RCE on Xiaomi 13 Pro (CVE-2023-26324)
👉Exploitation:
1) Open URL in WebView
2) Inject JavaScript
3) Execute JavaScript Interface functions from vulnerable GetApps to install & launch payload
4) Get shell

👉Slides with PoC: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Ken%20Gannon%20Ilyes%20Beghdadi%20-%20Xiaomi%20The%20Money%20Our%20Toronto%20Pwn2Own%20Exploit%20and%20Behind%20The%20Scenes%20Story.pdf

Exploiting Bluetooth: From your car to the bank account
Defcon slides: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Vladyslav%20Zubkov%20Martin%20Strohmeier%20-%20Exploiting%20Bluetooth%20-%20from%20your%20car%20to%20the%20bank%20account%24%24.pdf

The ColorOS Internet Browser (com.heytap.browser) app for Android allows a remote attacker to execute arbitrary JavaScript code
PoC: https://github.com/actuator/com.heytap.browser

Sophisticated phishing method targeted mobile users via Progressive Web Apps (iOS, Android) and WebAPKs (Android) to mimic banking apps. Installing WebAPK apps doesn't warn the victim about installing a third-party application and they even appear to have been installed from the Google Play store
https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/

New Android malware - NGate - relays NFC data from victims’ payment cards, via victims’ compromised mobile phones, to attacker's device waiting at an ATM to withdraw cash
https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/

Technical Analysis of Copybara
https://threatlabz.zscaler.com/blogs/security-research/technical-analysis-copybara

How to root an Android device for analysis and vulnerability assessment
https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/

Intercepting iHealth app traffic with Caido and Frida
iHealth Nexus Pro Body Composition Scale only communicates via Bluetooth Low Energy (BLE) to a iHealth mobile app
Blog: https://brownfinesecurity.com/blog/intercepting-mobile-traffic-with-caido-and-frida/
Video: https://youtu.be/GvRi7chKMPI

Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF) could allow malicious actors to execute code remotely on servers running MobSF (CVE-2024-43399)
https://securityonline.info/cve-2024-43399-critical-zip-slip-vulnerability-discovered-in-mobile-security-framework-mobsf

Rocinante: Analysis of new Android banking trojan
https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante

Reverse Engineering Obfuscated Flutter App
https://youtu.be/0uUSwMg2suk

New Phishing Campaign Spreads EagleSpy Android Malware
https://www-d3lab-net.translate.goog/nuova-campagna-di-phishing-diffonde-malware-android-eaglespy/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en

GPUAF Using a general GPU exploit tech to attack Pixel 8
We developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploited a vulnerability in the Pixel series, achieving Kernel Code Execution.
https://www.youtube.com/watch?v=Mw6iCqjOV9Q

New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/

Attempted cyberattacks on Ukrainian military systems using mobile malware
https://cert.gov.ua/article/6280563

How to intercepting Android at runtime on non-rooted devices using frida-gadget
https://dispatchersdotplayground.hashnode.dev/intercepting-android-at-runtime-on-non-rooted-devices

[$12000] How I found 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security issues in TikTok’s system
https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3

Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos
https://labs.taszk.io/articles/post/there_will_be_bugs/

A new TrickMo saga: from Banking Trojan to Victim's Data Leak
https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak

Exploiting JavaScript Interface for Unauthorized Access in a Kucoin cryptocurrency exchange Android app
https://hulkvision.github.io/blog/javascript-interface/exploiting-javascript-interface/

Android banking trojan - Ajina - attacks Central Asia: Story of an Uzbek Android Pandemic
https://www.group-ib.com/blog/ajina-malware