https://cluster-site.onrender.com/tags/malware/ Recent content in Malware on Tenu Tech Brief Hugo -- 0.146.0 en-us Wed, 25 Feb 2026 07:59:10 +0000 https://cluster-site.onrender.com/posts/arkanix-stealer-malware-disappears-shortly-after-debut/ Tue, 24 Feb 2026 15:20:06 +0000 https://cluster-site.onrender.com/posts/arkanix-stealer-malware-disappears-shortly-after-debut/ • A new infostealer named ‘Arkanix Stealer’ operated as a malware-as-a-service (MaaS) enterprise in a one-shot campaign, Kaspersky says.Implemented in both C++ and Python, the malw https://cluster-site.onrender.com/posts/australia-releases-azul-open-source-malware-analysis-platform/ Tue, 24 Feb 2026 13:41:46 +0000 https://cluster-site.onrender.com/posts/australia-releases-azul-open-source-malware-analysis-platform/ • The Australian Signals Directorate launched Azul, a free malware analysis tool. • Azul is designed for reverse engineers and incident responders. • The platform runs on Kubernete https://cluster-site.onrender.com/posts/irans-muddywater-targets-orgs-with-fresh-malware-as-tensions-mount/ Mon, 23 Feb 2026 20:35:12 +0000 https://cluster-site.onrender.com/posts/irans-muddywater-targets-orgs-with-fresh-malware-as-tensions-mount/ • Threat Intelligence Cyberattacks & Data Breaches Endpoint Security Remote Workforce News Breaking cybersecurity news, news analysis, commentary, and other content from around the https://cluster-site.onrender.com/posts/20-million-lost-in-jackpotting-atm-malware-attacks-in-2025-fbi-reports-scheme-forces-machines-to-spit-out-cash-targets-banks-and-atm-operators/ Fri, 20 Feb 2026 12:50:16 +0000 https://cluster-site.onrender.com/posts/20-million-lost-in-jackpotting-atm-malware-attacks-in-2025-fbi-reports-scheme-forces-machines-to-spit-out-cash-targets-banks-and-atm-operators/ • $20 million lost in ‘jackpotting’ ATM malware attacks in 2025, FBI reports - scheme forces machines to spit out cash, targets banks and ATM operators This malware essentially tak https://cluster-site.onrender.com/posts/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/ Fri, 20 Feb 2026 10:08:49 +0000 https://cluster-site.onrender.com/posts/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/ • The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM ‘jackpotting’ attacks, in which criminals use malware to force cash machines to dis https://cluster-site.onrender.com/posts/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/ Thu, 19 Feb 2026 22:36:25 +0000 https://cluster-site.onrender.com/posts/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/ • PromptSpy is the first known Android malware to use generative AI at runtime February 19, 2026 05:36 PM 0 Researchers have discovered the first known Android malware to use gener https://cluster-site.onrender.com/posts/promptspy-android-malware-abuses-gemini-ai-to-automate-recent-apps-persistence/ Thu, 19 Feb 2026 17:52:00 +0000 https://cluster-site.onrender.com/posts/promptspy-android-malware-abuses-gemini-ai-to-automate-recent-apps-persistence/ • PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Cybersecurity researchers have discovered what they say is the first Android malware that abuses Ge https://cluster-site.onrender.com/posts/algorithms-at-war-5-ways-to-protect-your-data-from-ai-powered-malware-in-2026/ Thu, 19 Feb 2026 12:15:23 +0000 https://cluster-site.onrender.com/posts/algorithms-at-war-5-ways-to-protect-your-data-from-ai-powered-malware-in-2026/ • Algorithms at war: 5 ways to protect your data from AI-powered malware in 2026 A survival manual for navigating the new arms race between intelligent hackers and defenses. • AI-p https://cluster-site.onrender.com/posts/fake-iptv-apps-spread-massiv-android-malware-targeting-mobile-banking-users/ Thu, 19 Feb 2026 10:24:00 +0000 https://cluster-site.onrender.com/posts/fake-iptv-apps-spread-massiv-android-malware-targeting-mobile-banking-users/ • Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users Cybersecurity researchers have disclosed details of