ESET malware researcher Lukas Stefanko has discovered a banking trojan that masquerades as the (non-existent) official Clubhouse app for Android and can steal login credentials for more than 450 popular apps, as well as sidestep SMS-based two-factor authentication. Also this week, we weighed in on the implications of the breach at Silicon Valley startup Verkada that exposed footage from tens of thousands of security cameras. Google has patched five security vulnerabilities in the Chrome web browser, including a zero-day bug that was being actively exploited in the wild.