Brazil Archives • Daily CyberSecurity

JanelaRAT Uses Fake Windows Updates to Empty LATAM Bank Accounts JanelaRAT LATAM Banking Malware

JanelaRAT Uses Fake Windows Updates to Empty LATAM Bank Accounts

Do Son April 15, 2026

In the diverse ecosystem of Latin American cybercrime, one threat continues to refine its ability to peer...

Vibe Coding apps Vibe Coding App Store surge Vibe Coding App Store Apple 50th Anniversary hardware Brazil CADE Apple settlement, iOS third-party app stores Brazil Tim Cook Succession Apple CEO Rumors App Store Mini Apps 15% Commission Fee iOS Japan Sideloading, Third-Party App Stores Web App Store, App Discovery Apple Age Verification, Texas SB2420 Apple AI acquisitions App Store, Antitrust Apple WebKit, Japan Regulations App Store Age Ratings, Parental Controls Apple App Store, Epic Games Lawsuit

The Brazil Breakout: Apple Forced to Unlock iOS for Third-Party App Stores

Do Son December 26, 2025

After the European Union forced iOS to “open up” under the Digital Markets Act (DMA), Brazil has...

Water Saci Campaign Uses LLMs to Convert Malware to Python, Spreads Banking Trojan Via WhatsApp Worm

Do Son December 4, 2025

A sophisticated cyber-espionage campaign known as “Water Saci” has aggressively pivoted its tactics, leveraging artificial intelligence and...

Zero-Detection RelayNFC Android Malware Turns Phones Into Remote Card Readers RelayNFC Malware NFC Relay Fraud

Zero-Detection RelayNFC Android Malware Turns Phones Into Remote Card Readers

Do Son November 26, 2025

Cyble Research and Intelligence Labs (CRIL) has identified a rapidly evolving NFC relay malware campaign targeting mobile...

Eternidade Stealer: New Python WhatsApp Worm Uses IMAP Email for Covert C2 and Brazilian Bank Overlays Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Eternidade Stealer: New Python WhatsApp Worm Uses IMAP Email for Covert C2 and Brazilian Bank Overlays

Do Son November 24, 2025

Trustwave SpiderLabs researchers have identified a new and rapidly evolving banking Trojan—dubbed Eternidade Stealer—that hijacks WhatsApp, steals...

Tap-and-Steal: Over 760 Android Apps Exploit NFC/HCE for Payment Card Theft in Global Financial Scam Donot APT Group - Android zero-day

Tap-and-Steal: Over 760 Android Apps Exploit NFC/HCE for Payment Card Theft in Global Financial Scam

Do Son November 3, 2025

Researchers from Zimperium zLabs have uncovered a rapidly growing cybercrime trend involving Android applications that abuse NFC...

Lampion Banking Trojan Evolves: 700MB Bloatware DLL and ClickFix VBS Script Target Brazilian Users Lampion 700MB Bloatware, ClickFix VBS

Lampion Banking Trojan Evolves: 700MB Bloatware DLL and ClickFix VBS Script Target Brazilian Users

Do Son October 30, 2025

Researchers at BitSight have uncovered a long-running spam campaign operated by a Brazilian threat group behind the...

Next-Gen Android Trojan Herodotus Mimics Human Typing to Bypass Behavioral Biometrics Anti-Fraud Systems Herodotus Human Typing, Behavioral Biometrics Bypass

Herodotus Human Typing, Behavioral Biometrics Bypass

Next-Gen Android Trojan Herodotus Mimics Human Typing to Bypass Behavioral Biometrics Anti-Fraud Systems

Do Son October 29, 2025

Cybersecurity researchers at ThreatFabric have discovered a new Android banking Trojan dubbed Herodotus, a malware strain that...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

Water Saci Evolves: Multi-Layered WhatsApp Worm Uses IMAP Email for Covert C2 and Session Hijacking

Do Son October 29, 2025

Researchers from Trend Research have identified a major evolution in the Water Saci malware campaign, marking one...

First Ever: Android Baohuo Backdoor Hides in Telegram X Clone, Uses Redis Database for C2 Commands

Do Son October 28, 2025

Cybersecurity experts at Doctor Web have identified a highly sophisticated Android backdoor hiding in maliciously modified versions...

Maverick Fileless Trojan Turns Infected Phones into WhatsApp Worms to Steal Banking and UPI Credentials

Do Son October 17, 2025

Researchers from Kaspersky’s Global Research and Analysis Team (GReAT) have uncovered a massive fileless malware campaign targeting...

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft Astaroth GitHub C2, Steganography

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft

Do Son October 14, 2025

The McAfee Threat Research team has uncovered a new and sophisticated Astaroth malware campaign — using GitHub...

WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil

Do Son October 6, 2025

A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one...

KillSec Ransomware Strikes Brazilian Healthcare Provider, Exposing Patient Data

Do Son September 11, 2025

Resecurity has reported that KillSec ransomware has targeted MedicSolution, a key healthcare software provider in Brazil, compromising...

BYOVD Attack: A New AV Killer Exploits a Legitimate Driver to Neutralize Defenses for MedusaLocker Ransomware

Do Son August 7, 2025

A recent incident response operation in Brazil has revealed a stealthy and destructive threat abusing the trusted...

The AI Phishing Trap: Zscaler Exposes Fake Brazilian Government Websites Generated by AI to Steal Payments

Do Son August 6, 2025

Zscaler’s ThreatLabz has uncovered a phishing campaign that leverages generative AI to construct high-fidelity replicas of Brazilian...

Opera Sues Microsoft in Brazil, Alleges Anti-Competitive Bundling of Edge with Windows Opera Antitrust, Microsoft Edge Bundling

Opera Sues Microsoft in Brazil, Alleges Anti-Competitive Bundling of Edge with Windows

Do Son July 31, 2025

Norwegian browser developer Opera—now a subsidiary of China’s Kunlun Tech—has recently filed a formal complaint with Brazil’s...

CIEE Data Breach Exposes 248K Brazilian Records: Medical Reports, CVs, & Videos Leaked from Google Cloud CIEE Data Breach, Cloud Misconfiguration

CIEE Data Breach Exposes 248K Brazilian Records: Medical Reports, CVs, & Videos Leaked from Google Cloud

Do Son July 4, 2025

Resecurity has revealed that a notorious underground data broker, operating under the alias “888”, has published a...

Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign RMM abuse, Brazil spam

Legitimate Remote Tools Weaponized in Sophisticated Spam Campaign

Do Son May 12, 2025

In a newly published threat report, Cisco Talos has revealed an ongoing spam campaign targeting Portuguese-speaking users...

Brazil’s Cybersecurity Landscape: A Fusion of Global and Local Threats Brazil Cybersecurity

Brazil’s Cybersecurity Landscape: A Fusion of Global and Local Threats

Do Son June 13, 2024

In a new and comprehensive report, Google’s Threat Analysis Group (TAG) and Mandiant’s frontline intelligence team have...

Critical Alert 1 Active Exploit Detected Today