MiningDropper โ A Global Modular Android Malware Campaign Operating at Scale
https://cyble.com/blog/miningdropper-global-modular-android-malware/
https://cyble.com/blog/miningdropper-global-modular-android-malware/
Cyble
MiningDropper: A Global Android Malware Campaign
Cyble analyzes a surge in an ongoing campaign to deliver MiningDropper โ a modular Android malware framework - at scale.
๐9โค2
FakeWallet crypto stealer spreading through iOS apps in the App Store
https://securelist.com/fakewallet-cryptostealer-ios-app-store/119474/
https://securelist.com/fakewallet-cryptostealer-ios-app-store/119474/
โค11๐3
New NGate variant hides in a trojanized NFC payment app
https://www.welivesecurity.com/en/eset-research/new-ngate-variant-hides-in-a-trojanized-nfc-payment-app/
https://www.welivesecurity.com/en/eset-research/new-ngate-variant-hides-in-a-trojanized-nfc-payment-app/
Welivesecurity
New NGate variant hides in a trojanized NFC payment app
ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI.
๐ฑ10โค3๐1
Bad Connection: Uncovering how global mobile networks themselves have become surveillance infrastructure to spy on location of targets
https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/
https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/
The Citizen Lab
The Citizen Lab Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors
Our investigation uncovers two sophisticated telecom surveillance campaigns and, for the first time, links real-world attack traffic to mobile operator signalling infrastructure. The findings expose how suspected commercial surveillance vendors (CSVs) exploitโฆ
โค6๐4๐3
Morpheus: A new Spyware linked to IPS Intelligence
https://osservatorionessuno.org/blog/2026/04/morpheus-a-new-spyware-linked-to-ips-intelligence/
https://osservatorionessuno.org/blog/2026/04/morpheus-a-new-spyware-linked-to-ips-intelligence/
osservatorionessuno.org
Osservatorio Nessuno
Morpheus: A new Spyware linked to IPS Intelligence
โค9๐5
KYCShadow: An Android Banking Malware Exploiting Fake KYC Workflows for Credential and OTP Theft
https://www.cyfirma.com/research/kycshadow-an-android-banking-malware-exploiting-fake-kyc-workflows-for-credential-and-otp-theft/
https://www.cyfirma.com/research/kycshadow-an-android-banking-malware-exploiting-fake-kyc-workflows-for-credential-and-otp-theft/
CYFIRMA
KYCShadow: An Android Banking Malware Exploiting Fake KYC Workflows for Credential and OTP Theft - CYFIRMA
Executive Summary This report presents an analysis of an Android malware masquerading as a bank KYC verification application, distributed via...
๐5
apk-info: APK full-featured parser
https://github.com/delvinru/apk-info
https://github.com/delvinru/apk-info
GitHub
GitHub - delvinru/apk-info: APK full-featured parser
APK full-featured parser. Contribute to delvinru/apk-info development by creating an account on GitHub.
โค18๐ฉ4๐ฅ2๐คฎ2๐คก1๐1๐1
This media is not supported in your browser
VIEW IN TELEGRAM
A Five- Bug Chain to Arbitrary APK Install on Samsung S25
https://bugscale.ch/blog/here-we-go-again-a-five-bug-chain-to-arbitrary-apk-install-on-samsung-s25/
https://bugscale.ch/blog/here-we-go-again-a-five-bug-chain-to-arbitrary-apk-install-on-samsung-s25/
โค12๐ฅ5๐4
FEMITBOT: Abuse of Telegram Mini Apps for Large-Scale Fraud Campaigns
https://www.ctm360.com/reports/femitbot-telegram-mini-apps-fraud-campaigns
https://www.ctm360.com/reports/femitbot-telegram-mini-apps-fraud-campaigns
Ctm360
FEMITBOT: Telegram Mini Apps Fraud Report | CTM360
CTM360 report on FEMITBOT abuse of Telegram Mini Apps for large-scale fraud campaigns targeting crypto and financial platforms. Download the full report.
๐8โค2
Mirai: Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers
https://hunt.io/blog/xlabs-v1-ddos-for-hire-operation-exposed
https://hunt.io/blog/xlabs-v1-ddos-for-hire-operation-exposed
hunt.io
xlabs_v1 DDoS-for-Hire Operation Exposed: How an Operator's Debug Build Unraveled a Commercial Game-Server Botnet
A publicly exposed debug build unraveled xlabs_v1, a commercial game-server DDoS-for-hire botnet with 21 flood variants running on bulletproof infrastructure.
โก4โค1
Supply-chain attack by North Korea ScarCruft APT group targeting the Yanbian region via backdoor-laced Windows and Android games
https://www.welivesecurity.com/en/eset-research/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack/
https://www.welivesecurity.com/en/eset-research/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack/
Welivesecurity
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games.
๐ฅ5