2025-10-24 AI创业新闻

North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets

Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job . “Some of these [companies’ are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked to North Korea’s current efforts to scale up its drone program,” ESET security researchers Peter Kálnai and Alexis Rapin said in a report shared with The Hacker News. It’s assessed that the end goal of the campaign is to plunder proprietary information and manufacturing know-how using malware families such as ScoringMathTea and MISTPEN. The Slovak cybersecurity company said it observed the campaign starting in late March 2025.

Some of the targeted entities include a metal engineering company in Southeastern Europe, a manufacturer of aircraft components in Central Europe, and a defense company in Central Europe. While ScoringMathTea (aka ForestTiger ) was previously observed by ESET in early 2023 in connection with cyber attacks targeting an Indian technology company and a defense contractor in Poland, MISTPEN was documented by Google Mandiant in September 2024 as part of intrusions aimed at companies in the energy and aerospace verticals. The first appearance of ScoringMathTea dates back to October 2022. Operation Dream Job, first exposed by Israeli cybersecurity company ClearSky in 2020, is a persistent attack campaign mounted by a prolific North Korean hacking group dubbed Lazarus Group, which is also tracked as APT-Q-1, Black Artemis, Diamond Sleet (formerly Zinc), Hidden Cobra, TEMP.Hermit, and UNC2970.

The hacking group is believed to be operational since at least 2009. In these attacks, the threat actors leverage social engineering lures akin to Contagious Interview to approach prospective targets with lucrative job opportunities and trick them into infecting their systems with malware. The campaign also exhibits overlaps with clusters tracked as DeathNote , NukeSped , Operation In(ter)ception, and Operation North Star . “The dominant theme is a lucrative but faux job offer with a side of malware: the target receives a decoy document with a job description and a trojanized PDF reader to open it,” ESET researchers said.

The attack chain leads to the execution of a binary, which is responsible for sideloading a malicious DLL that drops ScoringMathTea as well as a sophisticated downloader codenamed BinMergeLoader, which functions similarly to MISTPEN and uses Microsoft Graph API and tokens to fetch additional payloads. Alternate infection sequences have been found to leverage an unknown dropper to deliver two interim payloads, the first of which loads the latter, ultimately resulting in the deployment of ScoringMathTea, an advanced RAT that supports around 40 commands to take complete control over the compromised machines. “For nearly three years, Lazarus has maintained a consistent modus operandi, deploying its preferred main payload, ScoringMathTea, and using similar methods to trojanize open-source applications,” ESET said. “This predictable, yet effective, strategy delivers sufficient polymorphism to evade security detection, even if it is insufficient to mask the group’s identity and obscure the attribution process.” Found this article interesting?

Secure AI at Scale and Speed — Learn the Framework in this Free Webinar

AI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you’re in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you’re left trying to manage a growing web of AI agents you didn’t create, can’t fully see, and weren’t designed to control.

Join our upcoming webinar and learn how to make AI security work with you, not against you . The Quiet Crisis No One Talks About Did you know most companies now have 100 AI agents for every one human employee? Even more shocking? 99% of those AI identities are completely unmanaged.

No oversight. No lifecycle controls. And every one of them could be a backdoor waiting to happen. It’s not your fault.

Traditional tools weren’t built for this new AI world. But the risks are real—and growing. Let’s Change That. Together.

In our free webinar, “ Turning Controls into Accelerators of AI Adoption ,” we’ll help you flip the script. This isn’t about slowing the business down. It’s about giving you a real strategy to move faster—safely. Here’s what we’ll cover: Stop firefighting: Learn how to set up security by design, not as an afterthought.

Take control: Discover how to govern AI agents that behave like users—but multiply like machines. Be the enabler: Show leadership how security can accelerate AI adoption, not block it. Curious yet? Don’t miss out.

This isn’t fluff or theory. You’ll get: A practical framework to gain visibility and stay ahead of risk Ways to prevent credential sprawl and privilege abuse from Day One A strategy to align with business goals while protecting what matters Whether you’re an engineer, architect, or CISO, if you’ve felt like you’re stuck in reactive mode—you’re exactly who this is for. This is your moment to turn control into confidence. Register Today .

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More

Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week’s ThreatsDay highlights show exactly how those weak points are being exploited — from overlooked misconfigurations to sophisticated new attack chains that turn ordinary tools into powerful entry points. Lumma Stealer Stumbles After Doxxing Drama Decline in Lumma Stealer Activity After Doxxing Campaign The activity of the Lumma Stealer (aka Water Kurita) information stealer has witnessed a “sudden drop” since last months after the identities of five alleged core group members were exposed as part of what’s said to be an aggressive underground exposure campaign dubbed Lumma Rats since late August 2025.

The targeted individuals are affiliated with the malware’s development and administration, with their personally identifiable information (PII), financial records, passwords, and social media profiles leaked on a dedicated website. Since then, Lumma Stealer’s Telegram accounts were reportedly compromised on September 17, further hampering their ability to communicate with customers and coordinate operations. These actions have led customers to pivot to other stealers like Vidar and StealC. It’s believed the doxxing campaign is driven by internal rivalries.

“The exposure campaign was accompanied by threats, accusations of betrayal within the cybercriminal community, and claims that the Lumma Stealer team had prioritized profit over the operational security of their clients,” Trend Micro said . “The campaign’s consistency and depth suggest insider knowledge or access to compromised accounts and databases.” While Lumma Stealer faced a setback earlier this year after its infrastructure was taken in a coordinated law enforcement effort, it quickly resurfaced and resumed its operations. Viewed in that light, the latest development could threaten its commercial viability and hurt customer trust. The development coincides with the emergence of Vidar Stealer 2.0, which has been completely rewritten from scratch using C, along with supporting multi-threaded architecture for faster, more efficient data exfiltration and improved evasion capabilities.

