Upwardly Mobile - API & App Security News
Think the App Store’s built-in security is enough? Think again. Welcome to Upwardly Mobile, the podcast that exposes the gaps in iOS, Android, and HarmonyOS security. Hosts Skye and George take you into the high-stakes world of mobile defense, revealing why standard protections from Apple, Google, and Samsung often leave your sensitive data exposed. Sponsored by Approov—the gold standard in mobile app attestation—we move beyond the basics to tackle weaponized AI threats and dynamic API attacks. From runtime attestation to navigating complex compliance regulations, we equip developers and security pros with the actionable strategies needed to thwart attackers. Don’t leave your app vulnerable. Subscribe now on Spotify and Apple Podcasts to elevate your security game.
Episodes
March 12, 2026 • 15 mins
Epic Victory: Google Play's Walled Garden Opens Up & What It Means for Developers
Episode Summary: In this episode of Upwardly Mobile, we dive deep into the landmark antitrust settlement between Epic Games and Google that is set to fundamentally reshape the Android app ecosystem globally. After years of legal battles sparked by Epic's "Project Liberty" and the removal of Fortnite from the Play Store, a jury found Google guilty o...
Episode Summary: In this episode of Upwardly Mobile, we dive deep into the landmark antitrust settlement between Epic Games and Google that is set to fundamentally reshape the Android app ecosystem globally. After years of legal battles sparked by Epic's "Project Liberty" and the removal of Fortnite from the Play Store, a jury found Google guilty o...
Listen
Mark as Played
March 8, 2026 • 22 mins
Unpacking the Spotify Exploits: Credential Stuffing, Fake Streams, and Mobile App Security
Episode Summary: In this episode of Upwardly Mobile, we dive deep into the digital exploitation landscape of one of the world's largest audio streaming platforms. We break down the massive credential stuffing attack that compromised 350,000 Spotify users, exposing the dangers of poor password hygiene and unsecured databases. We also explore th...
Episode Summary: In this episode of Upwardly Mobile, we dive deep into the digital exploitation landscape of one of the world's largest audio streaming platforms. We break down the massive credential stuffing attack that compromised 350,000 Spotify users, exposing the dangers of poor password hygiene and unsecured databases. We also explore th...
Listen
Mark as Played
February 28, 2026 • 23 mins
Episode Summary: In this episode of Upwardly Mobile, we dive deep into a shocking new cybersecurity report revealing that millions of users' highly sensitive medical data may be at risk. We discuss the recent discovery of 1,500 vulnerabilities across 10 incredibly popular mental health apps—which have been downloaded over 14 million times. From leaked therapy transcripts and mood logs to the high black-market value of these stolen ...
Listen
Mark as Played
February 23, 2026 • 21 mins
Welcome to another episode of Upwardly Mobile! In this episode, we take a deep dive into the evolution of runtime security for mobile API access. Traditional methods like API keys are easily stolen because they are static and stored directly inside the user's app. To combat this vulnerability, we explore the groundbreaking "Triangle of Trust" architecture developed by CriticalBlue, the company behind the Approov mobile security ser...
Listen
Mark as Played
February 5, 2026 • 14 mins
The "Rootless" Revolution: Inside the Dopamine Jailbreak & The EBT Security Crisis
🎧 Episode Summary In this episode of Upwardly Mobile, we dive into two critical stories reshaping the mobile security landscape. First, we unpack the architecture of Dopamine, the modern "rootless" jailbreak that has cracked iOS 15 and iOS 16 without touching the system partition. We explore how it bypasses Apple’s Signed System Volume (SSV) and ...
🎧 Episode Summary In this episode of Upwardly Mobile, we dive into two critical stories reshaping the mobile security landscape. First, we unpack the architecture of Dopamine, the modern "rootless" jailbreak that has cracked iOS 15 and iOS 16 without touching the system partition. We explore how it bypasses Apple’s Signed System Volume (SSV) and ...
Listen
Mark as Played
January 29, 2026 • 14 mins
Beyond the Hardware: Why Key Attestation Is Just a Receipt, Not a Security Strategy
In this episode of Upwardly Mobile, we dive deep into the often-misunderstood world of mobile app security to debunk the myth that hardware-backed key attestation is a "silver bullet." Drawing from expert analysis by Approov, Oasis, and community discussions, we explore why relying solely on Apple’s App Attest or Google’s Play Integrity can leave you...
In this episode of Upwardly Mobile, we dive deep into the often-misunderstood world of mobile app security to debunk the myth that hardware-backed key attestation is a "silver bullet." Drawing from expert analysis by Approov, Oasis, and community discussions, we explore why relying solely on Apple’s App Attest or Google’s Play Integrity can leave you...
Listen
Mark as Played
January 17, 2026 • 13 mins
Episode Summary In this episode of Upwardly Mobile, we investigate a growing financial crisis affecting the nation’s most vulnerable families. The USDA now estimates that up to $12 billion is stolen annually from the Supplemental Nutrition Assistance Program (SNAP). We explore how transnational criminal rings are using sophisticated technology—from physical skimmers to brute-force cyberattacks—to drain EBT cards in seconds.
