Android Zero‑Click RCE via Wireless Debugging (CVE‑2026‑0073) + demos
Blog: https://www.mobile-hacker.com/2026/05/12/android-rce-via-wireless-debugging-from-network-access-to-shell/
Video: https://youtu.be/ihEIr0wWklk
Blog: https://www.mobile-hacker.com/2026/05/12/android-rce-via-wireless-debugging-from-network-access-to-shell/
Video: https://youtu.be/ihEIr0wWklk
YouTube
Android Zero‑Click RCE via Wireless Debugging | CVE‑2026‑0073 Demo
In this video, I break down a critical Android vulnerability ( CVE‑2026‑0073 ) affecting modern versions of Android (14, 15, 16), where a flaw in ADB’s authentication logic can allow an attacker on the same network to gain shell access without user interaction.…
❤23👍4
Android Intrusion Logging as a new source of data for forensic analysis
https://securitylab.amnesty.org/latest/2026/05/android-intrusion-logging-as-a-new-source-of-data-for-consensual-forensic-analysis/
https://securitylab.amnesty.org/latest/2026/05/android-intrusion-logging-as-a-new-source-of-data-for-consensual-forensic-analysis/
Amnesty International Security Lab
Android Intrusion Logging as a new source of data for consensual forensic analysis - Amnesty International Security Lab
Google has today announced the launch of a new ‘Android Intrusion Logging’ feature as part of Android Advanced Protection Mode (AAPM). The new intrusion logging feature promises to be a major aid to digital forensics researchers undertaking investigations…
👍12⚡2💩2👏1
Inside the Fake RTO Challan Checker: How I Uncovered a Sophisticated Android Spyware Targeting Indians
Part 1: https://medium.com/@singhbkn07/inside-the-fake-rto-challan-checker-how-i-uncovered-a-sophisticated-android-spyware-targeting-8f2da6a9a5a0
Part 2: https://medium.com/@singhbkn07/fake-rto-challan-checker-part-2-cracking-the-payload-mapping-the-operator-and-why-this-is-3eb78e512d7f
Part 1: https://medium.com/@singhbkn07/inside-the-fake-rto-challan-checker-how-i-uncovered-a-sophisticated-android-spyware-targeting-8f2da6a9a5a0
Part 2: https://medium.com/@singhbkn07/fake-rto-challan-checker-part-2-cracking-the-payload-mapping-the-operator-and-why-this-is-3eb78e512d7f
Medium
Inside the Fake RTO Challan Checker: How I Uncovered a Sophisticated Android Spyware Targeting Indians
A full technical teardown of a malware campaign hiding behind India’s traffic fine system
🔥5🎃3❤2👍2😁2
APKShield-PT: Auto Root Detection & SSL Pinning Bypass with Frida Script Generation
https://github.com/Whitehat987/apkshield-pt
https://github.com/Whitehat987/apkshield-pt
GitHub
GitHub - Whitehat987/apkshield-pt: Android Penetration Testing Tool — Auto Root Detection & SSL Pinning Bypass with Frida Script…
Android Penetration Testing Tool — Auto Root Detection & SSL Pinning Bypass with Frida Script Generation - Whitehat987/apkshield-pt
🔥8👍2💩2🤣1🎃1👾1
An Android VPN apps can be bypassed and leak IP
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
lowlevel.fun
The Tiny UDP Cannon: An Android VPN Bypass
An unprivileged Android app can leak the user's real IP past Always-On VPN + lockdown by handing system_server a UDP payload to fire on its behalf.
🎃9👍6🤔2🤬1👀1
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
Cleafy
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers | Cleafy
Cleafy's TIR team identified and analyzed two previously undocumented Android NFC relay malware families, DevilNFC and NFCMultiPay, actively targeting European and LATAM banking customers.
👍8❤1
Reverse engineering Android malware with Claude Code
https://zanestjohn.com/blog/reing-with-claude-code
https://zanestjohn.com/blog/reing-with-claude-code
Zanestjohn
Reverse engineering Android malware with Claude Code - Zane St. John
I pointed an autonomous coding agent at a $35 projector. It found a big RAT.
❤11🎉2👾1
Trapdoor Funnels Malvertising into Ad Fraud
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
👍5❤1
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
Zimperium
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
true
🎃3👍1🔥1
The Flipper One: Hacking Gadget is Becoming a Pocket Linux PC [video]
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
👍8
Comparing 3D printed Flipper One model to Zero
https://www.youtube.com/shorts/qHS_kmxJKow
https://www.youtube.com/shorts/qHS_kmxJKow
YouTube
Flipper One is Becoming a Pocket Linux PC
Flipper OneBigger. More powerful. Way more capable.Flipper One is shaping up to be a serious upgrade—and we’ve broken it all down in our latest video and blo...
🔥5⚡1