Security News ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API TheHackerNews Daniel Bender 02 Jul 2026 Share Kaspersky reports ToddyCat’s Umbrij abuses headless Chromium and OAuth flows to extract Gmail authorization codes, enabling access via tokens.