2026-01-25 AI创业新闻

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign,” Fortinet FortiGuard Labs researcher Cara Lin said in a technical breakdown published this week. “These documents and accompanying scripts serve as visual distractions, diverting victims to fake tasks or status messages while malicious activity runs silently in the background.” The campaign stands out for a couple of reasons. First, it uses multiple public cloud services to distribute different kinds of payloads.

While GitHub is mainly used to distribute scripts, binary payloads are staged on Dropbox. This separation complicates takedown efforts, effectively improving resilience. Another “defining characteristic” of the campaign, per Fortinet, is the operational abuse of defendnot to disable Microsoft Defender. Defendnot was released last year by a security researcher who goes by the online alias es3n1n as a way to trick the security program into believing another antivirus product has already installed on the Windows host.

The campaign leverages social engineering to distribute compressed archives, which contain multiple decoy documents and a malicious Windows shortcut (LNK) with Russian-language filenames. The LNK file uses a double extension (“Задание_для_бухгалтера_02отдела.txt.lnk”) to give the impression that it’s a text file. When executed, it runs a PowerShell command to retrieve the next-stage PowerShell script hosted on a GitHub repository (“github[.]com/Mafin111/MafinREP111”), which then serves as a first-stage loader to establish a foothold, readies the system to hide evidence of malicious activity, and hands off control flow to subsequent stages. “The script first suppresses visible execution by programmatically hiding the PowerShell console window,” Fortinet said.

“This removes any immediate visual indicators that a script is running. It then generates a decoy text document in the user’s local application data directory. Once written to disk, the decoy document is automatically opened.” Once the document is displayed to the victim to keep up the ruse, the script sends a message to the attacker using the Telegram Bot API , informing the operator that the first stage has been successfully executed. A deliberately-introduced 444 second delay later, the PowerShell script runs a Visual Basic Script (“SCRRC4ryuk.vbe”) hosted at the same repository location.

This offers two crucial advantages in that it keeps the loader lightweight and allows the threat actors to update or replace the payload’s functionality on the fly without having to introduce any changes to the attack chain itself. The Visual Basic Script is highly obfuscated and acts as the controller that assembles the next-stage payload directly in memory, thereby avoiding leaving any artifacts on disk. The final-stage script checks if it’s running with elevated privileges, and, if not, repeatedly displays a User Account Control ( UAC ) prompt to force the victim to grant it the necessary permissions. The script pauses for 3,000 milliseconds between attempts.

In the next phase, the malware initiates a series of actions to suppress visibility, neutralize endpoint protection mechanisms, conduct reconnaissance, inhibit recovery, and ultimately deploy the main payloads - Configure Microsoft Defender exclusions to prevent the program from scanning ProgramData, Program Files, Desktop, Downloads, and the system temporary directory Use PowerShell to turn off additional Defender protection components Deploy defendnot to register a fake antivirus product with the Windows Security Center interface and cause Microsoft Defender to disable itself to avoid potential conflicts Conduct environment reconnaissance and surveillance via screenshot capture by means of a dedicated .NET module downloaded from the GitHub repository that takes a screengrab every 30 seconds, save it as a PNG image, and exfiltrates the data using a Telegram bot Disable Windows administrative and diagnostic tools by tampering with the Registry-based policy controls Implement a file association hijacking mechanism such that opening files with certain predefined extensions causes a message to be displayed to the victim, instructing them to contact the threat actor via Telegram One of the final payloads deployed after successfully disarming security controls and recovery mechanisms is Amnesia RAT (“svchost.scr”), which is retrieved from Dropbox and is capable of broad data theft and remote control. It’s designed to pilfer information stored in web browsers, cryptocurrency wallets, Discord, Steam, and Telegram, along with system metadata, screenshots, webcam images, microphone audio, clipboard, and active window title. “The RAT enables full remote interaction, including process enumeration and termination, shell command execution, arbitrary payload deployment, and execution of additional malware,” Fortinet said. “Exfiltration is primarily performed over HTTPS using Telegram Bot APIs.

Larger datasets may be uploaded to third-party file-hosting services such as GoFile, with download links relayed to the attacker via Telegram.” In all, Amnesia RAT facilitates credential theft, session hijacking, financial fraud, and real-time data gathering, turning it into a comprehensive tool for account takeover and follow-on attacks. The second payload delivered by the script is a ransomware that’s derived from the Hakuna Matata ransomware family and is configured to encrypt documents, archives, images, media, source code, and application assets on the infected endpoint, but not before terminating any process that could interfere with its functioning. In addition, the ransomware keeps tabs on clipboard contents and silently modifies cryptocurrency wallet addresses with attacker-controlled wallets to reroute transactions. The infection sequence ends with the script deploying WinLocker to restrict user interaction.

“This attack chain demonstrates how modern malware campaigns can achieve full system compromise without exploiting software vulnerabilities,” Lin concluded. “By systematically abusing native Windows features, administrative tools, and policy enforcement mechanisms, the attacker disables endpoint defenses before deploying persistent surveillance tooling and destructive payloads.” To counter defendnot’s abuse of the Windows Security Center API, Microsoft recommends that users enable Tamper Protection to prevent unauthorized changes to Defender settings and monitor for suspicious API calls or Defender service changes. The development comes as human resources, payroll, and internal administrative departments belonging to Russian corporate entities have been targeted by a threat actor UNG0902 to deliver an unknown implant dubbed DUPERUNNER that’s responsible for loading AdaptixC2 , a command-and-control (C2) framework. The spear-phishing campaign, codenamed Operation DupeHike, has been ongoing since November 2025.

Seqrite Labs said the attacks involve the use of decoy documents centered around themes related to employee bonuses and internal financial policies to convince recipients into opening a malicious LNK file within ZIP archives that leads to the execution of DUPERUNNER. The implant reaches out to an external server to fetch and display a decoy PDF document, while system profiling and the download of the AdaptixC2 beacon are carried out in the background. In recent months, Russian organizations have also been likely targeted by another threat actor tracked as Paper Werewolf (aka GOFFEE), which has employed artificial intelligence (AI)-generated decoys and DLL files compiled as Excel XLL add-ins to deliver a backdoor referred to as EchoGather. “Once launched, the backdoor collects system information, communicates with a hardcoded command-and-control (C2) server, and supports command execution and file transfer operations,” Intezer security researcher Nicole Fishbein said .

It “communicates with the C2 over HTTP(S) using the WinHTTP API.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last week of December 2025. The attack was unsuccessful, the country’s energy minister, Milosz Motyka, said last week. “The command of the cyberspace forces has diagnosed in the last days of the year the strongest attack on the energy infrastructure in years,” Motyka was quoted as saying. According to a new report by ESET, the attack was the work of Sandworm, which deployed a previously undocumented wiper malware codenamed DynoWiper .

