The Threat CodexMay 6
CloudZ RAT potentially steals OTP messages using Pheno plugin
#CloudZRAT
https://blog.talosintelligence.com/cloudz-pheno-infostealer/
CloudZ RAT potentially steals OTP messages using Pheno plugin

Cisco Talos discovered an intrusion, active since at least January 2026, where an unknown attacker implanted a CloudZ remote access tool (RAT) and a previously undocumented plugin called “Pheno.”

Cisco Talos Blog
Analyst207May 6

CloudZ RAT Exploits Windows Phone Link for Credential Theft

Cyber attackers have cleverly exploited the Microsoft Phone Link feature to steal sensitive credentials and one-time passwords, all without needing to infect mobile devices with malware. By targeting this built-in Windows application, hackers can access synced phone data and extract valuable information.

https://osintsights.com/cloudz-rat-exploits-windows-phone-link-for-credential-theft?utm_source=mastodon&utm_medium=social

#CredentialTheft #CloudzRat #WindowsPhoneLink #Microsoft #Android

CloudZ RAT Exploits Windows Phone Link for Credential Theft

Learn how CloudZ RAT exploits Windows Phone Link for credential theft and protect your data now with expert insights and security measures.

OSINTSights