2026-01-14 AI创业新闻

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. “Enterprise organizations that are clients of these payment providers are the most likely to be impacted,” Silent Push said in a report published today. Digital skimming attacks refer to a category of client-side attacks in which bad actors compromise legitimate e-commerce sites and payment portals to inject malicious JavaScript code that’s capable of stealthily harvesting credit card information and other personal information when unsuspecting users attempt to make a payment on checkout pages. These attacks are classified under an umbrella term called Magecart , which initially referred to a coalition of cybercriminal groups that targeted e-commerce sites using the Magento software, before diversifying to other products and platforms.

Silent Push said it discovered the campaign after analyzing a suspicious domain linked to a now-sanctioned bulletproof hosting provider Stark Industries (and its parent company PQ.Hosting), which has since rebranded to THE[.]Hosting, under the control of the Dutch entity WorkTitans B.V., is a sanctions evasion measure. The domain in question, cdn-cookie[.]com, has been found to host highly obfuscated JavaScript payloads (e.g., “recorder.js” or “tab-gtm.js”) that are loaded by web shops to facilitate credit card skimming. The skimmer comes with features to evade detection by site administrators. Specifically, it checks the Document Object Model (DOM) tree for an element named “ wpadminbar ,” a reference to a toolbar that appears in WordPress websites when logged-in administrators or users with appropriate permissions are viewing the site.

In the event the “wpadminbar” element is present, the skimmer initiates a self-destruct sequence and removes its own presence from the web page. An attempt to execute the skimmer is made every time the web page’s DOM is modified, a standard behavior that occurs when users interact with the page. That’s not all. The skimmer also checks to see if Stripe was selected as a payment option, and if so, there exists an element called “wc_cart_hash” in the browser’s localStorage , which it creates and sets to “true” to indicate that the victim has already been successfully skimmed.

The absence of this flag causes the skimmer to render a fake Stripe payment form that replaces the legitimate form through user interface manipulations, thereby tricking the victims into entering their credit card numbers, along with the expiration dates and Card Verification Code (CVC) numbers. “As the victim entered their credit card details into a fake form instead of the real Stripe payment form, which was initially hidden by the skimmer when they initially filled it out, the payment page will display an error,” Silent Push said. “This makes it appear as if the victim had simply entered their payment details incorrectly.” The data stolen by the skimmer extends beyond payment details to include names, phone numbers, email addresses, and shipping addresses. The information is eventually exfiltrated by means of an HTTP POST request to the server “lasorie[.]com.” Once the data transmission is complete, the skimmer erases traces of itself from the checkout page, removing the fake payment form that was created and restoring the legitimate Stripe input form.

It then sets “wc_cart_hash” to “true” to prevent the skimmer from being run a second time on the same victim. “This attacker has advanced knowledge of WordPress’s inner workings and integrates even lesser-known features into their attack chain,” Silent Push said. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries , while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still available on the Chrome Web Store as of writing. It was first published on September 1, 2025, by a developer named “jorjortan142.” “The extension programmatically creates new MEXC API keys, enables withdrawal permissions, hides that permission in the user interface (UI), and exfiltrates the resulting API key and secret to a hardcoded Telegram bot controlled by the threat actor,” Socket security researcher Kirill Boychenko said in an analysis. According to the Chrome Web Store listing, the web browser add-on is described as an extension that “simplifies connecting your trading bot to the MEXC exchange” by generating the API keys with the necessary permissions on the management page, including to facilitate trading and withdrawals.

In doing so, the installed extension enables a threat actor to control any MEXC account accessed from the compromised browser, allowing them to execute trades, perform automated withdrawals, and even drain the wallets and balances reachable through the service. “In practice, as soon as the user navigates to MEXC’s API management page, the extension injects a single content script, script.js, and begins operating inside the already authenticated MEXC session,” Socket added. To achieve this, the extension checks if the current URL contains the string “/user/openapi,” which refers to the API key management page . The script then programmatically creates a new API key and ensures that withdrawal capability is enabled.

At the same time, it tampers with the page’s user interface to give the impression to the user that the withdrawal permission has been disabled. As soon as the process to generate the Access Key and Secret Key is complete, the script extracts both the values and transmits them to a hard-coded Telegram bot under the threat actor’s control using an HTTPS POST request. The threat poses a severe risk, as it remains active as long as the keys are valid and not revoked, granting the attackers unfettered access to the victim’s account even if they end up uninstalling the extension from the Chrome browser. “In effect, the threat actor uses the Chrome Web Store as the delivery mechanism, the MEXC web UI as the execution environment, and Telegram as the exfiltration channel,” Boychenko noted.

“The result is a purpose-built credential-stealing extension that targets MEXC API keys at the moment they are created and configured with full permissions.” The attack is made possible by the fact that it leverages an already authenticated browser session to realize its goals, thereby obviating the need for obtaining a user’s password or bypassing authentication protections. It’s currently not clear who is behind the operation, but a reference to “jorjortan142” points to an X handle with the same name that links to a Telegram bot named SwapSushiBot, which is also promoted across TikTok and YouTube . The YouTube channel was created on August 17, 2025. “By hijacking a single API workflow inside the browser, threat actors can bypass many traditional controls and go straight for long lived API keys with withdrawal rights,” Socket said.

“The same playbook can be readily adapted to other exchanges, DeFi dashboards, broker portals, and any web console that issues tokens in session, and future variants are likely to introduce heavier obfuscation, request broader browser permissions, and bundle support for multiple platforms into a single extension.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks.

Behind every agentic workflow sits a layer few organizations are actively securing: Machine Control Protocols (MCPs) . These systems quietly decide what an AI agent can run, which tools it can call, which APIs it can access, and what infrastructure it can touch. Once that control plane is compromised or misconfigured, the agent doesn’t just make mistakes—it acts with authority. Ask the teams impacted by CVE-2025-6514 .

One flaw turned a trusted OAuth proxy used by more than 500,000 developers into a remote code execution path. No exotic exploit chain. No noisy breach. Just automation doing exactly what it was allowed to do—at scale.

That incident made one thing clear: if an AI agent can execute commands, it can also execute attacks. This webinar is for teams who want to move fast without giving up control. Secure your spot for the live session ➜ Led by the author of the OpenID whitepaper Identity Management for Agentic AI , this session goes straight to the core risks security teams are now inheriting from agentic AI adoption. You’ll see how MCP servers actually work in real environments, where shadow API keys appear, how permissions quietly sprawl, and why traditional identity and access models break down when agents act on your behalf.

You’ll learn: What MCP servers are and why they matter more than the model itself How malicious or compromised MCPs turn automation into an attack surface Where shadow API keys come from—and how to detect and eliminate them How to audit agent actions and enforce policy before deployment Practical controls to secure agentic AI without slowing development Agentic AI is already inside your pipeline. The only question is whether you can see what it’s doing—and stop it when it goes too far. Register for the live webinar and regain control of your AI stack before the next incident does it for you. Register for the Webinar ➜ Found this article interesting?

This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

New Advanced Linux VoidLink Malware Targets Cloud and container Environments

Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that’s specifically designed for long-term, stealthy access to Linux-based cloud environments According to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modular plugins that enable its operators to augment or change its capabilities over time, as well as pivot when objectives change. It was first discovered in December 2025. “The framework includes multiple cloud-focused capabilities and modules, and is engineered to operate reliably in cloud and container environments over extended periods,” the cybersecurity company said in an analysis published today. “VoidLink’s architecture is extremely flexible and highly modular, centered around a custom Plugin API that appears to be inspired by Cobalt Strike’s Beacon Object Files (BOF) approach.