It also incorporates advanced credential extraction methods to bypass Google Chrome’s app-bound encryption protections by means of memory injection techniques, and boasts of an automatic polymorphic builder to generate samples with distinct binary signatures, making static detection methods more challenging. “The new version of Vidar employs heavy use of control flow flattening, implementing complex switch-case structures with numeric state machines that can make reverse engineering more difficult,” Trend Micro said . Fake ads exploit trust in authorities Singapore Targeted by Large-Scale Investment Fraud A large-scale scam operation has misappropriated the images and likenesses of Singapore government officials to deceive Singapore citizens and residents into engaging with a fraudulent investment platform. “The scam campaign relies on paid Google Ads, intermediary redirect websites designed to conceal fraudulent and malicious activity, and highly convincing fake web pages,” Group-IB said .

“Victims were ultimately directed to a forex investment platform registered in Mauritius, operating under a seemingly legitimate legal entity with an official investment license. This structure created an illusion of compliance while enabling cross-border fraudulent activity.” On these scam platforms, victims are urged to fill in their personal information, after which they are aggressively pursued via phone calls to deposit substantial sums of money. In all, 28 verified advertiser accounts were used by the scammers to run malicious Google Ads campaigns. The ad distribution was managed primarily through verified advertiser accounts registered to individuals residing in Bulgaria, Romania, Latvia, Argentina, and Kazakhstan.

These ads were configured such that they were only served to people searching or browsing from Singapore IP addresses. To enhance the scam’s legitimacy, the threat actors created 119 malicious domains that impersonated legitimate and reputable mainstream news outlets like CNA and Yahoo! News. Rogue developer poisons open-source supply chain Malicious npm Package Drops AdaptixC2 Cybersecurity researchers have discovered a malicious npm package named “https-proxy-utils” that’s designed to download and execute a payload from an external server (cloudcenter[.]top) containing the AdaptixC2 post-exploitation framework by means of a post-install script.

It’s capable of targeting Windows, Linux, and macOS systems, employing OS-specific techniques to load and launch the implant. Once deployed, the agent can be used to remotely control the machine, execute commands, and achieve persistence. According to data from ReversingLabs, the package was uploaded to npm by a user named “bestdev123” on July 28, 2025. It has 57 recorded downloads.

The package is no longer available on the npm registry. While attackers abusing security tools for nefarious purposes is not a new phenomenon, coupling it with rogue packages on open-source repositories exposes users to supply chain risks. “This malicious package emphasizes once more that developers must exercise extreme caution when choosing what to install and depend on, as the supply chain landscape is filled with thousands of packages—often with deceptively similar names—making it far from straightforward to distinguish legitimate components from malicious impostors.” Henrik Plate, cybersecurity expert at Endor Labs, said. “In addition, they should consider disabling post-installation hooks, to prevent malware from being executed upon installation, e.g., by using npm’s –ignore-scripts option, or by using pnpm, which started to disable the use of lifecycle scripts by default.” Crypto gateway hit with record penalties Cryptomus Fined $176 Million in Canada Financial regulators in Canada issued $176 million in fines against Xeltox Enterprises Ltd.

(aka Cryptomus and Certa Payments Ltd.), a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites peddling cybercrime services, according to security journalist Brian Krebs. FINTRAC said the service “failed to submit suspicious transaction reports for transactions where there were reasonable grounds to suspect that they were related to the laundering of proceeds connected to trafficking in child sexual abuse material, fraud, ransomware payments, and sanctions evasion.” The agency said it found 1,068 instances where Cryptomus did not submit reports for July 2024 transactions involving known darknet markets and virtual currency wallets with ties to criminal activity. Starlink crackdown hits Southeast Asian scam hubs SpaceX Disables Starlink Devices Linked to Scam Factories as SE Asian Nations Ramp Up Pressure SpaceX said it has disabled more than 2,500 Starlink devices connected to scam compounds in Myanmar . It’s currently not clear when the devices were taken offline.

The development comes close on the heels of ongoing actions to crack down on online scam centers, with Myanmar’s military junta conducting raids on a scam hotspot in a rebel-held region of eastern Myanmar, detaining more than 2,000 people and seizing dozens of Starlink satellite internet devices at KK Park, a sprawling cybercrime hub to the south of Myawaddy. In February 2025, the Thai government cut off power supply to three areas in Myanmar, Myawaddy, Payathonzu, and Tachileik, which have become havens for criminal syndicates who have coerced hundreds of thousands of people in Southeast Asia and elsewhere into helping run online scams, including false romantic ploys, bogus investment opportunities, and illegal gambling schemes. These operations have been massively successful, ensnaring hundreds of thousands of workers and raking in tens of billions of dollars every year from victims, per estimates from the United Nations. The scam centers emerged out of Cambodia, Thailand, and Myanmar since the COVID-19 pandemic, but have since spread to other parts of the world such as Africa.

Workers at the “labor camps” are often recruited and trafficked under the promise of well-paid jobs and then held captive with threats of violence. In recent months, law enforcement authorities have stepped up their efforts , arresting hundreds of suspects across Asia and deporting several of them. According to the Global New Light of Myanmar , a total of 9,551 foreign nationals who illegally entered Myanmar have been arrested between January 30 and October 19, 2025, with 9,337 deported to their respective countries. Earlier this week, South Korean police officials formally arrested 50 South Koreans repatriated from Cambodia on accusations they worked for online scam organizations in the Southeast Asian country.

Cambodia and South Korea recently agreed to partner in combating online scams following the death of a South Korean student who was reportedly forced to work in a scam center in Cambodia. The death of the 22-year-old has also prompted South Korea, which is reportedly readying sanctions against the groups operating in Cambodia, to issue a “code black” travel ban to parts of the country, citing recent increases in cases of detention and “fraudulent employment.” More than 1,000 South Koreans are believed to be among around 200,000 people of various nationalities working in Cambodia’s scam industry. Predictable IDs expose AI chat sessions to hijack Security Flaw in Oat++ MCP A security flaw in the Oat++ implementation of Anthropic’s Model Context Protocol (MCP) could allow attackers to predict or capture session IDs from active AI conversations, hijack MCP sessions, and inject malicious responses via the oatpp-mcp server. The vulnerability, dubbed Prompt Hijacking, is being tracked as CVE-2025-6515 (CVSS score: 6.8).

