Security, surveillance, and defensive updates

2026-01-07 Android Malware

Ghost Tapped

Tracking the Rise of Chinese Tap-to-pay Android Malware

Read →

2026-01-07 Predator

Predator iOS Malware:

Building a Surveillance Framework - Part 1

Read →

2026-01-07 WhatsApp

WhatsApp Silent Fix of Device Fingerprinting Privacy Issue Assessment

The Good, The (Not So) Bad, and The (Somewhat) Ugly

Read →

2026-01-07 WhatsApp 0-Click

DNGerousLINK

A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices

Read →

2026-01-07 SMS Android

Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan

Group-IB analyzes the evolution of Android malware in Uzbekistan, revealing advanced droppers, encrypted payload delivery, anti-analysis techniques, and Wonderland’s bidirectional SMS-stealing capabilities driving large-scale financial fraud.

Read →

2026-01-07 Android PoC

CVE-2025-38352 (Part 1)

In-the-wild Android Kernel Vulnerability Analysis + PoC

Read →

2025-12-22 Zero-click Android

Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit

Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit 42. Patched in April 2025 (CVE-2025-21042)

Read →

2025-12-22 iMessage Zero-Click RCE

CVE-2025-31200 & CVE-2025-31201 | iMessage Zero‑Click RCE Chain

CVE-2025-31200 & CVE-2025-31201 | iMessage Zero‑Click RCE Chain Summary This repository documents research into a zero‑click remote exploit chain affecting iOS 18.x. A malformed MP4 audio file delivered via iMessage triggers:

Read →

2025-12-22 Android

CVE-2025-38352 - In-the-wild Android Kernel Vulnerability Analysis + PoC

CVE-2025-38352 was a race condition use-after-free vulnerability in the Linux kernel's POSIX CPU timers implementation that was reported to have been under limited, targeted exploitation in the wild: September 2025 Android Bulletin An analysis of this vulnerability was already posted by @streypaws. Their blog post does a good job explaining how POSIX CPU timers work, and the

Read →

2025-12-14 NFC Malware

RelayNFC: The New NFC Relay Malware Targeting Brazil

RelayNFC: The New NFC Relay Malware Targeting Brazil

Read →

2025-12-14

Plug, Play, Pwn: Hacking with Evil Crow Cable Wind

Plug, Play, Pwn: Hacking with Evil Crow Cable Wind

Read →

2025-12-14 Android Security

Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit

Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit 42. Patched in April 2025 (CVE-2025-21042

Read →

2025-12-13 Mobile Forensics Extracting Data

Mobile Forensics: Extracting Data from WhatsApp

Mobile Forensics: Extracting Data from WhatsApp

Read →

2025-12-13 Predator Intellexa

To Catch a Predator: Leak exposes the internal operations of Intellexa’s mercenary spyware

To Catch a Predator: Leak exposes the internal operations of Intellexa’s mercenary spyware

Read →

2025-12-13

DroidLock Hijacks Your Device

Total Takeover: DroidLock Hijacks Your Device

Read →