Forwarded from Wild Kernels Bot
🌽 New Kernel Release Uploaded
📦 Repository: WildKernels/GKI_KernelSU_SUSFS
✏️ Commit: 07c4b3b9c877acf0d5ba3b8bc13f06c3550be4be
🔗 View GitHub Release
📦 Repository: WildKernels/GKI_KernelSU_SUSFS
✏️ Commit: 07c4b3b9c877acf0d5ba3b8bc13f06c3550be4be
🔗 View GitHub Release
GitHub
GitHub - WildKernels/GKI_KernelSU_SUSFS: GKI Kernels with KernelSU & SUSFS
GKI Kernels with KernelSU & SUSFS. Contribute to WildKernels/GKI_KernelSU_SUSFS development by creating an account on GitHub.
Forwarded from Morgan Weedman, Wild Kernels Owner (DMs OPEN)
Hello GKI peeps! New 1.5.10 is out... Give it a try! If differences are found let me know!
You may get new detections, wait for 1.5.11/12 or go back to 1.5.9, or.... if your apps dont notice anything just stay on 1.5.10 :D
Next, I previously added a fix that may have broke some device booting, but allowed other to not boot! This is not a susfs problem. If you can boot latest 1.5.9 but cant boot 1.5.10 or vise versa please let me know! if needed i cant start making different fixes!
Thanks Everyone!
If you like my work and would like to support me!
Donations:
https://t.me/WildKernels/90170/90171
You may get new detections, wait for 1.5.11/12 or go back to 1.5.9, or.... if your apps dont notice anything just stay on 1.5.10 :D
Next, I previously added a fix that may have broke some device booting, but allowed other to not boot! This is not a susfs problem. If you can boot latest 1.5.9 but cant boot 1.5.10 or vise versa please let me know! if needed i cant start making different fixes!
Thanks Everyone!
If you like my work and would like to support me!
Donations:
https://t.me/WildKernels/90170/90171
Forwarded from KernelSU Next Bot
KernelSU_Next_v1.1.1-26-g478394a6-spoofed_12877-release.apk
16.9 MB
CI Manager (SPOOFED BUILD)
#ci_2677
Commit
Workflow run
#ci_2677
kernel: align prctl harden commit from backslashxx/KernelSU
SQUASHED:
* kernel: harden barriers for arm/arm64
* kernel: core_hook: harden prctl handler
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
Commit
Workflow run
KernelSU_Next_v1.1.1-26-g478394a6_12877-release.apk
16.9 MB
CI Manager (TEST BUILD)
#ci_2677
Commit
Workflow run
#ci_2677
kernel: align prctl harden commit from backslashxx/KernelSU
SQUASHED:
* kernel: harden barriers for arm/arm64
* kernel: core_hook: harden prctl handler
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
Commit
Workflow run
Forwarded from Nagram X CI
NagramX-v12.0.1(1220)-arm64-v8a.apk
48.4 MB
Release version.
Commit Message:
See commit details 7def502
Commit Message:
Version Bump
See commit details 7def502
What's new?
• feat: hide stories from header
• feat: disable profile avatar blur
• feat: add search button in N-Settings
• feat: disable in-app browser gestures
• feat: translate voice transcription
• feat: open document from link preview
• feat: add Details option to story viewer
• feat: add Save to Downloads button in SearchViewPager
• feat: allow translate with AI during auto translation
• feat: option to exclude API keys when exporting settings
• Bug fixes and improvements
No deleted account found from
86 scanned users from this group 🚫👻Forwarded from Android Security & Malware
Automating Android Component Testing with new APK Inspector tool
-What are exported components?
-Setup and testing APK Inspector
-Improve automation and execute ADB commands interactively
-Run it on Android
-What are Intent Redirection Vulnerabilities?
https://www.mobile-hacker.com/2025/09/18/automating-android-app-component-testing-with-new-apk-inspector/
-What are exported components?
-Setup and testing APK Inspector
-Improve automation and execute ADB commands interactively
-Run it on Android
-What are Intent Redirection Vulnerabilities?
https://www.mobile-hacker.com/2025/09/18/automating-android-app-component-testing-with-new-apk-inspector/
Mobile Hacker
Automating Android App Component Testing with New APK Inspector
If improperly secured, exported components become easy entry points for attackers to execute arbitrary code, access sensitive data, or manipulate the app’s behavior.
