A Chinese spear-phishing campaign impersonates India's tax authority to deploy DcRAT, while the FBI and Google disrupt the NetNut residential proxy botnet. Researchers also expose BioShocking — a prompt-injection attack that turns agentic AI browsers into credential thieves inside live authenticated sessions.
Audio is available on Spreaker — see link below.
A fake Indian tax utility is delivering a Chinese remote access trojan to taxpayers who believed they were filing on time. That's the opening signal today, and it's worth holding on to as the thread running through everything else.
Shifting now to infrastructure. The FBI and Google jointly disrupted NetNut, a residential proxy botnet that had quietly converted millions of home devices into criminal relay nodes.
The third development is the one with the longest runway. Researchers demonstrated something called BioShocking, a proof-of-concept showing that agentic AI browsers can be manipulated via prompt injection to access authenticated repositories and copy SSH credentials.
One more campaign worth flagging. LevelBlue tracked ValleyRAT distribution targeting Chinese and Japanese speakers via fake LINE installers and salary-adjustment phishing lures.
The through-line across today's briefing is consistent. Trust placed too early in the user journey keeps becoming an attack surface, whether that's a tax utility, a bandwidth app, or an AI browser session.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.