This API is used in more than 30+ plug-in modules available by default.” The findings reflect a shift in threat actors’ focus from Windows to Linux systems that have emerged as the bedrock of cloud services and critical operations. Actively maintained and evolving, VoidLink is assessed to be the handiwork of China-affiliated threat actors. A cloud-first implant written in the Zig programming language, the toolkit can detect major cloud environments, viz. Amazon Web Services (AWS), Google Cloud, Microsoft Azure, Alibaba, and Tencent, and adapt its behavior if it recognizes that it’s running within a Docker container or a Kubernetes pod.

It can also gather credentials associated with cloud environments and popular source code version control systems such as Git. VoidLink High Level Overview The targeting of these services is an indication that VoidLink is likely engineered to target software developers, either with an intent to steal sensitive data or leverage the access to conduct supply chain attacks. Some of its other capabilities are listed below - Rootkit-like features using LD_PRELOAD , loadable kernel module ( LKM ), and eBPF to hide its processes based on the Linux kernel version An in-memory plugin system for extending functionality Support for varied command-and-control (C2) channels, such as HTTP/HTTPS, WebSocket, ICMP, and DNS tunneling Form a peer-to-peer (P2P) or mesh-style network between compromised hosts A Chinese web-based dashboard that allows the attackers to remotely control the implant, create bespoke versions on the fly, manage files, tasks, and plugins, and carry out different stages of the attack cycle right from reconnaissance and persistence to lateral movement and defense evasion by wiping traces of malicious activity. Builder Panel to Create Customized Versions of VoidLink VoidLink supports 37 plugins that span anti-forensics, reconnaissance, containers, privilege escalation, lateral movement, and other, transforming it into a full-fledged post-exploitation framework - Anti-forensics, to wipe or edit logs and shell history based on keywords and perform timestomping of files to hinder analysis Cloud, to facilitate Kubernetes and Docker discovery and privilege-escalation, container escapes, and probes for misconfigurations Credential harvesting, to collect credentials and secrets, including SSH keys, git credentials, local password material, browser credentials and cookies, tokens, and API keys Lateral movement, to spread laterally using an SSH-based worm Persistence, to help establish persistence via dynamic linker abuse, cron jobs, and system services Recon, to gather detailed system and environment information Describing it as “impressive” and “far more advanced than typical Linux malware,” Check Point said VoidLink features a core orchestrator component that handles C2 communications and task execution.

It also incorporates a bevy of anti-analysis features to circumvent detection. Besides flagging various debuggers and monitoring tools, it can delete itself if any signs of tampering are detected. It also features a self-modifying code option that can decrypt protected code regions at runtime and encrypt them when not in use, bypassing runtime memory scanners. What’s more, the malware framework enumerates installed security products and hardening measures on the compromised host to calculate a risk score and arrive at an evasion strategy across the board.

For example, this may involve slowing down port scans and having greater control in high-risk environments. “The developers demonstrate a high level of technical expertise, with strong proficiency across multiple programming languages, including Go, Zig, C, and modern frameworks such as React,” Check Point noted. “In addition, the attacker possesses in-depth knowledge of sophisticated operating system internals, enabling the development of advanced and complex solutions.” “VoidLink aims to automate evasion as much as possible, profiling an environment and choosing the most suitable strategy to operate in it. Augmented by kernel mode tradecraft and a vast plugin ecosystem, VoidLink enables its operators to move through cloud environments and container ecosystems with adaptive stealth.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

What Should We Learn From How Attackers Leveraged AI in 2025?

Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about “new” threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures.

But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points that worked - they’re just doing it better. Supply Chain: Still Cascading Downstream As the Shai Hulud NPM campaign showed us, supply chain remains a major issue. A single compromised package can cascade through an entire dependency tree, affecting thousands of downstream projects.

The attack vector hasn’t changed. What’s changed is how efficiently attackers can identify and exploit opportunities. AI has collapsed the barrier to entry. Just as AI has enabled one-person software projects to build sophisticated applications, the same is true in cybercrime.

What used to require large, organized operations can now be executed by lean teams, even individuals. We suspect some of these NPM package attacks, including Shai-Hulud, might actually be one-person operations. As software projects become simpler to develop, and threat actors show an ability to play the long game (as with the XZ Utils attack) - we’re likely to see more cases where attackers publish legitimate packages that build trust over time, then one day, with the click of a button, inject malicious capabilities to all downstream users. Phishing: Still Just One Click Away Phishing still works for the same reason it always has: humans remain the weakest link.

But the stakes have changed dramatically. The recent npm supply chain attack demonstrates the ripple effect: one developer clicked a bad link, entered his credentials and his account was compromised. Packages with tens of millions of weekly downloads were poisoned. Despite the developer publicly reporting the incident to npm, mitigation took time - and during that window, the attack spread at scale.

Official Stores: Still Not Safe Perhaps most frustrating: malware continues to bypass official gatekeepers. Our research on malicious Chrome extensions stealing ChatGPT and DeepSeek conversations revealed something we already know from mobile app stores—automated reviews and human moderators aren’t keeping pace with attacker sophistication. The permissions problem should sound familiar because it’s already been solved. Android and iOS give users granular control: you can allow location access but block the microphone, permit camera access only when an app is open, not in the background.

Chrome could implement the same model for extensions - the technology exists. It’s a matter of prioritization and implementation. Instead, users face a binary choice with extensions requesting permission to “read information from all websites.” If an extension asks for that level of access, in most cases it will be used for malicious purposes, or it will later be updated to do so. Attackers don’t have the Shiny Tool Syndrome Attackers didn’t throw out their playbook when AI arrived - they automated it.

They’re still exploiting supply chains, phishing developers, and sneaking malware past reviewers. They’re just doing it with one-tenth the resources. We shouldn’t be chasing shiny new defense strategies while the basics still don’t work. Fix permissions models.

Harden supply chain verification. Make phishing-resistant authentication the default. The fundamentals matter more now, not less. Attackers optimized the basics.

What should defenders prioritize? Join OX for our upcoming webinar: Threat Intelligence Update: What’s Been Working for Hackers and What Have the Good Guys Been Doing? We’ll cover attack techniques gaining traction, what’s actually stopping them, and what to prioritize when resources are limited. Register here.

Register here. Note: This article was exclusively written and contributed by Moshe Siman Tov Bustan , Security Research Team Lead at OX. Found this article interesting? This article is a contributed piece from one of our valued partners.

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow artificial intelligence (AI) Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420 , carries a CVSS score of 9.3 out of 10.0. It has been codenamed BodySnatcher by AppOmni. “This issue […] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform,” the company said in an advisory released Monday.

The shortcoming was addressed by ServiceNow on October 30, 2025, by deploying a security update to the majority of hosted instances, with the company also sharing the patches with ServiceNow partners and self-hosted customers. The following versions include a fix for CVE-2025-12420 - Now Assist AI Agents (sn_aia) - 5.1.18 or later and 5.2.19 or later Virtual Agent API (sn_va_as_service) - 3.15.2 or later and 4.0.4 or later ServiceNow credited Aaron Costello, chief of SaaS Security Research at AppOmni, with discovering and reporting the flaw in October 2025. While there is no evidence that the vulnerability has been exploited in the wild, users are advised to apply an appropriate security update as soon as possible to mitigate potential threats. “BodySnatcher is the most severe AI-driven vulnerability uncovered to date: Attackers could have effectively ‘remote controlled’ an organization’s AI, weaponizing the very tools meant to simplify the enterprise,” Costello told The Hacker News.

