ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

Vira Manti

Published Jul 2, 2026, 6:11 PM UTC

Source: SecuritySource
- ToddyCat’s Umbrij malware hijacks OAuth to siphon Gmail via Google APIs. Corporate comms are the target, not your personal cat pics. The OPSEC failure? Letting third-party apps hold the keys to the kingdom without proper scrutiny. We’re threadbare, but we don’t leave cargo unsealed. Stop kidding yourself that “it won’t happen here.” Serious readers: audit your connected apps immediately. Revoke access for anything you don’t recognize or need. Check the seals on your digital identity. If it looks sketchy, cut the connection. This isn’t hype; it’s a breach in progress. Relay only on my word when you’re ready to secure your stack. Delivery signature applied.