Six Android malware families discovered targeting banking apps and crypto wallets, exploiting accessibility features to steal funds and data.
Category: cybercrime/malcode – Page 3
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.
The feature is opt-in and will enter public preview from mid-March through late April 2026 for worldwide tenants. Government cloud environments (GCC, GCC High, and DoD) follow with mid-April through mid-May rollout windows.
Notably, this also extends passwordless sign-in to unmanaged Windows devices, a gap that previously left personal and shared devices relying on password-based authentication.
Google paid $17.1 million for vulnerability reports in 2025
Google paid over $17 million to 747 security researchers who reported security bugs through its Vulnerability Reward Program (VRP) in 2025.
The company says it has awarded over $81.6 million in bug bounties since the first Vulnerability Reward Program went live in 2010, while the highest reward paid last year was of $250,000.
“Our VRP once again confirmed the ongoing value of engaging with the external security research community to make Google and its products safer,” Google said.
AI-generated Slopoly malware used in Interlock ransomware attack
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack.
The breach started with a ClickFix ruse, and in later stages of the attack, the hackers deployed the Slopoly backdoor as a PowerShell script acting as a client for the command-and-control (C2) framework.
IBM X-Force researchers analyzed the script and found strong indicators that it was created using a large language model (LLM), but could not determine which one.
The Critical Importance of Security and Power Resilience for Data Centers in the AI Era
AI Era Data Centers: Power & Security Challenges By Chuck Brooks
As AI adoption accelerates across the government, challenges like higher power demand and cyber risks are expected to emerge.
#datacenters #cybersecurity #artificialintelligence
By Chuck Brooks, president of Brooks Consulting International and one of Executive Mosaic’s GovCon Experts
Artificial intelligence, or AI, is not merely a tool in our age of rapid technological advancement; rather, it is the fundamental force behind innovation in all spheres of society. Our world is changing due to AI’s capabilities, which range from real-time decision-making in national security to predictive analytics in healthcare.
The contemporary data center, the digital stronghold that stores, processes and drives the enormous computing demands of AI models, is at the center of this change. However, as AI adoption picks up speed, these vital
infrastructures are confronted with two existential challenges: an unparalleled increase in power usage and a changing environment of increasingly complex security risks. For operational continuity, economic stability and national resilience, addressing both is now essential and no longer discretionary.
New ‘BlackSanta’ EDR killer spotted targeting HR departments
For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.
Described as “sophisticated,” the campaign mixes social engineering with advanced evasion techniques to steal sensitive information from compromised systems.
It is unclear how the attack begins, but researchers at Aryaka, a network and security solutions provider, suspect that the malware is distributed via spear-phishing emails.
New BeatBanker Android malware poses as Starlink app to hijack devices
A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store.
The malware combines banking trojan functions with Monero mining, and can steal credentials, as well as tamper with cryptocurrency transactions.
Kaspersky researchers discovered BeatBanker in campaigns targeting users in Brazil. They also found that the most recent version of the malware deploys the commodity Android remote access trojan called BTMOB RAT, instead of the banking module.
New ‘Zombie ZIP’ technique lets malware slip past security tools
A new technique dubbed “Zombie ZIP” helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) products.
Trying to extract the files with standard utilities like WinRAR or 7-Zip results in errors or corrupted data. The technique works by manipulating ZIP headers to trick parsing engines into treating compressed data as uncompressed.
Instead of flagging the archive as potentially dangerous, security tools trust the header and scan the file as if it were a copy of the original in a ZIP container.