The links to Sandworm are based on overlaps with prior wiper activity associated with the adversary, particularly in the aftermath of Russia’s military invasion of Ukraine in February 2022. The Slovakian cybersecurity company, which identified the use of the wiper as part of the attempted disruptive attack aimed at the Polish energy sector on December 29, 2025, said there is no evidence of successful disruption. The December 29 and 30, 2025, attacks targeted two combined heat and power (CHP) plants, as well as a system enabling the management of electricity generated from renewable energy sources such as wind turbines and photovoltaic farms, the Polish government said. “Everything indicates that these attacks were prepared by groups directly linked to the Russian services,” Prime Minister Donald Tusk said , adding the government is readying extra safeguards, including a key cybersecurity legislation that will impose strict requirements on risk management, protection of information technology (IT) and operational technology (OT) systems, and incident response.

It’s worth noting that the activity occurred on the tenth anniversary of the Sandworm’s attack against the Ukrainian power grid in December 2015, which led to the deployment of the BlackEnergy malware, plunging parts of the Ivano-Frankivsk region of Ukraine into darkness. The trojan, which was used to plant a wiper malware dubbed KillDisk, caused a 4–6 hour power outage for approximately 230,000 people. “Sandworm has a long history of disruptive cyber attacks, especially on Ukraine’s critical infrastructure,” ESET said. “Fast forward a decade and Sandworm continues to target entities operating in various critical infrastructure sectors.” In June 2025, Cisco Talos said a critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper that shares some level of functional overlap with Sandworm’s HermeticWiper .

The Russian hacking group has also been observed deploying data-wiping malware, such as ZEROLOT and Sting, in a Ukrainian university network, followed by serving multiple data-wiping malware variants against Ukrainian entities active in the governmental, energy, logistics, and grain sectors between June and September 2025. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise. Then comes the moment every security team eventually hits: “Wait… who approved this?” Unlike users or applications, AI agents are often deployed quickly, shared broadly, and granted wide access permissions, making ownership, approval, and accountability difficult to trace. What was once a straightforward question is now surprisingly hard to answer.

AI Agents Break Traditional Access Models AI agents are not just another type of user. They fundamentally differ from both humans and traditional service accounts, and those differences are what break existing access and approval models. Human access is built around clear intent. Permissions are tied to a role, reviewed periodically, and constrained by time and context.

Service accounts, while non-human, are typically purpose-built, narrowly scoped, and tied to a specific application or function. AI agents are different. They operate with delegated authority and can act on behalf of multiple users or teams without requiring ongoing human involvement. Once authorized, they are autonomous, persistent, and often act across systems, moving between various systems and data sources to complete tasks end-to-end.

In this model, delegated access doesn’t just automate user actions, it expands them. Human users are constrained by the permissions they are explicitly granted, but AI agents are often given broader, more powerful access to operate effectively. As a result, the agent can perform actions that the user themselves was never authorized to take. Once that access exists, the agent can act - even if the user never meant to perform the action, or wasn’t aware it was possible, the agent can still execute it.

As a result, the agent can create exposure - sometimes accidentally, sometimes implicitly, but always legitimately from a technical standpoint. This is how access drift occurs. Agents quietly accumulate permissions as their scope expands. Integrations are added, roles change, teams come and go, but the agent’s access remains.

They become a powerful intermediary with broad, long-lived permissions and often with no clear owner. It’s no wonder existing IAM assumptions break down. IAM assumes a clear identity, a defined owner, static roles, and periodic reviews that map to human behavior. AI agents don’t follow those patterns.

They don’t fit neatly into user or service account categories, they operate continuously, and their effective access is defined by how they are used, not how they were originally approved. Without rethinking these assumptions, IAM becomes blind to the real risk AI agents introduce. The Three Types of AI Agents in the Enterprise Not all AI agents carry the same risk in enterprise environments. Risk varies based on who owns the agent, how broadly it’s used, and what access it has, resulting in distinct categories with very different security, accountability, and blast-radius implications: Personal Agents (User-Owned) Personal agents are AI assistants used by individual employees to help with day-to-day tasks.

They draft content, summarize information, schedule meetings, or assist with coding, always in the context of a single user. These agents typically operate within the permissions of the user who owns them. Their access is inherited, not expanded. If the user loses access, the agent does too.

Because ownership is clear and scope is limited, the blast radius is relatively small. Risk is tied directly to the individual user, making personal agents the easiest to understand, govern, and remediate. Third-Party Agents (Vendor-Owned) Third-party agents are embedded into SaaS and AI platforms, provided by vendors as part of their product. Examples include AI features embedded into CRM systems, collaboration tools, or security platforms.

These agents are governed through vendor controls, contracts, and shared responsibility models. While customers may have limited visibility into how they work internally, accountability is clearly defined: the vendor owns the agent. The primary concern here is the

AI supply-chain risk

trusting that the vendor secures its agents appropriately. But from an enterprise perspective, ownership, approval paths, and responsibility are usually well understood.

Organizational Agents (Shared and Often Ownerless) Organizational agents are deployed internally and shared across teams, workflows, and use cases. They automate processes, integrate systems, and act on behalf of multiple users. To be effective, these agents are often granted broad, persistent permissions that exceed any single user’s access. This is where risk concentrates.

Organizational agents frequently have no clear owner, no single approver, and no defined lifecycle. When something goes wrong, it’s unclear who is responsible or even who fully understands what the agent can do. As a result, organizational agents represent the highest risk and the largest blast radius, not because they are malicious, but because they operate at scale without clear accountability. The Agentic Authorization Bypass Problem As we explained in our article, agents creating authorization bypass paths , AI agents don’t just execute tasks, they act as access intermediaries.

Instead of users interacting directly with systems, agents operate on their behalf, using their own credentials, tokens, and integrations. This shifts where authorization decisions actually happen. When agents operate on behalf of individual users, they can provide the user access and capabilities beyond the user’s approved permissions. A user who cannot directly access certain data or perform specific actions may still trigger an agent that can.

The agent becomes a proxy, enabling actions the user could never execute on their own. These actions are technically authorized - the agent has valid access. However, they are contextually unsafe. Traditional access controls don’t trigger any alert because the credentials are legitimate.

This is the core of the agentic authorization bypass: access is granted correctly, but used in ways security models were never designed to handle. Rethinking Risk: What Needs to Change Securing AI agents requires a fundamental shift in how risk is defined and managed. Agents can no longer be treated as extensions of users or as background automation processes. They must be treated as sensitive, potentially high-risk entities with their own identities, permissions, and risk profiles.

This starts with clear ownership and accountability . Every agent must have a defined owner responsible for its purpose, scope of access, and ongoing review. Without ownership, approval is meaningless and risk remains unmanaged. Critically, organizations must also map how users interact with agents.