In a separate report, AppOmni said the Virtual Agent integration flaw allows unauthenticated attackers to impersonate any ServiceNow user using only an email address, bypassing multi-factor authentication (MFA) and single sign-on (SSO) protections. Successful exploitation could allow a threat actor to impersonate an administrator and execute an AI agent to subvert security controls and create backdoor accounts with elevated privileges. “By chaining a hardcoded, platform-wide secret with account-linking logic that trusts a simple email address, an attacker can bypass multi-factor authentication (MFA), single sign-on (SSO), and other access controls,” Costello added . “And it’s the most severe AI-driven security vulnerability uncovered to date.

With these weaknesses linked together, the attacker can remotely drive privileged agentic workflows as any user.” The disclosure comes nearly two months after AppOmni revealed that malicious actors can exploit default configurations in ServiceNow’s Now Assist generative AI platform and leverage its agentic capabilities to conduct second-order prompt injection attacks. The issue could then be weaponized to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive corporate data, modify records, and escalate privileges. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. “The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a PowerShell downloader, which retrieves fragmented, text-based payloads from a remote host,” Securonix researchers Akshay Gaikwad, Shikha Sangwan, and Aaron Beardslee said in a technical report shared with The Hacker News. “These fragments are reconstructed into encoded loaders, decoded in memory by a .NET Reactor–protected assembly, and used to fetch and apply a remote Remcos configuration. The final stage leverages MSBuild.exe as a living-off-the-land binary (LOLBin) to complete execution, after which the Remcos RAT backdoor is fully deployed and takes control of the compromised system.” The activity is assessed to be broad and opportunistic, primarily targeting enterprise and small-to-medium business environments.

The tooling and tradecraft align with typical initial access brokers, who obtain footholds to target environments and sell them off to other actors for financial gain. That said, there is no evidence to attribute it to a known threat group. The most unusual aspect of the campaign is the reliance on intermediate text-only stagers, coupled with the use of PowerShell for in-memory reconstruction and a .NET Reactor–protected reflective loader, to unpack subsequent phases of the attack with an aim to complicate detection and analysis efforts. The infection sequence begins with the retrieval and execution of an obfuscated Visual Basic Script (“win64.vbs”) that’s likely triggered by means of user interaction, such as clicking on a link delivered via socially engineered lures.

The script, run using “wscript.exe,” functions as a lightweight launcher for a Base64-encoded PowerShell payload. The PowerShell script subsequently employs System.Net.WebClient to communicate with the same server used to fetch the VBS file and drop a text-based payload named “qpwoe64.txt” (or “qpwoe32.txt” for 32-bit systems) in the machine’s %TEMP% directory. “The script then enters a loop where it validates the file’s existence and size,” Securonix explained. “If the file is missing or below the configured length threshold (minLength), the stager pauses execution and re-downloads the content.

If the threshold is not met within the defined timeout window (maxWait), execution proceeds without terminating, preventing chain failure.” “This mechanism ensures that incomplete or corrupted payload fragments do not immediately disrupt execution, reinforcing the campaign’s self-healing design.” Should the text file meet the relevant criteria, it proceeds to construct a second secondary PowerShell script (“jdywa.ps1”) in the %TEMP% directory, which invokes a .NET Reactor Loader that’s responsible for establishing persistence, retrieving the next-stage malware, and incorporating various anti-debugging and anti-VM checks to fly under the radar. The loader ultimately launches the Remcos RAT malware on the compromised host using a legitimate Microsoft Windows process, “MSBuild.exe.” Also dropped over the course of the attack are execution wrapper scripts to re-trigger the execution of “win64.vbs” using “wscript.exe.” “Taken together, these behaviors indicate an actively maintained and modular loader framework designed to keep the Remcos payload portable, resilient, and difficult to statically classify,” the researchers noted. “The combination of text-only intermediates, in-memory .NET Reactor loaders, and LOLBin abuse reflects a deliberate strategy to frustrate antivirus signatures, sandboxes, and rapid analyst triage.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities ( KEV ) catalog. The vulnerability, tracked as CVE-2025-8110 (CVSS score: 8.7), relates to a case of path traversal in the repository file editor that could result in code execution. “Gogs Path Traversal Vulnerability: Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution,” CISA said in an advisory.

Details of the shortcoming came to light last month when Wiz said it discovered it being exploited in zero-day attacks. The vulnerability essentially bypasses protections put in place for CVE-2024-55947 to achieve code execution by creating a git repository, committing a symbolic link pointing to a sensitive target, and using the PutContents API to write data to the symlink. This, in turn, causes the underlying operating system to navigate to the actual file the symlink points to and overwrites the target file outside the repository. An attacker could leverage this behavior to overwrite Git configuration files, specifically the sshCommand setting, giving them code execution privileges.

Wiz said it identified 700 compromised Gogs instances. According to data from the attack surface management platform Censys, there are about 1,600 internet-exposed Gogs servers, out of which the majority of them are located in China (991), the U.S. (146), Germany (98), Hong Kong (56), and Russia (49). There are currently no patches that address CVE-2025-8110, although pull requests on GitHub show that the necessary code changes have been made.

“Once the image is built on main, both gogs/gogs:latest and gogs/gogs:next-latest will have this CVE patched,” one of the project maintainers said last week. In the absence of a fix, Gogs users are advised to disable the default open-registration setting and limit server access using a VPN or an allow-list. Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary mitigations by February 2, 2026. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers’ OAuth credentials. One such package, named “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit,” mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then siphon OAuth credentials to servers under the attackers’ control. “The attack represents a new escalation in supply chain threats,” Endor Labs said in a report published last week. “Unlike traditional npm malware, which often targets developer credentials, this campaign exploited workflow automation platforms that act as centralized credential vaults – holding OAuth tokens, API keys, and sensitive credentials for dozens of integrated services like Google Ads, Stripe, and Salesforce in a single location.” The complete list of identified packages, which have since been removed, is as follows - n8n-nodes-hfgjf-irtuinvcm-lasdqewriit (4,241 downloads, author: kakashi-hatake) n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (1,657 downloads, author: kakashi-hatake) n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz (1,493 downloads, author: kakashi-hatake) n8n-nodes-performance-metrics (752 downloads, author: hezi109) n8n-nodes-gasdhgfuy-rejerw-ytjsadx (8,385 downloads, author: zabuza-momochi) n8n-nodes-danev (5,525 downloads, author: dan_even_segler) n8n-nodes-rooyai-model (1,731 downloads, author: haggags) n8n-nodes-zalo-vietts (4,241 downloads, authors: vietts_code and diendh) The npm users “zabuza-momochi,” “dan_even_segler,” and “diendh” have also been listed as authors for four other libraries that are still available for download as of writing - n8n-nodes-gg-udhasudsh-hgjkhg-official (2,863 downloads) n8n-nodes-danev-test-project (1,259 downloads) @diendh/n8n-nodes-tiktok-v2 (218 downloads) n8n-nodes-zl-vietts (6,357 downloads) It’s not clear if they harbor similar malicious functionality.

However, an assessment of the first three packages on ReversingLabs Spectra Assure has uncovered no security issues. In the case of “n8n-nodes-zl-vietts,” the analysis has flagged the library as containing a component with malware history. Interestingly, an updated version of the package “n8n-nodes-gg-udhasudsh-hgjkhg-official” was published to npm just three hours ago, suggesting that the campaign is possibly ongoing. The malicious package, once installed as a community node , behaves like any other n8n integration, displaying configuration screens and saving the Google Ads account OAuth tokens in encrypted format to the n8n credential store.

