2026-01-29 AI创业新闻

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts. The extension, named “ClawdBot Agent - AI Coding Assistant” (“clawdbot.clawdbot-agent”), has since been taken down by Microsoft. It was published by a user named “clawdbot” on January 27, 2026. Moltbot has taken off in a big way, crossing more than 85,000 stars on GitHub as of writing.

The open-source project, created by Austrian developer Peter Steinberger, allows users to run a personal AI assistant powered by a large language model (LLM) locally on their own devices and interact with it over already established communication platforms like WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, iMessage, Microsoft Teams, and WebChat. The most important aspect to note here is that Moltbot does not have a legitimate VS Code extension, meaning the threat actors behind the activity capitalized on the rising popularity of the tool to trick unsuspecting developers into installing it. The malicious extension is designed such that it’s automatically executed every time the integrated development environment (IDE) is launched, stealthily retrieving a file named “config.json” from an external server (“clawdbot.getintwopc[.]site”) to execute a binary named “Code.exe” that deploys a legitimate remote desktop program like ConnectWise ScreenConnect. The application then connects to the URL “meeting.bulletmailer[.]net:8041,” granting the attacker persistent remote access to the compromised host.

“The attackers set up their own ScreenConnect relay server, generated a pre-configured client installer, and distributed it through the VS Code extension,” Aikido researcher Charlie Eriksen said. “When victims install the extension, they get a fully functional ScreenConnect client that immediately phones home to the attacker’s infrastructure.” What’s more, the extension incorporates a fallback mechanism that retrieves a DLL listed in “config.json” and sideloads it to obtain the same payload from Dropbox. The DLL (“DWrite.dll”), written in Rust, ensures that the ScreenConnect client is delivered even if the command-and-control (C2) infrastructure becomes inaccessible. This is not the only backup mechanism incorporated into the extension for payload delivery.

The fake Moltbot extension also embeds hard-coded URLs to get the executable and the DLL to be sideloaded. A second alternative method involves using a batch script to obtain the payloads from a different domain (“darkgptprivate[.]com”). The Security Risks with Moltbot The disclosure comes as security researcher and Dvuln founder Jamieson O’Reilly found hundreds of unauthenticated Moltbot instances online, exposing configuration data, API keys, OAuth credentials, and conversation histories from private chats to unauthorized parties. “The real problem is that Clawdbot agents have agency,” O’Reilly explained .

“They can send messages on behalf of users across Telegram, Slack, Discord, Signal, and WhatsApp. They can execute tools and run commands.” This, in turn, opens the door to a scenario where an attacker can impersonate the operator to their contacts, inject messages into ongoing conversations, modify agent responses, and exfiltrate sensitive data without their knowledge. More critically, an attacker could distribute a backdoored Moltbot “skill” via MoltHub (formerly ClawdHub) to stage supply chain attacks and siphon sensitive data. Intruder, in a similar analysis, said it has observed widespread misconfigurations leading to credential exposure, prompt injection vulnerabilities , and compromised instances across multiple cloud providers.

“The core issue is architectural: Clawdbot prioritizes ease of deployment over secure-by-default configuration,” Benjamin Marr, security engineer at Intruder, said in a statement. “Non-technical users can spin up instances and integrate sensitive services without encountering any security friction or validation. There are no enforced firewall requirements, no credential validation, and no sandboxing of untrusted plugins.” Users who are running Clawdbot with default configurations are recommended to audit their configuration , revoke all connected service integrations, review exposed credentials, implement network controls, and monitor for signs of compromise. Found this article interesting?

Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM . Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy resources (DERs). “The attack affected communication and control systems at combined heat and power (CHP) facilities and systems managing the dispatch of renewable energy systems from wind and solar sites,” Dragos said . “While the attack did not result in power outages, adversaries gained access to operational technology systems critical to grid operations and disabled key equipment beyond repair at the site.” It’s worth pointing out that ELECTRUM and KAMACITE share overlaps with a cluster referred to as Sandworm (aka APT44 and Seashell Blizzard).

KAMACITE focuses on establishing and maintaining initial access to targeted organizations using spear-phishing, stolen credentials, and exploitation of exposed services. Beyond initial access, the threat actor performs reconnaissance and persistence activities over extended periods of time as part of efforts to burrow deep into target OT environments and keep a low profile, signaling a careful preparatory phase that precedes actions executed by ELECTRUM targeting the industrial control systems. “Following access enablement, ELECTRUM conducts operations that bridge IT and OT environments, deploying tooling within operational networks, and performs ICS-specific actions that manipulate control systems or disrupt physical processes,” Dragos said . “These actions have included both manual interactions with operator interfaces and the deployment of purpose-built ICS malware, depending on the operational requirements and objectives.” Put differently, the two clusters have clear separation of roles and responsibilities, enabling flexibility in execution and facilitating sustained OT-focused intrusions when conditions are favourable.

