IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based ...

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.

The PromptSpy Android malware, created by Chinese developers, uses Gemini AI at runtime to achieve persistence on devices.

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow.

Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini ...

A newly-uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence.

Credential and cryptocurrency theft, live surveillance, ransomware - an attacker's Swiss Army knife A new remote access trojan (RAT) being sold on cybercrime networks enables double extortion attacks ...

A newly observed variant of Remcos RAT has introduced real-time surveillance features and stronger evasion techniques, marking a shift in how the malware operates on compromised Windows systems.

In early February, CISA warned of attacks on FreePBX instances. Currently, hundreds of compromised installations are online.

Security researchers uncover PromptSpy, the first Android malware to use Google’s Gemini AI for persistence and remote access.

A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET ...