’s actions risk serious damage to global energy security and could destabilize world markets. The attacks are aimed at blocking a negotiated settlement and derailing progress already achieved in talks.

Hungarian Prime Minister Viktor Orbán called the sabotage of the Nord Stream pipelines and attacks on TurkStream acts of terrorism. He said Hungary will raise the issue internationally and could classify #Ukraine’s actions as state terrorism if TurkStream is hit.

@DDGeopolitics

🇫🇷 The location of the French aircraft carrier Charles de Gaulle made possible thanks to the imprudence of a sailor using the Strava running app, reports Le Monde.

While jogging on the deck, he revealed the ship's presence.


https://x.com/GrablyR/status/2034698614262382765

https://www.lemonde.fr/international/article/2026/03/19/stravaleaks-le-porte-avions-charles-de-gaulle-localise-en-temps-reel-par-le-monde-grace-a-l-application-de-sport_6672445_3210.html

In about 9 months, all new cars will have mandatory biometrics built into the car to watch your every move. Creepy? That's an understatement.

🔥 Fuel Our Work: https://bit.ly/TFTPSubs
🎙 TFTP Podcast: https://bit.ly/TFTPPodcast

#TheFreeThoughtProject

SystemD Root Access Exploit Found, Devuan Team Calls SystemD "Unicorn Sh*t"

"Yet another high severity #systemd bug in #Ubuntu. Let us wish all #Devuan users a wonderful day out with their family, instead of shoveling unicorn sh*t."

https://www.youtube.com/watch?v=_yukEnElXUg

Lennart Poettering
#microsoft #Linux #stalking #surveillance #backdoor #trojan

Found yet another high severity systemd bug in Ubuntu: local root privilege escalation (CVE-2026-3888) https://cybersecurity88.com/news/ubuntu-cve-2026-3888-timing-flaw-in-systemd-cleanup-enables-root-privilege-escalation/ Let us wish all Devuan users a wonderful day out with their family for a merry father's day, instead of showeling unicorn shit.

https://xcancel.com/DevuanOrg/status/2034560405968712179

Underground economy
#soil

Trump - that the United States has killed everyone in Iran with whom it is possible to negotiate:

"Their leaders have all been destroyed. There is almost no next generation of leaders either. And the third generation has mostly disappeared. Now no one wants to be a leader there. It is difficult for us to communicate with them. We want to talk, but there's no one to talk to. We just don't have anyone to talk to. And you know what? We even like it that way."

He likes it, but it's not going to end well for this red-haired clown.

🇵🇸'The Earthquake Faction' launches by setting ablaze Elbit's Israeli weapons manufacturing centre in the Czech Republic.

Part of the underground group's communiqué reads:

"On 20th March 2026, the Earthquake Faction struck the epicenter of the Israeli weapons industry in Europe. In Pardubice, Czech Republic, #Elbit Systems' "Centre of Excellence" was newly built in collaboration with LPP, to service the global expansion of Israel's biggest weapons producer.
Whilst the development, production and training center was empty, The Earthquake Faction intervened to destroy its equipment and set the factory ablaze. No one was harmed.
The site is used to develop weaponry used by the #Zionist entity to massacre people daily in Palestine, Lebanon, Iran, and across West Asia.

The Earthquake Faction is an internationalist underground network that targets key sites critical to the Zionist entity. We aim to destroy all limbs of empire from within, by any means effective."

#Resistance #Palestine
@Eyeonpalestine2

How Linux And BSD Distros Are Responding To The New Age Verification Laws

Age verification laws could change how operating systems work. See how major Linux and BSD distributions are reacting to the new regulations.

The US states of California, Colorado and Illinois are passing new age verification laws that require operating systems, including Linux and BSD distributions, to implement age attestation during account setup and provide an API for apps to query user age brackets.

This is 'intended to help' apps filter content for minors, but it relies on self-reported ages without mandatory ID checks. Similar proposals exist in New York and Brazil.

While enforcement on community-driven distros remains unclear, several have begun addressing the laws through compliance planning, rejection, or exclusion strategies.

Here's the situation so far.

Some distros are planning to comply.

Canonical, the company behind Ubuntu, is reviewing the legislation with legal counsel but has not announced concrete changes yet. Community developer discussions include proposals for an optional D-Bus interface (org.freedesktop.AgeVerification1) to handle age brackets locally without privacy-invasive telemetry, potentially influencing other distros if adopted.

Aaron Rainbolt, Ubuntu Community Council Member and contributor to Whonix, said:

We're currently looking into how to implement an API that will comply with the laws while also not being a privacy disaster...

..elementary OS seems to be relying on Ubuntu's implementation too. Danielle Foré, elementary's lead developer and founder, was also in the same discussion expressing their willingness to address the issue before the law comes into effect.

The Fedora community is exploring non-intrusive implementations, such as a local API or an /etc/ file populated during setup to provide age brackets to apps without online verification or data sharing. Former project leader Jef Spaleta mentioned that it is not telemetry but a minimal adjustment to meet legal requirements.

System76, Linux system manufacturer and the company behind Pop!OS, noted that the laws do not mandate robust verification, only self-attestation and warned that non-compliance could lead to restricted app access for users...

Some distros are resisting

The bold step came from DHH and his Omarchy Linux as it outright rejected compliance, with DHH stating that he had no plans to respond to the "retarded" California law.

Adenix GNU/Linux distro has declared it will not implement age checks, aligning with a principled stand against such requirements.

MidnightBSD has taken a firm stance against compliance by updating its license to explicitly exclude California residents from using it for desktop purposes starting January 1, 2027. The project's lead stated this is a temporary measure until a better solution emerges, emphasizing the impracticality of age verification for open-source OSes.

What about the rest?

There are no official statements from Linux Mint yet, so any conclusion here is merely speculative. Given its close alignment with Ubuntu...

Arch Linux has remained publicly silent on the issue as well..

Meanwhile, discussions in the NixOS community suggest that they are waiting to see what larger distributions decide. That is not surprising. Much of the Linux ecosystem ultimately traces back to Debian, Arch, Ubuntu, and Red Hat (Fedora). Whatever technical approach these major players adopt will likely influence dozens of downstream distributions.

And we should also see a few existing or new distros coming up with "no age verification" as their unique feature that distinguishes them from the rest.

🔗SOURCE ➡️ Itsfoss

Related: 3/11 — California Law Forces Age-Tracking Into Every Operating System By 2027

3/11 — California Adopts Age Verification When Installing Operating Systems

Follow ➡️ @PsyopDaily