As recently as July 2025, KAMACITE is said to have engaged in scanning activity against industrial devices located in the U.S. Although no follow-on OT disruptions have been publicly reported to date, this highlights an operational model that is not geographically constrained and facilitates early-stage access identification and positioning. “KAMACITE’s access-oriented operations create the conditions under which OT impact becomes possible, while ELECTRUM applies execution tradecraft when timing, access, and risk tolerance align,” it explained. “This division of labor enables flexibility in execution and allows OT impact to remain an option, even when it is not immediately exercised.

This extends risk beyond discrete incidents and into prolonged periods of latent exposure.” Dragos said the Poland attack targeted systems that facilitate communication and control between grid operators and DER assets, including assets that enable network connectivity, allowing the adversary to successfully disrupt operations at about 30 distributed generation sites. The threat actors are assessed to have breached Remote Terminal Units (RTUs) and communication infrastructure at the affected sites using exposed network devices and exploited vulnerabilities as initial access vectors. The findings indicate that the attackers possess a deep understanding of electrical grid infrastructure, allowing them to disable communications equipment, including some OT devices. That said, the full scope of the malicious actions undertaken by ELECTRUM is unknown, with Dragos noting that it’s unclear if the threat actor attempted to issue operational commands to this equipment or focused solely on disabling communications.

The Poland attack is also assessed to be more opportunistic and rushed than a precisely planned operation, allowing the hackers to take advantage of the unauthorized access to inflict as much damage as possible by wiping Windows-based devices to impede recovery, resetting configurations, or attempting to permanently brick equipment. The majority of the equipment is targeted at grid safety and stability monitoring, per Dragos. “This incident demonstrates that adversaries with OT-specific capabilities are actively targeting systems that monitor and control distributed generation,” it added. “The disabling of certain OT or industrial control system (ICS) equipment beyond repair at the site moved what could have been seen as a pre-positioning attempt by the adversary into an attack.” Found this article interesting?

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the JFrog Security Research team, are listed below - CVE-2026-1470 (CVSS score: 9.9) - An eval injection vulnerability that could allow an authenticated user to bypass the Expression sandbox mechanism and achieve full remote code execution on n8n’s main node by passing specially crafted JavaScript code CVE-2026-0863 (CVSS score: 8.5) - An eval injection vulnerability that could allow an authenticated user to bypass n8n’s python-task-executor sandbox restrictions and run arbitrary Python code on the underlying operating system Successful exploitation of the flaws could permit an attacker to hijack an entire n8n instance, including under scenarios where it’s operating under “internal” execution mode. In its documentation, n8n notes that using internal mode in production environments can pose a security risk, urging users to switch to external mode to ensure proper isolation between n8n and task runner processes. “As n8n spans an entire organization to automate AI workflows, it holds the keys to core tools, functions, and data from infrastructure, including LLM APIs, sales data, and internal IAM systems, among others,” JFrog said in a statement shared with The Hacker News.

“This results in escapes giving a hacker an effective “skeleton key” to the entire corporation.” To address the flaws, users are advised to update to the following versions - CVE-2026-1470

1.123.17, 2.4.5, or 2.5.1 CVE-2026-0863
1.123.14, 2.3.5, or 2.4.2 The development comes merely weeks after Cyera Research Labs detailed a maximum-severity security flaw in n8n ( CVE-2026-21858 aka Ni8mare) that allows an unauthenticated remote attacker to gain complete control over susceptible instances. “These vulnerabilities highlight how difficult it is to safely sandbox dynamic, high‑level languages such as JavaScript and Python,” researcher Nathan Nehorai said. “Even with multiple validation layers, deny lists, and AST‑based controls in place, subtle language features and runtime behaviors can be leveraged to bypass security assumptions.” “In this case, deprecated or rarely used constructs, combined with interpreter changes and exception handling behavior, were enough to break out of otherwise restrictive sandboxes and achieve remote code execution.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

From Triage to Threat Hunts: How AI Accelerates SecOps

If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the idea of the “Autonomous SOC” and suggested a future where algorithms replaced analysts. That future has not arrived.

We have not seen mass layoffs or empty security operations centers. We have instead seen the emergence of a practical reality. The deployment of AI in the SOC has not removed the human element. It has instead redefined how they are spending their time.

We now understand that the value of AI is not in replacing the operator. It is in solving the math problem of defense. Infrastructure complexity scales exponentially while headcount scales linearly. This mismatch previously forced teams to make statistical compromises and sample alerts rather than solving them.

Agentic AI corrects this imbalance. It decouples investigation capacity from human availability and fundamentally alters the daily workflow of the security operations team. Redefining Triage and Investigation: Automated Context at Scale Alert triage currently functions as a filter. SOC analysts review basic telemetry to decide if an alert warrants a full investigation.

