[THN] New Albiriox Android Malware, ScadaBR Exploit, and Tomiris Hits Governments

THN Daily Updates [Free Webinar] Speed vs. Security: How to Patch Faster and Safer with Community Repos Community repos like Chocolatey and Winget make patching fast -- but risky. Learn guardrails to move fast without compromise. Download Now Sponsored LATEST NEWS Dec 1, 2025 Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges. For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remaine... Read More New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interacti... Read More 7 Security Best Practices for MCP See what security teams are doing to protect MCP and get 7 best practices you can start using today. Read More Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additio... Read More Why WSUS Can't Survive in a Remote-First World Cloud-native patching solves what VPNs and on-prem servers never could. Read More CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation... Read More Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Soft... Read More North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month. According to Socket, these packages have been downloade... Read More [Free Webinar] Speed vs. Security: How to Patch Faster and Safer with Community Repos Community repos like Chocolatey and Winget make patching fast -- but risky. Learn guardrails to move fast without compromise. Download Now Sponsored This email was sent to edwardlorilla1998.tower@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi