A recently discovered Android campaign leverages a fake Google Play Store to distribute GPT Trade, a malicious dropper posing as a ChatGPT-themed trading app. Once installed, the dropper silently generates and deploys two additional malware families—BTMob…

Sturnus is a privately operated Android banking trojan with many fraud-related capabilities, including Device Takeover and capturing decrypted messages.

phia ios app analysis (living document). GitHub Gist: instantly share code, notes, and snippets.

The dataset originates from metadata published in connection with a security study titled “Trivial WhatsApp Security Issue Exposed 3.5 Billion Phone Numbers.” That research demonstrated how a simple flaw could reveal phone numbers globally.

In this blog, we will see how we can exploit a deeplink to achieve an RCE

POC writeup to exploit sandbox escape in itunesstored & bookassetd

Check Point researchers uncover a large-scale Android adware campaign that silently drains resources and disrupts normal phone use through persistent

The Android malware-as-a-service (MaaS) ecosystem continues to evolve with increasingly sophisticated threats designed to evade security measures while maintaining operational simplicity for would-be attackers.

On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for…

Pi‑hole is a network‑level ad and tracker blocker. Instead of installing ad‑blockers on each device, Pi‑hole runs as your DNS server, intercepting domain lookups and returning a null/blocked response for domains on curated blocklists.

CRIL uncovers RelayNFC, a malware leveraging Near-Field Communication (NFC) to intercept and relay contactless payment data.

A complete walkthrough of the 8ksec "FridaInTheMiddle" challenge: bypassing Frida detection, hooking Swift functions, and intercepting arguments on a jailbroken iPhone.

Hunting potential C2 commands in Android malware via Smali string comparison and control flow

Presented at the VB2025 conference in Berlin, 24 - 26 September 2025.
↓ Slides: https://www.virusbulletin.com/uploads/pdf/conference/vb2025/slides/Slides-Hunting…

An in-depth Bug Bounty guide to performing reconnaissance on Android apps – from extracting APKs to mapping endpoints, secrets and vulnerable components.

Here we go again! Today we will be talking about SSL Pinning Bypass in Android. Due the recent cybersecurity congress that I have assisted...

Joseph Jarnecki outlines the highest priority cyberthreats against consumer mobile devices and considers potential strategies to mitigate and address the threat.

Albiriox is a newly identified Android malware family offered as a Malware-as-a-Service, and enabling TAs to perform On-Device Fraud through remote control, screen manipulation, and real-time interaction with the infected device. Read more in this report.