When the workflow is executed, it runs code to decrypt the stored tokens using n8n’s master key and exfiltrates them to a remote server. The development marks the first time a supply chain threat has explicitly targeted the n8n ecosystem, with bad actors weaponizing the trust in community integrations to achieve their goals. The findings highlight the security issues that come with integrating untrusted workflows, which can expand the attack surface. Developers are recommended to audit packages before installing them, scrutinize package metadata for any anomalies, and use official n8n integrations.

N8n has also warned about the security risk arising from the use of community nodes from npm, which it said can introduce breaking changes or execute malicious actions on the machine that the service runs on. On self-hosted n8n instances, it’s advised to disable community nodes by setting N8N_COMMUNITY_PACKAGES_ENABLED to false. “Community nodes run with the same level of access as n8n itself. They can read environment variables, access the file system, make outbound network requests, and, most critically, receive decrypted API keys and OAuth tokens during workflow execution,” researchers Kiran Raj and Henrik Plate said.

“There is no sandboxing or isolation between node code and the n8n runtime.” “Because of this, a single malicious npm package is enough to gain deep visibility into workflows, steal credentials, and communicate externally without raising immediate suspicion. For attackers, the npm supply chain offers a quiet and highly effective entry point into n8n environments.” Update In a statement shared with The Hacker News, Endor Labs confirmed that the npm package “n8n-nodes-gg-udhasudsh-hgjkhg-official” is malicious and is part of the same campaign. The remaining packages have been determined to be benign. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were ignored. Attackers didn’t need novel tricks. They used what was already exposed and moved in without resistance.

Scale amplified the damage. A single weak configuration rippled out to millions. A repeatable flaw worked again and again. Phishing crept into apps people rely on daily, while malware blended into routine system behavior.

Different victims, same playbook: look normal, move quickly, spread before alarms go off. For defenders, the pressure keeps rising. Vulnerabilities are exploited almost as soon as they surface. Claims and counterclaims appear before the facts settle.

Criminal groups adapt faster each cycle. The stories that follow show where things failed—and why those failures matter going forward. ⚡ Threat of the Week Maximum Severity Security Flaw Disclosed in n8n — A maximum-severity vulnerability in the n8n workflow automation platform permits unauthenticated remote code execution and potential full system compromise. The flaw, referred to as Ni8mare and tracked as CVE‑2026‑21858, affects locally deployed instances running versions prior to 1.121.0.

The issue stems from how n8n handles incoming data, offering a direct path from an external, unauthenticated request to compromise the automation environment. The disclosure of CVE‑2026‑21858 follows several other high‑impact vulnerabilities publicized over the past two weeks, including CVE‑2026‑21877, CVE‑2025‑68613, and CVE‑2025‑68668. The problem appears in Form-based workflows where file-handling functions are executed without first validating that the request was actually processed as “multipart/form-data.” This loophole allows an attacker to send a specially crafted request using a non-file content type while crafting the request body to mimic the internal structure expected for uploaded files. Because the parsing logic does not verify the format of the incoming data, it enables an attacker to access arbitrary file paths on the n8n host and even escalate it to code execution.

“The impact extends to any organization using n8n to automate workflows that interact with sensitive systems,” Field Effect said . “The worst‑case scenario involves full system compromise and unauthorized access to connected services.” However, Horizon3.ai noted that successful exploitation requires a combination of pre-requisites that are unlikely to be found in most real-world deployments: An n8n form component workflow that’s publicly accessible without authentication and a mechanism to retrieve the local files from the n8n server. As of January 11, 2026, there are about 59,500 internet-exposed hosts that are still vulnerable to CVE-2026-21858. More than 27,000 IP addresses are located in the U.S.

and over 21,200 in Europe. Protect Critical Data in AI Workflows Stop data breaches before they happen. Airia offers advanced solutions to ensure your AI models remain secure, reliable, and compliant in today’s fast-evolving landscape. Discover More ➝ 🔔 Top News Kimwolf Botnet Infects 2M Android Devices — The Kimwolf botnet, an Android variant of the Aisuru malware, has grown to more than two million hosts, most of them infected by exploiting vulnerabilities in residential proxy networks to target devices on internal networks.

Kimwolf’s rapid growth is largely fueled by its abuse of residential proxy networks to reach vulnerable Android devices. Specifically, the malware takes advantage of proxy providers that permit access to local network addresses and ports, allowing direct interaction with devices running on the same internal network as the proxy client. Starting on November 12, 2025, Synthient observed elevated activity scanning for unauthenticated ADB services exposed through proxy endpoints, targeting ports 5555, 5858, 12108, and 3222. The Android Debug Bridge (ADB) is a development and debugging interface that allows installing and removing apps, running shell commands, transferring files, and debugging Android devices.

When exposed over a network, ADB can allow unauthorized remote connections to modify or take control of Android devices. When reachable, botnet payloads were delivered via netcat or telnet, piping shell scripts directly into the exposed device for local execution. China-Linked Hackers Likely Developed Exploit for Trio of VMware Flaws in 2024 — Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed more than a year before a set of three flaws it relied on were made public. The attack is believed to have exploited three VMware vulnerabilities that were disclosed as zero-days by Broadcom in March 2025: CVE-2025-22224 (CVSS score: 9.3), CVE-2025-22225 (CVSS score: 8.2), and CVE-2025-22226 (CVSS score: 7.1).

Successful exploitation of the issue could permit a malicious actor with admin privileges to leak memory from the Virtual Machine Executable (VMX) process or execute code as the VMX process. The attackers disabled VMware’s own drivers, loaded unsigned kernel modules, and phoned home in ways designed to go unnoticed. The toolkit supported a wide range of ESXi versions, spanning over 150 builds, which would have allowed the attackers to hit a broad range of environments. Huntress, which observed the activity in December 2025, said there is no evidence to suggest that the toolkit was advertised or sold on dark web forums, adding that it was deployed in a targeted manner.

China-Linked UAT-7290 Targets Telecoms with Linux Malware — A long-running cyber-espionage campaign targeting high-value telecommunications infrastructure in South Asia has been attributed to a sophisticated threat actor tracked as UAT-7290. The activity cluster, which has been active since at least 2022, primarily focuses on extensive technical reconnaissance of target organizations before initiating attacks, ultimately leading to the deployment of malware families such as RushDrop, DriveSwitch, and SilentRaid. The campaign highlights the sustained focus on telecommunications networks in South Asia and underscores the strategic value of these environments to advanced threat actors. Two Malicious Chrome Extensions Caught Prompt Poaching — Two new malicious extensions on the Chrome Web Store, Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI, and AI Sidebar with DeepSeek, ChatGPT, Claude, and more, were found to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control.

The technique of browser extensions to stealthily capture AI conversations has been codenamed Prompt Poaching. The extensions, which were collectively installed 900,000 times, have since been removed by Google. PHALT#BLYX Targets Hospitality Sector in Europe — A new multi-stage malware campaign targeting hospitality organizations in Europe using social engineering techniques such as fake CAPTCHA prompts and simulated Blue Screen of Death (BSoD) errors to trick users into manually executing malicious code under the guise of reservation-cancellation lures. Dubbed PHALT#BLYX, the campaign represents an evolution from earlier, less evasive techniques.

Previous versions relied on HTML Application files and mshta.exe. The latest iteration, detected in late December 2025, instead abuses MSBuild.exe, a trusted Microsoft utility, to compile and execute a malicious project file. This living-off-the-land (LotL) approach enables the malware to bypass many endpoint security controls and deliver a heavily obfuscated variant of DCRat. The activity is assessed to be the work of Russian-speaking threat actors.

The attacks leverage a social engineering tactic called ClickFix, where users are tricked into manually executing seemingly harmless commands that actually install malware. It operates by deceiving users into taking an action to “fix” a non-existent issue by either automatically or manually copying and pasting a malicious command into their terminal or Run dialog. ‎️‍🔥 Trending CVEs Hackers act fast. They can use new bugs within hours.