It is not enough to understand what an agent can access; security teams need visibility into which users can invoke an agent, under what conditions, and with what effective permissions. Without this user–agent connection map, agents can silently become authorization bypass paths, enabling users to indirectly perform actions they are not permitted to execute directly. Finally, organizations must map agent access, integrations, and data paths across systems. Only by correlating user → agent → system → action can teams accurately assess blast radius, detect misuse, and reliably investigate suspicious activity when something goes wrong.

The Cost of Uncontrolled Organizational AI Agents Uncontrolled organizational AI agents turn productivity gains into systemic risk. Shared across teams and granted broad, persistent access, these agents operate without clear ownership or accountability. Over time, they can be used for new tasks, create new execution paths, and their actions become harder to trace or contain. When something goes wrong, there is no clear owner to respond, remediate, or even understand the full blast radius.

Without visibility, ownership, and access controls, organizational AI agents become one of the most dangerous, and least governed elements in the enterprise security landscape. To learn more visit https://wing.security/ Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the implementation of the DCE/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet. It was resolved by Broadcom in June 2024, along with CVE-2024-37080, another heap overflow in the implementation of the DCE/RPC protocol that could lead to remote code execution.

Chinese cybersecurity company QiAnXin LegendSec researchers Hao Zheng and Zibo Li were credited with discovering and reporting the issues. In a presentation at the Black Hat Asia security conference in April 2025, the researchers said the two flaws are part of a set of four vulnerabilities – three heap overflows and one privilege escalation – that were discovered in the DCE/RPC service. The two other flaws, CVE-2024-38812 and CVE-2024-38813 , were patched by Broadcom in September 2024. In particular, they found that one of the heap overflow vulnerabilities could be chained with the privilege escalation vulnerability (CVE-2024-38813) to achieve unauthorized remote root access and ultimately gain control over ESXi.

It’s currently not known how CVE-2024-37079 is being exploited, if it’s the work of any known threat actor or group, or the scale of such attacks. However, Broadcom has since updated its advisory to officially confirm in-the-wild abuse of the vulnerability. “Broadcom has information to suggest that exploitation of CVE-2024-37079 has occurred in the wild,” the company said in its update. In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are required to update to the latest version by February 13, 2026, for optimal protection.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2025-68645 (CVSS score: 8.8) - A PHP remote file inclusion vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow a remote attacker to craft requests to the “/h/rest” endpoint and allow inclusion of arbitrary files from the WebRoot directory without any authentication (Fixed in November 2025 with version 10.1.13 ) CVE-2025-34026 (CVSS score: 9.2) - An authentication bypass in the Versa Concerto SD-WAN orchestration platform that could allow an attacker to access administrative endpoints (Fixed in April 2025 with version 12.2.1 GA ) CVE-2025-31125 (CVSS score: 5.3) - An improper access control vulnerability in Vite Vitejs that could allow contents of arbitrary files to be returned to the browser using ?inline&import or ?raw?import (Fixed in March 2025 with versions 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11 ) CVE-2025-54313 (CVSS score: 7.5) - An embedded malicious code vulnerability in eslint-config-prettier that could allow for execution of a malicious DLL dubbed Scavenger Loader that’s designed to deliver an information stealer It’s worth noting that CVE-2025-54313 refers to a supply chain attack targeting eslint-config-prettier and six other npm packages, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall, got-fetch, and is, that came to light in July 2025. The phishing campaign targeted the package maintainers with bogus links that harvested their credentials under the pretext of verifying their email address as part of regular account maintenance, allowing the threat actors to publish trojanized versions.

According to CrowdSec , exploitation efforts targeting CVE-2025-68645 have been ongoing since January 14, 2026. There are currently no details on how the other vulnerabilities are being exploited in the wild. Pursuant to Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary fixes by February 12, 2026, to secure their networks against active threats. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Most AI Risk Isn’t in Models, It’s in Your SaaS Stack

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. “In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the time of the attack, which suggested a new attack path,” Fortinet Chief Information Security Officer (CISO) Carl Windsor said in a Thursday post. The activity essentially mounts to a bypass for patches put in place by the network security vendor to address CVE-2025-59718 and CVE-2025-59719 , which could allow unauthenticated bypass of SSO login authentication via crafted SAML messages if the FortiCloud SSO feature is enabled on affected devices. The issues were originally addressed by Fortinet last month.

However, earlier this week, reports emerged of renewed activity in which malicious SSO logins on FortiGate appliances were recorded against the admin account on devices that had been patched against the twin vulnerabilities. The activity is similar to incidents observed in December, shortly after the disclosure of the CVE-2025-59718 and CVE-2025-59719. The activity involves the creation of generic accounts for persistence, making configuration changes granting VPN access to those accounts, and the exfiltration of firewall configurations to different IP addresses. The threat actor has been observed logging in with accounts named “cloud-noc@mail.io” and “cloud-init@mail.io.” As mitigations, the company is urging the following actions - Restrict administrative access of edge network device via the internet by applying a local-in policy Disable FortiCloud SSO logins by disabling “admin-forticloud-sso-login” “It is important to note that while, at this time, only exploitation of FortiCloud SSO has been observed, this issue is applicable to all SAML SSO implementations,” Fortinet said.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order

TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new venture, named TikTok USDS Joint Venture LLC, has been established in compliance with the Executive Order signed by U.S. President Donald Trump in September 2025, the platform said. The new deal will see TikTok’s Chinese parent company, ByteDance, selling the majority of its stake to a group of majority-American investors, while it will retain a 19.9% stake in the business.

The Chinese government hasn’t commented publicly on the agreement. “The majority American owned Joint Venture will operate under defined safeguards that protect national security through comprehensive data protections, algorithm security, content moderation, and software assurances for U.S. users,” it added. “It will safeguard the U.S.

content ecosystem through robust trust and safety policies and content moderation while ensuring continuous accountability through transparency reporting and third-party certifications.” To that end, U.S. users’ data will be protected with Oracle’s secure U.S. cloud environment, while also retraining and updating TikTok’s content recommendation algorithm specifically based on users in the country. The recommendation algorithm will be secured using Oracle’s cloud infrastructure as well.

In addition, the independent entity is expected to operate a comprehensive data privacy and cybersecurity program that it said will be audited and certified by third-party cybersecurity experts. “The program will adhere to major industry standards, including the National Institute of Standards and Technology (NIST) CSF and 800-53 and ISO 27001, as well as the Cybersecurity and Infrastructure Security Agency (CISA) Security Requirements for Restricted Transactions, the company said. The safeguards rolled out by the joint venture will also extend to CapCut, Lemon8, and TikTok’s other apps and websites in the U.S. TikTok is used by over 200 million Americans and 7.5 million businesses.

President Trump hailed the deal in a Truth Social post , stating that the company would now be owned by a “group of Great American Patriots and Investors, the Biggest in the World.” He also thanked Chinese President Xi Jinping for working with his administration, and “ultimately, approving the Deal.” The development comes a month after reports emerged that TikTok had signed an agreement to create a new U.S. joint venture. Under President Trump’s September 2025 executive order, the attorney general was blocked from enforcing the national security law for a 120-day period in order to “permit the contemplated divestiture to be completed,” allowing the deal to be finalized by January 23, 2026. TikTok was briefly banned a year ago after a federal law, signed by former President Joe Biden, went into effect.

