Fake Document Reader on Google Play Delivered Anatsa Android Banking Malware
A fake document reader app on the Google Play Store was used to deliver the Anatsa Android banking trojan, exposing more than 100,000 Android users…
Microsoft Teams Phishing Campaign Uses RMM Abuse for Unauthorized Access
A Microsoft Teams-themed phishing campaign is tricking employees into installing a legitimate remote access tool that attackers configure for unauthorized control. The campaign, detailed in…
Mistic Backdoor Abuses Microsoft Endpoint Security Naming to Hide in Corporate Networks
A new backdoor called Mistic is being used in financially motivated intrusions against corporate networks, with evidence pointing to a possible link to the Woodgnat…
Anthropic Accuses Alibaba of Largest Known Claude Distillation Attack
Anthropic has accused Alibaba of running a large unauthorized campaign to extract capabilities from Claude, calling it the largest known distillation attack against its platform.…
Chrome 149 Security Update Fixes Critical Flaws That Could Enable Code Execution Attacks
Google has released a Chrome 149 security update for Windows, macOS, and Linux, fixing 18 browser vulnerabilities that include four Critical-rated flaws. The latest Chrome…
Hackers Use Fake Cisco AnyConnect and Google Update Installers to Drop SharkLoader Malware
A new malware campaign called StrikeShark is using fake Cisco AnyConnect and Google Update installers to deliver SharkLoader, a previously undocumented loader that deploys Cobalt…
OpenClaw Skill Marketplace Threats Expose AI Agents to Malware and Financial Fraud
Security researchers have found new malicious skills in the OpenClaw AI agent ecosystem, showing how third-party agent extensions can become a serious software supply chain…
Malicious Chrome Extension Used Native Messaging to Run PowerShell Commands on Windows
A newly analyzed Chrome malware campaign used a rogue browser extension and a Native Messaging Host to turn infected Windows systems into remote-command backdoors. The…
In-Browser Data Inspection Helps Analysts Track Phishing Attack Flows Inside Browser Sessions
ANY.RUN has introduced in-browser data inspection for URL analysis, giving security analysts a browser-level view of how phishing pages behave after a suspicious link is…
Dropping Elephant Uses GoogleErrorReport Scheduled Task to Keep New RAT Active
Dropping Elephant is using a malicious Windows shortcut, DLL side-loading, and a scheduled task named GoogleErrorReport to keep a new memory-resident remote access trojan active…
February 10, 2026
1 comment 
