- Comparitech Stack Report
- Posts
- New Android banking malware FvncBot targets mobile users with advanced payloads
New Android banking malware FvncBot targets mobile users with advanced payloads
Taylor Hawes
December 08, 2025
🔎 Cyber Watch 🔎
New Android banking malware FvncBot targets mobile users with advanced payloads
Security researchers recently discovered FvncBot, a brand-new Android banking trojan masquerading as a legitimate banking-security app for a major Polish bank. Rather than reuse old malware code, FvncBot is built from scratch — using accessibility-service abuse, keylogging, screen captures, and fake login overlays to steal credentials and hijack banking sessions.
Key takeaway
This evolution marks a troubling shift: banking malware that’s more modular, stealthy, and harder for standard mobile-security tools to detect. Users should be extra careful about installing apps outside official stores and enable strong MFA, and organisations should review mobile-app risks seriously.
🎙️ Tech Briefing On‑Air 🎙️
Inside the Mind of an AppSec Veteran
Tanya Janca, a well-known application security specialist and founder of We Hack Purple, discusses her experiences from years spent in penetration testing and incident response. In this episode, she recounts some of the most surprising security failures she has seen, along with the lessons teams often learn only after a breach. Her stories offer a direct look into how real-world attacks unfold and what it takes to respond under pressure.
Takeaways: These stories show that most breaches stem from small gaps teams overlook, like misconfigurations, weak access controls, or assumptions about how systems behave. Her experiences underline how steady, disciplined security practices often prevent the incidents that make headlines.
🤝 Partner Intel 🤝
Bright Data
Bright Data stands out as a robust solution for organisations needing geolocation-aware data scraping, proxy services, or anonymous browsing at scale. Their proxy network offers wide global coverage, multiple IP types, and integrated tools for web data collection — ideal for competitive intelligence, ad verification, price monitoring, and market research. According to the recent review, Bright Data combines reliability with compliance features businesses need to operate ethically and avoid blocks.
🤖 AI Runtime 🤖
CISA issues guidance for safe integration of AI in Operational Technology (OT) environments
CISA and its international partners have published a new guide on how to safely deploy AI, including machine-learning models, large language models, and AI agents, within OT systems that underpin critical infrastructure. The guidance recommends organizations “understand the AI” (risks, limitations), carefully evaluate when AI use is needed, maintain strong governance on AI models, and build in security and safety checks. It aims to help utilities, manufacturing, energy firms and others modernise operations while avoiding added cyber-risk.
đź“Š By the Numbers đź“Š
345 Million
The number of records that were exposed during the first half of 2025.
🗳️ Your Monday Take 🗳️
Cast your vote on our weekly poll.
If you run or oversee cybersecurity at an organization: “Which of these would you prioritize most if you had limited resources?” |
📩 We’ll share the results in the Friday issue.
|
Until Wednesday’s edition - Let’s keep that zero-day count at zero!