43051
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable Linux kernels v5.10.x.
https://github.com/farazsth98/chronomaly
DNGerousLINK: A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices (CVE-2025-55177, CVE-2025-43300)
https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-whatsapp-0-click-exploits-on-ios-and-samsung-devices
CVE-2025-38352 - In-the-wild Android Kernel Vulnerability Analysis + PoC
https://faith2dxy.xyz/2025-12-22/cve_2025_38352_analysis/
PoC: https://github.com/farazsth98/poc-CVE-2025-38352
Kimsuky Distributing Malicious Mobile App via QR Code
https://www.enki.co.kr/en/media-center/blog/kimsuky-distributing-malicious-mobile-app-via-qr-code
Cellik - A New Android RAT With Play Store Integration
https://iverify.io/blog/meet-cellik---a-new-android-rat-with-play-store-integration
ipsw: command-line framework for Apple firmware analysis and interact with iOS devices
https://github.com/blacktop/ipsw
Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit 42.
Patched in April 2025 (CVE-2025-21042)
https://googleprojectzero.blogspot.com/2025/12/a-look-at-android-itw-dng-exploit.html
Inside BTMOB: An Analytical Breakdown of a Leaked Android RAT Ecosystem
https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/
How Ads Infect Phones Without a Click by Intellexa
https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/
https://www.recordedfuture.com/research/intellexas-global-corporate-web
https://cloud.google.com/blog/topics/threat-intelligence/intellexa-zero-day-exploits-continue
Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers
PoC: https://github.com/Cfomodz/whatsmap
Paper: https://arxiv.org/html/2411.11194v4
Return of ClayRat: Expanded Features and Techniques
https://zimperium.com/blog/return-of-clayrat-expanded-features-and-techniques
SEEDSNATCHER : Dissecting an Android Malware Targeting Multiple Crypto Wallet Mnemonic Phrases
https://www.cyfirma.com/research/seedsnatcher-dissecting-an-android-malware-targeting-multiple-crypto-wallet-mnemonic-phrases/
[Beginners] All About Android Pentesting: A Complete Methodology
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
Charging cable that hacks your device
Once plugged in, it can:
-detect OS,
-inject keystrokes,
-controlled over Wi-Fi,
-create remote shell access without network connection of target
https://www.mobile-hacker.com/2025/12/01/plug-play-pwn-hacking-with-evil-crow-cable-wind/
Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets
https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets
Android revers engineering and malware analysis notes
https://www.notion.so/Reverse-Engineering-8f11869a35fa4832a01896f1b503261f
https://www.notion.so/Malware-Analysis-e1006868cce24a769e0ca4349b87ef31
A New Stage in the Evolution of Android SMS Stealers in Uzbekistan
https://www.group-ib.com/blog/mobile-malware-uzbekistan/
Analysis of CVE-2025-31200, a zero-day, zero-click RCE in iOS. Triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025)
https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201
Kimwolf Botnet Hacked 1.8 Million Android TVs, Launched DDoS Attacks, Proxy
https://blog.xlab.qianxin.com/kimwolf-botnet-en/
Frogblight: New Android banker targets Turkish users
https://securelist.com/frogblight-banker/118440/
Security flaws in Freedom Chat app exposed users' phone numbers and PINs
https://ericdaigle.ca/posts/super-secure-maga-messaging-app-leaks-everyones-phone-number/
DroidLock Hijacks Your Device
https://zimperium.com/blog/total-takeover-droidlock-hijacks-your-device
FuzzMe - MobileHackingLab CTF Challenge WriteUp
sal/fuzzme-mobilehackinglab-ctf-writeup" rel="nofollow">https://hackmd.io/@sal/fuzzme-mobilehackinglab-ctf-writeup
New Android In-Call Scam Protection Pauses Calls for 30 Seconds When Using Financial Apps
https://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
New FvncBot Android banking trojan targets Poland
https://www.intel471.com/blog/new-fvncbot-android-banking-trojan-targets-poland
Mobile Forensics: Extracting Data from WhatsApp on already rooted device or with using Cellebrite to gain elevated privileges
https://hackers-arise.com/mobile-forensics-extracting-data-from-whatsapp/
Cybercrime group GoldFactory: Distributed at least 27 legitimate banking apps injected with malicious code, targeting users in Indonesia, Vietnam, and Thailand
https://www.group-ib.com/blog/turning-apps-into-gold/
Reverse engineering Bluetooth on Amazon Kindle eReaders
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
IPAtool - command line tool that allows you to search and download iOS apps from the App Store, known as an ipa file
https://github.com/majd/ipatool
Combatting Cybercrime against Mobile Devices
This paper examines cybercrime against consumer mobile devices and their users in the UK
https://www.rusi.org/explore-our-research/publications/insights-papers/combatting-cybercrime-against-mobile-devices