Forwarded from Android Security & Malware
Reverse engineering of Apple's iOS 0-click CVE-2025-43300
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
Quarkslab
Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter - Quarkslab's blog
On August 20th, Apple released an out-of-band security fix for its main operating systems. This patch allegedly fixes CVE-2025-43300, an out-of-bounds write, addressed with improved bounds checking in the ImageIO framework. In this blog post we provide a…
Forwarded from Android Security & Malware
[beginners] Building an Android Bug Bounty lab - guide to configuring emulators, real devices, proxies, Magisk, Burp, Frida
https://www.yeswehack.com/learn-bug-bounty/android-lab-mobile-hacking-tools
https://www.yeswehack.com/learn-bug-bounty/android-lab-mobile-hacking-tools
YesWeHack
The bug hunter’s guide to building an Android mobile hacking lab
Covering the pros and cons of emulators versus real devices, and how to configure Magisk, Burp, Frida, Medusa and other mobile hacking tools.
Forwarded from XiaomiTime: Xiaomi & HyperOS News (IFTTT)
"Xiaomi launches its new 20,000mAh 67W Power Bank with Integrated Cable for 179 yuan (~$25)! - Built-in USB-C cable (67W output)- Charges 3 devices simultaneously- Lightweight, travel-friendly design- Airline carry-on compliant Sales start September 8, 2024."
🔗 Check More
🔗 Check More
XiaomiTime
Xiaomi Unveils 20000mAh 67W Power Bank With Integrated Cable - XiaomiTime
Xiaomi has just introduced its new 20,000mAh 67W Power Bank, now available via its official store at a competitive price of 179 yuan (approximately $25 USD).
Forwarded from XiaomiTime: Xiaomi & HyperOS News (IFTTT)
"Redmi Computer Speaker 2 Pro is now available for pre-order at 369 yuan (~$51 USD)!- 4-speaker setup with 10W drivers- 24 RGB lighting effects- DSP technology for enhanced audio- Bluetooth 5.3, USB, AUX inputs- Built-in mic with echo cancellationElevate your desktop audio!"
🔗 Check More
🔗 Check More
XiaomiTime
REDMI Computer Speaker 2 Pro Debuts With RGB Lighting - XiaomiTime
Redmi has introduced its Computer Speaker 2 Pro, now available for pre-order via Xiaomi Youpin in China at 369 yuan (approximately $51 USD). This product is
Forwarded from Gizchina.com
Pixel 10 Pro Users Already Facing Screen Problems https://www.gizchina.com/google-pixel/pixel-10-pro-users-already-facing-screen-problems
Gizchina
Pixel 10 Pro Users Already Facing Screen Problems
Pixel 10 Pro buyers are spotting display glitches with flashing colored lines, raising questions about reliability just after launch.
Forwarded from Gizchina.com
Ulefone Armor 29 Pro Series Official Prices Announced: Thermal Imaging Flagship Starts at $599.99 https://www.gizchina.com/ulefone/ulefone-armor-29-pro-series-official-prices-announced-thermal-imaging-flagship-starts-at-59999
Forwarded from KernelSU Next Bot
KernelSU_Next_v1.0.9-29-ga540992e_12826-release.apk
17.7 MB
CI Manager (TEST BUILD)
#ci_2626
Commit
Workflow run
#ci_2626
Reset seccomp filter count when escaping to root (https://github.com/tiann/KernelSU/pull/2708) (#743)
-Note: legacy kernels:
https://github.com/selfmusing/kernel_xiaomi_violet/commit/9596554cfbdab57682a430c15ca64c691d404152
Co-authored-by: Wang Han <416810799@qq.com>
Commit
Workflow run
KernelSU_Next_v1.0.9-29-ga540992e-spoofed_12826-release.apk
17.7 MB
CI Manager (SPOOFED BUILD)
#ci_2626
Commit
Workflow run
#ci_2626
Reset seccomp filter count when escaping to root (https://github.com/tiann/KernelSU/pull/2708) (#743)
-Note: legacy kernels:
https://github.com/selfmusing/kernel_xiaomi_violet/commit/9596554cfbdab57682a430c15ca64c691d404152
Co-authored-by: Wang Han <416810799@qq.com>
Commit
Workflow run
Forwarded from The Hacker News
🚨 523 malicious SVG files are slipping past antivirus scans.
Hackers are posing as Colombia’s Attorney General, using fake “document downloads” to secretly drop malware.
The kicker? Every sample evaded detection.
Here’s what’s going on ↓ https://thehackernews.com/2025/09/virustotal-finds-44-undetected-svg.html
Hackers are posing as Colombia’s Attorney General, using fake “document downloads” to secretly drop malware.
The kicker? Every sample evaded detection.
Here’s what’s going on ↓ https://thehackernews.com/2025/09/virustotal-finds-44-undetected-svg.html
Forwarded from The Hacker News
Pentest reports are broken.
Teams are still stuck with static PDFs while attackers move in real time.
Now, platforms like PlexTrac deliver findings instantly—no waiting, no manual ticketing, no weeks-long delays. Faster fixes, lower risk.
Here’s how it changes the game ↓ https://thehackernews.com/2025/09/automation-is-redefining-pentest.html
Teams are still stuck with static PDFs while attackers move in real time.
Now, platforms like PlexTrac deliver findings instantly—no waiting, no manual ticketing, no weeks-long delays. Faster fixes, lower risk.
