43052
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Hook Version 3: The Banking Trojan with The Most Advanced Capabilities
https://zimperium.com/blog/hook-version-3-the-banking-trojan-with-the-most-advanced-capabilities
iOS 18.6.1 0-click RCE POC (CVE-2025-43300)
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
Revealing Hidden iOS Apps: Exploring System Applications on Jailbroken Devices
https://reversethat.app/posts/revealing-hidden-system-ios-apps/
ELEGANTBOUNCER: Catch iOS 0-click exploits without having the samples.
Features iOS backup forensics & messaging app scanning for iMessage, WhatsApp, Signal, Telegram & Viber attachments.
https://www.msuiche.com/posts/elegantbouncer-when-you-cant-get-the-samples-but-still-need-to-catch-the-threat/
Hidden Links: Analyzing Secret Families of VPN Apps
https://www.petsymposium.org/foci/2025/foci-2025-0008.pdf
Samsung S24 Exploit Chain Pwn2Own 2024 Walkthrough
happyjester80/samsung-s24-exploit-chain-pwn2own-2024-walkthrough-c7a3da9a7a26" rel="nofollow">https://medium.com/@happyjester80/samsung-s24-exploit-chain-pwn2own-2024-walkthrough-c7a3da9a7a26
Step by Step Complete Beginners guide of iOS penetration testing
https://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-17092c0e0dc7
Android Malware Promises Energy Subsidy to Steal Financial Data
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-promises-energy-subsidy-to-steal-financial-data/
Exposes and Analyzes of ERMAC V3.0 Banking Trojan Full Source Code Leak
https://hunt.io/blog/ermac-v3-banking-trojan-source-code-leak
Gain Control of Rooted Android Devices by Exploiting One Vulnerability in KernelSU
https://zimperium.com/blog/the-rooting-of-all-evil-security-holes-that-could-compromise-your-mobile-device
Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G & 4G LTE Routers
Slides and demos: https://github.com/actuator/DEFCON-33
JMS — Mobile Docker, the container image used by JMS in their mobile-security trainings
Info: justmobilesec/just-mobile-security-jms-mobile-docker-ba1e6b7f131d" rel="nofollow">https://medium.com/@justmobilesec/just-mobile-security-jms-mobile-docker-ba1e6b7f131d
Docker: https://github.com/justmobilesec/just-mobile-security-mobile-docker
Android Malware Targets Indian Banking Users to Steal Financial Info and Mine Crypto
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-targets-indian-banking-users-to-steal-financial-info-and-mine-crypto/
PlayPraetor's evolving threat: How Chinese-speaking actors globally scale an Android RAT
https://www.cleafy.com/cleafy-labs/playpraetors-evolving-threat-how-chinese-speaking-actors-globally-scale-an-android-rat
ToxicPanda: The Android Banking Trojan Targeting Europe
https://www.bitsight.com/blog/toxicpanda-android-banking-malware-2025-study
Mobile & Phone Related OSINT Sites
https://uk-osint.net/mobilephone.html
CADroid: A Cross-combination Attention based Framework for Android Malware Detection
https://www.sciencedirect.com/science/article/abs/pii/S0957417425030623
Fake Website Pages Used to Spread SpyNote Android Malware
https://dti.domaintools.com/spynote-malware-part-2/
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa
Xiaomi 13 Pro Code Execution via GetApps DOM Cross-Site Scripting (XSS) from Pwn2Own 2023
happyjester80/xiaomi-13-pro-code-execution-via-getapps-dom-cross-site-scripting-xss-6590cf35fb27" rel="nofollow">https://medium.com/@happyjester80/xiaomi-13-pro-code-execution-via-getapps-dom-cross-site-scripting-xss-6590cf35fb27
Full exploit chain of FiberGateway router via public wifi network
https://r0ny.net/FiberGateway-GR241AG-Full-Exploit-Chain/
Lazarus Stealer : Android Malware for Russian Bank Credential Theft Through Overlay and SMS Manipulation
https://www.cyfirma.com/research/lazarus-stealer-android-malware-for-russian-bank-credential-theft-through-overlay-and-sms-manipulation/
Reversing Android Apps: Bypassing Detection Like a Pro
https://www.kayssel.com/newsletter/issue-12/
PhantomCard: New NFC-driven Android malware emerging in Brazil
https://www.threatfabric.com/blogs/phantomcard-new-nfc-driven-android-malware-emerging-in-brazil
Android backdoor spies on employees of Russian business
https://forum.drweb.com/index.php?showtopic=339295
From Signal to the Android SDK: Chaining Path Traversal, Mimetype Confusion, Security Check Bypass and File Descriptor Bruteforce for Arbitrary File Access
https://blog.ostorlab.co/signal-arbitrary-file-read.html
Guardio’s like your digital bodyguard - blocking scams, leaks, and shady stuff before it hits.
Think you’re safe online? Let’s put it to the test.
👉 Take our quick Security Quiz and see how protected you really are.
🚫 Bye-bye scam sites & phishing traps
🔔 Instant alerts if your info gets leaked
📱 Real-time protection for all your devices
🎁 Try Guardio free for 7 days - no strings, just safety.
Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed
https://zimperium.com/blog/behind-random-words-doubletrouble-mobile-banking-trojan-revealed
Meet Guardio - a powerful online protection tool that keeps you safe while you browse, shop, and live your digital life.
✅ Blocks scam sites, phishing & malicious pop-ups
✅ Alerts you instantly if your personal info or SSN is leaked
✅ Protects your identity, accounts & mobile in real-time
🎁 Try it for free for 7 days, no strings attached!
RedHook: A New Android Banking Trojan Targeting Users in Vietnam
https://cyble.com/blog/redhook-new-android-banking-targeting-in-vietnam/