Tag: malware
-
The Cyber Express Weekly Roundup: AI Disruption, Regulatory Pressure, and the Evolving Cyber Threat Landscape
Artificial intelligence is no longer a future-facing concept; it is actively reshaping cyber risk, regulatory enforcement, and enterprise security strategy in real time. This week’s The Cyber Express weekly roundup reflects the modern environment where AI-driven fraud, deepfake investigations, ransomware incidents, and mobile malware innovations are unfolding simultaneously across multiple regions. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ai-deepfakes-ransomware-weekly-roundup/
-
FBI Issues Emergency Alert as Ploutus Malware Drains U.S. ATMs Without Cards or Accounts
Ploutus malware is powering a new wave of “jackpotting” attacks that drain U.S. ATMs without needing a bank card, customer account, or bank authorization, prompting the FBI to issue an emergency FLASH alert to financial institutions nationwide.”‹ According to the FBI alert, threat actors are using Ploutus and related ATM jackpotting malware to control cash…
-
Android Malware Hijacks Google Gemini to Stay Hidden
A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-malware-hijacks-google/
-
FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM “jackpotting” attacks, in which criminals use malware to force cash machines to dispense money. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/
-
FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM “jackpotting” attacks, in which criminals use malware to force cash machines to dispense money. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/
-
PromptSpy abuses Gemini AI to gain persistent access on Android
PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Android malware to exploit Google’s Gemini AI to maintain persistence. The malware can capture lockscreen data, block uninstallation attempts, collect device information, take screenshots, and record screen activity…
-
PromptSpy läutet mit GenAI die Ära der Android-Bedrohungen ein
ESET-Forscher entdecken PromptSpy, die erste bekannte Android-Malware, die generative KI in ihrem Ausführungsablauf nutzt. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/promptspy-lautet-mit-genai-die-ara-der-android-bedrohungen-ein/
-
Neue Malware TrustConnect für 300 Euro im Monat zu mieten
Für 300 US-Dollar im Monat können Kriminelle einen vollwertigen Remote Access Trojan mieten, inklusive Dashboard, gefälschtem Firmenzertifikat und professioneller Website. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/malware-trustconnect-fuer-300-euro
-
PromptSpy: First Android AI Malware Leverages Google’s Gemini for Decision-Making
PromptSpy is a newly discovered Android malware family that abuses Google’s Gemini generative AI model to make real”‘time decisions on how to manipulate the user interface and stay active on infected devices. PromptSpy’s AI”‘assisted functionality is focused on persistence rather than initial infection or data theft. Instead of relying on hardcoded tap coordinates or fragile…
-
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/
-
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/
-
PromptSpy is the first Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-android-malware-to-use-generative-ai-at-runtime/
-
Google says its AI systems helped deter Play Store malware in 2025
Google said it prevented 1.75 million bad apps from going live on Google Play during 2025, a figure that’s down from previous years. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/19/google-says-its-ai-systems-helped-deter-play-store-malware-in-2025/
-
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence.The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots, First seen…
-
Crims hit a $20M jackpot via malware-stuffed ATMs
FBI warns these cyber-physical attacks are on the rise First seen on theregister.com Jump to article: www.theregister.com/2026/02/19/crims_atm_jackpotting/
-
PromptSpy Android malware may exploit Gemini AI
A newly-uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639201/PromptSpy-Android-malware-may-exploit-Gemini-AI
-
The Cloud and AI Velocity Trap: Why Governance Is Falling Behind Innovation
Tags: access, ai, attack, business, cloud, compliance, control, cyber, data, flaw, framework, governance, grc, iam, identity, least-privilege, malicious, malware, radius, risk, risk-management, service, supply-chain, tactics, threat, tool, vulnerability, zero-trustAI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths. Key takeaways The velocity trap: Security teams are fighting “machine-speed” threats with manual processes; you…
-
The Cloud and AI Velocity Trap: Why Governance Is Falling Behind Innovation
