Keenadu is embedded in critical system libraries, specifically libandroid_runtime.so, and injects itself into the Zygote process, granting it broad access.
Major Russian social networking service VKontakte had over 500,000 accounts taken over through five malicious Google Chrome extensions masquerading as customization utilities in an attack campaign that ran between mid-2025 and January 2026, reports The Record, a news site by cybersecurity firm Recorded Future.
Updated OysterLoader malware uncovered More sophisticated command-and-control and obfuscation tactics have been integrated into the OysterLoader malware, also known as Broomstick and CleanUp, this year, according to Infosecurity Magazine.
HackRead reports that information-stealing MacSync malware has been deployed through the exploitation of Google Ads and bogus Claude AI guides as part of a new ClickFix attack campaign.
Infosecurity Magazine reports that more clandestine and persistent intrusions have been conducted by the WorldLeaks ransomware operation through the new advanced RustyRocket malware.