We also ...
We also ...
Listen
Mark as Played
January 13, 2026 • 10 mins
In this episode, we explore the landscape of "privacy-first" smartphones, focusing on the newly unveiled Punkt MC03. We break down whether this Swiss-designed, German-made device can finally offer a viable alternative to the data-harvesting giants of the mobile world. We discuss the trade-offs of leaving the Google ecosystem, the unique "subscription-based" operating system model, and whether the return of the removable battery sig...
Listen
Mark as Played
January 6, 2026 • 11 mins
In this episode of Upwardly Mobile, we dive deep into the evolving landscape of Android malware. We break down the emergence of Wonderland (formerly WretchedCat), a sophisticated SMS stealer targeting users in Uzbekistan through legitimate-looking "dropper" applications. We explore how threat actors, specifically the "TrickyWonders" group, are leveraging Telegram and malicious ad campaigns to bypass security checks and hijack devic...
Listen
Mark as Played
December 28, 2025 • 12 mins
2026 Mobile API and AI Security Predictions
Episode Summary: In this episode of Upwardly Mobile, we audit the accuracy of Approov’s 2025 cybersecurity forecast. Of the seven trends predicted, four proved to be "absolutely correct." We break down these key hits: the dual-use of AI by attackers and defenders, the undeniable dominance of cross-platform development, the crackdown on open-source supply chain risks, and the heavy impact o...
Episode Summary: In this episode of Upwardly Mobile, we audit the accuracy of Approov’s 2025 cybersecurity forecast. Of the seven trends predicted, four proved to be "absolutely correct." We break down these key hits: the dual-use of AI by attackers and defenders, the undeniable dominance of cross-platform development, the crackdown on open-source supply chain risks, and the heavy impact o...
Listen
Mark as Played
December 22, 2025 • 11 mins
The 3.5 Billion WhatsApp Scraping Flaw: Is Your Mobile API Leaking?
Episode Summary: In this episode, we break down a massive vulnerability discovered by researchers at the University of Vienna and SBA Research that allowed them to scrape data from roughly 3.5 billion WhatsApp accounts globally. We explore how a lack of rate limiting on the specific GetDeviceList API endpoint turned a benign contact discovery feature into a massive ...
Episode Summary: In this episode, we break down a massive vulnerability discovered by researchers at the University of Vienna and SBA Research that allowed them to scrape data from roughly 3.5 billion WhatsApp accounts globally. We explore how a lack of rate limiting on the specific GetDeviceList API endpoint turned a benign contact discovery feature into a massive ...
Listen
Mark as Played
December 15, 2025 • 8 mins
Apple's DMA Non-Compliance: An Open Letter
In this episode of *Upwardly Mobile*, we break down the seismic shift in the mobile app landscape following the European Commission’s decision to formally fine Apple €500 million for breaching the Digital Markets Act (DMA). We explore why regulators view Apple’s recent changes not as genuine adherence to the law, but as "malicious compliance"—a deliberate attempt to technically meet require...
In this episode of *Upwardly Mobile*, we break down the seismic shift in the mobile app landscape following the European Commission’s decision to formally fine Apple €500 million for breaching the Digital Markets Act (DMA). We explore why regulators view Apple’s recent changes not as genuine adherence to the law, but as "malicious compliance"—a deliberate attempt to technically meet require...
Listen
Mark as Played
December 8, 2025 • 12 mins
Chinese Hackers & the React2Shell Crisis
This week, we dive deep into the critical, maximum-severity security flaw known as React2Shell (tracked as CVE-2025-55182). This vulnerability, which impacts React, the widely-used open-source JavaScript library, allows for unauthenticated remote code execution (RCE) through specially crafted HTTP requests on affected servers. The episode explores the immediate aftermath of the disclosure...
This week, we dive deep into the critical, maximum-severity security flaw known as React2Shell (tracked as CVE-2025-55182). This vulnerability, which impacts React, the widely-used open-source JavaScript library, allows for unauthenticated remote code execution (RCE) through specially crafted HTTP requests on affected servers. The episode explores the immediate aftermath of the disclosure...
Listen
Mark as Played
December 2, 2025 • 11 mins
Sanchar Saathi: The Mandatory Cyber Safety App Triggering India's Surveillance Firestorm
In this critical episode of "Upwardly Mobile," we dive into the escalating controversy surrounding India's Sanchar Saathi app, a government-mandated digital tool that is fueling a nationwide debate over state surveillance and digital privacy. Designed as a citizen-centric safety tool to combat telecom fraud and track lost or stolen devices using...
In this critical episode of "Upwardly Mobile," we dive into the escalating controversy surrounding India's Sanchar Saathi app, a government-mandated digital tool that is fueling a nationwide debate over state surveillance and digital privacy. Designed as a citizen-centric safety tool to combat telecom fraud and track lost or stolen devices using...
