Malware

• Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies 2026-02-17 23:34 The Hacker News Ravie LakshmananFeb 17, 2026Malware / Artificial Intelligence Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control …
• Multiple brands of Android tablets shipped with built-in malware (Updated: Google statement) 2026-02-17 23:12 Android Authority TL;DR Researchers found a firmware-level Android backdoor called Keenadu preinstalled on certain tablets before sale. The malware injects into Android’s Zygote process, giving attackers broad control over apps and data on the tablets. Google says that …
• This Preinstalled Android Malware Can Hack Any App You Launch on a Device 2026-02-17 22:56 PC Magazine Newly discovered Android malware has been found preinstalled on several Android tablet models, allowing it to tamper with any mobile app launched on the device.  Antivirus provider Kaspersky discovered the malware, dubbed “Keenadu,” which the company has …
• Experts warn of malware targeting Iran protest supporters 2026-02-17 21:58 The National News Cyber security experts say they have discovered a new malware campaign targeting supporters of protests in Iran, as tension between Washington and Tehran simmers. The malware has been called “Crescent Harvest”, according to the cyber security and data …
• New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts 2026-02-17 18:54 GBHackers Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing …
• When the Hunter Becomes the Hunted: Infostealer Malware Now Targets AI Agents in a Troubling First 2026-02-17 18:14 WebProNews For years, artificial intelligence has been heralded as the next great frontier in cybersecurity defense — a tireless digital sentinel capable of detecting threats faster than any human analyst. But a new discovery has flipped that narrative on its head: …
• OpenClaw AI agents targeted by infostealer malware for the first time 2026-02-17 17:39 TechRadar Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for breaking news, reviews, opinion, top tech deals, and more. By submitting your information you agree to the Terms & Conditions and Privacy …
• Windows PCs targeted by hackers in a fake CAPTCHA scam to spread malware — Outlook account credentials are at risk 2026-02-17 14:09 Windows Central Follow us Add us as a preferred source on Google Newsletter Windows Central Get the Windows Central Newsletter All the latest news, reviews, and guides for Windows and Xbox diehards. You are now subscribed Your newsletter sign-up was successful Subscribe …
• QR Codes Exploited for Phishing Attacks and Malware Spread on Mobile Devices 2026-02-17 11:01 GBHackers QR code abuse has become a significant mobile threat vector, with attackers using it to deliver phishing pages, trigger in‑app account takeovers, and distribute malicious applications outside official app stores. Because people routinely scan QR codes for …
• Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat 2026-02-17 11:01 GBHackers Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading README …
• REMnux v8 brings AI integration to the Linux malware analysis toolkit 2026-02-17 06:31 Help Net Security REMnux, a specialized Linux distribution for malware analysis, has released version 8 with a rebuilt platform based on Ubuntu 24.04 and a new capability aimed at connecting AI agents directly to its toolset. REMnux is designed for analyzing malicious …
• North Korean Graphalgo Campaign Uses Fake Job Tests to Spread Malware Scam 2026-02-17 00:27 Android Headlines A recent discovery reveals that a North Korean scam group is targeting developers through a sophisticated fake job scheme that hides malware inside coding assignments. Experts have uncovered over 200 malicious software packages tied to the operation, known …
• Noodlophile Malware Creators Evolve Tactics with Fake Job Postings and Phishing Lures 2026-02-17 00:10 Cyber Security News The Noodlophile information stealer, originally uncovered in May 2025, has significantly evolved its attack strategies to bypass security measures. Initially, this malware hid behind deceptive advertisements for fake AI video generation platforms on social …
• Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics 2026-02-16 17:57 GBHackers Hey folks in the threat‑hunting world looks like our coverage of the Noodlophile infostealer has struck a nerve with its creators. The operators used inflated engagement metrics and fake popularity scores to lure victims into downloading malicious ZIP …
• New Clickfix Variant ‘Matryoshka’ Attacking Users to Deploy macOS Stealer Malware 2026-02-16 17:51 Cyber Security News A sophisticated social engineering campaign targeting macOS users has emerged, deploying a dangerous stealer malware through an evolved version of the ClickFix attack technique. Named “Matryoshka” after the Russian nesting dolls, this variant uses nested …
• North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware 2026-02-16 15:29 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for breaking news, reviews, opinion, top tech deals, and more. You are now subscribed Your newsletter sign-up was successful Subscribe to our …
• Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup 2026-02-16 15:10 Security Affairs Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives …
• Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware 2026-02-16 14:34 The Hacker News Ravie LakshmananFeb 16, 2026 This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal …
