Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026
A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans like Casbaneiro (aka Metamorfo) via another malware called Horabot
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks.
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT
Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote
Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan
New AppLite Banker malware targets Android devices, employing advanced phishing techniques to steal credentials and data
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails
Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses.
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
Hackers Used Dozens of Servers to Distribute Malicious Android AppsLaw enforcement authorities in Singapore, Malaysia, Hong Kong and Taiwan took down a cybercrime ring that used dozens of servers and hundreds of phishing pages across multiple jurisdictions to run a malware-enabled scam operation and steal tens of millions from victims' bank accounts.
New Campaign Targets Over 1,500 Banks WorldwideDespite a law enforcement takedown in January, researchers identified new phishing campaigns spreading the Grandoreiro banking Trojan, indicating its return as a malware-as-a-service tool with better encryption and a better domain name generator, according to IBM X-Force researchers.
The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January
The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks. [...]
The Android banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks. [...]
A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla
Darktrace Warns of Malware Hidden in PDF Stored in DropboxPhishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.