Cloaked as an IPTV and VPN app, Klopatra is wreaking havoc on over 3,000 European Android devices. This banking RAT stealthily monitors screens and siphons sensitive financial data. The "soopsocks" Python package, posing as a SOCKS5 proxy tool, turned 2,653 systems into unwitting backdoors. OneLogin’s IAM solution exposed a critical flaw, leaking OIDC client secrets to attackers with API credentials. Here are the top 10 highlights from the past 24 hours.
01
A new Android malware named Klopatra, disguised as an IPTV and VPN app, has infected over 3,000 devices in Europe. It is a banking RAT with advanced features and a hidden VNC mode.
02
A malicious Python package named "soopsocks" was flagged on PyPI for infecting 2,653 systems before takedown, offering SOCKS5 proxy service while acting as a stealthy backdoor targeting Windows systems.
03
ESET researchers have identified two Android spyware campaigns, Android/Spy.ProSpy and Android/Spy.ToSpy, targeting users in the UAE who favor secure communication apps like Signal and ToTok.
04
The hacking group Confucius has launched a phishing campaign targeting Pakistan with new malware families, WooperStealer and Anondoor.
05
A significant security vulnerability, tracked as CVE-2025-59363, was identified in OneLogin's IAM solution, allowing attackers with valid API credentials to access sensitive OpenID Connect (OIDC) client secrets.
06
Cisco Talos disclosed several vulnerabilities affecting Nvidia and Adobe products. Five vulnerabilities were identified in Nvidia's CUDA Toolkit, including an arbitrary code execution vulnerability.
07
TOTOLINK X6000R routers are affected by three critical vulnerabilities in firmware version V9.4.0cu.1360_B20241207, enabling remote code execution.
08
Phishing accounted for 60% of initial access in cyberattacks against EU organizations, followed by vulnerability exploitation (21%), botnets (10%), and malicious applications (8%), revealed ENISA.
09
A cybersecurity campaign packages credential-themed ZIP archives with malicious Windows shortcut (.lnk) files to deliver payloads via obfuscated PowerShell scripts.
10
AI-powered GRC startup Zania raised $18 million in a Series A funding round led by NEA, with participation from Anthology Fund, Palm Drive Capital, and others.
