2026-01-08 AI创业新闻

Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Security teams are still catching malware. The problem is what they’re not catching. More attacks today don’t arrive as files. They don’t drop binaries.

They don’t trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment — scripts, remote access, browsers, and developer workflows. That shift is creating a blind spot. Join us for a deep-dive technical session with the Zscaler Internet Access team.

They will reveal how to unmask “hidden-in-plain-sight” tactics, why traditional defenses fall short, and exactly what needs to change. Secure your spot for the live session ➜ In this session, experts will cover: “Living off the Land” Attacks: These use trusted system tools like PowerShell, WMI, or remote desktop. File-based detection often sees nothing wrong because, technically, nothing new was installed. Fileless “Last Mile” Reassembly Attacks: Obfuscated HTML and JavaScript can execute malicious logic without ever delivering a clear payload to the endpoint.

Legacy tools struggle here because there is no file to scan. Securing Developer Environments: CI/CD pipelines and third-party repositories move fast and rely heavily on encrypted traffic. Malicious code and risky dependencies can slip through when inspection and visibility are limited. The webinar focuses on how cloud-native inspection, behavior analysis, and zero-trust design are being used to surface these hidden attack paths before they reach users or production systems.

This is not a breach postmortem or a vulnerability alert. It’s a practical look at how modern attacks operate — and why relying on file-based signals alone is no longer enough. For SOC teams, IT leaders, and security architects trying to close real gaps without slowing the business, this session is designed to be short, concrete, and directly applicable. Join us to learn how to gain visibility into the activity that matters most.

Register for the Webinar ➜ Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

A cybercrime gang known as Black Cat has been attributed to a search engine optimization (SEO) poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading a backdoor capable of stealing sensitive data. According to a report published by the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) and Beijing Weibu Online (aka ThreatBook), the activity is designed to strategically push bogus sites to the top of search results on search engines like Microsoft Bing, specifically targeting users looking for programs like Google Chrome, Notepad++, QQ International, and iTools. “After visiting these high-ranking phishing pages, users are lured by carefully constructed download pages, attempting to download software installation packages bundled with malicious programs,” CNCERT/CC and ThreatBook said. “Once installed, the program implants a backdoor Trojan without the user’s knowledge, leading to the theft of sensitive data from the host computer by attackers.” Black Cat is assessed to be active since at least 2022, orchestrating a series of attacks designed for data theft and remote control using malware distributed via SEO poisoning campaigns.

In 2023, the group is said to have stolen at least $160,000 worth of cryptocurrency by impersonating AICoin, a popular virtual currency trading platform. In the latest set of attacks, users searching for Notepad++ are served links to a convincing phishing site masquerading as associated with the software program (“cn-notepadplusplus[.]com”). Other domains registered by Black Cat include “cn-obsidian[.]com,” “cn-winscp[.]com,” and “notepadplusplus[.]cn.” The inclusion of “cn” in the domain names indicates that the threat actors are specifically going after Chinese users who may be looking for such tools via search engines. Should unsuspecting users end up clicking the “download” button on the fake website, they are redirected to another URL that mimics GitHub (“github.zh-cns[.]top”) from where a ZIP archive can be downloaded.

Present within the ZIP file is an installer that creates a shortcut on the user’s desktop. The shortcut acts as the entry point for side-loading a malicious DLL that, in turn, launches the backdoor. The malware establishes contact with a hard-coded remote server (“ sbido[.]com:2869 “), allowing it to steal web browser data, log keystrokes, extract clipboard contents, and other valuable information from the compromised host. CNCERT/CC and ThreatBook noted that the Black Cat cybercrime syndicate has compromised about 277,800 hosts across China between 7 and 20, 2025, with the highest daily number of compromised machines within the country scaling a high of 62,167.

To mitigate the risk, users are advised to refrain from clicking on links from unknown sources and stick to trusted sources for downloading software. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n , a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances. The vulnerability, tracked as CVE-2026-21858 (CVSS score: 10.0), has been codenamed Ni8mare by Cyera Research Labs. Security researcher Dor Attias has been acknowledged for discovering and reporting the flaw on November 9, 2025. “A vulnerability in n8n allows an attacker to access files on the underlying server through execution of certain form-based workflows,” n8n said in an advisory published today.

