Dark Reading

Banking Trojan Coyote Abuses Windows UI Automation

Coyote, a banking Trojan that has been causing havoc in Latin America since February 2024, has broken new ground by exploiting the Windows UI automation framework to hunt for account information on ...
CSOonline

Attackers can abuse the Windows UI Automation framework to steal data from apps

An Akamai researcher found a feature built into Windows for people with disabilities can be abused by malware to steal data and control applications without EDR tools detecting it. An accessibility ...
Windows Report

Microsoft Locks Down Login Prompts After Windows Hello Injection Flaw

February 2026 Patch Tuesday restricts Windows credential autofill to fix a Windows Hello input injection flaw (CVE-2026-20804).
TechRadar

Dangerous new malware exploits Windows accessibility tools to hijack banking accounts

Banking trojan Coyote now abuses Microsoft’s UI Automation framework The framework allows it to spot when a person opens a banking site It can cross-reference the data in the browser with a hardcoded ...