![Cybersecurity News | Daily Recap [01 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [01 Dec 2025]")
Daily Recap, today’s Cybersecurity News spans Android MaaS campaigns like Albiriox targeting 400+ apps, Tomiris APT’s switch to public-service implants and covert C2, Bloody Wolf expansion into Central Asia with NetSupport RAT, and a North Korea linked npm package flood delivering OtterCookie. It also covers a Coupang data breach affecting ~33.7 million users, ScadaBR vulnerability warnings, Airbus A320 retrofit, Cryptomixer takedown, WiFi attack sentencing, Linux Kernel 6.18 release removing bcachefs, India’s SIM-binding rule, and Agentic AI browser risks in a weekly threat roundup.
#Albiriox #Tomiris #BloodyWolf #OtterCookie #Coupang #ScadaBR #Airbus #Cryptomixer #WiFiAttacks #LinuxKernel618 #SIMBinding #AgenticAI
#Albiriox #Tomiris #BloodyWolf #OtterCookie #Coupang #ScadaBR #Airbus #Cryptomixer #WiFiAttacks #LinuxKernel618 #SIMBinding #AgenticAI
Malware & APTs
- Albiriox Android MaaS targets 400+ apps for on-device fraud and screen control, attributed to Russian cybercriminals – Albiriox Malware, Albiriox Malware
- Tomiris APT shifts to public-service implants and hijacks Telegram/Discord as covert C2 to spy on government and diplomatic targets – Tomiris APT, Tomiris APT
- Bloody Wolf APT expands into Central Asia, deploying NetSupport RAT via custom Java droppers and geo-fencing – Bloody Wolf
- North Korea-linked campaign floods npm with ~200 malicious packages using fake crypto job lures to deploy OtterCookie spyware – OtterCookie Spyware
Data Breaches & Privacy
- Coupang suffers a massive data breach exposing nearly 33.7 million customers (~65% of South Korea’s population) after unauthorized access by a former employee – Coupang Breach, Coupang Breach
Critical Systems & Infrastructure
- CISA warns of a ScadaBR vulnerability after a hacktivist ICS attack, urging operators to patch and mitigate exposed instances – ScadaBR Flaw
- Airbus nears completion of an A320 software retrofit as regulators monitor the company’s largest emergency recall in history – Airbus Recall
Law Enforcement & Legal
- International law enforcement takes down the Cryptomixer cryptocurrency mixing service in a money-laundering disruption – Cryptomixer Takedown
- An Australian man is sentenced to prison for Wi‑Fi attacks targeting airports and in-flight systems – Wi‑Fi Attacks
Software & Platforms
- The Linux Kernel 6.18 is released with major architectural upgrades and the removal of bcachefs from the tree – Linux 6.18
Policy & Regulation
- India‘s Department of Telecommunications mandates SIM-binding for messaging apps, requiring continuous verification tied to active SIMs to curb abuse – SIM-Binding Rule
Research & Events
- Webinar warns that “Agentic” AI browsers act as a Trojan horse, creating new attack surfaces and nightmares for security teams – Agentic Webinar
- Weekly threat research roundup covering recent IOCs, notable campaigns, and analysis updates – Weekly Recap