“A vulnerable workflow could grant access to an unauthenticated remote attacker. This could result in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage.” With the latest development, n8n has disclosed four critical vulnerabilities over the last two weeks - CVE-2025-68613 (CVSS score: 9.9) - An improper control of dynamically-managed code resources that could allow authenticated attackers to achieve remote code execution (RCE) under certain conditions (Fixed in versions 1.120.4, 1.121.1, and 1.122.0) CVE-2025-68668 or N8scape (CVSS score: 9.9) - A sandbox bypass vulnerability that could allow an authenticated user with permission to create or modify workflows to execute arbitrary commands on the host system running n8n (Fixed in version 2.0.0) CVE-2026-21877 (CVSS score: 10.0) - An unrestricted upload of a file with a dangerous type vulnerability that could allow an authenticated attacker to execute untrusted code via the n8n service, leading to full compromise of the instance (Fixed in version 1.121.3) However, unlike these flaws, CVE-2026-21858 does not require any credentials and takes advantage of a “ Content-Type “ confusion flaw to extract sensitive secrets, forge administrator access, and even execute arbitrary commands on the server. The vulnerability affects all versions of n8n prior to and including 1.65.0. It has been addressed in version 1.121.0, which was released on November 18, 2025.

It’s worth noting that the latest versions of the library are 1.123.10, 2.1.5, 2.2.4, and 2.3.0. According to technical details shared by Cyera with The Hacker News, the crux of the problem is rooted in the n8n webhook and file handling mechanism. Webhooks, which are crucial to receive data from apps and services when certain events occur, are triggered after the incoming request is parsed using a function named “parseRequestBody().” Specifically, the function is designed to read the “Content-Type” header in the request and invoke another function to parse the request body - Use parseFormData(), aka “file upload parser,” if the “Content-Type” header is “ multipart/form-data ,” denoting form data Use parseBody() aka “regular body parser” for all other content types The file upload parser, in turn, uses the parse() function associated with formidable , a Node.js module for parsing form data, and stores the decoded result in a global variable called “req.body.files.” This populated data is processed by the webhook, which only runs when the “Content-Type” header is set to “multipart/form-data.” In contrast, the regular body parser processes the incoming HTTP request body and stores the extracted data in a different global variable known as “req.body.” CVE-2026-21858 occurs when a file-handling function is run without first verifying that the content-type is “multipart/form-data,” potentially allowing an attacker to override req.body.files. Cyera said it found such a vulnerable flow in the function that handles form submissions (“formWebhook()”), which invokes a file-handling function (“copyBinaryFile()”) to act on “req.body.files.” “Here’s the issue: since this function is called without verifying the content type is ‘multipart/form-data,’ we control the entire req.body.files object,” Attias said.

“That means we control the filepath parameter – so instead of copying an uploaded file, we can copy any local file from the system.” “The result? Any node after the Form node receives the local file’s content instead of what the user uploaded.” As for how the attack can play out, consider a website that has a chat interface to provide information about various products based on product specification files uploaded to the organizational knowledge base using a Form workflow. With this setup in place, a bad actor can leverage the security hole to read arbitrary files from the n8n instance and escalate it further to RCE by performing the following steps - Use the arbitrary read primitive to access the database located at “/home/node/.n8n/database.sqlite” and load it into the knowledge-base Extract the administrator’s user ID, email, and hashed password using the chat interface Use the arbitrary read primitive again to load a configuration file located at “/home/node/.n8n/config” and extract the encryption secret key Use the obtained user and key information to forge a fake session cookie and obtain admin access, leading to an authentication bypass Achieve RCE by creating a new workflow with an “ Execute Command “ node “The blast radius of a compromised n8n is massive,” Cyera said. “A compromised n8n instance doesn’t just mean losing one system – it means handing attackers the keys to everything.

API credentials, OAuth tokens, database connections, cloud storage – all centralized in one place. n8n becomes a single point of failure and a goldmine for threat actors.” In light of the severity of the flaw, users are advised to upgrade to the patched version or later as soon as possible for optimal protection, avoid exposing n8n to the internet, and enforce authentication for all Forms. As temporary workarounds, it’s advised to restrict or disable publicly accessible webhook and form endpoints. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has been assigned the CVE identifier CVE-2026-21877 , is rated 10.0 on the CVSS scoring system. “Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service,” n8n said in an advisory released Tuesday. “This could result in full compromise of the affected instance.” The maintainers said both self-hosted deployments and n8n Cloud instances are impacted.