While the generated session ID used with Server-Sent Events ( SSE ) transports is designed to route responses from the MCP server to the client and distinguish between different MCP client sessions, the attack takes advantage of the fact that SSE does not require session IDs to be unique and cryptographically secure (a requirement enforced in the newer Streamable HTTP specification) to allow a threat actor in possession of a valid session ID to send malicious requests to the MCP server, allowing them to hijack the responses and relay a poisoned response back to the client. “Once a session ID is reused, the attacker can send POST requests using the hijacked ID, for example – Requesting tools, triggering prompts, or injecting commands, and the server will forward the relevant responses to the victim’s active GET connection in addition to the responses generated for the victim’s original requests,” JFrog said . OAuth abuse turns cloud access into a stealth backdoor Threat Actors Use Malicious OAuth Apps for Persistence Proofpoint has developed an automated toolkit named Fassa (short for “Future Account Super Secret Access”), which demonstrates methods by which threat actors establish persistent access through malicious OAuth applications. The tool has not been made publicly available.

“The strategic value of this approach lies in its persistence mechanism: even if the compromised user’s credentials are reset or multifactor authentication is enforced, the malicious OAuth applications maintain their authorized access,” the enterprise security company said. “This creates a resilient backdoor that can remain undetected within the environment indefinitely, unless specifically identified and remediated.” In one real-world attack observed by Proofpoint, threat actors have been found to take control of Microsoft accounts using an adversary-in-the-middle (AiTM) phishing kit known as Tycoon, and then created malicious mailbox rules and registered a second-party (aka internal) OAuth application named “test” to enable persistent access to the victim’s mailbox even after the password is reset. Admin bug exposes Formula 1 driver data Hacking Formula 1 Cybersecurity researchers Gal Nagli, Ian Carroll, and Sam Curry have disclosed a severe vulnerability in a critical Driver Categorisation portal (“driverscategorisation.fia[.]com”) managed by the International Automobile Federation (FIA) that could make it possible to access the sensitive data associated with every Formula 1 (F1) driver, including passport, driver’s license, and personal information. While the portal allows any individual to open an account, along with providing supporting documents, the researchers found that sending a specially crafted request where they assume the role of an “ADMIN” is enough to trick the system into actually assigning administrative privileges to a newly created account, using which an attacker could access detailed driver profiles.

Following responsible disclosure on June 3, 2025, a comprehensive fix for the bug was rolled out on June 10. “[The vulnerability is] called ‘Mass Assignment’ – a classic web / api security flaw,” Nagli said . “In simple terms: The server trusted whatever we sent it, without checking if we were ALLOWED to change those fields.” AI-driven agents boost cyber threat response Google Debuts New Agentic Platform for Threat Analysis and Response Google has launched a comprehensive agentic platform with the goal of accelerating threat analysis and response. The platform, available in preview for Google Threat Intelligence Enterprise and Enterprise+ customers, provides users with a set of specialized agents for cyber threat intelligence (CTI) and malware analysis.

“When you ask a question, the platform intelligently selects the best agent and tools to craft your answer, scouring everything from the open web and OSINT to the deep and dark web and our own curated threat reports,” Google said . In the event the query is about a malicious file, it routes the task to its malware analyst agent to provide the “most precise and relevant information.” The tech giant said the platform is designed to uncover hidden connections that exist between threat actors, vulnerabilities, malware families, and campaigns by tapping into Google Threat Intelligence’s comprehensive security dataset. SVG email bait leads to fake Microsoft logins New Tykit Phishing Kit Analyzed A new phishing kit named Tykit is being used to serve fake Microsoft 365 login pages to which users are redirected to via email messages containing SVG files as attachments. Once opened, the SVG file executes a “trampoline” JavaScript code to take the victim to the phishing page, but not before completing a Cloudflare Turnstile security check.

“It’s worth noting that the client-side code includes basic anti-debugging measures, for example, it blocks key combinations that open DevTools and disables the context menu,” ANY.RUN said . Once the credentials are entered, the user is redirected to the legitimate page to avoid raising any suspicion. Misconfigured build path exposed thousands of AI servers Security Flaw in Smithery.ai GitGuardian said it has uncovered a path traversal vulnerability in Smithery.ai that provided unauthorized access to thousands of MCP servers and their associated credentials, leading to a major supply chain risk. The problem has to do with the fact that the smithery.yaml configuration file used to build a server in Docker contains an improperly controlled property called dockerBuildPath, which allows any arbitrary path to be specified.

“A simple configuration bug allowed attackers to access sensitive files on the registry’s infrastructure, leading to the theft of overprivileged administrative credentials,” GitGuardian said . “These stolen credentials provided access to over 3,000 hosted AI servers, enabling the theft of API keys and secrets from potentially thousands of customers across hundreds of services.” The issue has since been addressed, and there is no evidence it was exploited in the wild. Prompt injection escalates to remote code execution From Prompt Injection to RCE in AI Agents Researchers have found that it’s possible to bypass the human approval step required when running sensitive system commands using modern artificial intelligence (AI) agents. According to Trail of Bits, this bypass can be achieved through argument injection attacks that exploit pre-approved commands, allowing an attacker to achieve remote code execution (RCE).

To counter these risks, it’s recommended to sandbox agent operations from the host system, reduce safe command allowlists, and use safe command execution methods that prevent shell interpretation. Unsafe deserialization opens door to remote code execution Security Flaw in python-socketio A security vulnerability in the python-socketio library ( CVE-2025-61765 , CVSS score: 6.4) could permit attackers to execute arbitrary Python code through malicious pickle deserialization in scenarios where they have already gained access to the message queue that the servers use for internal communications. “The pickle module is designed for serializing and deserializing trusted Python objects,” BlueRock said . “It was never intended to be a secure format for communicating between systems that don’t implicitly trust each other.