a new Android trojan calledMassivthat’s designed t https://cluster-site.onrender.com/posts/new-massiv-android-banking-malware-poses-as-an-iptv-app/ Thu, 19 Feb 2026 10:00:00 +0000 https://cluster-site.onrender.com/posts/new-massiv-android-banking-malware-poses-as-an-iptv-app/ • New ‘Massiv’ Android banking malware poses as an IPTV app February 19, 2026 05:00 AM 0 A new Android banking malware, which researchers named Massiv, is posing as an IPTV app to https://cluster-site.onrender.com/posts/ai-platforms-can-be-abused-for-stealthy-malware-communication/ Wed, 18 Feb 2026 20:18:24 +0000 https://cluster-site.onrender.com/posts/ai-platforms-can-be-abused-for-stealthy-malware-communication/ • AI platforms can be abused for stealthy malware communication February 18, 2026 03:18 PM 0 AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabi https://cluster-site.onrender.com/posts/malware-campaigns-targets-3d-model-sites-via-blender/ Wed, 18 Feb 2026 16:11:00 +0000 https://cluster-site.onrender.com/posts/malware-campaigns-targets-3d-model-sites-via-blender/ • There are reports of malware being spread through online 3D model sites. • Aren’t 3D models mostly STL and 3MF files? • They can’t really carry malware payloads? • How could this https://cluster-site.onrender.com/posts/new-keenadu-android-malware-found-on-thousands-of-devices/ Wed, 18 Feb 2026 15:41:25 +0000 https://cluster-site.onrender.com/posts/new-keenadu-android-malware-found-on-thousands-of-devices/ • Researchers at Kaspersky have analyzed a recently discovered Android malware that enables its operators to remotely control compromised devices.DubbedKeenadu, the backdoor has be https://cluster-site.onrender.com/posts/tracking-malware-campaigns-with-reused-material-wed-feb-18th/ Wed, 18 Feb 2026 08:19:42 +0000 https://cluster-site.onrender.com/posts/tracking-malware-campaigns-with-reused-material-wed-feb-18th/ • Tracking Malware Campaigns With Reused Material A few days ago I wrote a diary called ‘Malicious Script Delivering More Maliciousness’[1]. • In the malware infection chain, there https://cluster-site.onrender.com/posts/notepad-fixes-hijacked-update-mechanism-used-to-deliver-targeted-malware/ Wed, 18 Feb 2026 07:40:00 +0000 https://cluster-site.onrender.com/posts/notepad-fixes-hijacked-update-mechanism-used-to-deliver-targeted-malware/ • Notepad++ released 8.9.2 patch to fix hijacked update mechanism exploited by Chinese threat actor. • Introduces ‘double lock’ design, verifying signed installer and XML from upda https://cluster-site.onrender.com/posts/supply-chain-attack-embeds-malware-in-android-devices/ Tue, 17 Feb 2026 22:06:36 +0000 https://cluster-site.onrender.com/posts/supply-chain-attack-embeds-malware-in-android-devices/ • Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. https://cluster-site.onrender.com/posts/rmm-abuse-explodes-as-hackers-ditch-malware/ Tue, 17 Feb 2026 21:01:26 +0000 https://cluster-site.onrender.com/posts/rmm-abuse-explodes-as-hackers-ditch-malware/ • RMM tools are increasingly used as primary attack vectors, replacing traditional malware. • Attackers leverage RMM’s remote access to maintain stealth and persistence. • RMM’s bu https://cluster-site.onrender.com/posts/researchers-show-copilot-and-grok-can-be-abused-as-malware-c2-proxies/ Tue, 17 Feb 2026 18:08:00 +0000 https://cluster-site.onrender.com/posts/researchers-show-copilot-and-grok-can-be-abused-as-malware-c2-proxies/ • AI assistants like Copilot and Grok can be hijacked as stealthy C2 proxies, blending into legitimate traffic. • Check Point researchers demonstrated the technique using anonymous https://cluster-site.onrender.com/posts/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/ Tue, 17 Feb 2026 14:05:25 +0000 https://cluster-site.onrender.com/posts/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/ • Keenadu: sophisticated Android malware embedded in firmware across multiple device brands. • Distributes via OTA firmware, system apps, unofficial sources, and Google Play