The issue impacts the following versions -

= 0.123.0 < 1.121.3 It has been addressed in version 1.121.3, which was released in November 2025. Security researcher Théo Lelasseux (@ theolelasseux ) has been credited with discovering and reporting the flaw. Users are advised to upgrade to this version or later to completely address the vulnerability. If immediate patching is not possible, it’s essential that administrators limit exposure by disabling the Git node and limiting access for untrusted users.

The disclosure comes as n8n has addressed a steady stream of critical flaws in the platform ( CVE-2025-68613 and CVE-2025-68668 , CVSS scores: 9.9) that could lead to code execution under specific conditions. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

The Future of Cybersecurity Includes Non-Human Employees

Non-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential growth in Non-Human Identities (NHIs), including bots, AI agents, service accounts and automation scripts. In fact, 51% of respondents in ConductorOne’s 2025 Future of Identity Security Report said the security of NHIs is now just as important as that of human accounts. Yet, despite their presence in modern organizations, NHIs often operate outside the scope of traditional Identity and Access Management (IAM) systems.

This growing dependence on non-human users creates new attack surfaces that organizations must urgently prepare for. Without full visibility and proper oversight, NHIs may have over-permissioned standing access and static credentials, making them valuable targets for cybercriminals. To secure NHIs with the same precision as human identities, organizations must develop modern security strategies that incorporate zero-trust security, least-privilege access, automated credential rotation and secrets management. By modernizing their strategies, organizations can work to reduce security risks and prevent privileged account compromise, regardless of whether a user is human.

Why non-human identities are a growing cybersecurity risk Unlike human users, NHIs and their activity typically go unnoticed, even though they hold powerful access to sensitive systems. NHIs are frequently granted broad, standing access across infrastructure, cloud environments and CI/CD pipelines. Once provisioned, NHI access is rarely reviewed or revoked, making it a prime target for cybercriminals. The main security risks associated with NHIs include credentials hardcoded into scripts, secrets embedded in source code and a lack of visibility into how NHIs are used.

Often, there is little to no logging or monitoring of NHIs, leaving compromised machine credentials vulnerable to exploitation, allowing cybercriminals to go undetected for weeks or even months. In cloud environments, non-human users significantly outnumber human users, expanding attack surfaces and introducing many more security vulnerabilities. When NHIs are overlooked in security audits or excluded from traditional IAM policies, security teams risk allowing the convenience of automation to turn into a major blind spot. How to secure non-human access with zero-trust principles To reduce NHI-related security risks, organizations must enforce zero-trust security for every identity by treating bots, AI agents, and service accounts equally to humans.

The key ways to secure non-human access with zero-trust security include: Apply zero trust to machine users: Every NHI must be authenticated and authorized, with only the minimum necessary access granted. All activity should be logged, monitored, and auditable to ensure compliance with regulatory requirements. Enforce least-privilege access: Assign Role-Based Access Controls (RBAC) and set time-based credential expiration policies to ensure NHIs access only what they need, when they need it. Leverage Just-in-Time (JIT) access and ephemeral secrets: Eliminate standing access by replacing static credentials with short-lived API tokens.

Additionally, automate credential rotation after a task is completed or on a set schedule. Implementing some of these practices can significantly reduce exposure for NHIs, making them auditable and manageable at scale. For example, having API tokens auto-expire after deployment minimizes the risk of those secrets being exploited. The same goes for service accounts that request access only when needed for a specific task, rather than maintaining standing access.

By operationalizing these practices, organizations can effectively govern NHIs with the same level of control as human users in any zero-trust architecture. Managing secrets and privileged access at scale Secrets like API keys, tokens and SSH credentials are crucial for automation and NHIs, but without proper management, they introduce significant security vulnerabilities. To maintain control over secrets and privileged access, organizations must know who or what accessed which resources and when. Without such detailed insight, unmanaged secrets may sprawl across environments when hardcoded in scripts, stored insecurely in plaintext or shared with no tracking or expiration.

Luckily, organizations can use secrets management and Privileged Access Management (PAM) solutions to centralize control over both secrets and privileged access. Solutions like KeeperPAM® provide a zero-trust, zero-knowledge architecture that secures credentials, monitors privileged sessions and automatically rotates credentials across cloud infrastructures. As a unified solution, KeeperPAM integrates enterprise password management, secrets management and endpoint management, helping protect both human and non-human users equally. Identity security must extend beyond human identities As enterprise infrastructure grows more modern and automated, NHIs are now a permanent part of the attack surface.

