CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that ...

Trojan abuses Microsoft Phone Link app to steal your passwords

The CloudZ Trojan steals data through Microsoft Phone Link. The campaign has been active since at least January 2026.  Follow ...

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
Windows Report

CloudZ RAT Steals Your OTPs Through Microsoft Phone Link

A new version of CloudZ RAT uses a malicious plugin called Pheno to extract sensitive data from Windows PCs by abusing ...
XDA Developers on MSN

I vibe-coded a tiny CLI tool in 15 minutes, and it helped me stop subscriptions I was too ...

I used vibe coding to take control of my subscriptions.
The Hacker News

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...
TechJuice

SAP npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.
Bay News 9

Space Force activates new command out of MacDill

TAMPA, Fla. — The U.S. Space Force is activating its new command at MacDill Air Force Base in Tampa on Friday. The new command, known as SPACECENT, will report directly to U.S. Central Command leaders ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...