apps. https://cluster-site.onrender.com/posts/smartloader-attack-uses-trojanized-oura-mcp-server-to-deploy-stealc-infostealer/ Tue, 17 Feb 2026 12:42:00 +0000 https://cluster-site.onrender.com/posts/smartloader-attack-uses-trojanized-oura-mcp-server-to-deploy-stealc-infostealer/ • SmartLoader uses a trojanized Oura MCP server to deliver the StealC infostealer. • Threat actors cloned legitimate Oura MCP, creating fake forks to build credibility. • StealC st https://cluster-site.onrender.com/posts/infostealer-steals-openclaw-ai-agent-configuration-files-and-gateway-tokens/ Mon, 16 Feb 2026 18:43:00 +0000 https://cluster-site.onrender.com/posts/infostealer-steals-openclaw-ai-agent-configuration-files-and-gateway-tokens/ • Infostealer variant of Vidar exfiltrated OpenClaw AI agent config files. • Stolen files include openclaw.json, device.json, soul.md with tokens, keys, operational principles. • T https://cluster-site.onrender.com/posts/operation-doppelbrand-weaponizing-fortune-500-brands/ Mon, 16 Feb 2026 18:05:55 +0000 https://cluster-site.onrender.com/posts/operation-doppelbrand-weaponizing-fortune-500-brands/ • GS7 group exploits Fortune 500 brand trust, creating near‑perfect corporate portal replicas. • Targeted U.S. financial institutions, luring employees into credential theft. • Att https://cluster-site.onrender.com/posts/infostealer-malware-found-stealing-openclaw-secrets-for-first-time/ Mon, 16 Feb 2026 17:32:26 +0000 https://cluster-site.onrender.com/posts/infostealer-malware-found-stealing-openclaw-secrets-for-first-time/ • Infostealer malware found stealing OpenClaw secrets for first time February 16, 2026 12:32 PM 0 With the massive adoption of the OpenClaw agentic AI assistant, information-steali https://cluster-site.onrender.com/posts/clickfix-added-nslookup-commands-to-its-arsenal-for-downloading-rats/ Mon, 16 Feb 2026 13:09:37 +0000 https://cluster-site.onrender.com/posts/clickfix-added-nslookup-commands-to-its-arsenal-for-downloading-rats/ • ClickFix uses fake CAPTCHAs and bogus updates to trick users into executing malicious commands. • Traditional mshta and PowerShell vectors are blocked, so attackers shifted to ns https://cluster-site.onrender.com/posts/a-week-in-security-february-9-%238211-february-15/ Mon, 16 Feb 2026 08:02:00 +0000 https://cluster-site.onrender.com/posts/a-week-in-security-february-9-%238211-february-15/ • Credential‑stealing Chrome extensions discovered; Malwarebytes Labs offers detection and removal guide. • Fake online shops target Winter Olympics 2026 fans, phishing for payment https://cluster-site.onrender.com/posts/2026-64-bits-malware-trend-mon-feb-16th/ Mon, 16 Feb 2026 07:46:36 +0000 https://cluster-site.onrender.com/posts/2026-64-bits-malware-trend-mon-feb-16th/ • 2026 64-Bits Malware Trend In 2022 (time flies!), I wrote a diary about the 32-bits VS. • 64-bits malware landscape[1]. • It demonstrated that, despite the growing number of 64-b https://cluster-site.onrender.com/posts/ctm360-lumma-stealer-and-ninja-browser-malware-campaign-abusing-google-groups/ Sun, 15 Feb 2026 16:30:41 +0000 https://cluster-site.onrender.com/posts/ctm360-lumma-stealer-and-ninja-browser-malware-campaign-abusing-google-groups/ • CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups February 15, 2026 11:30 AM 0 CTM360 reports that more than 4,000 malicious Google Groups and 3,500 https://cluster-site.onrender.com/posts/fake-job-recruiters-hide-malware-in-developer-coding-challenges/ Fri, 13 Feb 2026 22:35:37 +0000 https://cluster-site.onrender.com/posts/fake-job-recruiters-hide-malware-in-developer-coding-challenges/ • Fake job recruiters hide malware in developer coding challenges February 13, 2026 05:35 PM 0 A new variation of the fake recruiter campaign from North Korean threat actors is tar https://cluster-site.onrender.com/posts/google-ties-suspected-russian-actor-to-canfail-malware-attacks-on-ukrainian-orgs/ Fri, 13 Feb 2026 17:27:00 +0000 