Malware

• A new infostealer named ‘Arkanix Stealer’ operated as a malware-as-a-service (MaaS) enterprise in a one-shot campaign, Kaspersky says.Implemented in both C++ and Python, the malw

• The Australian Signals Directorate launched Azul, a free malware analysis tool. • Azul is designed for reverse engineers and incident responders. • The platform runs on Kubernete

• Threat Intelligence Cyberattacks & Data Breaches Endpoint Security Remote Workforce News Breaking cybersecurity news, news analysis, commentary, and other content from around the

• $20 million lost in ‘jackpotting’ ATM malware attacks in 2025, FBI reports - scheme forces machines to spit out cash, targets banks and ATM operators This malware essentially tak

• The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM ‘jackpotting’ attacks, in which criminals use malware to force cash machines to dis

• PromptSpy is the first known Android malware to use generative AI at runtime February 19, 2026 05:36 PM 0 Researchers have discovered the first known Android malware to use gener

• PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Cybersecurity researchers have discovered what they say is the first Android malware that abuses Ge

• Algorithms at war: 5 ways to protect your data from AI-powered malware in 2026 A survival manual for navigating the new arms race between intelligent hackers and defenses. • AI-p

• Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users Cybersecurity researchers have disclosed details of a new Android trojan calledMassivthat’s designed t

• New ‘Massiv’ Android banking malware poses as an IPTV app February 19, 2026 05:00 AM 0 A new Android banking malware, which researchers named Massiv, is posing as an IPTV app to

• AI platforms can be abused for stealthy malware communication February 18, 2026 03:18 PM 0 AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabi

• There are reports of malware being spread through online 3D model sites. • Aren’t 3D models mostly STL and 3MF files? • They can’t really carry malware payloads? • How could this

• Researchers at Kaspersky have analyzed a recently discovered Android malware that enables its operators to remotely control compromised devices.DubbedKeenadu, the backdoor has be

• Tracking Malware Campaigns With Reused Material A few days ago I wrote a diary called ‘Malicious Script Delivering More Maliciousness’[1]. • In the malware infection chain, there

• Notepad++ released 8.9.2 patch to fix hijacked update mechanism exploited by Chinese threat actor. • Introduces ‘double lock’ design, verifying signed installer and XML from upda

• Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge.

• RMM tools are increasingly used as primary attack vectors, replacing traditional malware. • Attackers leverage RMM’s remote access to maintain stealth and persistence. • RMM’s bu

• AI assistants like Copilot and Grok can be hijacked as stealthy C2 proxies, blending into legitimate traffic. • Check Point researchers demonstrated the technique using anonymous

• Keenadu: sophisticated Android malware embedded in firmware across multiple device brands. • Distributes via OTA firmware, system apps, unofficial sources, and Google Play apps.

• SmartLoader uses a trojanized Oura MCP server to deliver the StealC infostealer. • Threat actors cloned legitimate Oura MCP, creating fake forks to build credibility. • StealC st

• Infostealer variant of Vidar exfiltrated OpenClaw AI agent config files. • Stolen files include openclaw.json, device.json, soul.md with tokens, keys, operational principles. • T

• GS7 group exploits Fortune 500 brand trust, creating near‑perfect corporate portal replicas. • Targeted U.S. financial institutions, luring employees into credential theft. • Att

• Infostealer malware found stealing OpenClaw secrets for first time February 16, 2026 12:32 PM 0 With the massive adoption of the OpenClaw agentic AI assistant, information-steali

• ClickFix uses fake CAPTCHAs and bogus updates to trick users into executing malicious commands. • Traditional mshta and PowerShell vectors are blocked, so attackers shifted to ns

• Credential‑stealing Chrome extensions discovered; Malwarebytes Labs offers detection and removal guide. • Fake online shops target Winter Olympics 2026 fans, phishing for payment

• 2026 64-Bits Malware Trend In 2022 (time flies!), I wrote a diary about the 32-bits VS. • 64-bits malware landscape[1]. • It demonstrated that, despite the growing number of 64-b

• CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups February 15, 2026 11:30 AM 0 CTM360 reports that more than 4,000 malicious Google Groups and 3,500

• Fake job recruiters hide malware in developer coding challenges February 13, 2026 05:35 PM 0 A new variation of the fake recruiter campaign from North Korean threat actors is tar

• Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organiz

• UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors A previously unknown threat actor tracked asUAT-9921has been observed leveraging a new modular framew

• Cybercriminals use AI website builders like Vercel to clone trusted brands in minutes. • Cheap, fast domain registration lets attackers register plausible brand‑lookalike names w

• WSL lets users run a full Linux environment inside Windows, eliminating need for VMs or dual boot. • WSL2’s lightweight virtualized kernel boosts compatibility and performance fo

• Kimwolf botnet, 2M infected devices, compromised Badbox 2.0 control panel screenshot. • Badbox 2.0: China-based botnet on Android TV streaming boxes, over ten million devices, us

• KONNI leverages AI to auto-generate PowerShell backdoor scripts, streamlining malware development. • AI models produce obfuscated code, enhancing stealth against signature-based

• Kimwolf botnet has infected over 2 million IoT devices, enabling massive DDoS attacks. • It scans local networks of compromised systems to spread to additional vulnerable devices

• JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page.

• 11 December 2025 Enhancing Android security: Stop malware from snooping on your app data Security is foundational to Android. • We partner with you to keep the platform safe and

• Malware increasingly hides in legitimate app store listings, exploiting user trust for widespread infection. • Supply‑chain attacks target third‑party libraries, enabling attacke

• AI accelerates threat detection, enabling faster identification of malicious activity. • Adversarial AI allows attackers to craft evasive malware that bypasses traditional defens