Tags: access, ai, attack, business, cloud, compliance, control, cyber, data, flaw, framework, governance, grc, iam, identity, least-privilege, malicious, malware, radius, risk, risk-management, service, supply-chain, tactics, threat, tool, vulnerability, zero-trustAI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths. Key takeaways The velocity trap: Security teams are fighting “machine-speed” threats with manual processes; you…
-
Android malware taps Gemini to navigate infected devices
The real deal or another research project overblown? First seen on theregister.com Jump to article: www.theregister.com/2026/02/19/genai_malware_android/
-
Android malware taps Gemini to navigate infected devices
The real deal or another research project overblown? First seen on theregister.com Jump to article: www.theregister.com/2026/02/19/genai_malware_android/
-
China-Linked Hackers Use Dell RecoverPoint Flaw to Drop GrimBolt Malware
Dell warns of a critical security hole in its RecoverPoint software exploited by hackers. Learn how to protect your data from the CVE-2026-22769 vulnerability and the new GrimBolt malware. First seen on hackread.com Jump to article: hackread.com/china-hackers-dell-recoverpoint-flaw-grimbolt-malware/
-
Malvertising gegen Mac-Nutzer über Evernote-Links
Beliebte Software und Tools bleiben wirksame Lockvogel-Angebote im Dienste von Cyberkriminellen. Aktuell nutzen sie Google-Anzeigen für Mac-Nutzer mit Interesse an Anwendungen wie Microsoft-Office, Libre-Office, Notepad++, 7-Zip, VLC oder Final-Cut-Pro. Die Täter leiten ihre Opfer auf in Evernote geteilte Seiten mit bösartigen Links. Nach Klick auf die Links mit den vermeintlichen Angeboten führen die Opfer Kommandos…
-
Malvertising gegen Mac-Nutzer über Evernote-Links
Beliebte Software und Tools bleiben wirksame Lockvogel-Angebote im Dienste von Cyberkriminellen. Aktuell nutzen sie Google-Anzeigen für Mac-Nutzer mit Interesse an Anwendungen wie Microsoft-Office, Libre-Office, Notepad++, 7-Zip, VLC oder Final-Cut-Pro. Die Täter leiten ihre Opfer auf in Evernote geteilte Seiten mit bösartigen Links. Nach Klick auf die Links mit den vermeintlichen Angeboten führen die Opfer Kommandos…
-
Proaktive Bedrohungsaufklärung und einheitlicher Schutz gewinnen angesichts wachsender Komplexität zunehmend an Bedeutung
Mit Blick auf das zweite Halbjahr 2025 verzeichnet Watchguard Technologies im aktuellen Internet-Security-Report einen rapiden Anstieg evasiver und verschlüsselter Malware. Dieser Trend markiert die Notwendigkeit proaktiver und ganzheitlicher Sicherheitsansätze. Basierend auf anonymisierten, aggregierten Bedrohungsinformationen aus Watchguards Netzwerk-, Endpoint- und DNS-Filter-Lösungen macht der Report deutlich, dass sowohl Volumen als auch Raffinesse von Malware-Angriffen steigen. Dabei werden…
-
PromptSpy: First Android malware to use generative AI in its execution flow
ESET researchers have discovered PromptSpy, the first known Android malware to abuse generative AI as part of its execution flow in order to achieve persistence. This marks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/promptspy-android-malware-generative-ai/
-
Infostealer Found Stealing OpenClaw AI Identity and Memory Files
Researchers at Hudson Rock have identified a live infection where an infostealer exfiltrated a victim’s OpenClaw configuration. The discovery highlights a shift in malware behaviour toward harvesting personal AI identity files. First seen on hackread.com Jump to article: hackread.com/infostealer-steal-openclaw-ai-identity-memory-files/
-
Massiv Attack: Android Trojan Targets IPTV Users
New Trojan May Soon Be Offered for Sale to Criminal Underground. Security researchers warn of Massiv, an Android Trojan – disguised as an IPTV app – targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft – and may soon be marketed on criminal underground forums as malware as a…
-
New ‘Massiv’ Android banking malware poses as an IPTV app
A newly identified Android banking trojan named Massiv has been under active distribution across south Europe, disguised as an IPTV app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-massiv-android-banking-malware-poses-as-an-iptv-app/
-
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft.The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications.”This new threat, while First…
-
Hackers Hide Malware in Emoji-Based Code to Bypass Security Defenses
Hackers are increasingly abusing emoji and other Unicode tricks to hide malicious code, bypass filters, and evade modern security controls, including AI-powered defenses. This emerging technique, known as emoji or Unicode smuggling, turns harmless-looking characters into stealth carriers for commands, data, and exploit payloads. Emoji smuggling is an obfuscation technique in which attackers encode malicious content using…