One missed update can cause a big breach. Here are this week’s most serious security flaws. Check them, fix what matters first, and stay protected. This week’s list includes — CVE-2026-21858 , CVE-2026-21877 , CVE-2025-68668 (n8n), CVE-2025-69258, CVE-2025-69259, CVE-2025-69260 (Trend Micro Apex Central), CVE-2026-20029 (Cisco Identity Services Engine), CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVE-2025-66212, CVE-2025-66213, CVE-2025-64419, CVE-2025-64420, CVE-2025-64424, CVE-2025-59156, CVE-2025-59157, CVE-2025-59158 (Coolify), CVE-2025-59470 (Veeam Backup & Replication), CVE-2026-0625 (D-Link DSL gateway routers), CVE-2025-65606 (TOTOLINK EX200), CVE-2026-21440 (@adonisjs/bodyparser), CVE-2025-68428 (jsPDF), CVE-2025-69194 (GNU Wget2), CVE-2025-43530 (Apple macOS Tahoe), CVE-2025-54957 (Google Android), CVE-2025-14026 (Forcepoint One DLP Client), CVE-2025-66398 (Signal K Server), CVE-2026-21483 (listmonk), CVE-2025-34468 (libcoap), CVE-2026-0628 (Google Chrome), CVE-2025-67859 (Linux TLP), CVE-2025-9222, CVE-2025-13761, CVE-2025-13772 (GitLab CE/EE), CVE-2025-12543 (Undertow HTTP server core), CVE-2025-14598 (BeeS Examination Tool), CVE-2026-21876 (OWASP Core Rule Set), CVE-2026-22688 (Tencent WeKnora), CVE-2025-61686 (@react-router/node, @remix-run/node, and @remix-run/deno), and CVE-2025-54322 (Xspeeder SXZOS).

📰 Around the Cyber World India Denies it Plans to Demand Smartphone Source Code — India’s Press Information Bureau (PIB) has refuted a report from Reuters that said the Indian government has proposed rules requiring smartphone makers to share source code with the government and make several software changes as part of a raft of security measures to tackle online fraud and data breaches. Some of the key requirements mentioned in the report included preventing apps from accessing cameras, microphones or location services in the background when phones are inactive, periodically displaying warnings prompting users to review all app permissions, storing security audit logs, including app installations and login attempts, for 12 months, periodically scanning for malware and identify potentially harmful applications, making all pre-installed apps bundled with the phone operating system, except those essential for basic phone functions, deletable, notifying a government organization before releasing any major updates or security patches, detecting if a device has been rooted or jailbroken, and blocking installation of older software versions. The PIB said , “The Government of India has NOT proposed any measure to force smartphone manufacturers to share their source code,” adding, “The Ministry of Electronics and Information Technology has started the process of stakeholders’ consultations to devise the most appropriate regulatory framework for mobile security. This is a part of regular and routine consultations with the industry for any safety or security standards.

Once a stakeholder consultation is done, then various aspects of security standards are discussed with the industry.” It also said no final regulations have been framed, adding the government has been engaging with the industry to better understand technical and compliance burden and best international practices, which are adopted by the smartphone manufacturers. Meta Says There was No Instagram Breach — Meta said it fixed an issue that “let an external party request password reset emails for some people.” It said there is no breach of its system and user accounts are secure. The development comes after security software vendor Malwarebytes claimed , “Cybercriminals stole the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, and more.” This data is available for free on numerous hacking forums, with the poster claiming it was gathered through an unconfirmed 2024 Instagram API leak. However, the cybersecurity community has shared evidence suggesting the scraped data may have been collected in 2022.

8.1M Attack Sessions Related to React2Shell — Threat intelligence firm GreyNoise said it recorded over 8.1 million attack sessions since the initial disclosure of React2Shell last month, with “daily volumes stabilizing in the 300,000–400,000 range after peaking above 430,000 in late December.” As many as 8,163 unique source IPs across 1,071 ASNs spanning 101 countries have participated in the efforts. “The geographic and network distribution confirms broad adoption of this exploit across diverse threat actor ecosystems,” it said. “The campaign has produced over 70,000 unique payloads, indicating continued experimentation and iteration by attackers.” Salt Typhoon Linked to New U.S. Hacks — Chinese hacking group Salt Typhoon is alleged to have hacked the email systems used by congressional staff on multiple committees in the U.S.

House of Representatives, according to a report from Financial Times. “Chinese intelligence accessed email systems used by some staffers on the House China committee in addition to aides on the foreign affairs committee, intelligence committee, and armed services committee, according to people familiar with the attack,” it said. “The intrusions were detected in December.” Russian Basketball Player Accused of Ransomware Ties Freed in Prisoner Swap — A Russian basketball player accused of being involved in a ransomware gang was freed in a prisoner exchange between Russia and France. Daniil Kasatkin, 26, was arrested in July 2025 shortly after arriving in France with his fiancée.

He is alleged to have been involved in a ransomware group that allegedly targeted nearly 900 entities between 2020 and 2022. While the name of the ransomware gang was not revealed, it’s believed to be the now-defunct Conti group. Kasatkin’s lawyer said he was not involved in ransomware attacks and claimed the accusations related to a second-hand computer he purchased. Illicit Crypto Activity Reaches Record $158B in 2025 — Illicit cryptocurrency activity reached an all-time high of $158 billion in 2025, up nearly 145% from 2024, according to TRM Labs.

Despite this surge, the activity has continued to decline as a share of overall cryptocurrency activity, declining from 1.3% in 2024 to 1.2% in 2025. “Inflows to sanctioned entities and jurisdictions rose sharply in 2025, led by USD 72 billion received by the A757 token , followed by an additional USD 39 billion sent to the A7 wallet cluster,” the blockchain intelligence firm said . “This growth was highly concentrated: more than 80% of sanctions-linked volume was connected to Russia-linked entities, including Garantex, Grinex, and A7.” A7 is assessed to operate as a hub connecting Russia-linked actors with counterparties across China, Southeast Asia, and Iran-linked networks. “The spike in illicit volume doesn’t reflect a failure of enforcement — it reflects a maturing ecosystem and better visibility,” said Ari Redbord, Global Head of Policy at TRM Labs.

“Crypto has moved from novelty to durable financial infrastructure, and illicit actors — including geopolitical actors – are operating within it the same way they do in traditional finance: persistently, at scale, and increasingly exposed.” In a related report, Chainalysis said illicit cryptocurrency addresses received at least $154 billion in 2025, a 162% increase year-over-year, with Chinese money laundering networks operated by criminal syndicates behind scam operations emerging as a prominent player in the illicit on-chain ecosystem. China Tightens Oversight of Personal Data Collection on Internet — China has issued draft regulations for the governance of personal information collection from the internet and its use, as part of its efforts to safeguard users’ rights and promote transparency. “The collection and use of personal information shall follow the principles of legality, legitimacy, necessity, and integrity, and shall not collect and use personal information through misleading, fraud, coercion, and other means,” the draft rules released by the Cyberspace Administration of China (CAC) on January 10, 2026, state. “The collection and use of personal information shall fully inform the subject of the collection and use of personal information and obtain the consent of the subject of the personal information; the collection and use of sensitive personal information shall obtain the separate consent of the subject of the personal information.” In addition, app developers are responsible for maintaining the security and compliance, and ensuring that camera and microphone permissions are accessed only when taking photos, or making video or audio recordings.