Forwarded from Android Security & Malware
Trigger for the integer underflow bug in the HID core subsystem (CVE-2025-38494 and CVE-2025-38495) that leaks 64 KB of OOB memory over USB
Still works on Pixels and Ubuntus (but the bug is fixed in stable kernels)
https://github.com/xairy/kernel-exploits/tree/master/CVE-2025-38494
Still works on Pixels and Ubuntus (but the bug is fixed in stable kernels)
https://github.com/xairy/kernel-exploits/tree/master/CVE-2025-38494
Forwarded from Android Security & Malware
CVE-2025-10184 is permission bypass that affects multiple OnePlus devices running OxygenOS 12–15 (NOT FIXED) with PoC
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
https://www.rapid7.com/blog/post/cve-2025-10184-oneplus-oxygenos-telephony-provider-permission-bypass-not-fixed/
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
https://www.rapid7.com/blog/post/cve-2025-10184-oneplus-oxygenos-telephony-provider-permission-bypass-not-fixed/
Forwarded from Android Security & Malware
Finding vulnerabilities in the Binder kernel driver through fuzzing
https://androidoffsec.withgoogle.com/posts/binder-fuzzing/
https://androidoffsec.withgoogle.com/posts/binder-fuzzing/
Withgoogle
Binder Fuzzing - Android Offensive Security Blog
In our previous blog posts, we explored Android Binder’s intricacies, from exploiting a vulnerability (CVE-2023-20938) for kernel code execution to examining its inner workings. In this post, we shift our focus to finding vulnerabilities in the Binder kernel…
Forwarded from Android Security & Malware
Obtain a root shell on Unisoc unpatched devices (CVE-2025-31710)
https://github.com/Skorpion96/unisoc-su/tree/main?tab=readme-ov-file
https://github.com/Skorpion96/unisoc-su/tree/main?tab=readme-ov-file
GitHub
GitHub - Skorpion96/unisoc-su: A method for CVE-2025-31710 and to connect to cmd_skt to obtain a root shell on unisoc unpatched…
A method for CVE-2025-31710 and to connect to cmd_skt to obtain a root shell on unisoc unpatched models - Skorpion96/unisoc-su
Forwarded from Android Security & Malware
Banker Trojan Targeting Indonesian and Vietnamese Android Users
https://dti.domaintools.com/banker-trojan-targeting-indonesian-and-vietnamese-android-users/
https://dti.domaintools.com/banker-trojan-targeting-indonesian-and-vietnamese-android-users/
DomainTools Investigations | DTI
Banker Trojan Targeting Indonesian and Vietnamese Android Users - DomainTools Investigations | DTI
A group has been targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate payment and government identity applications. The operators exhibit distinct domain registration patterns with a strong operational focus during…
Forwarded from Android Security & Malware
This media is not supported in your browser
VIEW IN TELEGRAM
Triggered WhatsApp 0-click on iOS/macOS/iPadOS
CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300.
Analysis of Samsung CVE-2025-21043 is also ongoing
Source: https://x.com/DarkNavyOrg/status/1972260639101034950
CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300.
Analysis of Samsung CVE-2025-21043 is also ongoing
Source: https://x.com/DarkNavyOrg/status/1972260639101034950
Forwarded from Android Security & Malware
Writeup for CVE-2025-24085, an ITW iOS mediaplaybackd vulnerability patched earlier this year
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-24085/CVE-2025-24085.md
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-24085/CVE-2025-24085.md
GitHub
n-days/CVE-2025-24085/CVE-2025-24085.md at main · b1n4r1b01/n-days
Contribute to b1n4r1b01/n-days development by creating an account on GitHub.
