A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby

🚀 eCapture v1.5.0 Released! Capture SSL/TLS plaintext without CA keys using eBPF. ⚙️ Remote Config API: Hot-reload rules via HTTP without restarting. 📡 Event Forwarding: Stream data to tools like Burp Suite via WebSocket/Protobuf. 📱 Android 16 Support https://t.co/ZHqD4u1P8u

Sharing moments shouldn’t depend on the phone you have. Starting today with the Pixel 10 family, Quick Share now works with AirDrop, making secure file transfers between Android phones and iPhones more seamless. This builds on our commitment to cross-OS compatibility to bridge

1/6 Keeping users safe on Android is our top priority. Today, we’re sharing an update on our new developer verification requirements – why they are critical to fighting modern scams, and how we’re adjusting our approach based on community feedback. 👇

Frida 17.4 introduces Simmy, a new backend for Apple’s Simulators on macOS. Spawn, attach, and instrument apps — just like on a real device.

Yay, I was awarded a $10,000 bounty on @Hacker0x01 ! Reported a critical RCE on adobe coldfusion (CVE-2024-41874) 🥳📷 together with @MrHritik @a0xnirudh you can read the advisory @ https://t.co/t1MWhtQ65w #togetherwehitharder #BugBounty

[1/4] If you have an Android app that you really want to reverse, but all constants are obfuscated, this advice may save tons of time

A while ago I was able to talk with @_bagipro about Android app bug hunting - specifically about his experience with the Google VRP program. He also shows us the coolest Android app vulnerability I have ever seen! https://t.co/9K1dxNu4xo

🌪️Now on stage @typhooncon 2023 "Be cautious! Your conversations might be secretly recorded" by @RahulKankrale

🌪️ "Be cautious! Your conversations might be secretly recorded" will be presented by @RahulKankrale at #TyphoonCon23! Learn more and get your tickets: https://t.co/yb3hKu6J1E

"Be cautious! Your conversations might be secretly being recorded" will be presented by @RahulKankrale at #TyphoonCon23!

Happy to announce the release of my JADX dynamic scripting plugin, JADXecute. Now you write and share scripts to automate your Android APK analysis! #ReverseEngineering https://t.co/J3cNWZ1lBT

Access Twitter blue features using deeplink without a subscription. https://t.co/MRhZxA5s1d #TwitterBlue #mobilesecurity

📢 Attention Bangalore and nearby bug bounty-hunting community! 🇮🇳 Come join us for the HackerOne Ambassador World Cup 2023 competition starting Mid March and showcase your skills! 🏆 Do reach out if you're interested and be a part of this exciting event! 🤩 #bugbounty #hackerone

Featuring articles by @samwcyo, @sid0krypt, @LogicalHunter, @Anugrah SR, @RahulKankrale, @harshbothra_, @ADITYASHENDE17, @yaseenzubair Trending threads by @0xManan, @thecybertix, @maikroservice, @hacker_ ,@CristiVlad25, @DhiyaneshDK

This vuln could have able to disabled all receiving messages of #instagram user. https://t.co/kAHwxy8seg #bugbounty #vulnerability #facebook #android #mobilesecurity

I found a vulnerability that allowed me to unlock any @Google Pixel phone without knowing the passcode. This may be my most impactful bug so far. Google fixed the issue in the November 5, 2022 security patch. Update your devices! https://t.co/LUwSvEMF3w

CVE-2022-22292 Start Arbitrary Activity App Components as the System User by Ryan Johnson https://t.co/rZgGZw3rl2 #BlackHat #android #samsung #vulnerability #bugbounty #mobilesecurity

👨‍💼CXO Speaker Alert! 🙌 We are proud to Welcome Himanshu Das @mehimansu CISO at @CRED_club as our CXO Speaker 👉Stay tuned for the title➡️ https://t.co/YkPWPO7Chc #NullconGoa2022 #infosec #Cybersecurity #CISO

I am excited to share that my team members from @CRED_club security is presenting our in-house security frameworks this year at @BlackHatEvents USA 2022. Do not miss these presentations if you are around.