This manual gatekeeping creates a bottleneck where low-fidelity signals are ignored to preserve bandwidth. Now imagine if an alert that comes in as low severity and is pushed down the priority queue ends up being a real threat. This is where missed alerts lead to breaches. Agentic AI changes triage by adding a machine layer that investigates every alert, regardless of severity, with human-level accuracy before it reaches the analyst.

It pulls disjointed telemetry from EDR, identity, email, cloud, SaaS, and network tools into a unified context. The system performs the initial analysis and correlation and redetermines the severity, instantly pushing that low-severity alert to the top. This enables the analyst to concentrate on detecting malicious actors concealed within the noise. The human operator no longer spends time gathering IP reputation or verifying user locations.

Their role shifts to reviewing the verdict provided by the system. This ensures that 100% of alerts receive a full investigation as soon as they arrive. Zero dwell time for every alert. The forced tradeoff of ignoring low-fidelity signals disappears because the cost of investigation is significantly lower with AI SOC agents.

Impact on Detection Engineering: Visualizing the Noise Effective detection engineering requires feedback loops that manual SOCs struggle to provide. Analysts often close false positives without detailed documentation, which leaves detection engineers blind to which rules generate the most operational waste. An AI-driven architecture creates a structured feedback loop for detection logic . Because the system investigates every alert, it aggregates data on which rules consistently produce false positives.

It identifies specific detection logic that requires tuning and provides the evidence needed to modify it. This visibility allows engineers to surgically prune noisy alerts. They can retire or adjust low-value rules based on empirical data rather than anecdotal complaints. The SOC becomes cleaner over time as the AI highlights exactly where the noise lives.

Accelerating Threat Hunting: Hypothesis-Driven Defense Threat hunting is often limited by the technical barrier of query languages. Analysts must translate a hypothesis into complex syntax like SPL or KQL. This friction reduces the frequency of proactive hunts. AI removes this syntax barrier.

It enables natural language interaction with security data. An analyst can ask semantic questions about the environment. A query such as “show me all lateral movement attempts from unmanaged devices in the last 24 hours” translates instantly into the necessary database queries. This capability democratizes threat hunting.

Senior analysts can execute complex hypotheses faster. Junior analysts can participate in hunting operations without needing years of query language experience. The focus remains on the investigative theory rather than the mechanics of data retrieval. Why Organizations Choose Prophet Security What we’ve found from Prophet Security customers is that successful deployment of Agentic AI in a live environment hinges on several critical standards: Depth, Accuracy, Transparency, Adaptability, and Workflow Integration.

These are the foundational pillars essential for human operators to trust the AI system’s judgment and operationalize it. Without excelling in these areas, AI adoption will falter, as the human team will lack confidence in its verdicts. Depth requires the system to replicate the cognitive workflow of a Tier 1-3 analyst. Basic automation checks a file hash and stops.

Agentic AI must go further. It must pivot across identity providers, EDR, and network logs to build a complete picture. It must understand the nuance of internal business logic to investigate with the same breadth and rigor as a human expert. Accuracy is the measure of utility.

The system must reliably distinguish between benign administrative tasks and genuine threats. High fidelity ensures that analysts can rely on the system’s verdicts without constant re-verification. Not surprisingly, depth of investigation and accuracy go hand-in-hand. Prophet Security’s accuracy is consistently above 98%, including where it counts the most: identifying true positives.

Transparency and explainability are the ultimate test of trust. AI builds trust by providing transparency into its operations, detailing the queries run against data sources, the specific data retrieved, and the logical conclusions drawn. Prophet Security enforces a “Glass Box” standard that meticulously documents and exposes every query, data point, and logic step used to determine whether the alert is a true positive or benign. Adaptability refers to how well the AI system ingests feedback and guidance, and other organizational-specific context to improve its accuracy.

The AI system should effectively mold around your environment and its unique security needs and risk tolerance. Prophet Security has built a Guidance system that enables a human-on-the-loop model where analysts provide feedback and organizational context to customize the AI’s investigation and response logic to their needs. Workflow Integration is crucial. Tools must not only integrate with your existing technology stack but also seamlessly fit into your current security operations workflows.

A solution that demands a complete overhaul of existing systems or clashes with your established security tool implementation will be unusable from the start. Prophet Security understands this necessity, as the platform was developed by former SOC analysts from leading firms like Mandiant, Red Canary, and Expel. We’ve prioritized integration quality to ensure a seamless experience and immediate value for every security team. To learn more about Prophet Security and see why teams trust Prophet AI to triage, investigate, and respond to all of their alerts, request a demo today.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system. The vulnerability, tracked as CVE-2026-22709 , carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system. “In vm2 for version 3.10.0, Promise.prototype.then Promise.prototype.catch callback sanitization can be bypassed,” vm2 maintainer Patrik Simek said . “This allows attackers to escape the sandbox and run arbitrary code.” vm2 is a Node.js library used to run untrusted code within a secure sandboxed environment by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host environment.