The legislation, passed in April 2024, mandated that the service be made available either under American ownership or another entity, citing national security concerns over its Chinese owner, ByteDance. Lawmakers have argued that Beijing could force the firm to hand over U.S. users’ data, a claim that both TikTok and ByteDance have consistently denied. These fears have also led to an outright ban of TikTok in India in June 2020.

In late 2024, the Canadian government ordered TikTok to dissolve its operations in the country. Update TikTok’s new U.S. joint venture has made changes to its privacy policy that will allow it to collect users’ precise geolocation as opposed to just the approximate location, depending on the device permissions. The updated terms also include a clause for collecting information from interacting with its artificial intelligence (AI) tools, “including prompts, questions, files, and other types of information that you submit to our AI-powered interfaces, as well as the responses they generate.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software for persistent remote access to compromised hosts. “Instead of deploying custom viruses, attackers are bypassing security perimeters by weaponizing the necessary IT tools that administrators trust,” KnowBe4 Threat Labs researchers Jeewan Singh Jalal, Prabhakaran Ravichandhiran, and Anand Bodke said . “By stealing a ‘skeleton key’ to the system, they turn legitimate Remote Monitoring and Management (RMM) software into a persistent backdoor.” The attack unfolds in two distinct waves, where the threat actors leverage fake invitation notifications to steal victim credentials, and then leverage those pilfered credentials to deploy RMM tools to establish persistent access. The bogus emails are disguised as an invitation from a legitimate platform called Greenvelope, and aim to trick recipients into clicking on a phishing URL that’s designed to harvest their Microsoft Outlook, Yahoo!, AOL.com login information.

Once this information is obtained, the attack moves to the next phase. Specifically, this involves the threat actor registering with LogMeIn using the compromised email to generate RMM access tokens, which are then deployed in a follow-on attack through an executable named “GreenVelopeCard.exe” to establish persistent remote access to victim systems. The binary, signed with a valid certificate, contains a JSON configuration that acts as a conduit to silently install LogMeIn Resolve (formerly GoTo Resolve) and connect to an attacker-controlled URL without the victim’s knowledge. With the RMM tool now deployed, the threat actors weaponize the remote access to alter its service settings so that it runs with unrestricted access on Windows.

The attack also establishes hidden scheduled tasks to automatically launch the RMM program even if it’s manually terminated by the user. To counter the threat, it’s advised that organizations monitor for unauthorized RMM installations and usage patterns. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft has warned of a multi‑stage adversary‑in‑the‑middle ( AitM ) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. “The campaign abused SharePoint file‑sharing services to deliver phishing payloads and relied on inbox rule creation to maintain persistence and evade user awareness,” the Microsoft Defender Security Research Team said . “The attack transitioned into a series of AitM attacks and follow-on BEC activity spanning multiple organizations.” As part of post-exploitation activity following initial compromise, the unknown attackers have been found to leverage trusted internal identities from the victim to carry out large‑scale intra‑organizational and external phishing in an effort to cast a wide net and widen the scope of the campaign. The starting point of the attack is a phishing email likely sent from an email address belonging to a trusted organization, which was compromised beforehand.

Abusing this legitimate channel, the threat actors sent out messages masquerading as SharePoint document‑sharing workflows to give it a veneer of credibility and trick recipients into clicking on phishing URLs. Because services like SharePoint and OneDrive are widely used in enterprise environments and the emails originate from a legitimate address, they are unlikely to raise suspicion, allowing adversaries to deliver phishing links or stage malicious payloads. This approach is also called living-off-trusted-sites ( LOTS ), as it weaponizes the familiarity and ubiquity of such platforms to subvert email‑centric detection mechanisms. The URL, for its part, redirects users to a fake credential prompt to view the purported document.

Armed with access to the account using the stolen credentials and the session cookie, the attackers create inbox rules to delete all incoming emails and mark all emails as read. With this foundation in place, the compromised inbox is used to send phishing messages containing a fake URL designed to conduct credential theft using an AitM attack. In one case, Microsoft said the attacker initiated a large-scale phishing campaign involving more than 600 emails that were sent to the compromised user’s contacts, both within and outside of the organization. The threat actors have also been observed taking steps to delete undelivered and out of office emails, and assure message recipients of the email’s authenticity if they raised any concerns.

The correspondence is then deleted from the mailbox. “These techniques are common in any BEC attacks and are intended to keep the victim unaware of the attacker’s operations, thus helping in persistence,” the Windows maker noted. Microsoft said the attack highlights the “operational complexity” of AitM, stating password resets alone cannot remediate the threat, as impacted organizations must ensure that they have revoked active session cookies and removed attacker-created inbox rules used to evade detection. To that end, the company noted that it worked with customers to revoke multi-factor authentication (MFA) changes made by the attacker on the compromised user’s accounts and delete suspicious rules created on those accounts.

It’s currently not known how many organizations were compromised and if it’s the work of any known cybercrime group. Organizations are advised to work with their identity provider to make sure security controls like phishing-resistant MFA are in place, enable conditional access policies , implement continuous access evaluation , and use anti-phishing solutions that monitor and scan incoming emails and visited websites. The attack outlined by Microsoft highlights the ongoing trend among threat actors to abuse trusted services such as Google Drive, Amazon Web Services (AWS), and Atlassian’s Confluence wiki to redirect to credential harvesting sites and stage malware. This eliminates the need for attackers to build out their own infrastructure as well as makes malicious activity appear legitimate.

The disclosure comes as identity services provider Okta said it detected custom phishing kits that are designed specifically for use in voice phishing (aka vishing) campaigns targeting Google, Microsoft, Okta, and a wide range of cryptocurrency platforms. In these campaigns, the adversary, posing as tech support personnel, calls prospective targets using a spoofed support hotline or company phone number. The attacks aim to trick users into visiting a malicious URL and hand over their credentials, which are subsequently relayed to the threat actors in real-time via a Telegram channel, granting them unauthorized access to their accounts. The social engineering efforts are well planned, with the attackers conducting reconnaissance on the targets and crafting customized phishing pages.

The kits, sold on an as-a-service basis, come fitted with client-side scripts that make it possible for threat actors to control the authentication flow in the browser of a targeted user in real-time, as they provide verbal instructions and convince them to take actions (e.g., approve push notifications or enter one-time passwords) that would lead to an MFA bypass. “Using these kits, an attacker on the phone to a targeted user can control the authentication flow as that user interacts with credential phishing pages,” said Moussa Diallo, threat researcher at Okta Threat Intelligence. “They can control what pages the target sees in their browser in perfect synchronization with the instructions they are providing on the call. The threat actor can use this synchronization to defeat any form of MFA that is not phishing-resistant.” In recent weeks, phishing campaigns have exploited Basic Authentication URLs (i.e., “username:password@domain[.]com”) by placing a trusted domain in the username field, followed by an @ symbol and the actual malicious domain to visually mislead the victim.

