Fake Google security page can turn your browser into a spying tool

Security researchers say a phishing scam impersonates Google to install malware that steals 2FA codes, tracks location and spies on clipboard data.
Bleeping Computer

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker ...
AOL

Android malware hidden in fake antivirus app

If you use an Android phone, this deserves your attention. Cybersecurity researchers warn that hackers are using Hugging Face, a popular platform for sharing artificial intelligence (AI) tools, to ...
Bleeping Computer

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...
TechRepublic

Fake ‘Antivirus’ App Spreads Android Malware, Steals Banking Credentials

If you think an app called “Antivirus” means your phone’s safe, think again. Cybercrooks just found a new way to turn that trust against you. Researchers uncovered a malicious campaign spreading ...