A sophisticated Coyote malware variant is exploiting Microsoft's UI Automation framework—designed for assistive technologies—to stealthily identify and target banking and crypto exchange sessions. This marks the first documented real-world abuse of Windows' accessibility features for credential theft, evading traditional security tools while expanding malware capabilities.