Yet, the python-socketio client managers indiscriminately unpickle every message received from the shared message broker.” As a result, a threat actor with access to the message queue can send a specially crafted pickle payload that gets executed once it’s deserialized. The issue has been addressed in version 5.14.0 of the library. Outdated Electron cores expose AI IDEs to old Chromium flaws Cursor, Windsurf IDEs Susceptible to 94+ N-Day Chromium Bugs AI-powered coding tools like Cursor and Windsurf have been found vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine, putting over 1.8 million developers at risk, according to OX Security. The problem is that both the development environments are built on old versions of Visual Studio Code that are bundled with an Electron application runtime that points to outdated versions of the open-source Chromium browser and Google’s V8 engine.

“This is a classic supply chain attack waiting to happen,” the cybersecurity company said . “Cursor and Windsurf must prioritize upstream security updates. Until they do, 1.8 million developers remain exposed to attacks that could compromise not just their machines, but the entire software supply chain they’re part of.” Bogus Chrome installer delivers kernel-aware RAT Chinese Users Targeted with Fake Chrome Installer to Drop ValleyRAT Cybersecurity researchers have discovered a new attack chain that leverages bogus installers for Google Chrome as a lure to drop a remote access trojan called ValleyRAT as part of a multi-stage process. The binary is designed to drop an intermediate payload that scans for antivirus products primarily used in China and uses a kernel driver to terminate the associated processes so as to evade detection.

ValleyRAT is launched by means of a DLL downloader that retrieves the malware from an external server (“202.95.11[.]152”). Also called Winos 4.0, the malware is linked to a Chinese cybercrime group known as Silver Fox. “Our analysis revealed Chinese language strings within the binary, including the internal DLL name, and identified that the targeted security solutions are products from Chinese vendors,” Cyderes researcher Rahul Ramesh said . “This indicates the attackers have knowledge of the regional software environment and suggests the campaign is tailored to target victims in China.” It’s worth noting that similar fake installers for Chrome have been used to distribute Gh0st RAT in the past.

Hidden Unicode fools app identity checks New Loophole Allows for Microsoft App Impersonation Varonis has disclosed details of a loophole that allows attackers to impersonate Microsoft applications by creating malicious apps with deceptive names such as “Azure Portal” or “Azure SQL Database” with hidden Unicode characters, effectively bypassing safeguards put in place to prevent the use of reserved names . This includes inserting “0x34f” between the application name such as “Az$([char]0x34f)ur$([char]0x34f)e Po$([char]0x34f)rtal.” This technique, codenamed Azure App-Mirage by Varonis, could then be combined with approaches like device code phishing to trick users into sharing authentication codes and gain unauthorized access to their accounts. Microsoft has since rolled out fixes to plug the issue. No binaries — attackers use SQL to ransom data Exploiting Databases for Malware-less Ransomware Threat actors have been observed exploiting weaknesses in internet-facing database servers and abusing legitimate commands to steal, encrypt, or destroy data and demand payment in exchange for returning the files or keeping them private.

This is part of an ongoing trend where attackers are increasingly going malware-less, instead resorting to living-off-the-land techniques to blend in with normal activity and achieve their goals. “Attackers connect remotely to these servers, copy the data to another location, wipe the database, and then leave behind a ransom note stored in the database itself,” cloud security firm Wiz said . “This approach bypasses many conventional detection methods because no malicious binary is ever dropped; the damage is done entirely with normal database commands.” Some of the most targeted database servers in ransomware attacks include MongoDB, PostgreSQL, MySQL, Amazon Aurora MySQL, and MariaDB. CSS tricks bury malicious prompts in plain sight Abuse of CSS for Hidden Text Salting Attackers are increasingly employing Cascading Style Sheets’ (CSS) text, visibility and display properties, and sizing properties to insert hidden text (paragraphs and comments) and characters into emails in what’s seen as a way to slip past spam filters and enterprise security defenses.

“There is widespread use of hidden text salting in malicious emails to bypass detection,” Cisco Talos researcher Omid Mirzaei said . “Attackers embed hidden salt in the preheader, header, attachments, and body — using characters, paragraphs, and comments — by manipulating text, visibility, and sizing properties.” The cybersecurity company also noted that hidden content is more commonly found in spam and other email threats than in legitimate emails. This creates a challenge for security solutions that rely on a large language model (LLM) to classify incoming messages, as a threat actor can conceal hidden prompts to influence the outcome. Covert network tracks 14,000 phones across continents Altamides for Stealth Phone Tracking A phone-tracking and surveillance platform named Altamides from a little-known European-led company in Indonesia called First Wap has been used to secretly track the movements of more than 14,000 phone numbers.

It’s run by European founders. According to an investigation published by Mother Jones, the platform was used to track political figures, famous executives, journalists, and activists. It exploited vulnerabilities in the Signaling System No. 7 (SS7) telecommunications protocol to zero in on an individual’s location using only their phone number.

The development comes a little over a month after Amnesty International revealed that Pakistan is spying on millions of its citizens using a phone-tapping system and a Chinese-built internet firewall that censors social media. “Pakistan’s Web Monitoring System [WMS] and Lawful Intercept Management System [LIMS] operate like watchtowers, constantly snooping on the lives of ordinary citizens,” Agnès Callamard, Secretary General at Amnesty International, said . “In Pakistan, your texts, emails, calls, and internet access are all under scrutiny. But people have no idea of this constant surveillance, and its incredible reach.

This dystopian reality is extremely dangerous because it operates in the shadows, severely restricting freedom of expression and access to information.” It has been found that a German company, Utimaco, and an Emirati company, Datafusion, supplied most of the technology that enables LIMS to operate in Pakistan. While the first iteration of WMS was installed in 2018 using technology provided by Sandvine, it has since been replaced by advanced technology from China’s Geedge Networks in 2023. This is assessed to be a commercialized version of China’s Great Firewall. These findings also dovetail with a report from the Associated Press, which found U.S.

tech companies designed and marketed systems that became the foundation for China’s surveillance state. “While the flood of American technology slowed considerably starting in 2019 after outrage and sanctions over atrocities in Xinjiang, it laid the foundation for China’s surveillance apparatus that Chinese companies have since built on and in some cases replaced,” the report said . Every one of these incidents tells the same story: attackers don’t break in — they log in, inject, or hijack what’s already trusted. The difference between surviving and becoming a headline is how fast you patch, isolate, and verify.

Stay sharp, review your defenses, and keep watching ThreatsDay — because next week’s breaches are already being written in today’s overlooked bugs. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Why Organizations Are Abandoning Static Secrets for Managed Identities

As machine identities explode across cloud environments, enterprises report dramatic productivity gains from eliminating static credentials. And only legacy systems remain the weak link. For decades, organizations have relied on static secrets, such as API keys, passwords, and tokens, as unique identifiers for workloads. While this approach provides clear traceability, it creates what security researchers describe as an “operational nightmare” of manual lifecycle management, rotation schedules, and constant credential leakage risks.

This challenge has traditionally driven organizations toward centralized secret management solutions like HashiCorp Vault or CyberArk, which provide universal brokers for secrets across platforms. However, these approaches perpetuate the fundamental problem: the proliferation of static secrets requiring careful management and rotation. “Having a workload in Azure that needs to read data from AWS S3 is not ideal from a security perspective,” explains one DevOps engineer managing a multicloud environment. “Cross-cloud authentication and authorization complexity make it hard to set this up securely, especially if we choose to simply configure the Azure workload with AWS access keys.” The Business Case for Change Enterprise case studies document that organizations implementing managed identities report a 95% reduction in time spent managing credentials per application component, along with a 75% reduction in time spent learning platform-specific authentication mechanisms, resulting in hundreds of saved hours annually.

But how to approach the transition, and what prevents us from entirely eliminating static secrets? Platform-Native Solutions Managed identities represent a paradigm shift from the traditional “what you have” model to a “who you are” approach. Rather than embedding static credentials into applications, modern platforms now provide identity services that issue short-lived, automatically rotated credentials to authenticated workloads. The transformation spans major cloud providers: Amazon Web Services pioneered automated credential provisioning through IAM Roles , where applications receive temporary access permissions automatically without storing static keys Microsoft Azure offers Managed Identities that allow applications to authenticate to services like Key Vault and Storage without developers having to manage connection strings or passwords Google Cloud Platform provides Service Accounts with cross-cloud capabilities, enabling applications to authenticate across different cloud environments seamlessly GitHub and GitLab have introduced automated authentication for development pipelines, eliminating the need to store cloud access credentials in development tools The Hybrid Reality However, the reality is more nuanced.

Security experts emphasize that managed identities don’t solve every authentication challenge. Third-party APIs still require API keys, legacy systems often can’t integrate with modern identity providers, and cross-organizational authentication may still require shared secrets. “Using a secret manager dramatically improves the security posture of systems that rely on shared secrets, but heavy use perpetuates the use of shared secrets rather than using strong identities,” according to identity security researchers. The goal isn’t to eliminate secret managers entirely, but to dramatically reduce their scope.

Smart organizations are strategically reducing their secret footprint by 70-80% through managed identities, then using robust secret management for remaining use cases, creating resilient architectures that leverage the best of both worlds. The Non-Human Identity Discovery Challenge Most organizations don’t have visibility into their current credential landscape. IT teams often discover hundreds or thousands of API keys, passwords, and access tokens scattered across their infrastructure, with unclear ownership and usage patterns. “You can’t replace what you can’t see,” explains Gaetan Ferry, a security researcher at GitGuardian.

“Before implementing modern identity systems, organizations need to understand exactly what credentials exist and how they’re being used.” GitGuardian’s NHI (Non-Human Identity) Security platform addresses this discovery challenge by providing comprehensive visibility into existing secret landscapes before managed identity implementation. The platform discovers hidden API keys, passwords, and machine identities across entire infrastructures, enabling organizations to: Map dependencies between services and credentials Identify migration candidates ready for managed identity transformation Assess risks associated with current secret usage Plan strategic migrations rather than blind transformations Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. “Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards,” Palo Alto Networks Unit 42 researchers Stav Setty and Shachar Roitman said in a Wednesday analysis. “Once they gain access to an organization, they pursue the type and level of access needed to issue unauthorized gift cards.” The end goal of these efforts is to leverage the issued gift cards for monetary gain by likely reselling them on gray markets. Gift cards make for a lucrative choice as they can be easily redeemed with minimal personal information and are difficult to trace, making it harder for defenders to investigate the fraud.

The name Jingle Thief is a nod to the threat actor’s pattern of conducting gift card fraud coinciding with festive seasons and holiday periods. The cybersecurity company is tracking the activity under the moniker CL‑CRI‑1032, where “CL” stands for cluster and “CRI” refers to criminal motivation. The threat cluster has been attributed with moderate confidence to criminal groups tracked as Atlas Lion and Storm-0539 , with Microsoft describing it as a financially motivated crew originating from Morocco. It’s believed to be active since at least late 2021.

Jingle Thief’s ability to maintain footholds within compromised organizations for extended periods, in some cases for over a year, makes it a dangerous group. During the time it spends with the environments, the threat actor conducts extensive reconnaissance to map the cloud environment, moves laterally across the cloud, and takes steps to sidestep detection. Unit 42 said it observed the hacking group launching a wave of coordinated attacks targeting various global enterprises in April and May 2025, using phishing attacks to obtain credentials necessary to breach victims’ cloud infrastructure. In one campaign, the attackers are said to have maintained access for about 10 months and broken into 60 user accounts within a single organization.

“They exploit cloud-based infrastructure to impersonate legitimate users, gain unauthorized access to sensitive data, and carry out gift card fraud at scale,” the researchers noted. The attacks often involve attempts to access gift‑card issuance applications to issue high‑value cards across different programs, while simultaneously ensuring these actions leave minimal logs and forensic trails. Jingle Thief phishing attack chain across Microsoft 365 They are also highly targeted and tailored to each victim, with the threat actors carrying out reconnaissance before sending persuasive phishing login pages via email or SMS that can fool victims and trick them into entering their Microsoft 365 credentials. As soon as the credentials are harvested, the attackers waste no time logging into the environment and carry out a second round of reconnaissance, this time targeting the victim’s SharePoint and OneDrive for information related to business operations, financial processes, and IT workflows.

This includes searching for gift card issuance workflows, VPN configurations and access guides, spreadsheets or internal systems used to issue or track gift cards, and other key details related to virtual machines and Citrix environments. In the next phase, the threat actors have been found to leverage the compromised account to send phishing emails internally within the organization to broaden their foothold. These messages often mimic IT service notifications related to IT service notifications or ticketing updates by making use of information gleaned from internal documentation or previous communications. Furthermore, Jingle Thief is known to create inbox rules to automatically forward emails from hacked accounts to addresses under their control, and then cover up traces of the activity by moving the sent emails immediately to Deleted Items.

In some cases, the threat actor has also been observed registering rogue authenticator apps to bypass multi-factor authentication (MFA) protections and even enrolling their devices in Entra ID so as to maintain access even after victims’ passwords are reset or the session tokens are revoked. Besides their exclusive focus on cloud services rather than endpoint compromise, another aspect that makes Jingle Thief’s campaigns noteworthy is their propensity for identity misuse over deploying custom malware, thereby minimizing the chances of detection. “Gift card fraud combines stealth, speed and scalability, especially when paired with access to cloud environments where issuance workflows reside,” Unit 42 said. “This discreet approach helps evade detection while laying the groundwork for future fraud.” “To exploit these systems, the threat actors need access to internal documentation and communications.

They can secure this by stealing credentials and maintaining a quiet, persistent presence within Microsoft 365 environments of targeted organizations that provide gift card services.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw

E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours. The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw that could be abused to take over customer accounts in Adobe Commerce through the Commerce REST API. Also known as SessionReaper, it was addressed by Adobe last month. A security researcher who goes by the name Blaklis is credited with the discovery and responsible disclosure of CVE-2025-54236.

The Dutch company said that 62% of Magento stores remain vulnerable to the security flaw six weeks after public disclosure, urging website administrators to apply the patches as soon as possible before broader exploitation activity picks up. Adobe has since revised its advisory to confirm reports of in-the-wild exploitation of CVE-2025-54236. The attacks have originated from the following IP addresses, with unknown threat actors leveraging the flaw to drop PHP webshells or probe phpinfo to extract PHP configuration information. 34.227.25[.]4 44.212.43[.]34 54.205.171[.]35 155.117.84[.]134 159.89.12[.]166 “PHP backdoors are uploaded via ‘/customer/address_file/upload’ as a fake session,” Sansec said .

The development comes as Searchlight Cyber published a detailed technical analysis of CVE-2025-54236, describing it as a nested deserialization flaw that enables remote code execution. It’s worth noting that CVE-2025-54236 is the second deserialization vulnerability impacting Adobe Commerce and Magento platforms in as many years. In July 2024, another critical flaw dubbed CosmicSting ( CVE-2024-34102 , CVSS score: 9.8) was subjected to widespread exploitation. With proof-of-concept (PoC) exploits and additional specifics now entering public domains, it’s imperative that users move quickly to apply the fixes.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities ( KEV ) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), impacts on-premises versions of Lanscope Endpoint Manager, specifically Client program and Detection Agent, and could allow attackers to execute arbitrary code on susceptible systems. “Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability, allowing an attacker to execute arbitrary code by sending specially crafted packets,” CISA said.

The flaw impacts versions 9.4.7.1 and earlier. It has been addressed in the versions below - 9.3.2.7 9.3.3.9 9.4.0.5 9.4.1.5 9.4.2.6 9.4.3.8 9.4.4.6 9.4.5.4 9.4.6.3, and 9.4.7.3 It’s currently not known how the vulnerability is being exploited in real-world attacks, who is behind them, or the scale of such efforts. However, an alert issued by the Japan Vulnerability Notes (JVN) portal earlier this week noted that Motex has confirmed an unnamed customer “received a malicious packet suspected to target this vulnerability.” Japan’s JPCERT/CC has also acknowledged active abuse, stating “cases of receiving unauthorized packets to certain ports have been confirmed in domestic customer environments” and that the activity took place after April 2025. Based on the information provided in the advisory, it appears that the vulnerability is being exploited to drop an unspecified backdoor on compromised systems.

In light of active exploitation efforts, Federal Civilian Executive Branch (FCEB) agencies are recommended to remediate CVE-2025-61932 by November 12, 2025, to safeguard their networks. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities. The end goal of the campaign is to infiltrate high-value targets and facilitate intelligence gathering, Singaporean cybersecurity company Group-IB said in a technical report published today. More than three-fourths of the campaign’s targets include embassies, diplomatic missions, foreign affairs ministries, and consulates, followed by international organizations and telecommunications firms. “MuddyWater accessed the compromised mailbox through NordVPN (a legitimate service abused by the threat actor), and used it to send phishing emails that appeared to be authentic correspondence,” said security researchers Mahmoud Zohdy and Mansour Alhmoud.

“By exploiting the trust and authority associated with such communications, the campaign significantly increased its chances of deceiving recipients into opening the malicious attachments.” The attack chain essentially involves the threat actor distributing weaponized Microsoft Word documents that, when opened, prompt the email recipients to enable macros in order to view the content. Once the unsuspecting user enables the feature, the document proceeds to execute malicious Visual Basic for Application (VBA) code, resulting in the deployment of version 4 of the Phoenix backdoor. The backdoor is launched by means of a loader called FakeUpdate that’s decoded and written to disk by the VBA dropper. The loader contains the Advanced Encryption Standard (AES)-encrypted Phoenix payload.

MuddyWater, also called Boggy Serpens, Cobalt Ulster, Earth Vetala, Mango Sandstorm (formerly Mercury), Seedworm, Static Kitten, TA450, TEMP.Zagros, and Yellow Nix, is assessed to be affiliated with Iran’s Ministry of Intelligence and Security (MOIS). It’s known to be active since at least 2017. The threat actor’s use of Phoenix was first documented by Group-IB last month, describing it as a lightweight version of BugSleep , a Python-based implant linked to MuddyWater. Two different variants of Phoenix (Version 3 and Version 4) have been detected in the wild, offering capabilities to gather system information, establish persistence, launch an interactive shell, and upload/download files.