To defend against more sophisticated cyber attacks, organizations must treat non-human employees as first-class identities — securing and governing them just like human employees. Every service account, script and AI agent must be secured and continuously monitored to ensure they are granted appropriate access to necessary data and systems. To stay ahead of NHI-related cyber threats, organizations should embed zero-trust principles across all access layers for both humans and machines. Note: This article was expertly written and contributed by Ashley D’Andrea, Content Writer at Keeper Security.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Traditional Firewalls Are Obsolete in the AI Era

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a “critical” issue that could result in remote code execution (RCE). The vulnerability, tracked as CVE-2025-59470, carries a CVSS score of 9.0. “This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter,” it said in a Tuesday bulletin. According to Veeam’s documentation, a user with a Backup Operator role can start and stop existing jobs; export backups; copy backups; and create VeeamZip backups.

A Tape Operator user, on the other hand, can run tape backup jobs or tape catalog jobs; eject tapes; import and export tapes; move tapes to a media pool; copy or erase tapes; and set a tape password. In other words, these roles are considered highly privileged, and organizations should already be taking adequate protections to prevent them from being misused. Veeam said it’s treating the shortcoming as “high severity” despite the CVSS score, stating the opportunity for exploitation is reduced if customers follow Veeam’s recommended Security Guidelines . Also addressed by the company are three other vulnerabilities in the same product - CVE-2025-55125 (CVSS score: 7.2) - A vulnerability that allows a Backup or Tape Operator to perform RCE as root by creating a malicious backup configuration file CVE-2025-59468 (CVSS score: 6.7) - A vulnerability that allows a Backup Administrator to perform RCE as the postgres user by sending a malicious password parameter CVE-2025-59469 (CVSS score: 7.2) - A vulnerability that allows a Backup or Tape Operator to write files as root All four identified vulnerabilities affect Veeam Backup & Replication 13.0.1.180 and all earlier versions of 13 builds.

They have been addressed in Backup & Replication version 13.0.1.1071. While Veeam makes no mention of the flaws being exploited in the wild, it’s essential that users promptly apply the fixes, given that vulnerabilities in the software have been exploited by threat actors in the past. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent internally. “Threat actors have leveraged this vector to deliver a wide variety of phishing messages related to various phishing-as-a-service (PhaaS) platforms such as Tycoon 2FA ,” the Microsoft Threat Intelligence team said in a Tuesday report. “These include messages with lures themed around voicemails, shared documents, communications from human resources (HR) departments, password resets or expirations, and others, leading to credential phishing.” While the attack vector is not necessarily new , the tech giant said it has witnessed a surge in the use of the tactic since May 2025 as part of opportunistic campaigns targeting a wide variety of organizations across multiple industries and verticals. This includes a campaign that has employed spoofed emails to conduct financial scams against organizations.

A successful attack could allow threat actors to siphon credentials and leverage them for follow-on activities, ranging from data theft to business email compromise (BEC). The problem manifests primarily in scenarios where a tenant has configured a complex routing scenario and spoof protections are not strictly enforced. An example of complex routing involves pointing the mail exchanger record (MX record) to either an on-premises Exchange environment or a third-party service before reaching Microsoft 365 This creates a security gap that attackers can exploit to send spoofed phishing messages that seem to originate from the tenant’s own domain. The vast majority of phishing campaigns that leverage this approach have been found to make use of the Tycoon 2FA PhaaS kit .

Microsoft said it blocked more than 13 million malicious emails linked to the kit in October 2025. PhaaS toolkits are plug-and-play platforms that allow fraudsters to create and manage phishing campaigns easily, making it accessible even for those with limited technical skills. They provide features like customizable phishing templates, infrastructure, and other tools to facilitate credential theft and circumvent multi-factor authentication using adversary-in-the-middle (AiTM) phishing. The Windows maker said it has also spotted emails intended to trick organizations into paying bogus invoices, potentially leading to financial losses.