“When a user sees a URL that begins with a familiar and trusted domain, they may assume the link is legitimate and safe to click,” Netcraft said . “However, the browser interprets everything before the @ symbol as authentication credentials, not as part of the destination. The real domain, or the one that the browser connects to, is included after the @ symbol.” Other campaigns have resorted to simple visual deception tricks like using “rn” in place of “m” to conceal malicious domains and deceive victims into thinking they are visiting a legitimate domain associated with companies like Microsoft (“rnicrosoft[.]com”), Mastercard (“rnastercard[.]de”), Marriott (“rnarriotthotels[.]com”), and Mitsubishi (“rnitsubishielectric[.]com”). This is called a homoglyph attack .

“While attackers often aim at brands that start with the letter M for this technique, some of the most convincing domains come from swapping an internal ‘m’ with ‘rn’ inside words,” Netcraft’s Ivan Khamenka said . “This technique becomes even more dangerous when it appears in words that organizations commonly use as part of their brand, subdomains, or service identifiers. Terms like email, message, member, confirmation, and communication all contain mid-word m’s that users barely process.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator in Southeast Asia in November 2025. The attack leveraged a malicious driver called POORTRY as part of a known technique referred to as bring your own vulnerable driver (BYOVD) to disarm security software, the Symantec and Carbon Black Threat Hunter Team said. It’s worth noting that Osiris is assessed to be a brand-new ransomware strain, sharing no similarities with another variant of the same name that emerged in December 2016 as an iteration of the Locky ransomware. It’s currently not known who the developers of the locker are, or if it’s advertised as a ransomware-as-a-service (RaaS).

However, the Broadcom-owned cybersecurity division said it identified clues that suggest the threat actors who deployed the ransomware may have been previously associated with INC ransomware (aka Warble). “A wide range of living off the land and dual-use tools were used in this attack, as was a malicious POORTRY driver, which was likely used as part of a bring your own vulnerable driver (BYOVD) attack to disable security software,” the company said in a report shared with The Hacker News. “The exfiltration of data by the attackers to Wasabi buckets, and the use of a version of Mimikatz that was previously used, with the same filename (kaz.exe), by attackers deploying the INC ransomware, point to potential links between this attack and some attacks involving INC.” Described as an “effective encryption payload” that’s likely wielded by experienced attackers, Osiris makes use of a hybrid encryption scheme and a unique encryption key for each file. It’s also flexible in that it can stop services, specify which folders and extensions need to be encrypted, terminate processes, and drop a ransom note.

By default, it’s designed to kill a long list of processes and services related to Microsoft Office, Exchange, Mozilla Firefox, WordPad, Notepad, Volume Shadow Copy, and Veeam, among others. First signs of malicious activity on the target’s network involved the exfiltration of sensitive data using Rclone to a Wasabi cloud storage bucket prior to the ransomware deployment. Also utilized in the attack were a number of dual-use tools like Netscan, Netexec, and MeshAgent, as well as a custom version of the Rustdesk remote desktop software. POORTRY is a little different from traditional BYOVD attacks in that it uses a bespoke driver expressly designed for elevating privileges and terminating security tools, as opposed to deploying a legitimate-but-vulnerable driver to the target network.

“KillAV, which is a tool used to deploy vulnerable drivers for terminating security processes, was also deployed on the target’s network,” the Symantec and Carbon Black Threat Hunter Team noted. “RDP was also enabled on the network, likely to provide the attackers with remote access.” The development comes as ransomware remains a significant enterprise threat, with the landscape constantly shifting as some groups close their doors and others quickly rise from their ashes or move in to take their place. According to an analysis of data leak sites by Symantec and Carbon Black, ransomware actors claimed a total of 4,737 attacks during 2025, up from 4,701 in 2024, a 0.8% increase. The most active players during the past year were Akira (aka Darter or Howling Scorpius), Qilin (aka Stinkbug or Water Galura), Play (aka Balloonfly), INC, SafePay, RansomHub (aka Greenbottle), DragonForce (aka Hackledorb), Sinobi, Rhysida, and CACTUS.

Some of the other notable developments in the space are listed below - Threat actors using the Akira ransomware have leveraged a vulnerable Throttlestop driver , along with the Windows CardSpace User Interface Agent and Microsoft Media Foundation Protected Pipeline, to sideload the Bumblebee loader in attacks observed in mid-to-late 2025. Akira ransomware campaigns have also exploited SonicWall SSL VPNs to breach small- to medium-sized business environments during mergers and acquisitions and ultimately obtain access to the bigger, acquiring enterprises. Another Akira attack has been found to leverage ClickFix -style CAPTCHA verification lures to drop a .NET remote access trojan called SectopRAT , which serves as a conduit for remote control and ransomware delivery. LockBit (aka Syrphid), which partnered with DragonForce and Qilin in October 2025, has continued to maintain its infrastructure despite a law enforcement operation to shut down its operations in early 2024.

It has also released variants of LockBit 5.0 targeting multiple operating systems and virtualization platforms. A significant update to LockBit 5.0 is the introduction of a two-stage ransomware deployment model that separates the loader from the main payload, while simultaneously maximizing evasion, modularity, and destructive impact. A new RaaS operation dubbed Sicarii has claimed only one victim since it first surfaced in late 2025. While the group explicitly identifies itself as Israeli/Jewish, analysis has uncovered that underground online activity is primarily carried out in Russian and that the Hebrew content shared by the threat actor contains grammatical and semantic errors.

This has raised the possibility of a false flag operation. Sicarii’s primary operator has used the Telegram account “@Skibcum,” posing as its communications lead to promote the ransomware, while claiming that the group focuses on small businesses and that it’s intentionally maintaining a lower profile “for now.” The threat actor known as Storm-2603 (aka CL-CRI-1040 or Gold Salem) has been observed leveraging the legitimate Velociraptor digital forensics and incident response (DFIR) tool as part of precursor activity leading to the deployment of Warlock, LockBit, and Babuk ransomware. The attacks have also utilized two drivers (“rsndispot.sys” and “kl.sys”) along with “vmtools.exe” to disable security solutions using a BYOVD attack. Entities in India, Brazil, and Germany have been targeted by Makop ransomware attacks that exploit exposed and insecure RDP systems to stage tools for network scanning, privilege escalation, disabling security software, credential dumping, and ransomware deployment.

The attacks, besides using “hlpdrv.sys” and “ThrottleStop.sys” drivers for BYOVD attacks, also deploy GuLoader to deliver the ransomware payload. This is the first documented case of Makop being distributed via a loader. Ransomware attacks have also obtained initial access using already-compromised RDP credentials to perform reconnaissance, privilege escalation, lateral movement via RDP, followed by exfiltrating data to temp[.]sh on day six of the intrusion and deploying Lynx ransomware three days later. A security flaw in the encryption process associated with the Obscura ransomware has been found to render large files unrecoverable.

