Daily Security Briefing #088

November 29, 2025 | Read Online

Tomiris group upgrades cyber-espionage tools, mystery OAST platform exploits 200+ CVEs, Albiriox Android malware enables full device takeover.

Executive Summary

Today’s cybersecurity updates reveal heightened activity from advanced threat actor groups and emerging malware campaigns. The Tomiris hacker group has enhanced their tools and tactics, focusing on government and diplomatic targets in Russia and Central Asia, signaling a growing risk to political entities. Simultaneously, a novel Out-of-band Application Security Testing (OAST) exploit platform, hosted on Google Cloud, is leveraging over 200 CVEs to conduct large-scale attacks, particularly targeting systems in Brazil. On the malware front, Albiriox—a new Android banking trojan—has surfaced, offering full device takeover capabilities through a Malware-as-a-Service model. Additionally, a significant data breach impacted nearly 1.9 million people at Japanese giant Asahi, underscoring ongoing risks in corporate cybersecurity. Other news includes OpenAI’s testing of ads within ChatGPT, which could influence the future of AI platforms.

Top Articles

Tomiris Hacker Group Unveils New Tools and Techniques for Global Attacks
The Tomiris cyber-espionage collective has launched a fresh wave of highly sophisticated attacks targeting government officials and diplomats primarily in Russia and Central Asia. The group, known for focusing on high-value political targets, now employs advanced techniques to conceal their activities, including leveraging popular apps like Telegram to evade detection. Their upgraded toolkit underscores an escalating threat to sensitive diplomatic communications.
GBHackers | CyberPress

Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks
Security researchers uncovered a private Out-of-band Application Security Testing (OAST) platform hosted on Google Cloud infrastructure, enabling a threat actor to exploit over 200 known vulnerabilities in a widespread campaign. This novel OAST operation, previously unseen, facilitates verification of successful exploits, aiding automated large-scale attacks. The infrastructure’s strategic use of cloud services raises concerns over abuse of legitimate platforms for cyber offensives, particularly impacting systems in Brazil.
GBHackers | CyberPress

Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover
A potent new Android banking trojan called Albiriox has entered the threat landscape, offering attackers complete control over infected devices. Initially discovered in a private beta in September 2025 and publicly available since October, Albiriox operates as Malware-as-a-Service with monthly rental fees of $650–$720. It targets mobile banking and cryptocurrency users worldwide, posing significant risks to financial security on Android platforms. The malware originates from Russian-speaking cybercriminal actors.
GBHackers | CyberPress

Japanese Beer Giant Asahi Reports Data Breach Impacting 1.9 Million People
Asahi Group Holdings has confirmed that a cyberattack affecting its systems in September compromised the personal data of up to 1.9 million individuals. The company has completed its investigation into the breach, which highlights the growing threat of cyber incidents in large multinational corporations, emphasizing the need for heightened security measures in critical industries.
BleepingComputer

OpenAI Tests Ads in ChatGPT Ahead of Public Launch
OpenAI is internally trialing advertisements within ChatGPT, a move that could reshape monetization models for AI-powered platforms and impact user experience across the web. While details remain limited, this potential commercialization signifies evolving business strategies for generative AI services.
BleepingComputer

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.