The spoofed messages also impersonate legitimate services like DocuSign or claim to be from HR regarding salary or benefits changes. Phishing emails propagating financial scams often resemble a conversation between the CEO of the targeted organization, an individual requesting payment for services provided, or the firm’s accounting department. They also contain three attached files to lend the scheme a false sense of trust - A fake invoice for thousands of dollars to be wired to a bank account An IRS W-9 form listing the name and social security number of the individual used to set up the bank account A fake bank letter was allegedly provided by an employee at the online bank used to set up the fraudulent account “They may employ clickable links in the email body or QR codes in attachments or other means of getting the recipient to navigate to a phishing landing page,” it added. “The appearance of having been sent from an internal email address is the most visible distinction to an end user, often with the same email address used in the ‘To’ and ‘From’ fields.” To counter this risk, organizations are advised to set strict Domain-based Message Authentication, Reporting, and Conformance (DMARC) reject and Sender Policy Framework (SPF) hard fail policies and properly configure third-party connectors, such as spam filtering services or archiving tools.

It’s worth noting that tenants with MX records pointed directly to Office 365 are not vulnerable to the attack vector. Additionally, it’s recommended to turn off Direct Send if not necessary to reject emails spoofing the organization’s domains. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3), concerns a case of command injection in the “dnscfg.cgi” endpoint that arises as a result of improper sanitization of user-supplied DNS configuration parameters. “An unauthenticated remote attacker can inject and execute arbitrary shell commands, resulting in remote code execution,” VulnCheck noted in an advisory. “The affected endpoint is also associated with unauthenticated DNS modification (‘DNSChanger’) behavior documented by D-Link , which reported active exploitation campaigns targeting firmware variants of the DSL-2740R, DSL-2640B, DSL-2780B, and DSL-526B models from 2016 through 2019.” The cybersecurity company also noted that exploitation attempts targeting CVE-2026-0625 were recorded by the Shadowserver Foundation on November 27, 2025.

Some of the impacted devices have reached end-of-life (EoL) status as of early 2020 - DSL-2640B <= 1.07 DSL-2740R < 1.17 DSL-2780B <= 1.01.14 DSL-526B <= 2.01 In an alert of its own, D-Link said it initiated an internal investigation following a report from VulnCheck on December 16, 2025, about active exploitation of “dnscfg.cgi,” and that it’s working to identify historical and current use of the CGI library across all its product offerings. It also cited complexities in accurately determining affected models due to variations in firmware implementations and product generations. An updated list of specific models is expected to be published later this week once a firmware-level review is complete. “Current analysis shows no reliable model number detection method beyond direct firmware inspection,” D-Link said .

“For this reason, D-Link is validating firmware builds across legacy and supported platforms as part of the investigation.” At this stage, the identity of the threat actors exploiting the flaw and the scale of such efforts are not known. Given that the vulnerability impacts DSL gateway products that have been phased out, it’s important for device owners to retire them and upgrade to actively supported devices that receive regular firmware and security updates. “CVE-2026-0625 exposes the same DNS configuration mechanism leveraged in past large-scale DNS hijacking campaigns,” Field Effect said . “The vulnerability enables unauthenticated remote code execution via the dnscfg.cgi endpoint, giving attackers direct control over DNS settings without credentials or user interaction.” “Once altered, DNS entries can silently redirect, intercept, or block downstream traffic, resulting in a persistent compromise affecting every device behind the router.

Because the impacted D-Link DSL models are end of life and unpatchable, organizations that continue to operate them face elevated operational risk.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control. The names of the extensions, which collectively have over 900,000 users, are below - Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI (ID: fnmihdojmnkclgjpcoonokmkhjpjechg, 600,000 users) AI Sidebar with Deepseek, ChatGPT, Claude, and more. (ID: inhcgfpbfdjbjogdfjbclgolkmhnooop, 300,000 users) The findings come weeks after Urban VPN Proxy , another extension with millions of installations on Google Chrome and Microsoft Edge, was caught spying on users’ chats with artificial intelligence (AI) chatbots. This tactic of using browser extensions to stealthily capture AI conversations has been codenamed Prompt Poaching by Secure Annex.

The two newly identified extensions “were found exfiltrating user conversations and all Chrome tab URLs to a remote C2 server every 30 minutes,” OX Security researcher Moshe Siman Tov Bustan said. “The malware adds malicious capabilities by requesting consent for ‘anonymous, non-identifiable analytics data’ while actually exfiltrating complete conversation content from ChatGPT and DeepSeek sessions.” The malicious browser add-ons have been found to impersonate a legitimate extension named “Chat with all AI models (Gemini, Claude, DeepSeek…) & AI Agents” from AITOPIA that has about 1 million users. They are still available for download from the Chrome Web Store as of writing, although “Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI” has since been stripped of its “Featured” badge. Once installed, the rogue extensions request that users grant them permissions to collect anonymized browser behavior to purportedly improve the sidebar experience.

