EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

New malware campaigns exploit trading sites, NFC payments, and Google Antigravity vulnerability

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-22 09:53 UTCUpdated 2026-04-22 12:30 UTC
rss
malwareexploitsthreat_actorsincident_response
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
BackEvidence (3)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.
3 top sources shown
Malicious trading website drops malware that hands your browser to attackers
Malwarebytes Threat Analysis · News · malwarebytes.com · 2026-04-22 12:30 UTC
NFC tap-to-pay gets tapped by hackers
CSO Online · News · csoonline.com · 2026-04-22 11:40 UTC
View all evidence
Overview

Recent cybersecurity research reveals multiple active threats: a malicious trading website distributing Needle Stealer malware to harvest browser and crypto wallet data; a trojanized Android NFC payment app used to clone cards and drain accounts in Brazil; and exploitation of...

Entities
GoogleGoogle Antigravity
Score total
1.11
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
  • Recent discoveries show active exploitation of these threats within the last six months.
  • The Brazilian NFC malware campaign has been ongoing since November 2025, indicating persistence.
  • Google Antigravity vulnerability exploitation is current, demanding immediate attention from defenders.
Why it matters
  • These malware campaigns target financial data and payment systems, risking significant financial losses.
  • Use of legitimate apps and AI-generated content increases attack sophistication and evasion.
  • Exploitation of known vulnerabilities in widely used software highlights urgent patching needs.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
  • Needle Stealer malware is distributed via a fake trading website to steal browser and cryptocurrency wallet data
  • NGate malware trojanizes the HandyPay NFC-relay app to steal NFC payment data and PINs for ATM cash-outs in Brazil
  • Cybercriminals exploit a remote code execution vulnerability in Google's Antigravity project to deliver malware
How sources frame it
  • Malwarebytes Threat Analysis: neutral
  • CSO Online: neutral
  • SecurityWeek: neutral
This briefing highlights diverse attack vectors including malware distribution via fake trading sites, NFC payment app trojanization, and exploitation of a Google vulnerability, underscoring evolving tactics by...
All evidence
All evidence
Malicious trading website drops malware that hands your browser to attackers
Malwarebytes Threat Analysis · malwarebytes.com · 2026-04-22 12:30 UTC
NFC tap-to-pay gets tapped by hackers
CSO Online · csoonline.com · 2026-04-22 11:40 UTC
Google Antigravity in Crosshairs of Security Researchers, Cybercriminals
SecurityWeek · securityweek.com · 2026-04-22 09:53 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
  • Malwarebytes Threat Analysis (1)
  • CSO Online (1)
  • SecurityWeek (1)
Top origin domains (this list)
  • malwarebytes.com (1)
  • csoonline.com (1)
  • securityweek.com (1)