Security Flaw in Kiro GitLab Merge Request Helper — A high-severity vulnerability has been disclosed in Kiro’s GitLab Merge Request Helper (CVE-2026-0830, CVSS score: 8.4) that could result in arbitrary command injection when opening a maliciously crafted workspace in the agentic IDE. “This may occur if the workspace has specially crafted folder names within the workspace containing injected commands,” Amazon said . The issue has been addressed in version 0.6.18. Security researcher Dhiraj Mishra, who reported the flaw in October 2025, said it can be abused to run arbitrary commands on the developer’s machine by taking advantage of the fact that GitLab Merge Request Helper passes repository paths to a sub-process without enclosing them in quotes, enabling an attacker to incorporate shell meta-characters and achieve command execution.

Phishing Attacks Leverage WeChat in China-Linked Fraud Operations — KnowBe4 said it has observed a spike in phishing emails targeting the U.S. and EMEA that use WeChat “Add Contact” QR code lures, jumping from only 0.04% in 2024 to 5.1% by November 2025. “While the overall volume remains relatively low, this represents a 3,475% increase across these regions,” it said . “Additionally, 61.7% of these phishing emails were written in English, and a further 6.5% were in languages other than Chinese or English, indicating a growing and targeted diversification.” In these high-volume phishing schemes, emails centered around job opportunity themes urge recipients to scan an embedded QR code to add an HR representative on WeChat.

The emails are sent using a mass mailer toolkit that uses spoofed domains and Base64-encoding to evade spam filters. Should a victim fall for the bait and add them on WeChat, the threat actors build rapport with them before carrying out financially motivated scams. “These monetary transfers take place via WeChat Pay, which offers a fast payment service that’s difficult to trace and reverse,” KnowBe4 said. “The platform also provides a largely closed ecosystem.

Identity details and conversation histories exist inside Tencent’s environment, which can make cross-border investigation and recovery slow.” Phishing Campaign Delivers GuLoader — A new phishing campaign disguised as an employee performance report is being used to deliver a malware loader called GuLoader , which then deploys a known remote access trojan known as Remcos RAT . “It allows threat actors to perform malicious remote control behaviors such as keylogging, capturing screenshots, controlling webcams and microphones, as well as extracting browser histories and passwords from the installed system,” AhnLab said. The development comes as WebHards impersonating adult video games have been employed to propagate Quasar RAT (aka xRAT) in attacks targeting South Korea. Critical Vulnerability in zlib — A critical security flaw in zlib’s untgz utility ( CVE-2026-22184 , CVSS score: 9.3) could be exploited to achieve a buffer overflow, resulting in an out-of-bounds write that can lead to memory corruption, denial of service, and potentially code execution depending on compiler, architecture, build flags, and memory layout.

The issue affects zlib versions up to and including 1.3.1.2. “A global buffer overflow vulnerability exists in the TGZfname() function of the zlib untgz utility due to the use of an unbounded strcpy() call on attacker-controlled input,” researcher Ronald Edgerson said . “The utility copies a user-supplied archive name (argv[arg]) into a fixed-size static global buffer of 1024 bytes without performing any length validation. Supplying an archive name longer than 1024 bytes results in an out-of-bounds write past the end of the global buffer, leading to memory corruption.” BreachForums Database Leaked — The website “shinyhunte[.]rs”, named after the ShinyHunters extortion gang, has been updated to leak a database containing all records of users associated with BreachForums , which emerged in 2022 as a replacement for RaidForums, and has since cycled through different iterations.

In April 2025, ShinyHunters shut down BreachForums, citing an alleged zero-day vulnerability in MyBB . Subsequently, the threat actor also claimed the site had been turned into a honeypot. The database includes metadata of 323,986 users. “The database could be acquired as a result of a web application vulnerability in a CMS or through possible misconfiguration,” Resecurity said .

“This incident proved that data breaches are possible not only with legitimate businesses but also with cybercriminal resources generating damage and operating on the dark web, which can have a much greater positive impact.” Accompanying the database is a lengthy manifesto written by “James,” who names several individuals and their aliases: Dorian Dali (Kams), Ojeda Nahyl (N/A, Indra), Ali Aboussi, Rémy Benhacer, Nassim Benhaddou, Gabriel Bildstein, and MANA (Mustapha Usman). An analysis of the data has revealed that the majority of actors were identified as originating from the U.S., Germany, the Netherlands, France, Turkey, the U.K., as well as the Middle East and North Africa, including Morocco, Jordan, and Egypt. In a statement posted on BreachForums website (“breachforums[.]bf”), its current administrator N/A described James as a former ShinyHunters member and that the data originates from a leak dating back to August 2025 when the forum was being restored from the “.hn” domain. In another message shared on “shinyhunte[.]rs” in December 2025, James was outed as a “Frenchman” and a “former associate who operated in the shadows to organize ransomware attacks, particularly the one targeting Salesforce without the approval of the other members.” 🎥 Cybersecurity Webinars Stop Guessing Your SOC Strategy: Learn What to Build, Buy, or Automate — Modern SOC teams are overloaded with tools, noise, and promises that don’t translate into results, making it hard to know what to build, buy, or automate.

In this session, AirMDR CEO Kumar Saurabh and SACR CEO Francis Odum cut through the clutter with a practical, vendor-neutral look at SOC operating models, maturity, and real-world decision frameworks—leaving teams with a clear, actionable path to simplify their stack and make their SOC work more effectively. How Top MSSPs Are Using AI to Grow in 2026: Learn Their Formula — By 2026, MSSPs are under pressure to do more with less, and AI is becoming the edge that separates those who scale from those who stall. This session explores how automation reduces manual work, improves margins, and enables growth without adding headcount, with real-world insights from Cynomi founder David Primor and Secure Cyber Defense CISO Chad Robinson on turning expertise into repeatable, high-value services. 🔧 Cybersecurity Tools ProKZee — It is a cross-platform desktop tool for capturing, inspecting, and modifying HTTP/HTTPS traffic.

Built with Go and React, it’s fast, clean, and runs on Windows, macOS, and Linux. It includes a built-in fuzzer, request replay, Interactsh support for out-of-band testing, and AI-assisted analysis via ChatGPT. Full Docker support keeps setup and development simple for security researchers and developers. Portmaster — It is a free, open-source firewall and privacy tool for Windows and Linux that shows and controls all system network connections.

Built by Safing in Austria, it blocks trackers, malware, and unwanted traffic at the packet level, routes DNS securely via DoH/DoT, and offers per-app rules, privacy filtering, and an optional multi-hop Safing Privacy Network, without relying on third-party clouds. STRIDE GPT — It is an open-source AI-based threat modeling framework that automates the STRIDE method to identify risks and attack paths in modern systems. It supports GenAI and agent-based applications, aligns with the OWASP LLM and Agentic Top 10, detects RAG and multi-agent architectures, and produces clear attack trees with mitigation guidance—connecting traditional threat modeling with AI-era security risks. Disclaimer: These tools are for learning and research only.

They haven’t been fully tested for security. If used the wrong way, they could cause harm. Check the code first, test only in safe places, and follow all rules and laws. Conclusion Seen together, these updates show how quickly familiar systems turn risky when trust isn’t questioned.

Most of the damage didn’t begin with clever exploits. It began with ordinary tools quietly doing more than anyone expected. It rarely takes a dramatic failure. A missed patch.

An exposed service. A routine click that slips through. Multiply those small lapses, and the impact spreads faster than teams can contain it. The lesson is straightforward.