“When it encrypts large files, it fails to write the encrypted temporary key to the file’s footer,” Coveware said. “For files over 1GB, that footer is never created at all — which means the key needed for decryption is lost. These files are permanently unrecoverable.” A new ransomware family named 01flip has targeted a limited set of victims in the Asia-Pacific region. Written in Rust, the ransomware can target both Windows and Linux systems.

Attack chains involve the exploitation of known security vulnerabilities (e.g., CVE-2019-11580) to obtain a foothold into target networks. It has been attributed to a financially motivated threat actor known as CL-CRI-1036. To protect against targeted attacks, organizations are advised to monitor the use of dual-use tools, restrict access to RDP services, enforce multi-factor authentication (2FA), use application allowlisting where applicable, and implement off-site storage of backup copies. “While attacks involving encrypting ransomware remain as prevalent as ever and still pose a threat, the advent of new types of encryptionless attacks adds another degree of risk, creating a wider extortion ecosystem of which ransomware may become just one component,” Symantec and Carbon Black said .

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon ( telnetd ) that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061 , is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and including version 2.7. “Telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a ‘-f root’ value for the USER environment variable,” according to a description of the flaw in the NIST National Vulnerability Database (NVD).

In a post on the oss-security mailing list, GNU contributor Simon Josefsson said the vulnerability can be exploited to gain root access to a target system - The telnetd server invokes /usr/bin/login (normally running as root) passing the value of the USER environment variable received from the client as the last parameter. If the client supply [sic] a carefully crafted USER environment value being the string “-f root”, and passes the telnet(1) -a or –login parameter to send this USER environment to the server, the client will be automatically logged in as root bypassing normal authentication processes. This happens because the telnetd server do [sic] not sanitize the USER environment variable before passing it on to login(1), and login(1) uses the -f parameter to by-pass normal authentication. Josefsson also noted that the vulnerability was introduced as part of a source code commit made on March 19, 2015, which eventually made it to version 1.9.3 release on May 12, 2015.

Security researcher Kyu Neushwaistein (aka Carlos Cortes Alvarez) has been credited with discovering and reporting the flaw on January 19, 2026. As mitigations, it’s advised to apply the latest patches and restrict network access to the telnet port to trusted clients. As temporary workarounds, users can disable telnetd server, or make the InetUtils telnetd use a custom login(1) tool that does not permit use of the ‘-f’ parameter, Josefsson added. Data gathered by threat intelligence firm GreyNoise shows that 21 unique IP addresses have been observed attempting to execute a remote authentication bypass attack by leveraging the flaw over the past 24 hours.

All the IP addresses, which originate from Hong Kong, the U.S., Japan, the Netherlands, China, Germany, Singapore, and Thailand, have been flagged as malicious. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories

Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows were enough to open doors without forcing them. What stands out is how little friction attackers now need.

Some activity focused on quiet reach and coverage, others on timing and reuse. The emphasis wasn’t speed or spectacle, but control gained through scale, patience, and misplaced trust. The stories below trace where that trust bent, not how it broke. Each item is a small signal of a larger shift, best seen when viewed together.

Spear-phishing delivers custom backdoor Operation Nomad Leopard Targets Afghanistan Government entities in Afghanistan have been at the receiving end of a spear-phishing campaign dubbed Operation Nomad Leopard that employs bogus administrative documents as decoys to distribute a backdoor named FALSECUB by means of a GitHub-hosted ISO image file. The campaign was first detected in late December 2025. “The ISO file contains three files,” Seqrite Lab said . “The LNK file, Doc.pdf.lnk, is responsible for displaying the PDF to the victim and executing the payload.

The PDF file, doc.pdf, contains the government-themed lure.” The final payload is a C++ executable that’s capable of receiving commands from an external server. The activity has not been attributed to any specific country or known hacker group. “The campaign appears to be conducted by a regionally focused threat actor with a low-to-moderate sophistication level,” the Indian cybersecurity company added. DoS attacks hit UK services U.K.

Warns of Malicious Activity from Russia-Aligned Hacktivists The U.K. government is warning of continued malicious activity from Russian-aligned hacktivist groups like NoName057(16) targeting critical infrastructure and local government organizations in the country with denial-of-service (DoS) attacks. The end goal of these attacks is to take websites offline and disable access to essential services. “Although DoS attacks are typically low in sophistication, a successful attack can disrupt entire systems, costing organisations significant time, money, and operational resilience by having to analyse, defend against, and recover from them,” the U.K.

National Cyber Security Centre (NCSC) said . Trusted apps load malicious DLLs New Stealer Campaign Uses DLL Side-Loading Trick Google-owned VirusTotal has disclosed details of an information stealer campaign that relies on a trusted executable to trick the operating system into loading a malicious DLL (“CoreMessaging.dll”) payload – a technique called DLL side-loading – leading to the execution of secondary-stage infostealers designed to exfiltrate sensitive data. Both the executable and the DLL are distributed via ZIP archives that mimic installers for legitimate applications like Malwarebytes (e.g., “malwarebytes-windows-github-io-6.98.5.zip”) and other programs. WSL abused without process spawn Windows Subsystem for Linux Beacon Object File Released SpecterOps researcher Daniel Mayer has released a beacon object file ( BOF ) – a compiled C program designed to run within the memory of a post-exploitation agent like Cobalt Strike Beacon – that interacts with the Windows Subsystem for Linux (WSL) by directly invoking the WSL COM service, avoiding process creation for “wsl.exe” entirely and allowing operators to list all installed WSL distributions and execute arbitrary commands on any WSL distribution that the BOF finds.

Ads push covert RAT installers Malicious Ads for File Converters Lead to RATs Cybersecurity researchers have disclosed an active malicious campaign that uses advertisements placed on legitimate websites to lure users into downloading “converter” tools for converting images or documents. These services share a similar website template and go by names like Easy2Convert, ConvertyFile, Infinite Docs, and PowerDoc. Should a user end up attempt to download the program, they are redirected to another domain that actually hosts the C# dropper files. “In the foreground, these tools usually work as promised, so users do not become suspicious,” Nextron Systems said .

“In the background, however, they behave almost identically: they install persistent remote access trojans (RATs) that give the threat actor continuous access to the victim system.” Specifically, the executable is designed to establish persistence using a scheduled task, which points to the main payload, a .NET application that initiates communication with a remote server, executes .NET assemblies received from the server, and sends the results back via an HTTP POST request. Short-lived TLS certs roll out Let’s Encrypt Makes 6-Day Certificates Available Let’s Encrypt said its short-lived TLS certificates with a 6-day lifetime are now generally available. Each certificate is valid for a period of 160 hours from the time it is issued. “Short-lived certificates are opt-in and we have no plan to make them the default at this time.