Should the user agree to the practice, the embedded malware begins to harvest information about open browser tabs and chatbot conversation data. To accomplish the latter, it looks for specific DOM elements inside the web page, extracts the chat messages, and stores them locally for subsequent exfiltration to remote servers (“chatsaigpt[.]com” or “deepaichats[.]com”). What’s more, the threat actors have been found to leverage Lovable, an artificial intelligence (AI)-powered web development platform, to host their privacy policies and other infrastructure components (“chataigpt[.]pro” or “chatgptsidebar[.]pro”) in an attempt to obfuscate their actions. The consequences of installing such add-ons can be severe, as they have the potential to exfiltrate a wide range of sensitive information, including data shared with chatbots like ChatGPT and DeepSeek, and web browsing activity, including search queries and internal corporate URLs.

“This data can be weaponized for corporate espionage, identity theft, targeted phishing campaigns, or sold on underground forums,” OX Security said. “Organizations whose employees installed these extensions may have unknowingly exposed intellectual property, customer data, and confidential business information.” Legitimate Extensions Join Prompt Poaching The disclosure comes as Secure Annex said it identified legitimate browser extensions such as Similarweb and Sensor Tower’s Stayfocusd – each with 1 million and 600,000 users, respectively – engaging in prompt poaching. Similarweb is said to have introduced the ability to monitor conversations in May 2025, with a January 1, 2026, update adding a full terms of service pop-up that makes it explicit that data entered into AI tools is being collected to “provide the in-depth analysis of traffic and engagement metrics that you expect by using the Service.” A December 30, 2025, privacy policy update also spells this out - This information includes prompts, queries, content, uploaded or attached files (e.g., images, videos, text, CSV files) and other inputs that you may enter or submit to certain artificial intelligence (AI) tools, as well as the results or other outputs (including any attached files included in such outputs) that you may receive from such AI tools (“AI Inputs and Outputs”). Considering the nature and general scope of AI Inputs and Outputs and AI Metadata that is typical to AI tools, some Sensitive Data may be inadvertently collected or processed.

However, the aim of the processing is not to collect Personal Data in order to be able to identify you. While we cannot guarantee that all Personal Data is removed, we do take steps, where possible, to remove or filter out identifiers that you may enter or submit to these AI tools. Further analysis has revealed that Similarweb uses DOM scraping or hijacks native browser APIs like fetch() and XMLHttpRequest() – like in the case of Urban VPN Proxy – to gather the conversation data by loading a remote configuration file that includes custom parsing logic for ChatGPT, Anthropic Claude, Google Gemini, and Perplexity. Secure Annex’s John Tuckner told The Hacker News that the behavior is common to both Chrome and Edge versions of the Similarweb extension.

Similarweb’s Firefox add-on was last updated in 2019. “It is clear prompt poaching has arrived to capture your most sensitive conversations and browser extensions are the exploit vector,” Tuckner said. “It is not clear if this violates Google’s policies that extensions should be built for a single purpose and not load code dynamically.” “This is just the beginning of this trend. More firms will begin to realize these insights are profitable.

Extension developers looking for a way to monetize will add sophisticated libraries like this one supplied by the marketing companies to their apps.” Users who have installed these add-ons and are concerned about their privacy are advised to remove them from their browsers and refrain from installing extensions from unknown sources, even if they have the “Featured” tag on them. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain full control of the device. The flaw, CVE-2025-65606 (CVSS score: N/A), has been characterized as a flaw in the firmware-upload error-handling logic, which could cause the device to inadvertently start an unauthenticated root-level telnet service. CERT/CC credited Leandro Kogan for discovering and reporting the issue. “An authenticated attacker can trigger an error condition in the firmware-upload handler that causes the device to start an unauthenticated root telnet service, granting full system access,” CERT/CC said .

Successful exploitation of the flaw requires an attacker to be already authenticated to the web management interface to access the firmware-upload functionality. CERT/CC said the firmware-upload handler enters an “abnormal error state” when certain malformed firmware files are processed, causing the device to launch a telnet service with root privileges and without requiring any authentication. This unintended remote administration interface could be exploited by the attacker to hijack susceptible devices, leading to configuration manipulation, arbitrary command execution, or persistence. According to CERT/CC, TOTOLINK has not released any patches to address the flaw, and the product is said to be no longer actively maintained.

