NoVoice Malware Hits 2.3 Million Android Devices via Google Play
A new Android rootkit campaign called NoVoice malware has been discovered hiding inside more than 50 apps on Google Play. The apps collected at least 2.3 million downloads before being removed. Researchers warn that millions of devices may still be compromised. What Is NoVoice Malware? NoVoice malware is a rootkit. That means it burrows into the deepest layers of a
CrystalX RAT: The Malware That Spies, Steals, and Trolls You
A new piece of Windows malware is turning heads in the cybersecurity world. CrystalX RAT is a remote access Trojan discovered in early 2026. It combines spyware, credential theft, and cryptocurrency hijacking with "prankware" features. These features flip your screen, scramble your mouse buttons, and lock your keyboard, all while quietly draining your data in the background. What Is CrystalX
Perseus Android Malware Targets Your Notes App
Perseus Android malware is a newly discovered threat that goes further than most mobile banking trojans. While typical Android malware focuses on stealing login credentials or intercepting text messages, Perseus actively scans the note-taking apps on your phone, hunting for passwords, crypto wallet recovery phrases, and financial details you may have stored there for safekeeping. What Is Perseus and Where
Zombie ZIP: The Malware Trick Antivirus Tools Can’t See
A newly documented technique called Zombie ZIP allows malware to hide inside a deliberately malformed archive file, bypassing nearly every major antivirus and endpoint detection tool on the market. Security researcher Chris Aziz of Bombadil Systems discovered the technique and tested it against 51 antivirus engines on VirusTotal. It bypassed 50 of them. The CERT Coordination Center has since issued
PromptSpy Android Malware Uses Generative AI at Runtime
PromptSpy Android malware has introduced a new chapter in mobile cyber threats by integrating generative AI directly into its runtime operations. Security researchers recently identified it as the first known Android malware to actively communicate with a large language model while executing on an infected device. This shift moves AI from being a supporting tool for attackers into the core
Massiv Android Malware Spreads via Fake IPTV Apps
Massiv Android malware has emerged as a new banking threat targeting mobile users through fake IPTV applications. Attackers disguise the malware as a streaming app to trick users into installing it outside official app stores. Once active, it gives criminals deep access to infected devices and allows them to steal sensitive financial data. Security researchers observed the campaign primarily targeting
Malware in Coding Challenges Targets Developers Seeking Jobs
Cybercriminals are embedding malware in coding challenges and sending them to developers through fake recruitment campaigns. What looks like a standard technical interview task is, in reality, a carefully constructed infection chain designed to compromise machines and steal sensitive data. Security researchers say this campaign has operated for months and continues to evolve. Instead of relying on obvious phishing emails
Malicious 7-Zip Installer Turns PCs Into Proxy Nodes
Cybercriminals are abusing trust in popular software to spread malware at scale. The malicious 7-Zip installer campaign shows how a simple download mistake can quietly turn a personal computer into part of a criminal proxy network. Instead of delivering only the legitimate compression tool, attackers bundled hidden components that operate in the background and grant remote operators control over internet
VoidLink Malware Targets Linux Cloud Servers
Security researchers have identified VoidLink malware as a new and highly sophisticated framework built specifically for Linux cloud environments. Rather than acting as a single-purpose backdoor, VoidLink functions as a full post-exploitation platform. It focuses on persistence, stealth, and long-term operational control inside virtual machines, containers, and cloud workloads. VoidLink malware reflects a shift in attacker priorities. Cloud servers now
ClickFix BSOD Attack Pushes Malware via Fake Crashes
Fake system crashes have become a powerful tool for modern malware campaigns. Instead of exploiting software flaws, attackers increasingly rely on fear and urgency to push users into dangerous actions. One of the clearest examples of this shift is the ClickFix BSOD attack, which uses convincing Windows Blue Screen of Death visuals to manipulate victims into executing malicious commands themselves.
