The 2026 Security 360 Mobile report is here!

As part of this year’s research, #Jamf partnered with NowSecure to analyze 135 widely used mobile apps used in enterprises today.

The analysis, grounded in #OWASP standards, highlights how pervasive app vulnerabilities are.

See the report findings: https://loom.ly/P761XRY

@jamfsoftware #Jamf #MobileSecurity#Cybersecurity #MobileApps

Fake WhatsApp app used to deploy spyware ⚠️
~200 users targeted via sideloaded iOS app linked to SIO surveillance tools.
Mobile threat landscape is evolving fast.

https://www.technadu.com/whatsapp-spyware-alert-fake-app-targets-users-in-italy/624962/

#Cybersecurity #Spyware #MobileSecurity

Google clamps down on Android developers with mandatory verification

https://fed.brid.gy/r/https://nerds.xyz/2026/03/android-developer-verification/

Day 10 of #100VibeProjects 🔍

Built a local web tool that does static security analysis of Android APKs — upload an APK and get a report covering permissions, hardcoded secrets, SDK fingerprinting, cert pinning, and crypto posture.

The interesting part: the methodology came from reverse-engineering the WhiteHouse app teardown that went viral last week. Applied the same five-gate analysis framework to a real banking app.

Found an expired certificate pin (silently disables TLS pinning for all users), a session replay SDK with no confirmed masking rules, and four Adobe tracking SDKs doing cross-device user stitching.

The tool runs entirely locally. No data leaves your machine. APK deleted after analysis.

Stack: Python · Flask · androguard · 380 lines

📝 Blog: mrdee.in
https://mrdee.in/writing/vibecoding-day010-offline-apk-security-analyzer/

💻 GitHub Repo: https://github.com/mr-dinesh/Offline-APK-Analyzer

#VibeCoding #AppSec #AndroidSecurity #MobileSecurity #Python #Flask #DFIR #InfoSec #ReverseEngineering #CyberSecurity

Sam Bent reports the White House app v47.0.1 requests 26 Android permissions, including precise location, biometric authentication, storage changes, startup, overlay, and Wi-Fi access, and embeds 3 trackers including Huawei Mobile Services Core. The piece also says the app includes an ICE tip line link and a "Text the President" feature that prefills "Greatest President Ever!" while collecting contact details. More broadly, the article compares permissions and trackers across U.S. government apps including FEMA, myFBI Dashboard, IRS2Go, and CBP Mobile Passport Control and argues many functions could be delivered via the web instead of mobile apps.

https://www.sambent.com/the-white-house-app-has-huawei-spyware-and-an-ice-tip-line/

#InfoSec #Privacy #MobileSecurity

📶 Cyber Tip: Turn off Bluetooth when not in use.

Disabling it reduces the risk of unauthorized connections and device based attacks.

https://zurl.co/GFrTK

#Zevonix #CyberSecurity #MobileSecurity #Jacksonville

Just Announced for BSides Luxembourg 2026!

Lightning Talk ⚡ 𝗨𝗡𝗗𝗘𝗥𝗦𝗧𝗔𝗡𝗗𝗜𝗡𝗚 𝗠𝗢𝗕𝗜𝗟𝗘 𝗦𝗧𝗔𝗟𝗞𝗘𝗥𝗪𝗔𝗥𝗘 - 𝗘𝗟𝗢𝗨𝗔𝗡 𝗥𝗜𝗚𝗔𝗨𝗧

Elouan Rigaut https://linkedin.com/in/elouan-rigaut is a security researcher focused on mobile threats and surveillance technologies. His work examines stalkerware, attacker behavior, and detection challenges, with an emphasis on real-world impact and emerging research gaps.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https:// 2026.bsides.lu/tickets/
📅 Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BsidesLuxembourg #CyberSecurity #MobileSecurity #Privacy #Stalkerware #InfoSec

🔐 Cyber Tip: Enable biometric logins on mobile devices.

Fingerprint or facial recognition adds an extra layer of protection if your device is lost or stolen.

https://zurl.co/FwMj6

#Zevonix #CyberSecurity #MobileSecurity #StAugustine

For the first time ever, OWASP MAScon hits OWASP Global AppSec EU 2026 in Vienna! Join top experts for cutting-edge mobile security talks, live demos & real-world insights.

🎟 Tickets: https://owasp.glueup.com/event/owasp-global-appsec-eu-2026-vienna-austria-162243/tickets.html
📖 Details: https://owaspglobalappseceuvienna20.sched.com/overview/type/MobileAppSecCon

#OWASP #MobileSecurity #AppSec #MAScon #CyberSecurity

The DarkSword iOS exploit, targeting Safari and WebKit, has leaked publicly on GitHub. ⚠️
Apple patched affected devices with iOS 26.3, 18.7.3, 16.7.15, and 15.8.7, but unpatched devices remain at risk. 🔒

🔗 https://appleinsider.com/articles/26/03/23/you-are-out-of-time-to-update-severe-ios-hack-code-leaks-to-everyone

#TechNews #iOS #MobileSecurity #Privacy #FOSS #OpenSource #UserControl #SoftwareUpdate #CyberSecurity #Exploit #Patch #UpdateNow #iPhone #iPad #SecurityAlert #DarkSword #Hacking #Safari #WebKit #GitHub