Fortinet says the May 2026 Ousaban campaign uses PDF lures, geofencing, and steganography to target Windows banking users.
Microsoft says these 119 malicious extensions were downloaded a total of 2.6 million times since 2021.