OstorlabOne Scheme to Rule Them All: OAuth Account TakeoverThis article delves into the exploitation of OAuth account takeover using app impersonation through custom scheme hijacking, an overlooked…Dec 12, 2023Dec 12, 2023
OstorlabZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and FlutterRecent in-depth investigations reveal serious vulnerabilities discovered in widely-used zip packages in Flutter and Swift, posing serious…Dec 12, 2023Dec 12, 2023
OstorlabThis article is a technical deep dive, showing how a 100M+ installation image application can…In 2021, we reported a set of vulnerabilities to the Google AppStore team, which affected a popular Camera application called zCamera.Jun 29, 2023Jun 29, 2023
OstorlabSecure Mobile Biometric Authentication: Best Practices and Implementation Guidelines for Kotlin…IntroductionJun 20, 20231Jun 20, 20231
OstorlabFlutter Reverse Engineering and Security AnalysisFlutter, developed by Google, is a widely-used cross-platform framework for mobile development that supports web and desktop application.Jun 16, 20231Jun 16, 20231