TOTOLINK’s web page for EX200 shows that the firmware for the product was last updated in February 2023. In the absence of a fix, users of the appliance are advised to restrict administrative access to trusted networks, prevent unauthorized users from accessing the management interface, monitor for anomalous activity, and upgrade to a supported model. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix -style lures to display fixes for fake blue screen of death ( BSoD ) errors in attacks targeting the European hospitality sector. The end goal of the multi-stage campaign is to deliver a remote access trojan known as DCRat , according to cybersecurity company Securonix. The activity was detected in late December 2025. “For initial access, the threat actors utilize a fake Booking.com reservation cancellation lure to trick victims into executing malicious PowerShell commands, which silently fetch and execute remote code,” researchers Shikha Sangwan, Akshay Gaikwad, and Aaron Beardslee said .

The starting point of the attack chain is a phishing email impersonating Booking.com that contains a link to a fake website (e.g., “low-house[.]com”). The messages warn recipients of unexpected reservation cancellations, urging them to click the link to confirm the cancellation. The website to which the victim is redirected masquerades as Booking.com, and serves a fake CAPTCHA page that leads them to a bogus BSoD page with “recovery instructions” to open the Windows Run dialog, paste a command, and press the Enter key. In reality, this results in the execution of a PowerShell command that ultimately deploys DCRat.

Specifically, this entails a multi-step process that commences with the PowerShell dropper downloading an MSBuild project file (“v.proj”) from “2fa-bns[.]com”, which is then executed using “MSBuild.exe” to run an embedded payload responsible for configuring Microsoft Defender Antivirus exclusions to evade detection, setting up persistence on the host in the Startup folder, and launching the RAT malware after downloads it from the same location as the MSBuild project. It’s also capable of disabling the security program altogether if found to be running with administrator privileges. If it doesn’t have elevated rights, the malware enters a loop that triggers a Windows User Account Control (UAC) prompt every two seconds for three times in hopes that the victim will grant it the necessary permissions out of sheer frustration. In tandem, the PowerShell code takes steps to open the legitimate Booking.com admin page in the default browser as a distraction mechanism and to give an impression to the victim that the action was legitimate.

DCRat , also called DarkCrystal RAT and a variant of AsyncRAT , is an off-the-shelf .NET trojan that can harvest sensitive information and expand its functionality by means of a plugin-based architecture. It’s equipped to connect to an external server, profile the infected system, and await incoming commands from the server, enabling the attackers to log keystrokes, run arbitrary commands, and deliver additional payloads like a cryptocurrency miner. The campaign is an example of how threat actors are leveraging living-off-the-land (LotL) techniques, such as abusing trusted system binaries like “MSBuild.exe,” to move the attack to the next stage, establish a deeper foothold, and maintain persistence within compromised hosts. “The phishing emails notably feature room charge details in Euros, suggesting the campaign is actively targeting European organizations,” Securonix said.

“The use of the Russian language within the ‘v.proj’ MSBuild file links this activity to Russian threat factors using DCRat.” “The use of a customized MSBuild project file to proxy execution, coupled with aggressive tampering of Windows Defender exclusions, demonstrates a deep understanding of modern endpoint protection mechanisms.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

What is Identity Dark Matter?

The Invisible Half of the Identity Universe Identity used to live in one place - an LDAP directory, an HR system, a single IAM portal. Not anymore. Today, identity is fragmented across SaaS, on-prem, IaaS, PaaS, home-grown, and shadow applications. Each of these environments carries its own accounts, permissions, and authentication flows.

Traditional IAM and IGA tools govern only the nearly managed half of this universe - the users and apps that have been fully onboarded, integrated, and mapped. Everything else remains invisible: the unverified, non-human, unprotected mass of identities we call identity dark matter. Every new or modernized app demands onboarding - connectors, schema mapping, entitlement catalogs, and role modeling - work that consumes time, money, and expertise. Many applications never make it that far.

The result is fragmentation: unmanaged identities and permissions operating outside corporate governance. And beyond the human layer lies an even larger challenge - non-human identities (NHIs). APIs, bots, service accounts, and agent-AI processes authenticate, communicate, and act across infrastructure - yet they’re often untraceable, created and forgotten without ownership, oversight, or lifecycle controls, even for managed apps. These ungoverned entities form the deepest, most invisible layer of identity dark matter, one that no traditional IAM tool was ever designed to manage.

