Mobile
Security
Intelligence.
Real-time vulnerability tracking, technical analysis, and threat intelligence focused on Android, iOS, and mobile-first infrastructure.
Recent Vulnerabilities
Latest Research
CVE-2026-5438: Orthanc gzip Decompression Bomb via Unbounded Allocation
Orthanc ≤1.12.10 allocates memory based on attacker-controlled gzip metadata with no size ceiling. A crafted Content-Encoding: gzip request exhausts system memory and crashes the server.
CVE-2025-54601: Samsung Exynos Wi-Fi Driver Double Free via ioctl Race
A race condition in Samsung's Exynos Wi-Fi driver allows concurrent ioctl callers to double-free a global variable, yielding local privilege escalation on affected Exynos SoCs.
CVE-2025-32313: OOB Write in Android UsageEvents Parcel Deserialization
An incorrect bounds check in UsageEvents.java allows an out-of-bounds write during Parcel deserialization, enabling local privilege escalation with no user interaction required.
Weekly Mobile Security Digest
Every Friday — the most critical mobile vulnerabilities, threat actor activity, and security research. No noise. No marketing. Just intelligence.
No spam. Unsubscribe anytime. ~500 words per edition.