Listen
Mark as Played
November 27, 2025 • 10 mins
Supply Chain Security Unpacked: Combating Dependency Confusion, Poisoned Pipelines
Episode Notes: The software supply chain, the "backbone of modern software development," is under unprecedented assault, with attacks aimed at libraries and development tools soaring by an astounding 633% year-over-year. This episode explores the evolution of supply chain threats, examining everything from software vulnerabilities and malicious mainta...
Episode Notes: The software supply chain, the "backbone of modern software development," is under unprecedented assault, with attacks aimed at libraries and development tools soaring by an astounding 633% year-over-year. This episode explores the evolution of supply chain threats, examining everything from software vulnerabilities and malicious mainta...
Listen
Mark as Played
November 24, 2025 • 10 mins
The Multi-Terabit Battlefield: How Aisura 'Turbo Mirai' Botnet Reshaped Mobile DDoS Warfare
On November 18, 2025, a massive Cloudflare service interruption took down major platforms worldwide, including X, ChatGPT, Shopify, and various critical transit services. Given the intense, ongoing cyber conflict, initial speculation immediately pointed toward a successful, hyper-volumetric Distributed Denial-of-Service (DDoS) attack. Cloudfl...
On November 18, 2025, a massive Cloudflare service interruption took down major platforms worldwide, including X, ChatGPT, Shopify, and various critical transit services. Given the intense, ongoing cyber conflict, initial speculation immediately pointed toward a successful, hyper-volumetric Distributed Denial-of-Service (DDoS) attack. Cloudfl...
Listen
Mark as Played
November 21, 2025 • 12 mins
Black Friday's Hidden Threat: Stopping AI-Powered Fraud and Mobile Commerce Exploits
The biggest shopping days of the year—Black Friday and Cyber Monday—have also become the prime hunting grounds for cybercriminals, with global financial losses from attacks predicted to hit $10 billion in 2024. In this episode, we dive deep into the rising statistics shaping financial cybersecurity during the holiday shopping season, focusing on ho...
The biggest shopping days of the year—Black Friday and Cyber Monday—have also become the prime hunting grounds for cybercriminals, with global financial losses from attacks predicted to hit $10 billion in 2024. In this episode, we dive deep into the rising statistics shaping financial cybersecurity during the holiday shopping season, focusing on ho...
Listen
Mark as Played
November 17, 2025 • 8 mins
In this pivotal episode of Upwardly Mobile, we dive into the significance of X (formerly known as Twitter) joining the Coalition for App Fairness (CAF). This move signals growing momentum in the global effort to reform the mobile app ecosystem, currently dominated by Apple and Google, whose practices are alleged to harm consumers and developers alike. We examine X's commitment to dismantling monopolistic practices and fostering a d...
Listen
Mark as Played
November 14, 2025 • 9 mins
Standing Up to Extortion: Lessons from the Checkout.com Breach and the Rise of Vishing Attacks Description
This week on Upwardly Mobile, we dive deep into the tactics of the prolific criminal group ShinyHunters and explore how global enterprises are responding to sophisticated cyber extortion attempts in 2025. We analyze two major security incidents that highlight critical vulnerabilities in legacy systems and modern OAuth ecosystem...
This week on Upwardly Mobile, we dive deep into the tactics of the prolific criminal group ShinyHunters and explore how global enterprises are responding to sophisticated cyber extortion attempts in 2025. We analyze two major security incidents that highlight critical vulnerabilities in legacy systems and modern OAuth ecosystem...
Listen
Mark as Played
November 6, 2025 • 11 mins
Remote Attestation vs. RASP: Securing Mobile APIs at the Edge (Zscaler vs. Approov/Cloudflare) On this episode of Upwardly Mobile, we dive deep into the most critical architectural debate in mobile API security today: Does security enforcement belong on the client device (RASP) or off-device at the network edge (Remote Attestation)? We break down the philosophical and technical differences between the integrated Zscaler ZSDK approa...
Listen
Mark as Played
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Saskia Inwood woke up one morning, knowing her life would never be the same. The night before, she learned the unimaginable – that the husband she knew in the light of day was a different person after dark. This season unpacks Saskia’s discovery of her husband’s secret life and her fight to bring him to justice. Along the way, we expose a crime that is just coming to light. This is also a story about the myth of the “perfect victim:” who gets believed, who gets doubted, and why. We follow Saskia as she works to reclaim her body, her voice, and her life. If you would like to reach out to the Betrayal Team, email us at betrayalpod@gmail.com. Follow us on Instagram @betrayalpod and @glasspodcasts. Please join our Substack for additional exclusive content, curated book recommendations, and community discussions. Sign up FREE by clicking this link Beyond Betrayal Substack. Join our community dedicated to truth, resilience, and healing. Your voice matters! Be a part of our Betrayal journey on Substack.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!
The official podcast of comedian Joe Rogan.