The cybersecurity vendor said the attacker’s command-and-control (C2) server (“159.198.36[.]115”) has also been found hosting remote monitoring and management (RMM) utilities and a custom web browser credential stealer that targets Brave, Google Chrome, Microsoft Edge, and Opera, suggesting their likely use in the operation. It’s worth noting that MuddyWater has a history of distributing remote access software via phishing campaigns over the years. “By deploying updated malware variants such as the Phoenix v4 backdoor, the FakeUpdate injector, and custom credential-stealing tools alongside legitimate RMM utilities like PDQ and Action1, MuddyWater demonstrated an enhanced ability to integrate custom code with commercial tools for improved stealth and persistence,” the researchers said. Found this article interesting?

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2). The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee Council, United Nations Children’s Fund (UNICEF) Ukraine office, Norwegian Refugee Council, Council of Europe’s Register of Damage for Ukraine, and Ukrainian regional government administrations in the Donetsk, Dnipropetrovsk, Poltava, and Mikolaevsk regions, SentinelOne said in a new report published today. The phishing emails have been found to impersonate the Ukrainian President’s Office, carrying a booby-trapped PDF document that contains an embedded link, which, when clicked, redirects victims to a fake Zoom site (“zoomconference[.]app”) and tricks them into running a malicious PowerShell command via a ClickFix - style fake Cloudflare CAPTCHA page under the guise of a browser check. The bogus Cloudflare page acts as an intermediary by setting up a WebSocket connection with an attacker-controlled server, and transmits a JavaScript-generated clientId, with the browser taking the victim to a legitimate, password-protected Zoom meeting if the WebSocket server responds with a matching identifier.

It’s suspected that this infection path is likely reserved for live social engineering calls with victims, although SentinelOne said it did not observe the threat actors activating this line of attack during its investigation. The PowerShell command executed after it’s pasted to the Windows Run dialog leads to an obfuscated downloader that’s primarily responsible for retrieving and executing a second-stage payload from a remote server. This second-stage malware performs reconnaissance of the compromised host and sends it to the same server, which then responds with the PowerShell remote access trojan. “The final payload is a WebSocket RAT hosted on Russian-owned infrastructure that enables arbitrary remote command execution, data exfiltration, and potential deployment of additional malware,” security researcher Tom Hegel said.

“The WebSocket-based RAT is a remote command execution backdoor, effectively a remote shell that gives an operator arbitrary access to the host.” The malware connects to a remote WebSocket server at “wss://bsnowcommunications[.]com:80” and is configured to receive Base64-encoded JSON messages that include a command to be executed with Invoke-Expression or run a PowerShell payload. The results of the execution are subsequently packaged into a JSON string and sent to the server over the WebSocket. Further analysis of VirusTotal submissions has determined that the 8-page weaponized PDF has been uploaded from multiple locations, including Ukraine, India, Italy, and Slovakia, likely indicating broad targeting. SentinelOne noted that preparations for the campaign began on March 27, 2025, when the attackers registered the domain “goodhillsenterprise[.]com,” which has been used to serve the obfuscated PowerShell malware scripts.

Interestingly, the infrastructure associated with “zoomconference[.]app” is said to have been active only for a single day on October 8. This suggests “sophisticated planning and strong commitment to operational security,” the company pointed out, adding it also uncovered fake applications hosted on the domain “princess-mens[.]click” that are aimed at collecting geolocation, contacts, call logs, media files, device information, installed apps list, and other data from compromised Android devices. The campaign has not been attributed to any known threat actor or group, although the use of ClickFix overlaps with that of recently disclosed attacks mounted by the Russia-linked COLDRIVER hacking group. “The PhantomCaptcha campaign reflects a highly capable adversary, demonstrating extensive operational planning, compartmentalized infrastructure, and deliberate exposure control,” SentinelOne said.

“The six-month period between initial infrastructure registration and attack execution, followed by the swift takedown of user-facing domains while maintaining backend command-and-control, underscores an operator well-versed in both offensive tradecraft and defensive detection evasion.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch

Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025. Also targeted were government departments in an African country, as well as government agencies in South America, a university in the U.S., as well as likely a state technology agency in an African country, a government department in the Middle East, and a finance company in a European country. According to Broadcom’s Symantec Threat Hunter Team, the attacks involved the exploitation of CVE-2025-53770 , a now-patched security flaw in on-premise SharePoint servers that could be used to bypass authentication and achieve remote code execution. CVE-2025-53770, assessed to be a patch bypass for CVE-2025-49704 and CVE-2025-49706, has been weaponized as a zero-day by three Chinese threat groups , including Linen Typhoon (aka Budworm), Violet Typhoon (aka Sheathminer), and Storm-2603, the latter of which is linked to the deployment of Warlock, LockBit, and Babuk ransomware families in recent months.

However, the latest findings from Symantec indicate that a much wider range of Chinese threat actors have abused the vulnerability. This includes the Salt Typhoon (aka Glowworm) hacking group, which is said to have leveraged the ToolShell flaw to deploy tools like Zingdoor , ShadowPad , and KrustyLoader against the telecom entity and the two government bodies in Africa. KrustyLoader, first detailed by Synacktiv in January 2024, is a Rust-based loader previously put to use by a China-nexus espionage group dubbed UNC5221 in attacks exploiting flaws in Ivanti Endpoint Manager Mobile ( EPMM ) and SAP NetWeaver . The attacks aimed at government agencies in South America and a university in the U.S., on the other hand, involved the use of unspecified vulnerabilities to obtain initial access, followed by the exploitation of SQL servers and Apache HTTP servers running the Adobe ColdFusion software to deliver the malicious payloads using DLL side-loading techniques.