Here’s how it changes the game ↓ https://thehackernews.com/2025/09/automation-is-redefining-pentest.html
Forwarded from The Hacker News
🚨 The Salesloft Drift breach has ignited a flurry of incident disclosures from SaaS providers, making it hard for security teams to keep up.
Nudge Security has put together a tracker for notifications related to this breach which will be updated as more providers issue communications.
Stay up to date here: https://thn.news/breach-tracker
Nudge Security has put together a tracker for notifications related to this breach which will be updated as more providers issue communications.
Stay up to date here: https://thn.news/breach-tracker
Forwarded from The Hacker News
🚨 Cyber gang TAG-150 just built CastleRAT in Python & C — a new trojan that steals passwords, hijacks crypto wallets, logs keystrokes & takes over PCs.
It’s the latest weapon in their CastleLoader malware ops.
Full story → https://thehackernews.com/2025/09/tag-150-develops-castlerat-in-python.html
It’s the latest weapon in their CastleLoader malware ops.
Full story → https://thehackernews.com/2025/09/tag-150-develops-castlerat-in-python.html
Forwarded from Libreware
ChatterUI - A simple app for LLMs
https://github.com/Vali-98/ChatterUI
https://t.me/chatterui
ChatterUI is a native mobile frontend for LLMs.
Run LLMs on device or connect to various commercial or open source APIs. ChatterUI aims to provide a mobile-friendly interface with fine-grained control over chat structuring.
Features:
Run LLMs on-device in Local Mode
Connect to various APIs in Remote Mode
Chat with characters. (Supports the Character Card v2 specification.)
Create and manage multiple chats per character.
Customize Sampler fields and Instruct formatting
Integrates with your device’s text-to-speech (TTS) engine
Usage
Download and install latest APK from the releases page.
iOS is Currently unavailable due to lacking iOS hardware for development
Local Mode
ChatterUI uses a llama.cpp under the hood to run gguf files on device. A custom adapter is used to integrate with react-native: cui-llama.rn
To use on-device inferencing, first enable Local Mode, then go to Models > Import Model / Use External Model and choose a gguf model that can fit on your device's memory. The importing functions are as follows:
Import Model: Copies the model file into ChatterUI, potentially speeding up startup time.
Use External Model: Uses a model from your device storage directly, removing the need to copy large files into ChatterUI but with a slight delay in load times.
After that, you can load the model and begin chatting!
Note: For devices with Snapdragon 8 Gen 1 and above or Exynos 2200+, it is recommended to use the Q4_0 quantization for optimized performance.
Remote Mode
Remote Mode allows you to connect to a few common APIs from both commercial and open source projects.
Open Source Backends:
koboldcpp
text-generation-webui
Ollama
Dedicated API:
OpenAI
Claude (with ability to use a proxy)
Cohere
Open Router
Mancer
AI Horde
Generic backends:
Generic Text Completions
Generic Chat Completions
These should be compliant with any Text Completion/Chat Completion backends such as Groq or Infermatic.
Custom APIs:
Is your API provider missing? ChatterUI allows you to define APIs using its template system.
Read more about it here!
#ai #Android
https://github.com/Vali-98/ChatterUI
https://t.me/chatterui
ChatterUI is a native mobile frontend for LLMs.
Run LLMs on device or connect to various commercial or open source APIs. ChatterUI aims to provide a mobile-friendly interface with fine-grained control over chat structuring.
Features:
Run LLMs on-device in Local Mode
Connect to various APIs in Remote Mode
Chat with characters. (Supports the Character Card v2 specification.)
Create and manage multiple chats per character.
Customize Sampler fields and Instruct formatting
Integrates with your device’s text-to-speech (TTS) engine
Usage
Download and install latest APK from the releases page.
iOS is Currently unavailable due to lacking iOS hardware for development
Local Mode
ChatterUI uses a llama.cpp under the hood to run gguf files on device. A custom adapter is used to integrate with react-native: cui-llama.rn
To use on-device inferencing, first enable Local Mode, then go to Models > Import Model / Use External Model and choose a gguf model that can fit on your device's memory. The importing functions are as follows:
Import Model: Copies the model file into ChatterUI, potentially speeding up startup time.
Use External Model: Uses a model from your device storage directly, removing the need to copy large files into ChatterUI but with a slight delay in load times.
After that, you can load the model and begin chatting!
Note: For devices with Snapdragon 8 Gen 1 and above or Exynos 2200+, it is recommended to use the Q4_0 quantization for optimized performance.
Remote Mode
Remote Mode allows you to connect to a few common APIs from both commercial and open source projects.
Open Source Backends:
koboldcpp
text-generation-webui
Ollama
Dedicated API:
OpenAI
Claude (with ability to use a proxy)
Cohere
Open Router
Mancer
AI Horde
Generic backends:
Generic Text Completions
Generic Chat Completions
These should be compliant with any Text Completion/Chat Completion backends such as Groq or Infermatic.
Custom APIs:
Is your API provider missing? ChatterUI allows you to define APIs using its template system.
Read more about it here!
#ai #Android
GitHub
GitHub - Vali-98/ChatterUI: Simple frontend for LLMs built in react-native.
Simple frontend for LLMs built in react-native. Contribute to Vali-98/ChatterUI development by creating an account on GitHub.