I found that the login packet was changed this new update. After a small inspection Its seems that more hardware data is being sent to cipsoft servers, more precisely the video card as you can see:
00a0 4e 56 49 44 49 41 20 43 6f 72 70 6f 72 61 74 69 NVIDIA Corporati
00b0 6f 6e 20 47 65 46 6f 72 63 65 20 39 34 30 30 4d on GeForce 9400M
00c0 2f 50 43 49 2f 53 53 45 32 05 00 33 2e 33 2e 30 /PCI/SSE2..3.3.0
The packet increased from 158 to 208 bytes.
Apparently, the new data is going on clear text appended to the end of packet, and it is not being encrypted by the rsa function.
My thoughts on this is that, if cipsoft wants to know more information on our hardware they can detect better if people share accounts, or use bots on vps/dedicated servers because they have a specific virtualization fingerprint.