APKShield-PT: Auto Root Detection & SSL Pinning Bypass with Frida Script Generation
https://github.com/Whitehat987/apkshield-pt
https://github.com/Whitehat987/apkshield-pt
GitHub
GitHub - Whitehat987/apkshield-pt: Android Penetration Testing Tool โ Auto Root Detection & SSL Pinning Bypass with Frida Scriptโฆ
Android Penetration Testing Tool โ Auto Root Detection & SSL Pinning Bypass with Frida Script Generation - Whitehat987/apkshield-pt
๐ฅ9๐2๐ฉ2๐คฃ1๐1๐พ1
An Android VPN apps can be bypassed and leak IP
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
lowlevel.fun
The Tiny UDP Cannon: An Android VPN Bypass
An unprivileged Android app can leak the user's real IP past Always-On VPN + lockdown by handing system_server a UDP payload to fire on its behalf.
๐10๐6๐ค3๐คฌ1๐1
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
Cleafy
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers | Cleafy
Cleafy's TIR team identified and analyzed two previously undocumented Android NFC relay malware families, DevilNFC and NFCMultiPay, actively targeting European and LATAM banking customers.
๐10โค2
Reverse engineering Android malware with Claude Code
https://zanestjohn.com/blog/reing-with-claude-code
https://zanestjohn.com/blog/reing-with-claude-code
Zanestjohn
Reverse engineering Android malware with Claude Code - Zane St. John
I pointed an autonomous coding agent at a $35 projector. It found a big RAT.
โค17๐4๐พ3
Trapdoor Funnels Malvertising into Ad Fraud
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
๐7โค1
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
Zimperium
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
true
๐4๐2๐ฅ1
The Flipper One: Hacking Gadget is Becoming a Pocket Linux PC [video]
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
๐10
Comparing 3D printed Flipper One model to Zero
https://www.youtube.com/shorts/qHS_kmxJKow
https://www.youtube.com/shorts/qHS_kmxJKow
YouTube
Flipper One is Becoming a Pocket Linux PC
Flipper OneBigger. More powerful. Way more capable.Flipper One is...
๐ฅ8๐3โก1
OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight
https://cyble.com/blog/overlayphantom-android-banking-trojan/
https://cyble.com/blog/overlayphantom-android-banking-trojan/
Cyble
OverlayPhantom-android-banking-trojan-hiding In Plain Sight
Cyble analyzes OverlayPhantom, an Android banking trojan targeting 180+ apps across 10 countries, stealing credentials via fake overlays and real-time screen streaming.
โค8๐4
BTMOB: A stealthy RAT burrowing deep into Android devices
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
Welivesecurity
BTMOB: A stealthy RAT burrowing deep into Android devices
The BTMOB malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise.
โค10๐2
IRIS (Intent Runtime Inspection System) - tool for observing Android Intent activity from a rooted device
https://github.com/Ch0pin/iris
https://github.com/Ch0pin/iris
GitHub
GitHub - Ch0pin/iris: Intent Runtime Inspection System
Intent Runtime Inspection System. Contribute to Ch0pin/iris development by creating an account on GitHub.
โค10๐4๐1
Technical overview of how commercial forensic tools compromise mobile devices
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
osservatorionessuno.org
Osservatorio Nessuno
Demystifying phone unlocking tools: A technical overview
๐9๐2
Bypassing SSL Pinning in Flutter-Based iOS Applications
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
Medium
Bypassing SSL Pinning in Flutter-Based iOS Applications
Hello folks,
โค12๐5๐5
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
Medium
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
During Flutter mobile application assessments, reFlutter is often the fastest option for bypassing TLS/SSL verification and redirectingโฆ
๐7โค2๐1
Bypassing SSL Pinning on Play Store Android Device Emulators without Frida
https://www.mfumis.com/posts/bypassing-ssl-pinning-on-play-store-avds-without-frida/
https://www.mfumis.com/posts/bypassing-ssl-pinning-on-play-store-avds-without-frida/
Mateo Fumis (hackermater)
Bypassing SSL Pinning on Play Store AVDs without Frida
๐ฒ ๐ Bypassing SSL Pinning on Play Store Android Device Emulators without Frida
โก4โค2๐ฅ1
A $300 Creative speaker can be hacked over Bluetooth (no pairing) to install malicious firmware and silently turn into a BadUSB keyboard that can takes over USB connected PC.
Creative donโt consider it a vulnerability - it is not patched!
https://blog.nns.ee/2026/06/03/katana-badusb/
Creative donโt consider it a vulnerability - it is not patched!
https://blog.nns.ee/2026/06/03/katana-badusb/
blog.nns.ee
Pwnd Blaster: Hacking your PC using your speaker without ever touching it | nns.ee
Abusing an unauthenticated Bluetooth protocol to turn a PC speaker into a Rubber Ducky.
โก7๐ฅ1
Android.MagicAd displays background ads without SYSTEM_ALERT_WINDOW.
Bypasses restrictions via system media controls abuse, vendor-specific intents, and Binder IPC abuse on Xiaomi/Vivo/Amazon devices. Distributed in 50+ apps via GetApps/Galaxy Store
https://news.drweb.com/show/?i=15262&c=5&lng=en
Bypasses restrictions via system media controls abuse, vendor-specific intents, and Binder IPC abuse on Xiaomi/Vivo/Amazon devices. Distributed in 50+ apps via GetApps/Galaxy Store
https://news.drweb.com/show/?i=15262&c=5&lng=en
๐ฅ8โก4
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html
https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html
โค6โก1๐คฎ1
NFCShare evolves: from a banking phishing APK to a GitHub-hosted Android NFC fraud campaign
https://www.d3lab.net/nfcshare-evolves-from-a-banking-phishing-apk-to-a-github-hosted-android-nfc-fraud-campaign/
https://www.d3lab.net/nfcshare-evolves-from-a-banking-phishing-apk-to-a-github-hosted-android-nfc-fraud-campaign/
D3Lab
NFCShare evolves: from a banking phishing APK to a GitHub-hosted Android NFC fraud campaign
A new NFCShare Android malware campaign distributed through an Intesa Sanpaolo-themed phishing flow, short URLs, and GitHub-hosted APKs. The recent samples keep the same NFC card-theft logic but introduce stronger anti-analysis packaging, brand rotation,โฆ
๐5
Tested the raw socket layer of a pre-production POS system. Found 4 critical/high vulnerabilities โ including a replay attack, cross-merchant IDOR, ghost transactions, and card identity bypass
https://m4kr0.vercel.app/posts/iso-8583-under-fire-finding-vulnerabilities-in-a-payment-socket
https://m4kr0.vercel.app/posts/iso-8583-under-fire-finding-vulnerabilities-in-a-payment-socket
M4KR0 Blog
ISO 8583 Under Fire: Finding Vulnerabilities in a Payment Socket - M4KR0 Blog
A hands-on walkthrough of security testing an ISO 8583 payment socket โ from reversing the app and enabling hidden debug mode, to finding four critical vulnerabilities in the processor layer
๐ฅ5โก3