Subscribers that have fully automated their renewal process should be able to switch to short-lived certificates easily if they wish, but we understand that not everyone is in that position and generally comfortable with this significantly shorter lifetime,” Let’s Encrypt said . To request one, operators must select the “shortlived” profile in their ACME client. Short-lived certificates are opt-in and there are no plans to make them the default at this time, the non-profit certificate authority added. Support tickets abused for spam Zendesk Warns of Spam Campaigns Abusing Support Systems Zendesk has revealed that unsecured support systems are being used to send spam emails .

The attacks take advantage of Zendesk’s ability to allow unverified users to submit support tickets, which then automatically generate confirmation emails that are sent to the email address entered by the attacker. This automated response system is being weaponized to turn the support platform into a delivery vehicle for spam by creating fake tickets. “These emails look like legitimate contacts from companies that use Zendesk to communicate with their customers, and are a spam tactic known as relay spam,” the customer relationship management (CRM) vendor said in an advisory. The company described it as a “potential side effect” that arises when Zendesk is set to allow unverified users to submit requests, adding that it’s actively working to reduce spam and prevent new spam campaigns.

It has also urged customers to remove specific placeholders from first-reply triggers and permit only added users to submit tickets. EU targets high-risk suppliers E.U. Proposes Cybersecurity Rules to Secure Tech Supply Chain The European Commission has proposed new cybersecurity legislation mandating the removal of high-risk suppliers to secure telecommunications networks and strengthen defenses against state-backed and cybercrime groups targeting critical infrastructure. “The new Cybersecurity Act aims to reduce risks in the EU’s ICT supply chain from third-country suppliers with cybersecurity concerns,” the Commission said .

“It sets out a trusted ICT supply chain security framework based on a harmonised, proportionate and risk-based approach. This will enable the E.U. and Member States to jointly identify and mitigate risks across the EU’s 18 critical sectors, considering also economic impacts and market supply.” The revised Cybersecurity Act is also expected to ensure that products and services reaching E.S. consumers are tested for security in a more efficient way through a renewed European Cybersecurity Certification Framework (ECCF).

The amended act will take effect immediately upon approval by the European Parliament and the Council of the E.U. Once adopted, member states have one year to implement the directive into national law. Mass scans probe plugin exposure Large-Scale WordPress Plugin Reconnaissance Activity Spotted Threat intelligence firm GreyNoise has uncovered a large-scale WordPress plugin reconnaissance activity aimed at enumerating potentially vulnerable sites. The mass scanning, observed between October 20, 2025, and January 19, 2026, involved 994 unique IP addresses across 145 ASNs targeting 706 distinct WordPress plugins in over 40,000 unique enumeration events.

The most targeted plugins are Post SMTP, Loginizer, LiteSpeed Cache, SEO by Rank Math, Elementor, and Duplicator. The activity touched a new high on December 7, 2025, when 6,550 unique sessions were recorded. More than 95% of the spike was driven by a single IP address: 112.134.208[.]214. Users of the aforementioned plugins are advised to keep them up-to-date.

Crate vulnerabilities surface early Rust Adds “Security” Tab to Crates.io The Rust project has updated Crates.io to include a “Security” tab on individual crate pages. The tab displays security advisories drawn from the RustSec database and lists which versions of a crate may have known vulnerabilities. This change gives developers an easy way to view relevant security information before adding the crate as a dependency. “The tab shows known vulnerabilities for the crate along with the affected version ranges,” the maintainers said .

Other improvements include expanded Trusted Publishing support, which now works with GitLab CI/CD in addition to GitHub Actions, and a new Trusted Publishing mode that, when enabled, turns off traditional API token-based publishing so as to reduce the risk of unauthorized publishes from leaked API tokens. Trusted Publishing has also been updated to block pull_request_target and workflow_run GitHub Actions triggers. “These triggers have been responsible for multiple security incidents in the GitHub Actions ecosystem and are not worth the risk,” the Crates.io team said. China hosts vast C2 footprint Chinese Internet Space Hosts Over 18K C2 Servers A new analysis from Hunt.io has revealed that the Chinese internet space is hosting more than 18,000 active command-and-control (C2 or C&C) servers across 48 different providers over the last three months.

China Unicom hosts nearly half of all observed servers, with Alibaba Cloud and Tencent following suit. More than half of the C2 servers (about 9,427 unique C2 IPs) are used to control an IoT botnet known as Mozi . A chunk of the remaining C2 servers is used for activity related to Cobalt Strike (1,204), VShell (830), and Mirai (703). “Across Chinese hosting environments, a small number of large telecom and cloud providers account for the majority of observed command-and-control activity, supporting everything from commodity malware and IoT botnets to phishing operations and state-linked tooling,” Hunt.io said.

Military-linked espionage probe Ex-Military IT Consultant Detained in Sweden for Allegedly Spying for Russia A 33-year-old former IT consultant for Sweden’s Armed Forces has been detained on suspicion of passing information to Russia’s intelligence service, according to the Swedish Prosecution Authority. The suspected criminal activity took place throughout 2025 and until January 4, 2026, but Swedish authorities suspect the espionage may have been ongoing since 2022, when Russia launched its full-scale invasion of Ukraine. The suspect, who has denied any wrongdoing, worked as an IT consultant for the Swedish military from 2018 to 2022, per the AFP . The investigation is said to be still in early stages.

In February 2021, a 47-year-old Swedish tech consultant was charged with espionage for allegedly selling information about truckmaker Scania and Volvo Cars to a Russian diplomat for several years. He was sentenced to three years in prison later that September. Supply-chain platform fully exposed Security Flaws in Bluvoyix Critical vulnerabilities (from CVE-2026-22236 through CVE-2026-22240) have been disclosed in the Bluvoyix platform of Bluspark Global, a cloud-based solution that’s used to help shippers manage their supply chain data, which could have allowed a bad actor to gain full control of the platform and access customer and shipment data. They could have enabled access to customer accounts and track freight and component shipments, as well as enabled complete access to the platform’s API without the need for authentication.

This loophole could have been weaponized to create administrator accounts for follow-on exploitation. The vulnerabilities have since been patched, but not before a protracted disclosure process . Security researcher Eaton Zveare, who has previously uncovered security holes in platforms used by automotive firms, said the “admin access made it possible to view, modify, and even cancel customer shipments going back to 2007.” Crypto scams hit record scale $17B Estimated Stolen in Crypto Scams and Fraud in 2025 Cryptocurrency scams received at least $14 billion worth of cryptocurrency in 2025, a jump from $12 billion reported in the year prior. The average scam payment extracted from victims also increased from $782 to $2,764.

