HackerFeeds

CyberSecurity News

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The Hacker News
· July 2, 2026

AI summary

ToddyCat, a known threat actor, has been linked to a new malware called Umbrij, which is used to secretly access a victim's email correspondence through the Google API. The malware targets corporate email communications hosted on Gmail, with attackers focusing on compromising access via APIs. Kaspersky has published a detailed report on this campaign, which highlights the threat posed by Umbrij to Gmail users. The attackers' use of the Google API allows them to gain access to email communications without being detected through traditional means. The targeting of corporate email communications suggests that the attackers are looking to gain sensitive information from businesses.

Read the full article at The Hacker Newsthehackernews.com/2026/07/toddycat-linked-umbrij-malware-abuses.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.