Forwarded from Android Security & Malware
Exploring Android Accessibility Malware | Droidcon Italy 2024
https://www.youtube.com/watch?v=xCHW8ql3vi0
https://www.youtube.com/watch?v=xCHW8ql3vi0
YouTube
Exploring Android Accessibility Malware | Droidcon Italy 2024
Android Accessibility Malware EXPOSED: What Hackers Don’t Want You to Know—this eye-opening session from Droidcon Italy 2024 reveals how cybercriminals exploit Android’s Accessibility Services and combine them with credential stuffing to infiltrate user accounts…
Forwarded from Android Security & Malware
Analysis of Android DHCSpy operated by the Iranian APT MuddyWater
https://shindan.io/blog/dhcspy-discovering-the-iranian-apt-muddywater
https://shindan.io/blog/dhcspy-discovering-the-iranian-apt-muddywater
shindan.io
Blog - DHCSpy - Discovering the Iranian APT MuddyWater
Shindan est une application SaaS, mobile et desktop qui détecte les compromissions et vulnérabilités sur smartphones et tablettes, sans accès aux données personnelles. Obtenez un diagnostic rapide et précis pour protéger vos VIP et collaborateurs.
Forwarded from Android Security & Malware
Security Evaluation Of Android Apps In Budget African Mobile Devices
The study examined 1,544 APKs collected from seven African smartphones. The analysis revealed that 145 applications (9%) disclose sensitive data, 249 (16%) expose critical components, and many present additional risks: 226 execute privileged or dangerous commands, 79 interact with SMS messages (read, send, or delete), and 33 perform silent installation operations
https://arxiv.org/pdf/2509.18800
The study examined 1,544 APKs collected from seven African smartphones. The analysis revealed that 145 applications (9%) disclose sensitive data, 249 (16%) expose critical components, and many present additional risks: 226 execute privileged or dangerous commands, 79 interact with SMS messages (read, send, or delete), and 33 perform silent installation operations
https://arxiv.org/pdf/2509.18800
Forwarded from Android Security & Malware
Datzbro: RAT Hiding Behind Senior Travel Scams
https://www.threatfabric.com/blogs/datzbro-rat-hiding-behind-senior-travel-scams
https://www.threatfabric.com/blogs/datzbro-rat-hiding-behind-senior-travel-scams
ThreatFabric
Datzbro: RAT Hiding Behind Senior Travel Scams
In this research article by ThreatFabric, we expose Datzbro: a new RAT that hides behind senior travel scams.
Forwarded from Android Security & Malware
Klopatra: exposing a new Android banking trojan operation with roots in Turkey
https://www.cleafy.com/cleafy-labs/klopatra-exposing-a-new-android-banking-trojan-operation-with-roots-in-turkey
https://www.cleafy.com/cleafy-labs/klopatra-exposing-a-new-android-banking-trojan-operation-with-roots-in-turkey
Cleafy
Klopatra: exposing a new Android banking trojan operation with roots in Turkey | Cleafy LABS
In late August 2025, Cleafy's Threat Intelligence team discovered Klopatra, a new, highly sophisticated Android malware currently targeting banking users primarily in Spain and Italy. The number of compromised devices has already exceeded 1,000. Read the…
Forwarded from Android Security & Malware
Silent Smishing : The Hidden Abuse of Cellular Router APIs
Cellular router’s API was exploited to send malicious SMS messages containing phishing URLs
https://blog.sekoia.io/silent-smishing-the-hidden-abuse-of-cellular-router-apis/
Cellular router’s API was exploited to send malicious SMS messages containing phishing URLs
https://blog.sekoia.io/silent-smishing-the-hidden-abuse-of-cellular-router-apis/
Sekoia.io Blog
Silent Smishing : The Hidden Abuse of Cellular Router APIs
How attackers abuse Milesight cellular router APIs to run smishing at scale via unauthenticated SMS endpoints—targeting Belgium (CSAM/eBox).
Forwarded from Android Security & Malware
Phones auto-connecting to "FreeWiFi_Secure" Wi-Fi network leak full IMSI in cleartext during EAP-SIM exchange
Anyone nearby with sniffer could capture it → track users, or correlate identities.
Fixed pushed disabling FreeWiFi_Secure on legacy boxes starting Oct 1, 2025.
https://7h30th3r0n3.fr/the-vulnerability-that-killed-freewifi_secure/
Anyone nearby with sniffer could capture it → track users, or correlate identities.
Fixed pushed disabling FreeWiFi_Secure on legacy boxes starting Oct 1, 2025.
https://7h30th3r0n3.fr/the-vulnerability-that-killed-freewifi_secure/