BTMOB Android malware service generates custom phishing payloads
An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [.
20 articles
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
Michele Spagnuolo allegedly placed multiple trades on the prediction marketplace, abusing internal access to Google’s nonpublic data on the most searched peo...
New BTMOB Android Malware Enables Full Device Takeover
Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access. The post New BTMOB Android Malware Enables Full ...
Fourth Frontier Frontier X Mobile Application, Frontier X2
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to read and write arbitrary handle values and change clinical reading...
VaultJacking Attack Exposes Google Password Vaults via Single PIN
A newly disclosed phishing technique dubbed “VaultJacking” is raising serious concerns across the cybersecurity community after researchers demonstrated how ...
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
New AI Threat Defense platform combines capabilities from Mandiant, Wiz and Gemini to help customers fight AI with AI. The post Google Unveils AI Threat Defe...
Motorola App Allegedly Hijacks Amazon App Activity to Insert Affiliate Referral Codes
Motorola is facing scrutiny after researchers and users discovered that its preinstalled Smart Feed app was silently hijacking launches of the Amazon Shoppin...
AI models more vulnerable than claimed when faced with iterative attacks
CISOs relying on LLM runtime guardrails and official safety scores when making security decisions about their organizations’ AI usage and model selection are...
BTMOB Android RAT poses significant threat with easy-to-use builder
First identified in February 2025, BTMOB evolved from the SpySolr malware.
CrowdStrike, Google Take Down Glassworm Botnet
Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that help...
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels a...
How cybersecurity firms took down Glassworm botnet in one shot
Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, a...
BTMOB Malware Allows Cybercriminals to Remotely Hijack Android Phones
A newly observed Android malware strain, known as BTMOB, is raising concerns among cybersecurity researchers due to its powerful remote access capabilities a...
Fake AI tool websites used to steal developer data
The attack campaign employs SEO poisoning to elevate fake installation pages in search engine results, leading developers searching for AI tools like Google ...
Chinese phishing crews grow into a force to be reckoned with
Chinese-language phishing-as-a-service (PhaaS) communities are expanding in an area historically dominated by Russian-speaking cybercriminal groups. The Goog...
BTMOB Android RAT Spreads Through No-Code Builder Tooling
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures
EU Regulators Prepare Landmark Fine Against Google Under Digital Markets Act
The European Union is preparing to issue a landmark penalty against Google under its Digital Markets Act (DMA), marking a significant escalation in regulator...
BTMOB: A stealthy RAT burrowing deep into Android devices
The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise
Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell
Hackers are actively exploiting a critical vulnerability in the KnowledgeDeliver Learning Management System (LMS) to deploy the BLUEBEAM web shell, according...