Mobile Threats

Rust Based VENON Malware Targets 33 Brazilian Banks with Credential Stealing Overlays

Cybersecurity researchers have uncovered a newly developed banking malware named VENON, which specifically targets users in Brazil. The malware is written in Rust, marking a notable shift from the traditional Delphi-based malware families commonly associated with the Latin American cybercrime landscape. The malicious program, designed to infect Windows systems, was discovered recently and analyzed by the Brazilian cybersecurity firm ZenoX. […]

Rust Based VENON Malware Targets 33 Brazilian Banks with Credential Stealing Overlays Read More »

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have uncovered six new Android malware families designed to steal sensitive data from infected devices and carry out financial fraud. These threats primarily target banking applications, cryptocurrency wallets, and digital payment platforms. The discovered malware includes several banking trojans and remote access tools capable of monitoring user activity, hijacking financial transactions, and gaining full control over

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets Read More »

Coruna iOS Exploit Kit Leverages 23 Exploits in Five Attack Chains Targeting iOS 13 to 17.2.1

A newly uncovered cyber offensive framework named Coruna, also tracked as CryptoWaters, has emerged as one of the most advanced iOS exploit kits observed in recent years. According to findings released by Google, the toolkit specifically targets Apple iPhone devices running iOS versions from 13.0 through 17.2.1. Devices operating on the latest iOS releases remain

Coruna iOS Exploit Kit Leverages 23 Exploits in Five Attack Chains Targeting iOS 13 to 17.2.1 Read More »

PromptSpy Android Malware Exploits Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have uncovered a sophisticated Android malware, named PromptSpy, that leverages Google’s generative AI chatbot Gemini to automate actions and ensure persistence on infected devices. This marks one of the first known cases of malware incorporating generative AI into its operational flow. How PromptSpy Operates PromptSpy is capable of: According to Lukáš Štefanko, Gemini is

PromptSpy Android Malware Exploits Gemini AI to Automate Recent-Apps Persistence Read More »

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity experts have identified a new Android banking trojan called Massiv, designed to conduct device takeover (DTO) attacks for financial theft. The malware hides inside seemingly legitimate IPTV apps, luring users who are searching for online TV services and giving attackers remote control over infected devices. How Massiv Operates According to ThreatFabric, Massiv first appeared in

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users Read More »

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates

Kaspersky researchers have uncovered a sophisticated Android firmware backdoor, dubbed Keenadu, which silently harvests data and enables remote control of infected devices. The malware is embedded in device firmware, affecting brands including Alldocube, and is delivered through signed OTA updates dating back to August 2023. Unlike conventional malware, Keenadu operates at the firmware level, loading into the

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates Read More »

Apple Tests End to End Encrypted RCS Messaging in iOS 26.4 Developer Beta

Apple has rolled out a new developer beta of iOS and iPadOS that introduces end-to-end encryption, E2EE, for Rich Communication Services (RCS) messaging. The capability is currently available in iOS 26.4 and iPadOS 26.4 beta builds and is expected to reach general users in a future software release across iOS, iPadOS, macOS, and watchOS. In its

Apple Tests End to End Encrypted RCS Messaging in iOS 26.4 Developer Beta Read More »

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Exfiltration

Cybersecurity experts have uncovered a new mobile spyware platform called ZeroDayRAT, being marketed on Telegram as a tool for stealing sensitive data and conducting real-time surveillance on Android and iOS devices. Daniel Kelley, a security researcher at iVerify, explained, “The developer operates dedicated channels for sales, customer support, and updates, giving buyers access to a fully functional

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Exfiltration Read More »

Android Malware Campaigns Combine Droppers, SMS Theft, and RAT Capabilities at Scale

Cybersecurity researchers are warning about a rapidly evolving Android malware ecosystem where threat actors are combining malicious droppers, SMS stealing functions, and full remote access capabilities to target users at scale. Recent investigations show that users in Uzbekistan are being actively targeted through fake applications that silently deploy advanced malware once installed. According to an

Android Malware Campaigns Combine Droppers, SMS Theft, and RAT Capabilities at Scale Read More »

Kimsuky Spreads DocSwap Android Malware Through QR Phishing Posing as Delivery App

A new Android malware campaign linked to the North Korean threat actor Kimsuky has been uncovered, using QR code based phishing techniques to distribute an updated variant of malware known as DocSwap. The activity was analyzed by South Korean cybersecurity firm ENKI, which reported that the attackers are impersonating a major logistics provider in South

Kimsuky Spreads DocSwap Android Malware Through QR Phishing Posing as Delivery App Read More »