FeedVulnerabilityCloudZ RAT Abuses Microsoft Phone Link to Steal SMS OTPs and...
VulnerabilityCyber Security News
8.5CRITICAL

CloudZ RAT Abuses Microsoft Phone Link to Steal SMS OTPs and Mobile Notifications

📅 6 May 2026 at 18:22 UTC📰 Cyber Security NewsView original source ↗
CloudZ RAT Abuses Microsoft Phone Link to Steal SMS OTPs and Mobile Notifications

A newly discovered threat is turning a built-in Microsoft feature into a powerful spying tool. Security researchers have found a remote access tool called CloudZ that works alongside a custom plugin named Pheno to silently intercept SMS messages and one-time passwords (OTPs) from mobile phones, all without ever touching the phone itself. The attack exploits […] The post CloudZ RAT Abuses Microsoft Phone Link to Steal SMS OTPs and Mobile Notifications appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

CloudZ RAT exploits Microsoft Phone Link to intercept SMS messages and one-time passwords (OTPs) without physical access, compromising mobile device security. This attack leverages a built-in feature to silently steal sensitive information.

⚙️Technical Details
Affected Systems
Microsoft phones
Attack Vectors
Microsoft Phone Link
💥Impact Assessment
Severity: critical
Who Is at Risk
Users of Microsoft phones with the Phone Link feature enabled
🛡️Recommended Actions
1Disable Microsoft Phone Link or limit its functionality
2Use a secure SMS service that offers OTP protection
3Regularly review and monitor mobile device activity for suspicious behavior
📦Affected Products
Microsoft phones with the Phone Link feature

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed