Cybersecurity experts found a new Android spyware, RadzaRat, disguised as a file manager app. It grants hackers full control over devices, including keylogging capabilities, and is undetectable by antivirus programs. The malware is easily accessible online and can be deployed by anyone with basic skills.

A report from Zscaler reveals that over 239 malicious Android apps were downloaded 42 million times from Google Play between June 2024 and May 2025. The rise in malware includes banking trojans and spyware, with a notable shift towards social engineering tactics. India, the U.S., and Canada are the top targets, while adware has become the most detected threat.

A zero-day vulnerability in Samsung's Android image processing library allowed the deployment of LandFall spyware through malicious images sent via WhatsApp. This spyware targets specific Galaxy models and can record calls, track locations, and access personal data.

A long-running campaign by a group called ShadyPanda has infected 4.3 million users of Chrome and Edge with spyware hidden in legitimate-looking browser extensions. Some of these extensions, still available on the Edge store, allow attackers to track user behavior and steal sensitive data. Researchers warn that the infrastructure for attacks remains active even after the extensions have been removed.

Russian malware known as Spypress is exploiting vulnerabilities in webmail services to spy on Ukrainian users, particularly targeting Gmail and Yahoo accounts. The malware facilitates unauthorized access to sensitive information, raising significant security concerns amid ongoing conflict.

A new variant of spyware called Stealerium automates sextortion by detecting when users browse pornography, capturing screenshots and webcam images to blackmail victims. Researchers at Proofpoint revealed that this malware, available as open-source on GitHub, enhances traditional infostealer functions by adding a layer of privacy invasion and humiliation. The malware has been linked to multiple cybercriminal campaigns since May.

A researcher discovered 57 Chrome extensions, used by 6 million users, that contain risky capabilities such as monitoring browsing behavior and accessing sensitive cookies. While some have been removed from the Chrome Web Store, others remain, and users are advised to uninstall them and reset their passwords as a precaution.