This media is not supported in your browser
VIEW IN TELEGRAM
Analysis of RCE of Xiaomi C400 camera by exploiting Vulnerability #1 and #3 combined together. Vulnerabilities are not patched!
Vulnerability #1: Xiaomi - miIO Protocol Authentication Bypass
Vulnerability #2: Xiaomi - miIO client cryptographically weak PRNG
Vulnerability #3: miIO client heap buffer overflow
Analysis: https://labs.taszk.io/articles/post/nowyouseemi/
Exploits and jailbreak for Xiaomi Smart Cameras: https://github.com/TaszkSecLabs/xiaomi-c400-pwn
Vulnerability #1: Xiaomi - miIO Protocol Authentication Bypass
Vulnerability #2: Xiaomi - miIO client cryptographically weak PRNG
Vulnerability #3: miIO client heap buffer overflow
Analysis: https://labs.taszk.io/articles/post/nowyouseemi/
Exploits and jailbreak for Xiaomi Smart Cameras: https://github.com/TaszkSecLabs/xiaomi-c400-pwn
π20
Taking Apart iOS Apps: Anti-Debugging and Anti-Tampering in the Wild
https://blog.calif.io/p/taking-apart-ios-apps-anti-debugging
https://blog.calif.io/p/taking-apart-ios-apps-anti-debugging
blog.calif.io
Taking Apart iOS Apps: Anti-Debugging and Anti-Tampering in the Wild
Table Of Contents
β€13π3
Weaponizing LSPosed: Remote SMS Injection and Identity Spoofing in Modern Payment Ecosystems
https://www.cloudsek.com/blog/weaponizing-lsposed-remote-sms-injection-and-identity-spoofing-in-modern-payment-ecosystems-2
https://www.cloudsek.com/blog/weaponizing-lsposed-remote-sms-injection-and-identity-spoofing-in-modern-payment-ecosystems-2
Cloudsek
Weaponizing LSPosed: Remote SMS Injection and Identity Spoofing in Modern Payment Ecosystems | CloudSEK
LSPosed, a powerful framework for rooted Android devices, has been weaponized by attackers to remotely inject fraudulent SMS messages and spoof user identities in modern payment ecosystems. This report exposes a critical vulnerability: the exploitation ofβ¦
π10π€4π2β€1π₯1
Oblivion RAT - An Android Spyware Platform With a Built-In APK Factory
https://iverify.io/blog/oblivion-rat-android-spyware-analysis
https://iverify.io/blog/oblivion-rat-android-spyware-analysis
iverify.io
Oblivion RAT - An Android Spyware Platform With a Built-In APK Factory
Technical analysis of Oblivion RAT Android malware: $300/month MaaS platform with APK builder, AccessibilityService hijacking, and fake ZIP encryption.
β€12π2π₯1
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/
Google Cloud Blog
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors | Google Cloud Blog
DarkSword is a new iOS exploit chain that leverages multiple zero-day vulnerabilities to fully compromise iOS devices.
π11β€5π₯4
Perseus: DTO malware that takes notes
https://www.threatfabric.com/blogs/perseus-dto-malware-that-takes-notes
https://www.threatfabric.com/blogs/perseus-dto-malware-that-takes-notes
ThreatFabric
Perseus: DTO malware that takes notes
Perseus is a new Device Takeover (DTO) malware family that specifically looks for user-generated content stored in note taking applications.
π₯12β€4
Decompiling an Android Application Written in .NET MAUI 9 (Xamarin)
https://mwalkowski.com/post/decompiling-an-android-application-written-in-net-maui-9-xamarin/
https://mwalkowski.com/post/decompiling-an-android-application-written-in-net-maui-9-xamarin/
MichaΕ Walkowski
Decompiling an Android Application Written in .NET MAUI 9 (Xamarin) | MichaΕ Walkowski
.NET MAUI, as the successor to Xamarin, enables the development of cross-platform applications, including Android, using C#. In previous versions (up to .NET MAUI 8), applications stored their DLL libraries in assemblies.blob and assemblies.manifest filesβ¦
π14π1
SSL pinning bypass setup for iOS (No Jailbreak) using OpenVPN + iptables traffic redirection to proxy (Burp Suite / mitmproxy)
https://github.com/SahilH4ck4you/iOS-SSL-pinning-bypass-without-jalibreak
https://github.com/SahilH4ck4you/iOS-SSL-pinning-bypass-without-jalibreak
GitHub
GitHub - SahilH4ck4you/iOS-SSL-pinning-bypass-without-jalibreak: SSL pinning bypass setup for iOS (No Jailbreak) using OpenVPNβ¦
SSL pinning bypass setup for iOS (No Jailbreak) using OpenVPN + iptables traffic redirection to proxy (Burp Suite / mitmproxy) - SahilH4ck4you/iOS-SSL-pinning-bypass-without-jalibreak
π10π€‘9π3π©3β‘2π₯±2
Microsoft Authenticatorβs Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026β26123)
https://khaledsec.medium.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02?sk=df506976e7c2d15fd29e70725873f6e2
https://khaledsec.medium.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02?sk=df506976e7c2d15fd29e70725873f6e2
Medium
Microsoft Authenticatorβs Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026β26123)
When your authentication app becomes the weakest link: How an unclaimed deep link exposed millions of Microsoft accounts
β€10β‘1π1
Coruna: the framework used in Operation Triangulation
https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/
https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/
Securelist
Coruna framework: an exploit kit and ties to Operation Triangulation
Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the Operation Triangulation exploit.
π4π3β€1
Analysis of Android FvncBot banker campaign targeting Polish users
https://cert.pl/en/posts/2026/03/fvncbot-analysis/
https://cert.pl/en/posts/2026/03/fvncbot-analysis/
cert.pl
Analysis of FvncBot campaign
CERT Polska has analyzed an SGB-branded Android malware sample from the FvncBot campaign targeting Poland. The app installs a second-stage implant, coerces the victim into enabling accessibility, and registers the device to a backend that issues per-deviceβ¦
β‘4