Today’s threats grow out of normal operations, moving at speed and scale. The advantage comes from spotting where that strain is building before it breaks. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that’s capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. “The current wave of campaigns is driven by two factors: the mass reuse of AI-generated server deployment examples that propagate common usernames and weak defaults, and the persistence of legacy web stacks such as XAMPP that expose FTP and admin interfaces with minimal hardening,” Check Point Research said in an analysis published last week. GoBruteforcer, also called GoBrut, was first documented by Palo Alto Networks Unit 42 in March 2023, documenting its ability to target Unix-like platforms running x86, x64, and ARM architectures to deploy an Internet Relay Chat (IRC) bot and a web shell for remote access, along with fetching a brute-force module to scan for vulnerable systems and expand the botnet’s reach. A subsequent report from the Black Lotus Labs team at Lumen Technologies in September 2025 found that a chunk of the infected bots under the control of another malware family known as SystemBC were also part of the GoBruteforcer botnet.

Check Point said it identified a more sophisticated version of the Golang malware in mid-2025, packing in a heavily obfuscated IRC bot that’s rewritten in the cross-platform programming language, improved persistence mechanisms, process-masking techniques, and dynamic credential lists. The list of credentials includes a combination of common usernames and passwords (e.g., myuser:Abcd@123 or appeaser:admin123456) that can accept remote logins. The choice of these names is not happenstance, as they have been used in database tutorials and vendor documentation, all of which have been used to train Large language models (LLMs), causing them to produce code snippets with the same default usernames. Some of the other usernames in the list are cryptocurrency-focused (e.g., cryptouser, appcrypto, crypto_app, and crypto) or target phpMyAdmin panels (e.g., root, wordpress, and wpuser).

“The attackers reuse a small, stable password pool for each campaign, refresh per-task lists from that pool, and rotate usernames and niche additions several times a week to pursue different targets,” Check Point said. “Unlike the other services, FTP brute-force uses a small, hardcoded set of credentials embedded in the bruteforcer binary. That built-in set points to web-hosting stacks and default service accounts.” In the activity observed by Check Point, an internet-exposed FTP service on servers running XAMPP is used as an initial access vector to upload a PHP web shell , which is then used to download and execute an updated version of the IRC bot using a shell script based on the system architecture. Once a host is successfully infected, it can serve three different uses - Run the brute-force component to attempt password logins for FTP, MySQL, Postgres, and phpMyAdmin across the internet Host and serve payloads to other compromised systems, or Host IRC-style control endpoints or act as a backup command-and-control (C2) for resilience Further analysis of the campaign has determined that one of the compromised hosts has been used to stage a module that iterates through a list of TRON blockchain addresses and queries balances using the tronscanapi[.]com service to identify accounts with non-zero funds.

This indicates a concerted effort to target blockchain projects. “GoBruteforcer exemplifies a broader and persistent problem: The combination of exposed infrastructure, weak credentials, and increasingly automated tools,” Check Point said. “While the botnet itself is technically straightforward, its operators benefit from the vast number of misconfigured services that remain online.” The disclosure comes as GreyNoise revealed that threat actors are systematically scanning the internet for misconfigured proxy servers that could provide access to commercial LLM services. Of the two campaigns, one has leveraged server-side request forgery (SSRF) vulnerabilities to target Ollama’s model pull functionality and Twilio SMS webhook integrations between October 2025 and January 2026.

Based on the use of ProjectDiscovery’s OAST infrastructure, it’s posited that the activity likely originates from security researchers or bug bounty hunters. The second set of activity, starting December 28, 2025, is assessed to be a high-volume enumeration effort to identify exposed or misconfigured LLM endpoints associated with Alibaba, Anthropic, DeepSeek, Google, Meta, Mistral, OpenAI, and xAI. The scanning originated from IP addresses 45.88.186[.]70 and 204.76.203[.]125. “Starting December 28, 2025, two IPs launched a methodical probe of 73+ LLM model endpoints,” the threat intelligence firm said .

“In eleven days, they generated 80,469 sessions – systematic reconnaissance hunting for misconfigured proxy servers that might leak access to commercial APIs.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Anthropic Launches Claude AI for Healthcare with Secure Health Record Access

Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health information. Under an initiative called Claude for Healthcare , the company said U.S. subscribers of Claude Pro and Max plans can opt to give Claude secure access to their lab results and health records by connecting to HealthEx and Function , with Apple Health and Android Health Connect integrations rolling out later this week via its iOS and Android apps. “When connected, Claude can summarize users’ medical history, explain test results in plain language, detect patterns across fitness and health metrics, and prepare questions for appointments,” Anthropic said .

“The aim is to make patients’ conversations with doctors more productive, and to help users stay well-informed about their health.” The development comes merely days after OpenAI unveiled ChatGPT Health as a dedicated experience for users to securely connect medical records and wellness apps and get personalized responses, lab insights, nutrition advice, and meal ideas. The company also pointed out that the integrations are private by design, and users can explicitly choose the kind of information they want to share with Claude and disconnect or edit Claude’s permissions at any time. As with OpenAI, the health data is not used to train its models. The expansion comes amid growing scrutiny over whether AI systems can avoid offering harmful or dangerous guidance.

Recently, Google stepped in to remove some of its AI summaries after they were found providing inaccurate health information. Both OpenAI and Anthropic have emphasized that their AI offerings can make mistakes and are not substitutes for professional healthcare advice. In the Acceptable Use Policy, Anthropic notes that a qualified professional in the field must review the generated outputs “prior to dissemination or finalization” in high-risk use cases related to healthcare decisions, medical diagnosis, patient care, therapy, mental health, or other medical guidance. “Claude is designed to include contextual disclaimers, acknowledge its uncertainty, and direct users to healthcare professionals for personalized guidance,” Anthropic said.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investment and impersonation operations. These compounds are host to thousands of people who are lured with the promise of high-paying jobs, only to have their passports and be forced to conduct scams under the threat of violence. INTERPOL has characterized these networks as human trafficking-fuelled fraud on an industrial scale.

One of the crucial drivers of the pig butchering (aka romance baiting) scams is service providers who supply the networks with all the tools to run and manage social engineering operations, as well as swiftly launder stolen funds and cryptocurrencies and move ill-gotten proceeds to accounts that cannot be reached by law enforcement. “Large scam compounds such as the Golden Triangle Economic Zone (GTSEZ) are now using ready-made applications and templates from PBaaS providers,” Infoblox said in a report published last week. “Compounding the situation further, what once required technical expertise, or an outlay for physical infrastructure, can now be purchased as an off-the-shelf service offering everything from stolen identities and front companies to turnkey scam platforms and mobile apps, dramatically lowering the barrier to entry.” These services have been found to offer full packages and fraud kits that set the groundwork for launching scalable online scam operations without much effort. One such threat actor is Penguin Account Store, which also goes by the names Heavenly Alliance and Overseas Alliance.

Penguin operates under a crimeware-as-a-service (CaaS) model, advertising fraud kits, scam templates, and “shè gōng kù” datasets comprising stolen personal information belonging to Chinese citizens. The group also peddles account data from various popular so-called media platforms like Twitter, Tinder, YouTube, Snapchat, Facebook, Instagram, Apple Music, OpenAI ChatGPT, Spotify, and Netflix, among others. It’s believed that these credentials are likely obtained through information-stealing logs sold on the dark web. But it’s presently not known if they operate the stealers themselves or whether they are merely acting as a broker of stolen data for other threat actors.

Prices for pre-registered social media accounts start from just $0.10 and go up in value depending on the date of registration and authenticity. Also provided by Penguin are bulk pre-registered SIM cards, stolen social media accounts, 4G or 5G routers, IMSI catchers, and packages of stolen pictures (aka character sets) that are used to entrap victims. Besides these, the threat actor has developed a Social Customer Relationship Management (SCRM) platform dubbed SCRM AI to allow scam operators to facilitate automated victim engagement on social media. “The threat actor also advertises BCD Pay, a payment processing platform.

