A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
https://projectzero.google/2026/01/pixel-0-click-part-1.html
https://projectzero.google/2026/01/pixel-0-click-part-1.html
projectzero.google
A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
Over the past few years, several AI-powered features have been added to mobile phones that allow ...
π₯16β€3π2π1
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
https://projectzero.google/2026/01/pixel-0-click-part-2.html
https://projectzero.google/2026/01/pixel-0-click-part-2.html
projectzero.google
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what k...
π11π3π2
A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
https://projectzero.google/2026/01/pixel-0-click-part-3.html
https://projectzero.google/2026/01/pixel-0-click-part-3.html
projectzero.google
A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
While our previous two blog posts provided technical recommendations for increasing the effort re...
π16π6β€2π1π€1
WhisperPair: Hijacking Bluetooth Accessories
Using Google Fast Pair.
You can also check if your device is vulnerable
https://whisperpair.eu/
Using Google Fast Pair.
You can also check if your device is vulnerable
https://whisperpair.eu/
whisperpair.eu
WhisperPair: Hijacking Bluetooth Accessories Using Google Fast Pair
WhisperPair is a family of practical attacks leveraging a flaw in the Google Fast Pair implementation on flagship audio accessories.
β€12π6π4π2
WPair: app for testing Bluetooth WhisperPair vulnerability in Google's Fast Pair protocol (CVE-2025-36911) https://github.com/zalexdev/wpair-app
GitHub
GitHub - zalexdev/wpair-app: WPair is a defensive security research tool that demonstrates the CVE-2025-36911 (eg WhisperPair)β¦
WPair is a defensive security research tool that demonstrates the CVE-2025-36911 (eg WhisperPair) vulnerability in Google's Fast Pair protocol. This vulnerability affects millions of Blueto...
π₯16β€8π6π3π€―2π2π1
Frida-based tool to dump decrypted iOS apps as .ipa from a jailbroken device supports App Store, sideloaded and system
https://github.com/lautarovculic/frida-ipa-extract
https://github.com/lautarovculic/frida-ipa-extract
GitHub
GitHub - lautarovculic/frida-ipa-extract: Robust Frida-based tool to dump decrypted iOS apps as .ipa from a jailbroken device supportsβ¦
Robust Frida-based tool to dump decrypted iOS apps as .ipa from a jailbroken device supports App Store, sideloaded and system. - lautarovculic/frida-ipa-extract
π17β€8π4π€£1
Analysis of CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) exploit chain - iOS Safari
https://github.com/zeroxjf/WebKit-UAF-ANGLE-OOB-Analysis
https://github.com/zeroxjf/WebKit-UAF-ANGLE-OOB-Analysis
π11β€6π2
Firebase APK Security Scanner
Scan Android APKs for Firebase security misconfigurations including open databases, exposed storage buckets, and authentication bypasses
https://github.com/trailofbits/skills/tree/main/plugins/firebase-apk-scanner
Scan Android APKs for Firebase security misconfigurations including open databases, exposed storage buckets, and authentication bypasses
https://github.com/trailofbits/skills/tree/main/plugins/firebase-apk-scanner
GitHub
skills/plugins/firebase-apk-scanner at main Β· trailofbits/skills
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows - trailofbits/skills
β€18π4π3
Android.Phantom trojans are bundled with modded games and popular apps to infiltrate smartphones. They use machine learning and video broadcasts to engage in click fraud
https://news.drweb.com/show/?i=15110&lng=en
https://news.drweb.com/show/?i=15110&lng=en
β€16π5π5
Samsung S23 Ultra: The Ultimate NetHunter Setup(Android 14 Fix)
https://medium.com/@JanCSG/samsung-s23-ultra-the-ultimate-nethunter-setup-31c1105201d9
https://medium.com/@JanCSG/samsung-s23-ultra-the-ultimate-nethunter-setup-31c1105201d9
Medium
Samsung S23 Ultra: The Ultimate NetHunter Setup(Android 14 Fix)
Iβve spent the last couple of days trying to turn my S23 Ultra into the ultimate mobile hacking machine.
