MetaMask in the Media
10 mentions across press, blogs, and newsletters
February 2026
CryptoTimes
CoinFello to Demo Onchain AI Agent at ETHDenver
The ETHDenver assistant is a live, conference-facing pilot, but CoinFello says the bigger goal is an agent that can trigger onchain actions via smart accounts and emerging agent standards.
Feb 18, 2026
Security Affairs
Poorly crafted phishing campaign leverages bogus security incident report
Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phishing campaign using a fake PDF security incident report hosted on AWS to scare victims into enabling 2FA.
Feb 17, 2026
Cryptoslate
Ethereum bots are burning over 50% of gas fees so ETH strangely needs privacy tech to fix it at scale
On some Ethereum L2s, bots now burn over half the gas just searching for MEV, and they don’t pay proportionally for it. That’s a scaling and market-fairness problem rooted in market structure. The privacy conversation in crypto has finally escaped the “anonymous money” framing that do
Feb 17, 2026
Cybernews
North Korean hackers target users of top Ethereum wallet MetaMask - Cybernews
North Korean hackers target users of top Ethereum wallet MetaMask&n
Feb 16, 2026
GBHackers
ZeroDayRAT Exploit Targets Android & iOS, Enabling Real-Time Surveillance and Massive Data Theft
A newly surfaced mobile spyware platform called ZeroDayRAT is rapidly gaining traction across underground Telegram channels. ZeroDayRAT is designed to give attackers complete remote control over both Android and iOS devices, supporting versions from Android 5 through 16 and iOS up to version 26,
Feb 16, 2026
Security Affairs
Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign
Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and PyPI connected to a fake job recruitment campaign attributed to the North Korea-linked Lazarus Group. The
Feb 15, 2026
BleepingComputer
Fake job recruiters hide malware in developer coding challenges
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]
Feb 13, 2026
GBHackers
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to cryptocurrency‑focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hide multi‑stage payloads behind seemingly legit
Feb 12, 2026
CyberInsider
LummaStealer returns using CastleLoader to bypass detection
Less than a year after a global law enforcement takedown severely disrupted its operations, LummaStealer has not only survived, but it’s thriving again. Bitdefender researchers report a sharp resurgence in the infostealer’s activity, now fueled by a stealthy delivery chain centered on CastleLoade
Feb 11, 2026
Cryptopolitan
Hyperliquid raises HYPE holdings to 17.6M amid market volatility
Hyperliquid has bought an additional 5 million HYPE tokens worth $129.5 million at an average price of about $25.9.
Feb 11, 2026