In some of the incidents, the attackers have been observed executing an exploit for CVE-2021-36942 (aka PetitPotam) for privilege escalation and domain compromise, along with a number of readily available and living-off-the-land (LotL) tools to facilitate scanning, file download, and credential theft on the infected systems. “There is some overlap in the types of victims and some of the tools used between this activity and activity previously attributed to Glowworm,” Symantec said. “However, we do not have sufficient evidence to conclusively attribute this activity to one specific group, though we can say that all evidence points to those behind it being China-based threat actors.” “The activity carried out on targeted networks indicates that the attackers were interested in stealing credentials and in establishing persistent and stealthy access to victim networks, likely for the purpose of espionage.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Bridging the Remediation Gap: Introducing Pentera Resolve

From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context. What’s missing is a system of action. How do you transition from the detection and identification of a security issue to remediation and resolution?

The Continuous Threat Exposure Management (CTEM) framework was introduced to help organizations address this challenge, calling for a repeatable approach to scoping, discovery, validation, and ultimately, the mobilization of remediation efforts. The goal is not just to identify risk, but to act on it, continuously and at scale. In most environments, that mobilization happens, but it relies on manual processes. Findings remain fragmented across tools, each with its own format, language, and logic.

The responsibility to consolidate, correlate, prioritize, and assign remediation tasks often falls to already stretched security operations teams. And when fixes are eventually applied, there is often no mechanism in place to validate that your actions were effective. What we’ve seen across more than 1,200 customers is that existing processes are not built to scale across the thousands of alerts enterprise security teams contend with on a weekly basis. Security and operations teams are not set up for success here.

This disconnect between identifying risk and resolving it efficiently and reliably is the remediation gap. It is not a visibility problem. It is an operational one. Pentera Resolve: Operationalizing Validated Risk As the leader in Security Validation, Pentera has always focused on helping organizations understand which vulnerabilities truly matter.

By safely emulating real-world attacks, we don’t simply identify what is potentially exposed, but rather how those exposures can be exploited within the context of your environment. Now we are extending that leadership by bridging security validation with automated remediation operations, closing the gap between insight and action. Alerts alone do not reduce risk. Their value depends entirely on the organization’s ability to act on them.

Ten overlapping reports sitting unread on a dashboard do not make you safer. Action does. Introducing Pentera Resolve . Our new product marks a shift in what organizations should expect from a Security Validation platform , integrating remediation workflows natively into the validation lifecycle.

Pentera Resolve automates the remediation workflow by turning validated findings into structured tasks and routing them directly to the teams responsible for fixing them. Security teams no longer need to comb through multiple reports, chase down asset owners, or track remediation progress across disconnected dashboards. Pentera Resolve removes that friction with a streamlined process embedded in the systems organizations already use. Powered by AI, it automates triage, prioritization, and ownership assignment.

Each validated issue is enriched with business and asset context, delivered into platforms like ServiceNow, Jira, and Slack. Each ticket is tracked and cataloged, ensuring audit-ready proof-of-fix. This creates a system of record for remediation, providing security, IT, and compliance teams a shared and verifiable view of progress, all within the tools they already use. As the platform evolves, Pentera Resolve will support triggering re-tests to determine whether the original validated risk has been fully addressed.

The result is faster, simpler, and more accountable remediation. Every issue is tied to real exploitability, verified after resolution, and fully measurable from start to finish. This level of operational integration supports something broader. It is not just about fixing what has been found.

It is about enabling security programs to run remediation as a continuous, coordinated part of enterprise risk management. From Assessment to Resolution: A Unified Platform Security teams no longer spend time translating findings into tickets. IT and DevOps teams no longer need to guess which exposures to prioritize. Everyone works from the same source of validated truth, inside the systems they already use.

This is not just about tooling. It is about changing how work gets done, with fewer gaps, clearer ownership, and full accountability from start to finish. Exposure without action is just noise. Pentera Resolve brings remediation into focus.

It is measurable, repeatable, and fully integrated into how teams already operate. Validate. Remediate. Repeat.

That is the loop. And now, it runs without gaps. Note: This article was authored by Dr. Arik Liberzon, Founder and Chief Technology Officer of Pentera.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys

Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum , a popular Ethereum .NET integration platform, to steal victims’ cryptocurrency wallet keys. The package, Netherеum.All , has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and keystore data, according to security company Socket. The library was uploaded by a user named “ nethereumgroup “ on October 16, 2025. It was taken down from NuGet for violating the service’s Terms of Use four days later.

What’s notable about the NuGet package is that it swaps the last occurrence of the letter “e” with the Cyrillic homoglyph “e” (U+0435) to fool unsuspecting developers into downloading it. In a further attempt to increase the credibility of the package, the threat actors have resorted to artificially inflating the download counts, claiming it has been downloaded 11.7 million times – a huge red flag given that it’s unlikely for an entirely new library to rack up such a high count within a short span of time. “A threat actor can publish many versions, then script downloads of each .nupkg through the v3 flat-container or loop nuget.exe install and dotnet restore with no-cache options from cloud hosts,” security researcher Kirill Boychenko said . “Rotating IPs and user agents and parallelizing requests boosts volume while avoiding client caches.” “The result is a package that appears ‘popular,’ which boosts placement for searches sorted by relevance and lends a false sense of proof when developers glance at the numbers.” The main payload within the NuGet package is within a function named EIP70221TransactionService.Shuffle, which parses an XOR-encoded string to extract the C2 server (solananetworkinstance[.]info/api/gads) and exfiltrates sensitive wallet data to the attacker.

The threat actor has been found to have previously uploaded another NuGet package called “NethereumNet” with the same deceptive functionality at the start of the month. It has already been removed by the NuGet security team. This is not the first homoglyph typosquat that has been spotted in the NuGet repository. In July 2024, ReversingLabs documented details of several packages that impersonated their legitimate counterparts by substituting certain elements with their equivalents to bypass casual inspection.

Unlike other open-source package repositories like PyPI, npm, Maven Central, Go Module, and RubyGems that enforce restrictions on the naming scheme to ASCII, NuGet places no such constraints other than prohibiting spaces and unsafe URL characters, opening the door to abuse. To mitigate such risks, users should carefully scrutinize libraries before downloading them, including verifying publisher identity and sudden download surges, and monitor for anomalous network traffic. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.