High-yield investment and pig butchering remained the most dominant categories by volume, even as impersonation scams – which involve fraudsters posing as legitimate organizations such as E-ZPass to manipulate victims into transferring funds – surged 1,400%. Based on historical trends, the 2025 figure is projected to exceed $17 billion as more illicit wallet addresses are identified in the coming months, Chainalysis said. Scammers have been found increasingly leveraging deepfake technology and AI-generated content to create convincing impersonations in romance and investment scams. “Major scam operations became increasingly industrialized, with sophisticated infrastructure, including phishing-as-a-service tools, AI-generated deepfakes, and professional money laundering networks,” the company said.

“Pig-butchering networks across Southeast Asia, drawing heavily on CMLNs [Chinese money laundering networks], generate billions of dollars annually and rely on layered wallet structures, exchanges, shell companies, and informal banking channels to launder funds and convert crypto into real-world assets, including real estate and luxury goods.” ATM malware ring dismantled 5 Venezuelan Nationals Plead Guilty to ATM Jackpotting Attacks A group of five Venezuelan nationals has pleaded guilty or been sentenced for their involvement in a multi-state ATM jackpotting thefts between September 14 and 16, 2024, that used sophisticated malware to steal thousands of dollars across Georgia, Florida, and Kentucky. The group, Hector Alejandro Alvarado Alvarez (20), Cesar Augusto Gil Sanchez (22), Javier Alejandro Suarez-Godoy (20), David Josfrangel Suarez-Sanchez (24), and Giobriel Alexander Valera-Astudillo (26), targeted various financial institutions by deploying malware or accessing the ATM’s supervisor mode to trigger cash withdrawals. Members of the group were caught on camera carrying out the attacks and were identified based on fingerprints left behind on the ATM machines. They face up to 30 years in prison, followed by immediate deportation.

Zero-click chain hits Pixel Google Details Pixel 9 Zero-Click Exploit Google Project Zero has released a zero-click exploit ( Part 1 , Part 2 , and Part 3 ) that can compromise Android smartphones via the Dolby audio decoder. The exploit is made possible because the Google Messages application automatically processes incoming audio attachments in the background for transcription purposes and decodes them without requiring user interaction. The exploit leverages CVE-2025-54957 to gain arbitrary code execution in the mediacodec context of a Google Pixel 9, and then makes use of CVE-2025-36934 , a use-after-free in the BigWave driver, to escalate privileges from mediacodec to kernel on the device. “The time investment required to find the necessary vulnerabilities was small compared to the impact of this exploit, especially for the privilege escalation stage,” researcher Natalie Silvanovich said.

“The time needed to find the bugs for a 0-click exploit chain on Android can almost certainly be measured in person-weeks for a well-resourced attacker.” While Dolby patched the flaw in October 2025, Samsung was the first mobile vendor to patch the vulnerability the next month. Pixel devices did not get the patch until January 5, 2026. A patch for the BigWave driver flaw was shipped to Pixel devices on January 6, 2026. Malicious ads seed infostealer Malvertising Used to Drop TamperedChef Infostealer A malvertising campaign detected by Sophos in September 2025 used Google Ads to redirect victims to deceptive sites that promoted a trojanized PDF editing application called AppSuite PDF Editor.

The application, once installed, appeared legitimate to users, but stealthily delivered an information stealer dubbed TamperedChef targeting Windows devices. The actively evolving threat cluster is known to employ tactics like delayed execution, staying dormant for about 56 days before activating the infostealer behavior to ensure persistence. The time period aligns with the typical 30-60-day cycle of paid advertising campaigns. TamperedChef is assessed to be a part of a wider campaign known as EvilAI.

According to telemetry data gathered by the cybersecurity company, over 100 systems were affected by the campaign, with the majority of the victims located in Germany (~15%), the U.K. (~14%), and France (~9%). “Victims of this campaign span a variety of industries, particularly those where operations rely heavily on specialized technical equipment – possibly because users in those industries frequently search online for product manuals, a behavior that the TamperedChef campaign exploits to distribute malicious software,” the company said. PNG files hide JS stealer Fake Pharma Invoices Distribute PureLogs Stealer A new phishing campaign has been observed using phony pharmaceutical invoices to trick recipients into opening ZIP archives containing JavaScript that, upon execution, uses PowerShell to download a malicious PNG image hosted on the Internet Archive.

“But this isn’t actually a standard PNG. Well, it is, but with extras,” Swiss Post Cybersecurity said . “The attackers embedded a Base64-encoded payload after the IEND chunk of the PNG, which marks the official end of the image data. The file still renders as a valid image in any viewer.

The actual malware sits between two custom markers, BaseStart- and -BaseEnd.” The extracted payload between these markers is used to launch a malware loader known as VMDetectLoader, which is responsible for persistence, environment checks, and launching PureLogs Stealer , a commodity stealer developed by a threat actor known as PureCoder. It’s worth noting that VMDetectLoader has been previously used to deliver DCRat in attacks targeting Colombia. Loan lures harvest bank data Fake Loan Scams in Peru A large-scale loan phishing operation in Peru has been discovered abusing fake loan offers to harvest sensitive personal and banking information (bank card details, online banking password, and a 6-digit PIN code) from unsuspecting users. The campaign is propagated via social media advertisements.

The threat actors behind the operation have created approximately 370 unique domains impersonating banks in Peru, Colombia, El Salvador, Chile, and Ecuador since 2024. “This particular phishing targets individuals through a seemingly legitimate loan application process, designed to harvest valid card credentials and corresponding PIN codes,” Group-IB said. “These credentials are then either sold on the black market or used in further phishing activities.” As soon as the details are entered on the fake sites, a script running in the background on the web page validates the information using the Luhn algorithm to ensure that the entered credit card details and government identification number are genuine. Fake installer sells bandwidth Proxyware Mimics Notepad++ A threat actor tracked as Larva-25012 is making use of a fake Notepad++ installer as a lure to distribute proxyware in attacks targeting South Korea.

The installers, written in C++ and hosted on GitHub, are promoted through advertisement pages on websites posing as download portals for cracked or otherwise illegal software. “These installers drop the downloader malware DPLoader. Once registered in the Windows Task Scheduler, DPLoader executes persistently and retrieves commands from its C&C server. All PowerShell scripts observed to date have included logic to install various Proxyware tools,” AhnLab said .

“In addition, the attacker is actively changing techniques to evade detection – such as injecting Proxyware into the Windows Explorer process or leveraging Python-based loaders.” The objective of these attacks is to install proxyware on the victim’s machine without their knowledge, and monetize their unused internet bandwidth by selling it to third parties. Larva-25012 is assessed to be active since at least 2024, distributing multiple types of proxyware, including DigitalPulse, Honeygain, and Infatica. Taken together, these incidents show how quickly the “background layer” of technology has become the front line. The weakest points weren’t exotic exploits, but the spaces people stop watching once systems feel stable.

The takeaway isn’t a single threat or fix. It’s the pattern: exposure accumulates quietly, then surfaces all at once. The full list makes that pattern hard to ignore. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.