Cybersecurity firm Cyfirma has detected FireScam, an Android info-stealing malware with spyware capabilities. The malware monitors Android app notifications for credentials and financial data, which it sends to a Firebase database. FireScam is distributed via a fake ‘Telegram Premium’ APK from a phishing website using the GitHub.io domain and mimics the Russian RuStore app store. The malware employs advanced evasion techniques and exfiltrates data to remote servers, increasing its potential impact on user privacy and security.

Sonatype reports rise in open source malware to 17,954
The 1Q 2025 Open Source Malware Index from Sonatype revealed that open source malware packages doubled compared to the same period last year, with 56%