https://cluster-site.onrender.com/posts/google-ties-suspected-russian-actor-to-canfail-malware-attacks-on-ukrainian-orgs/ • Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organiz https://cluster-site.onrender.com/posts/uat-9921-deploys-voidlink-malware-to-target-technology-and-financial-sectors/ Fri, 13 Feb 2026 15:23:00 +0000 https://cluster-site.onrender.com/posts/uat-9921-deploys-voidlink-malware-to-target-technology-and-financial-sectors/ • UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors A previously unknown threat actor tracked asUAT-9921has been observed leveraging a new modular framew https://cluster-site.onrender.com/posts/criminals-are-using-ai-website-builders-to-clone-major-brands/ Thu, 12 Feb 2026 08:03:00 +0000 https://cluster-site.onrender.com/posts/criminals-are-using-ai-website-builders-to-clone-major-brands/ • Cybercriminals use AI website builders like Vercel to clone trusted brands in minutes. • Cheap, fast domain registration lets attackers register plausible brand‑lookalike names w https://cluster-site.onrender.com/posts/wsl-in-the-malware-ecosystem-wed-feb-11th/ Wed, 11 Feb 2026 13:28:29 +0000 https://cluster-site.onrender.com/posts/wsl-in-the-malware-ecosystem-wed-feb-11th/ • WSL lets users run a full Linux environment inside Windows, eliminating need for VMs or dual boot. • WSL2’s lightweight virtualized kernel boosts compatibility and performance fo https://cluster-site.onrender.com/posts/who-operates-the-badbox-2.0-botnet/ Mon, 26 Jan 2026 16:11:38 +0000 https://cluster-site.onrender.com/posts/who-operates-the-badbox-2.0-botnet/ • Kimwolf botnet, 2M infected devices, compromised Badbox 2.0 control panel screenshot. • Badbox 2.0: China-based botnet on Android TV streaming boxes, over ten million devices, us https://cluster-site.onrender.com/posts/konni-adopts-ai-to-generate-powershell-backdoors/ Thu, 22 Jan 2026 13:54:08 +0000 https://cluster-site.onrender.com/posts/konni-adopts-ai-to-generate-powershell-backdoors/ • KONNI leverages AI to auto-generate PowerShell backdoor scripts, streamlining malware development. • AI models produce obfuscated code, enhancing stealth against signature-based https://cluster-site.onrender.com/posts/kimwolf-botnet-lurking-in-corporate-govt.-networks/ Tue, 20 Jan 2026 18:19:13 +0000 https://cluster-site.onrender.com/posts/kimwolf-botnet-lurking-in-corporate-govt.-networks/ • Kimwolf botnet has infected over 2 million IoT devices, enabling massive DDoS attacks. • It scans local networks of compromised systems to spread to additional vulnerable devices https://cluster-site.onrender.com/posts/unveiling-voidlink-a-stealthy-cloud-native-linux-malware-framework/ Tue, 13 Jan 2026 06:31:51 +0000 https://cluster-site.onrender.com/posts/unveiling-voidlink-a-stealthy-cloud-native-linux-malware-framework/ • JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page. https://cluster-site.onrender.com/posts/enhancing-android-security-stop-malware-from-snooping-on-your-app-data/ Thu, 11 Dec 2025 17:00:00 +0000 https://cluster-site.onrender.com/posts/enhancing-android-security-stop-malware-from-snooping-on-your-app-data/ • 11 December 2025 Enhancing Android security: Stop malware from snooping on your app data Security is foundational to Android. • We partner with you to keep the platform safe and https://cluster-site.onrender.com/posts/threat-report-on-application-stores/ Wed, 12 Mar 2025 11:20:59 +0000 https://cluster-site.onrender.com/posts/threat-report-on-application-stores/ • Malware increasingly hides in legitimate app store listings, exploiting user trust for widespread infection. • Supply‑chain attacks target third‑party libraries, enabling attacke https://cluster-site.onrender.com/posts/the-near-term-impact-of-ai-on-the-cyber-threat/ Wed, 12 Mar 2025 11:20:01 +0000 https://cluster-site.onrender.com/posts/the-near-term-impact-of-ai-on-the-cyber-threat/ • AI accelerates threat detection, enabling faster identification of malicious activity. • Adversarial AI allows attackers to craft evasive malware that bypasses traditional defens