⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More
Summary
This week's security recap highlights how trust placed too early in systems created widespread vulnerabilities. Key incidents include Google disrupting the NetNut residential proxy botnet (a network of compromised home devices like smart TVs used to hide malicious traffic) affecting at least 2 million devices, WhatsApp introducing usernames to protect privacy but raising impersonation concerns, and security researchers being tricked into running malicious code hidden in fake proof-of-concept repositories on GitHub that deliver ChocoPoC (a trojan capable of stealing passwords and browser data).
Solution / Mitigation
For the NetNut botnet: Google disabled Google accounts used by NetNut for command-and-control, updated Google Play Protect, and disabled applications known to incorporate NetNut SDKs. For WhatsApp username impersonation: Meta reserves usernames for public figures, government entities, and some of their variations so that only legitimate users can claim them. For ChocoPoC malware in fake PoC repos: N/A -- no mitigation discussed in source.
Classification
Original source: https://thehackernews.com/2026/07/monday-recap-proxy-botnets-browser.html
First tracked: July 6, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 55%