Forwarded from Aerath's Free Time Funs (Aerath Xlythe)
And finally we're in IzzyOnDroid too! 🎉 thanks the community for the IzzyOnDroid request 😇
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Android Security & Malware
Analysis of CVE-2025-31200, a zero-day, zero-click RCE in iOS. Triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025)
https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201
https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201
GitHub
GitHub - JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201: CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s…
CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalati...
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Android Security & Malware
CVE-2025-38352 - In-the-wild Android Kernel Vulnerability Analysis + PoC
https://faith2dxy.xyz/2025-12-22/cve_2025_38352_analysis/
PoC: https://github.com/farazsth98/poc-CVE-2025-38352
https://faith2dxy.xyz/2025-12-22/cve_2025_38352_analysis/
PoC: https://github.com/farazsth98/poc-CVE-2025-38352
faith2dxy.xyz
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC
Part 1 (This blog post) - In-the-wild Android Kernel Vulnerability Analysis + PoC Part 2 - Extending The Race Window Without a Kernel Patch CVE-2025-38352 was a…
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Android Security & Malware
A New Stage in the Evolution of Android SMS Stealers in Uzbekistan
https://www.group-ib.com/blog/mobile-malware-uzbekistan/
https://www.group-ib.com/blog/mobile-malware-uzbekistan/
Group-IB
Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan
Group-IB analyzes the evolution of Android malware in Uzbekistan, revealing advanced droppers, encrypted payload delivery, anti-analysis techniques, and Wonderland’s bidirectional SMS-stealing capabilities driving large-scale financial fraud.
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Android Security & Malware
DNGerousLINK: A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices (CVE-2025-55177, CVE-2025-43300)
https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-whatsapp-0-click-exploits-on-ios-and-samsung-devices
https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-whatsapp-0-click-exploits-on-ios-and-samsung-devices
media.ccc.de
DNGerousLINK: A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices
The spyware attack targeting WhatsApp, disclosed in August as an in-the-wild exploit, garnered significant attention. By simply knowing a...
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Android Security & Malware
Android revers engineering and malware analysis notes
https://www.notion.so/Reverse-Engineering-8f11869a35fa4832a01896f1b503261f
https://www.notion.so/Malware-Analysis-e1006868cce24a769e0ca4349b87ef31
https://www.notion.so/Reverse-Engineering-8f11869a35fa4832a01896f1b503261f
https://www.notion.so/Malware-Analysis-e1006868cce24a769e0ca4349b87ef31
Secure's Notion on Notion
Reverse Engineering | Notion
@Android Internals Review
This media is not supported in your browser
VIEW IN TELEGRAM