• Google identifies Gemini use in cyberattacks, phishing, malware development 2026-02-16 11:43 Rappler A Google report details the use of AI in cyberattacks, with its Gemini chatbot being exploited by threat actors in China, North Korea, and Iran MANILA, Philippines – Google on Friday, February 13, released its quarterly threat intelligence report for Q4 …
• Microsoft Warns Hackers Are Using Nslookup DNS Lookups to Deliver ClickFix Malware 2026-02-16 11:43 PhoneWorld Microsoft has revealed a dangerous new evolution of the ClickFix social engineering tactic, with the DNS-based ClickFix attack replacing traditional web-based malware delivery with something far harder to spot: Domain Name System (DNS) lookups. In this …
• Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix 2026-02-16 11:31 Hackread Cyber security researchers at Moonlock Lab, the investigative unit of the popular software developer MacPaw, have uncovered a clever new way that hackers are targeting Mac users. This campaign uses the ClickFix technique, where people are tricked into …
• Matryoshka Clickfix Variant Targets macOS Users, Deploys New Stealer Malware 2026-02-16 11:19 GBHackers A new variant of the “ClickFix” social engineering campaign specifically targeting macOS users. Codenamed Matryoshka a reference to its multiple nested obfuscation layers this evolution builds on prior ClickFix lures. However, it adds advanced evasion …
• Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging 2026-02-15 19:58 The Hacker News Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload. …
• Fake Job Recruiters Hid Malware In Developer Coding Challenges 2026-02-15 17:12 Slashdot "A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks," reports the Register. Researchers at software supply-chain security company …
• Inside ClickFix’s Dangerous New Playbook: How Hackers Are Hijacking DNS Settings to Silently Install Malware 2026-02-15 16:28 WebProNews For years, cybersecurity professionals have tracked the evolution of social engineering attacks that prey on human trust and technical naivety. Now, a sophisticated new variant of the ClickFix campaign has emerged that takes deception to an alarming new …
• Suspected Russian hackers deploy CANFAIL malware against Ukraine 2026-02-14 21:42 Security Affairs Suspected Russian hackers deploy CANFAIL malware against Ukraine A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented …
• Android malware hidden in fake antivirus app 2026-02-14 19:35 Fox News Fox News Flash top headlines are here. Check out whats clicking on FoxNews.com. NEWYou can now listen to Fox News articles! If you use an Android phone, this deserves your attention. Right now, cybersecurity researchers warn that hackers are using Hugging …
• REMnux v8 Linux Toolkit Released With AI-Powered Malware Analysis Capabilities 2026-02-14 11:28 GBHackers The landscape of malware analysis has taken a significant leap forward with the official release of REMnux v8. This popular Linux toolkit, which has served the security community for fifteen years, has been updated to address modern threats and integrate …
• New Clickfix Attack Uses DNS Hijacking to Spread Malware 2026-02-14 11:27 Cyber Security News A new evolution in the ClickFix social engineering campaign, which now employs a custom DNS hijacking technique to deliver malware. This attack method tricks users into executing malicious commands that utilize DNS lookups to fetch the next stage of the …
• Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs 2026-02-14 01:44 The Hacker News Ravie LakshmananFeb 13, 2026Threat Intelligence / Malware A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the …
• UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors 2026-02-13 22:46 The Hacker News Ravie LakshmananFeb 13, 2026Cloud Security / Cyber Espionage A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services …
• Over 1,800 Windows Servers Compromised by BADIIS Malware in Large-Scale SEO Poisoning Campaign 2026-02-13 16:35 Cyber Security News A sophisticated cyber campaign has compromised over 1,800 Windows servers globally, using a potent malware strain known as BADIIS. This operation targets Internet Information Services (IIS) environments, transforming legitimate infrastructure into a …
• Employee monitoring tools become gateways for Spyware and Malware attacks 2026-02-13 07:34 Cybersecurity Insiders As remote and hybrid work models have become more common, many organizations have adopted employee monitoring software to track productivity, manage workflows, and maintain operational visibility. These tools are typically designed to help managers assess …
• BADIIS malware hijacks IIS servers for covert SEO fraud 2026-02-12 23:28 IT Brief - New Zealand Elastic Security Labs has detailed a campaign that compromises Windows IIS servers and turns them into covert link farms. The attackers manipulate search results to steer users to illicit gambling sites and cryptocurrency phishing pages. Tracked internally …
• Microsoft patches concerning Windows 11 Notepad security flaw - Markdown issues could have let hackers slip in malware without warning 2026-02-12 14:02 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for breaking news, reviews, opinion, top tech deals, and more. You are now subscribed Your newsletter sign-up was successful Subscribe to our …
• AI malware, Gemini lures and more: Google reveals how hackers are actually using AI 2026-02-12 14:02 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for breaking news, reviews, opinion, top tech deals, and more. You are now subscribed Your newsletter sign-up was successful Subscribe to our …