β€23π8π€‘8πΏ3π₯°2π1
A Frida-based utility for dynamically extracting native (.so) libraries from Android applications
https://github.com/TheQmaks/soSaver
https://github.com/TheQmaks/soSaver
GitHub
GitHub - TheQmaks/soSaver: A Frida-based utility for dynamically extracting native (.so) libraries from Android applications.
A Frida-based utility for dynamically extracting native (.so) libraries from Android applications. - TheQmaks/soSaver
β€17π5π₯3
Android and authentication: The Evolution of FIDO Experiences on Android
https://bughunters.google.com/blog/fido
https://bughunters.google.com/blog/fido
π14β€2
Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation
https://www.welivesecurity.com/en/eset-research/love-actually-fake-dating-app-used-lure-targeted-spyware-campaign-pakistan/
https://www.welivesecurity.com/en/eset-research/love-actually-fake-dating-app-used-lure-targeted-spyware-campaign-pakistan/
Welivesecurity
Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan
ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.
π13β€4
NFCShare (SuperCard X) Android Trojan: NFC card data theft via malicious APK
https://www.d3lab.net/nfcshare-android-trojan-nfc-card-data-theft-via-malicious-apk/
https://www.d3lab.net/nfcshare-android-trojan-nfc-card-data-theft-via-malicious-apk/
D3Lab
NFCShare Android Trojan: NFC card data theft via malicious APK
An Android trojan distributed via a Deutsche Bank phishing campaign pretends to be βSupport Nexi,β prompts victims to tap their payment card and enter the PIN, then exfiltrates NFC data over a WebSocket. We attribute this cluster as NFCShare and provide technicalβ¦
π12β€4
Disrupting the World's Largest Residential Proxy Network
https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network
https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network
Google Cloud Blog
Disrupting the World's Largest Residential Proxy Network | Google Cloud Blog
IPIDEAβs proxy infrastructure is a component of the digital ecosystem leveraged by a wide array of bad actors.
π15
The Rise of Android Arsink Rat
https://zimperium.com/blog/the-rise-of-arsink-rat
https://zimperium.com/blog/the-rise-of-arsink-rat
Zimperium
The Rise of Arsink Rat
true
π13π4
Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload Delivery
https://www.bitdefender.com/en-us/blog/labs/android-trojan-campaign-hugging-face-hosting-rat-payload
https://www.bitdefender.com/en-us/blog/labs/android-trojan-campaign-hugging-face-hosting-rat-payload
Bitdefender
Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload Delivery
Bitdefender researchers discovered an Android RAT campaign that combines social engineering, the resources of Hugging Face and permission abuse
π10β‘4π2π€£2
Modern iOS Security Features β A Deep Dive
into SPTM, TXM, and Exclaves
https://arxiv.org/pdf/2510.09272
into SPTM, TXM, and Exclaves
https://arxiv.org/pdf/2510.09272
π15β€6
Carbonara: The MediaTek exploit nobody served
https://shomy.is-a.dev/blog/article/serving-carbonara
Penumbra is a tool for interacting with Mediatek devices.
It provides flashing and readback capabilities, as well as bootloader unlocking and relocking on vulnerable devices: https://github.com/shomykohai/penumbra
https://shomy.is-a.dev/blog/article/serving-carbonara
Penumbra is a tool for interacting with Mediatek devices.
It provides flashing and readback capabilities, as well as bootloader unlocking and relocking on vulnerable devices: https://github.com/shomykohai/penumbra
β€13π6
Analysing a Pegasus 0-click Exploit for iOS
Recreated the "Blastpass" iOS exploit in a faked target process, to understand the heap shaping strategy first-hand
https://youtu.be/0JFcDCW3Sis
Recreated the "Blastpass" iOS exploit in a faked target process, to understand the heap shaping strategy first-hand
https://youtu.be/0JFcDCW3Sis
YouTube
Analysing a Pegasus 0-click Exploit for iOS
Are you a security researcher or reverse engineer?
For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **
*License discounts are only valid for individualsβ¦
For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **
*License discounts are only valid for individualsβ¦
π17β€10
Deep-C: Android Deep Link misconfiguration detector and exploitation tool
https://github.com/KishorBal/deep-C
https://github.com/KishorBal/deep-C
π₯17β€9π4π2