BCD Pay, which links directly to the Bochuang Guarantee (博创担保自), is an anonymous peer-to-peer (P2P) solution à la HuiOne , with deep roots in the illegal online gambling space.” A second service category that’s central to the PBaaS economy is customer relationship management (CRM) platforms, which provide centralized control over several individual agents. UWORK, a seller of content and agent management tools, provides pre-made templates for creating investment scam websites. Many a scam offering also claims to have integration with legitimate trading platforms like MetaTrader to lend the sites a veneer of trust by displaying real-time financial information. These websites also come fitted with a Know Your Customer (KYC) panel that requires victims to upload proof of their identity.

The websites’ settings are configured by an administrator through a dedicated panel, granting them a high-level view of the entire operation, along with the ability to create profiles for agents, who likely interface with the victims. Panel to add a new victim account and assign them a direct agent “The admin panel offers everything needed to run a pig butchering operation. Multiple email templates, user management, agent management, profitability metrics, as well as chat and email records,” Infoblox said. “The management of agents is very complex, and agents can even be affiliates of one another.” PBaaS suppliers have also been found to provide mobile applications for Android and iOS by distributing them in the form of APK files and enrolling a limited number of Apple devices into a testing program in order to bypass app store controls.

Some threat actors have taken it a step further, opting to release such apps directly on app marketplaces while concealing their functionality by masquerading as seemingly harmless news apps. The trading panel is displayed only when a user enters a specific password in the search bar. Website templates that include hosting can cost as little as $50. A complete pack, including a website with admin access, VPS hosting, mobile app, access to a trading platform, front company incorporation in a tax haven to mask their activities, and registration with the relevant local financial regulator, can start at around $2,500.

“Sophisticated Asian crime syndicates have created a global shadow economy from their safe havens in Southeast Asia,” researchers Maël Le Touz and John Wòjcik said. “PBaaS provides the mechanisms to scale an operation with relatively little effort and cost.” Parked Domains as a Conduit for Scams and Malware The disclosure comes against the backdrop of a new study from the DNS threat intelligence firm, finding that the vast majority of parked domains – domain names that are mostly expired or dormant, or common misspellings of popular websites (aka typosquatting) – are being used to redirect visitors to sites that serve scams and malware. Infoblox revealed that visitors to a typosquat of the legitimate domain belonging to a financial institution from a virtual private network (VPN) are shown a normal parking page, but are redirected to scam or malware sites if they are visiting from a residential IP address. The parked pages, for their part, send visitors through a redirect chain, while simultaneously profiling their system using IP geolocation, device fingerprinting, and cookies to determine where to redirect them.

“In large scale experiments, we found that over 90% of the time, visitors to a parked domain would be directed to illegal content, scams, scareware and anti-virus software subscriptions, or malware, as the ‘click’ was sold from the parking company to advertisers, who often resold that traffic to yet another party,” the company said . “None of this displayed content was related to the domain name we visited.” Malicious Evilginx AitM Infrastructure Drives Credential Harvesting In recent months, it has also emerged that threat actors are leveraging an adversary-in-the-middle (AitM) phishing toolkit named Evilginx in attacks targeting at least 18 universities and educational institutions across the U.S. since April 12, 2025, with an aim to steal login credentials and session cookies. As many as 67 domains have been identified as linked to the activity.

“The low detection rates across the cybersecurity community highlight how effective Evilginx’s evasion techniques have become,” Infoblox said . “Recent versions, such as Evilginx Pro, add features that make detection even harder.” “These include default use of wildcard TLS certificates, bot filtering through advanced fingerprinting like JA4, decoy web pages, improved integration with DNS providers (e.g., Cloudflare, DigitalOcean), multi-domain support for phishlets, and JavaScript obfuscation. As Evilginx continues to mature, identifying its phishing URLs will only become more challenging.” Fraudulent Gambling Network Shows Signs of APT Operation Last month, researchers from security firm Malanta disclosed details of a sprawling infrastructure spanning more than 328,000 domains and subdomains, including over 236,000 gambling-related domains, that has been active since at least 2011 and is likely a dual operation run by a nation-state-sponsored group targeting victims in the U.S., Europe, and Southeast Asia. The network, primarily used to target Indonesian-speaking visitors, is assessed to be part of a larger operation that includes thousands of gambling domains, malicious Android applications, hijacking of domains and subdomains hosted on cloud services, and stealth infrastructure embedded inside enterprise and government websites worldwide, researchers Yinon Azar, Noam Yitzhack, Tzur Leibovitz, and Assaf Morag said.

“Blending illegal gambling, SEO manipulation, malware distribution, and highly persistent takeover techniques, this campaign represents one of the largest and most complex Indonesian-speaking, well-funded, state-sponsored-level ecosystems observed to date,” Malanta said . The activity involves systematic exploitation of WordPress, PHP components, dangling DNS, and expired cloud assets to hijack and weaponize trusted domains. The infrastructure has also been found to power a massive Android malware ecosystem hosted on Amazon Web Services (AWS) S3 buckets to distribute APK droppers with command-and-control (C2) and data-theft capabilities. The threat actors behind the scheme rely on social media and instant messaging platforms to advertise the gambling sites and direct users to install the Android apps.

As many as 7,700 domains have been flagged containing links to at least 20 AWS S3 buckets staging the APK files (e.g., “jayaplay168.apk” or “1poker-32bit.apk”). Some aspects of the 14-year-old operation were previously highlighted by Imperva and Sucuri , with the latter tracking it as an online casino spam campaign dubbed Slot Gacor that was found hijacking existing pages on compromised WordPress websites by replacing them with casino spam pages. The longevity of the infrastructure, combined with the scale and sophistication, has raised the possibility that it’s maintained by an Advanced Persistent Threat (APT) that is deeply embedded in the Indonesian cybercrime ecosystem while actively exploiting governmental virtual assets worldwide. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater . “The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular post-compromise capability expansion,” CloudSEK resetter Prajwal Awasthi said in a report published this week. The latest development reflects continued evolution of MuddyWater’s tradecraft, which has gradually-but-steadily reduced its reliance on legitimate remote access software as a post-exploitation tool in favor of a diverse custom malware arsenal comprising tools like Phoenix, UDPGangster , BugSleep (aka MuddyRot), and MuddyViper . Also tracked as Mango Sandstorm, Static Kitten, and TA450, the hacking group is assessed to be affiliated with Iran’s Ministry of Intelligence and Security (MOIS).

It’s been operational since at least 2017. Attack chains distributing RustyWater are fairly straightforward: spear-phishing emails masquerading as cybersecurity guidelines come attacked with a Microsoft Word document that, when opened, instructs the victim to “ Enable content “ so as to activate the execution of a malicious VBA macro that’s responsible for deploying the Rust implant binary. Also referred to as Archer RAT and RUSTRIC, RustyWater gathers victim machine information, detects installed security software, sets up persistence by means of a Windows Registry key, and establishes contact with a command-and-control (C2) server (“nomercys.it[.]com”) to facilitate file operations and command execution. It’s worth noting that use of RUSTRIC was flagged by Seqrite Labs late last month as part of attacks targeting Information Technology (IT), Managed Service Providers (MSPs), human resources, and software development companies in Israel.

The activity is being tracked by the cybersecurity company under the names UNG0801 and Operation IconCat. “Historically, MuddyWater has relied on PowerShell and VBS loaders for initial access and post-compromise operations,” CloudSEK said. “The introduction of Rust-based implants represents a notable tooling evolution toward more structured, modular, and low noise RAT capabilities.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.