The Components of Identity Dark Matter As organizations modernize, the identity landscape fragments into several high-risk categories: Unmanaged Shadow Apps: Applications that operate outside corporate governance due to the time and cost of traditional onboarding. Non-Human Identities (NHIs): A rapidly expanding layer including APIs, bots, and service accounts that act without oversight. Orphaned and Stale Accounts: 44% of organizations report over 1,000 orphaned accounts, and 26% of all accounts are considered stale (unused for >90 days). Agent-AI Entities: Autonomous agents that perform tasks and grant access independently, breaking traditional identity models.

Why Identity Dark Matter is a Security Crisis The growth of these ungoverned entities creates significant “blind spots” where cyber risks thrive. In 2024, 27% of cloud breaches involved the misuse of dormant credentials, including orphaned and local accounts. The primary risks include: Credential Abuse: 22% of all breaches are attributed to the exploitation of credentials. Visibility Gaps: Enterprises cannot evaluate what they cannot see, leading to an “illusion of control” while risks grow.

Compliance & Response Failures: Unmanaged identities sit outside audit scopes and slow down incident response times. Hidden Threats: Dark matter masks lateral movement, insider threats, and privilege escalation. Download the Identity Dark Matter Buyer’s Guide To navigate these hidden risks and bridge the gap between IAM and unmanaged systems, download our Identity Dark Matter Buyer’s Guide. Learn how to identify critical visibility gaps and select the right tools to secure your entire identity perimeter.

Solving the Problem: From Configuration to Observability To eliminate identity dark matter, organizations must shift from configuration-based IAM to evidence-based governance. This is achieved through Identity Observability, which provides continuous visibility across every identity. According to the Orchid Perspective, the future of cyber resilience requires a three-pillar approach: See Everything: Collect telemetry directly from every application, not just standard IAM connectors. Prove Everything: Build unified audit trails that show who accessed what, when, and why.

Govern Everywhere: Extend controls across managed, unmanaged, and agent-AI identities. By unifying telemetry, audit, and orchestration, enterprises can transform identity dark matter into actionable, measurable truth. The Orchid Security Perspective At Orchid Security, we believe the future of cyber resilience lies in an identity infrastructure that operates like observability for compliance and security: seeing how identity is coded, how it’s used, and how it behaves. By unifying telemetry, audit, and orchestration, Orchid enables enterprises to turn hidden identity data into actionable truth - ensuring that governance is not claimed, but proven.

Note: This article was written and contributed by Roy Katmor , CEO of Orchid Security . Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names. The problem, according to Koi , is that these integrated development environments (IDEs) inherit the list of officially recommended extensions from Microsoft’s extensions marketplace. These extensions don’t exist in Open VSX. The VS Code extension recommendations can take two different forms: file-based, which are displayed as toast notifications when users open a file in specific formats, or software-based, which are suggested when certain programs are already installed on the host.

“The problem: these recommended extensions didn’t exist on Open VSX,” Koi security researcher Oren Yomtov said. “The namespaces were unclaimed. Anyone could register them and upload whatever they wanted.” In other words, an attacker could weaponize the absence of these VS Code extensions and the fact that the AI-powered IDEs are VS Code forks to upload a malicious extension to the Open VSX registry, such as ms-ossdata.vscode-postgresql. As a result, any time a developer with PostgreSQL installed opens one of the aforementioned IDEs and sees the message “Recommended: PostgreSQL extension,” a trivial install action is enough to result in the deployment of the rogue extension on their system instead.

This simple act of trust can have severe consequences, potentially leading to the theft of sensitive data, including credentials, secrets, and source code. Koi said its placeholder PostgreSQL extension attracted no less than 500 installs, indicating that developers are downloading it simply because the IDE suggested it as a recommendation. The names of some of the extensions that have been claimed by Koi with a placeholder are listed below - ms-ossdata.vscode-postgresql ms-azure-devops.azure-pipelines msazurermtools.azurerm-vscode-tools usqlextpublisher.usql-vscode-ext cake-build.cake-vscode pkosta2005.heroku-command In response to responsible disclosure, Cursor, Windsurf, and Google have rolled out fixes to address the issue. The Eclipse Foundation, which oversees Open VSX, has since removed non-official contributors and enforced broader registry-level safeguards.

With threat actors increasingly focusing on exploiting the security gaps in extension marketplaces and open-source repositories, it’s essential that developers exercise caution prior to downloading any packages or approving installs by verifying they come from a trusted publisher. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.