Find notable cyber news and cases, enriched with sources, timelines, and signals.

Albiriox Austrian-targeting distribution campaign

Campaign
First reported
Last updated
Happening score
H score 33
2 unique sources, 2 articles

Summary

Hide ▲

The Albiriox distribution campaign targeted Austrian victims, using German-language SMS lures and fake Google Play Store listings to deliver a dropper APK and enable mobile fraud. The activity matters because it combines social engineering, credential theft, and remote device control against users in a specific country. The operation also shows a shift from lure messages to lookalike app pages and a phone-number collection flow for follow-on delivery.

Related Happenings

Booking.com partner accommodation phishing campaign targeting Japan

Campaign
H score32 First: 30.06.2026 13:30 Last: 30.06.2026 13:30 Sources 1

About this happening: A **phishing campaign** is targeting **Booking.com partner accommodations in Japan** with guest-complaint and review-request lures that deliver **malicious files** for **TONResolv...

WhatsApp VBScript phishing campaign targeting users in multiple countries

Campaign
H score43 First: 23.06.2026 01:42 Last: 23.06.2026 01:42 Sources 1

About this happening: An **ongoing phishing campaign** is using **compromised WhatsApp accounts** to send **obfuscated VBScript files** to users in **multiple countries**, creating a path to **remote s...

Outsider Telegram-run smishing campaign targeting Americans

Campaign
H score53 First: 12.06.2026 21:59 Last: 12.06.2026 21:59 Sources 1

About this happening: The **Outsider Enterprise** happening is a **phishing-as-a-service** campaign tied to a **Chinese cybercrime network** that used **AI** and distributed phishing kits to impersonat...

Latest development: 14.06.2026 17:36

The FBI, working with Google and Black Lotus Labs, dismantled Outsider Enterprise, a Chinese phishing-as-a-service operation that used AI and distributed phishing kits to impersonate trusted brands in texts sent through AT&T, T-Mobile and Verizon. The takedown included seizures of administration servers, a Shopify e-commerce storefront, a testing account, around $100,000 USDT and a Telegram bot linked to the service, while Google pursued civil action and coordinated with carriers to block fraudulent messages.

Google Gemini on Android notification-injection bypass using Fake Context Alignment

Technical Analysis
H score16 First: 03.06.2026 22:11 Last: 03.06.2026 22:11 Sources 1

About this happening: Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...

Google rolls out Android fake call detection against AI impersonation scam calls

Security Tool/Service
H score20 First: 03.06.2026 12:02 Last: 03.06.2026 12:02 Sources 1

About this happening: **Google** is rolling out **fake call detection** on **Android 12 and later** devices this month, giving users a built-in warning when a caller may be using **AI voice-cloning** o...

Timeline

  1. 01.12.2025 10:45 2 articles · 7mo ago

    Albiriox targets Austrian Android users

    Initial Disclosure

    Albiriox malware-as-a-service targeted Austrian victims with German-language SMS lures and shortened links that led to fake Google Play Store pages for apps such as PENNY Angebote & Coupons. A related PENNY-themed website asked victims to enter a phone number to receive a WhatsApp download link, and the entered numbers were exfiltrated to a Telegram bot. The delivery chain used dropper APKs to install the main malware, which supports VNC-based remote control, accessibility-driven interaction, overlays, and an unencrypted TCP C2 for on-device fraud and stealth.

    Show sources