TECH NEWS

Experts warn Microsoft Phone Link tool exploited by 'unknown threat' to steal SMS and OTP info

https://cdn.mos.cms.futurecdn.net/HXss3QE8EHbLLCL7ma37sK-2560-80.jpg
  • A new CloudZ plugin, Pheno, hijacks Microsoft Phone Link to steal SMS and OTPs from connected Android devices
  • This enables attackers to bypass 2FA without compromising the phone itself
  • The RAT retains full remote access capabilities, with researchers urging a shift away from SMS‑based authentication

A new version of the CloudZ remote access trojan (RAT) for Windows now comes with a new plugin that steals data from a connected Android device, experts have revealed.

Security researchers Cisco Talos recently spotted the upgraded variant while investigating a breach that has been ongoing since January 2026.

Windows 10 and 11 operating systems have a feature called Microsoft Phone Link, which allows users to connect their Android and iOS mobile devices to their computers. They can then use their computers to take and make calls, text people, and more, without needing to pick up the smartphone.

Latest Videos From TechRadar

Stealing 2FA...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://images.ft.com/v3/image/raw/https%3A%2F%2Fd1e00ek4ebabms.cloudfront.net%2Fproduction%2Fda568d35-97c5-45be-aec6-7a9a96ee8d78.jpg?source=next-article&fit=scale-down&quality=highest&wi...

Filing and sources: PE firm Hg has spun out €500M worth of assets from its €19B software group Visma, whose London IPO remains shelved amid the “SaaSpocalypse”

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data
https://images.ft.com/v3/image/raw/https%3A%2F%2Fcms-image-bucket-productionv3-ap-northeast-1-a7d2.s3.ap-northeast-1.amazonaws.com%2Fimages%2F6%2F0%2F4%2F4%2F12444406-1-eng-GB%2F20ad79921a...

Vietnam introduces Decree 142 to implement its AI law, requiring companies to classify AI models by risk level, label deepfakes, and disclose chatbot use

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data
https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iQxnL5D7fN3Y/v0/1200x800.jpg

Alibaba's T-Head unveils the Zhenwu M890 AI chip for training and inference, saying it is particularly suited for agentic tasks, and plans annual upgrades

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data
https://images.ft.com/v3/image/raw/https%3A%2F%2Fcms-image-bucket-productionv3-ap-northeast-1-a7d2.s3.ap-northeast-1.amazonaws.com%2Fimages%2F7%2F9%2F2%2F6%2F12516297-1-eng-GB%2F7f4ecf3f98...

SkyeChip becomes the first Malaysian chip design company to IPO on the Bursa Malaysia exchange, surging 300%+; the company was valued at ~$397M at its IPO price

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data