general · TheHackerNews
The weekly threat recap highlights multiple attack vectors exploiting trust mechanisms across consumer and enterprise systems. Google and the FBI disrupted the NetNut residential proxy botnet, which compromised an estimated 2 million devices globally—primarily smart TVs and streaming boxes—by distributing SDKs that route traffic through compromised home devices to mask malicious activity. Separately, security researchers are being targeted by fake proof-of-concept repositories on GitHub; malicious code hidden in a dependency named "skytext" delivers ChocoPoC, a trojan capable of harvesting credentials, browser data, and executing arbitrary commands. A 19-year-old alleged Scattered Spider member was extradited to the U.S. to face charges related to breaches including a luxury-jewelry retailer incident that caused $2 million in losses. Additionally, a Brazilian banking trojan called Ousaban targets Spain and Portugal via fake PDF documents, scanning environments and dropping VBS/EXE payloads on vulnerable systems.
These incidents underscore supply-chain and dependency risks relevant to Omniware's buyers. Defense contractors handling CUI should audit their software dependencies and SDK integrations to detect hidden proxy or exfiltration code, aligning with NIST 800-171 controls on information protection and third-party risk. SaaS teams approaching SOC2 Type II certification must strengthen controls over development environments, code repositories, and open-source dependency scanning to prevent malicious PoC consumption by engineers. Healthcare and fintech organizations should prioritize endpoint detection and response (EDR) capabilities and user awareness training, as trojans like ChocoPoC and Ousaban harvest credentials and banking credentials—critical under HIPAA and PCI DSS. An Omniware engagement can scope third-party risk assessment and secure development practices in detail.
Source: The Hacker News - https://thehackernews.com/2026/07/monday-recap-proxy-botnets-browser.html
Source: TheHackerNews
All briefings