SECURITYTHE HACKER NEWS
ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
ToddyCat, a threat actor, has been linked to Umbrij malware that exploits OAuth to access Gmail via Google API, targeting corporate email compromises. Kaspersky reported that attackers focused on breaching Gmail communications through API access.
Related Signal
Adjacent reporting
- Lazarus Group Malware Targets Crypto, Business Execs via macOS
- North Korea's Lazarus Targets macOS Users via ClickFix
- EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
- Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
- APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies