43052
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
https://projectzero.google/2026/01/pixel-0-click-part-2.html
deVixor: An Evolving Android Banking RAT with Ransomware Capabilities Targeting Iran
https://cyble.com/blog/devixor-an-evolving-android-banking-rat-with-ransomware-capabilities-targeting-iran/
Play Integrity API: How It Works & How to Bypass It
https://m4kr0.vercel.app/posts/play-integrity-api-how-it-works--how-to-bypass-it/
Frida-UI: Interact with Frida devices, processes, and scripts directly from your browser
https://github.com/adityatelange/frida-ui
Droid LLM Hunter is a tool to scan for vulnerabilities in Android applications using Large Language Models (LLMs)
https://github.com/roomkangali/droid-llm-hunter
Predator iOS Malware: Building a Surveillance Framework - Part 1
https://blog.reversesociety.co/blog/2025/predator-ios-malware-surveillance-framework-part-1
Read, write, and emulate NFC cards on jailbroken iPhones
https://github.com/OwnGoalStudio/TrollNFC/
Android revers engineering and malware analysis notes
https://www.notion.so/Reverse-Engineering-8f11869a35fa4832a01896f1b503261f
https://www.notion.so/Malware-Analysis-e1006868cce24a769e0ca4349b87ef31
A New Stage in the Evolution of Android SMS Stealers in Uzbekistan
https://www.group-ib.com/blog/mobile-malware-uzbekistan/
Analysis of CVE-2025-31200, a zero-day, zero-click RCE in iOS. Triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025)
https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201
Kimwolf Botnet Hacked 1.8 Million Android TVs, Launched DDoS Attacks, Proxy
https://blog.xlab.qianxin.com/kimwolf-botnet-en/
Frogblight: New Android banker targets Turkish users
https://securelist.com/frogblight-banker/118440/
Security flaws in Freedom Chat app exposed users' phone numbers and PINs
https://ericdaigle.ca/posts/super-secure-maga-messaging-app-leaks-everyones-phone-number/
DroidLock Hijacks Your Device
https://zimperium.com/blog/total-takeover-droidlock-hijacks-your-device
FuzzMe - MobileHackingLab CTF Challenge WriteUp
sal/fuzzme-mobilehackinglab-ctf-writeup" rel="nofollow">https://hackmd.io/@sal/fuzzme-mobilehackinglab-ctf-writeup
A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
https://projectzero.google/2026/01/pixel-0-click-part-1.html
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
https://m4kr0.vercel.app/posts/flutter-ssl-bypass-how-to-intercept-https-traffic-when-all-other-frida-scripts-fail/
One-click Telegram IP address leak
https://www.bleepingcomputer.com/news/security/hidden-telegram-proxy-links-can-reveal-your-ip-address-in-one-click/
Video by @0x6rss
Dalvik bytecode emulator for Android static analysis | String decryption | Multi-DEX | No Android runtime required
https://github.com/fatalSec/DaliVM
Ghost Tapped: Tracking the Rise of Chinese Tap-to-pay Android NFC Malware
https://www.group-ib.com/blog/ghost-tapped-chinese-malware/
WhatsApp Vulnerabilities Leaked Users’ Metadata Including Device’s Operating System Details
TalBeerySec/whatsapp-silent-fix-of-device-fingerprinting-privacy-issue-assessment-the-good-the-not-so-bad-9127b5215e28" rel="nofollow">https://medium.com/@TalBeerySec/whatsapp-silent-fix-of-device-fingerprinting-privacy-issue-assessment-the-good-the-not-so-bad-9127b5215e28
Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable Linux kernels v5.10.x.
https://github.com/farazsth98/chronomaly
DNGerousLINK: A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices (CVE-2025-55177, CVE-2025-43300)
https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-whatsapp-0-click-exploits-on-ios-and-samsung-devices
CVE-2025-38352 - In-the-wild Android Kernel Vulnerability Analysis + PoC
https://faith2dxy.xyz/2025-12-22/cve_2025_38352_analysis/
PoC: https://github.com/farazsth98/poc-CVE-2025-38352
Kimsuky Distributing Malicious Mobile App via QR Code
https://www.enki.co.kr/en/media-center/blog/kimsuky-distributing-malicious-mobile-app-via-qr-code
Cellik - A New Android RAT With Play Store Integration
https://iverify.io/blog/meet-cellik---a-new-android-rat-with-play-store-integration
ipsw: command-line framework for Apple firmware analysis and interact with iOS devices
https://github.com/blacktop/ipsw
Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit 42.
Patched in April 2025 (CVE-2025-21042)
https://googleprojectzero.blogspot.com/2025/12/a-look-at-android-itw-dng-exploit.html
Inside BTMOB: An Analytical Breakdown of a Leaked Android RAT Ecosystem
https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/
How Ads Infect Phones Without a Click by Intellexa
https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/
https://www.recordedfuture.com/research/intellexas-global-corporate-web
https://cloud.google.com/blog/topics/threat-intelligence/intellexa-zero-day-exploits-continue