The newly discovered flaw stems from the library’s improper sanitization of Promise handlers , which creates an escape vector that results in the execution of arbitrary code outside the sandbox boundaries. “The critical insight is that async functions in JavaScript return globalPromise objects, not localPromise objects. Since globalPromise.prototype.then and globalPromise.prototype.catch are not properly sanitized (unlike localPromise),” Endor Labs researchers Peyton Kennedy and Cris Staicu said . While CVE-2026-22709 has been addressed in vm2 version 3.10.2, it’s the latest in a steady stream of sandbox escapes that have plagued the library in recent years.

This includes CVE-2022-36067 , CVE-2023-29017 , CVE-2023-29199, CVE-2023-30547 , CVE-2023-32314 , CVE-2023-37466 , and CVE-2023-37903 . The discovery of CVE-2023-37903 in July 2023 also led Simek to announce that the project was being discontinued . However, these references have since been removed from the latest README file available on its GitHub repository. The Security page has also been updated as of October 2025 to mention that vm2 3.x versions are being actively maintained.

However, vm2’s maintainer has also acknowledged that new bypasses will likely be discovered in the future, urging users to make sure that they keep the library up to date and consider other robust alternatives, such as isolated-vm , for stronger isolation guarantees. “Instead of relying on the problematic vm model, the successor to vm2, isolated-vm relies on V8’s native Isolate interface, which offers a more solid foundation, but even then, the maintainers of vm2 stress the importance of isolation and actually recommend Docker with logical separation between components,” Semgrep said . In light of the criticality of the flaw, users are recommended to update to the most recent version ( 3.10.3 ), which comes with fixes for additional sandbox escapes. Found this article interesting?

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints. The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against government entities located across campaigns across Myanmar, Mongolia, Malaysia, and Russia. Kaspersky, which disclosed details of the updated malware, said it’s deployed as a secondary backdoor along with PlugX and LuminousMoth infections. “COOLCLIENT was typically delivered alongside encrypted loader files containing encrypted configuration data, shellcode, and in-memory next-stage DLL modules,” the Russian cybersecurity company said .

“These modules relied on DLL side-loading as their primary execution method, which required a legitimate signed executable to load a malicious DLL.” Between 2021 and 2025, Mustang Panda is said to have leveraged signed binaries from various software products, including Bitdefender (“qutppy.exe”), VLC Media Player (“vlc.exe” renamed as “googleupdate.exe”), Ulead PhotoImpact (“olreg.exe”), and Sangfor (“sang.exe”) for this purpose. Campaigns observed in 2024 and 2025 have been found to abuse legitimate software developed by Sangfor, with one such wave targeting Pakistan and Myanmar using it to deliver a COOLCLIENT variant that drops and executes a previously unseen rootkit. COOLCLIENT was first documented by Sophos in November 2022 in a report detailing the widespread use of DLL side-loading by China-based APT groups. A subsequent analysis from Trend Micro officially attributed the backdoor to Mustang Panda and highlighted its ability to read/delete files, as well as monitor the clipboard and active windows.

The malware has also been put to use in attacks targeting multiple telecom operators in a single Asian country in a long-running espionage campaign that may have commenced in 2021, Broadcom’s Symantec and Carbon Black Threat Hunter Team revealed in June 2024. COOLCLIENT is designed for collecting system and user information, such as keystrokes, clipboard contents, files, and HTTP proxy credentials from the host’s HTTP traffic packets based on instructions sent from a command-and-control (C2) server over TCP. It can also set up a reverse tunnel or proxy, and receive and execute additional plugins in memory. Some of the supported plugins are listed below - ServiceMgrS.dll, a service management plugin to oversee all services on the victim host FileMgrS.dll, a file management plugin to enumerate, create, move, read, compress, search, or delete files and folders RemoteShellS.dll, a remote shell plugin that spawns a “cmd.exe” process to allow the operator to issue commands and capture the resulting output Mustang Panda has also been observed deploying three different stealer programs in order to extract saved login credentials from Google Chrome, Microsoft Edge, and other Chromium-based browsers.

In at least one case, the adversary ran a cURL command to exfiltrate the Mozilla Firefox browser cookie file (“cookies.sqlite”) to Google Drive. These stealers, detected in attacks against the government sector in Myanmar, Malaysia, and Thailand, are suspected to be used as part of broader post-exploitation efforts. Furthermore, the attacks are characterized by the use of a known malware called TONESHELL (aka TOnePipeShell), which has been employed with varying levels of capabilities to establish persistence and drop additional payloads like QReverse , a remote access trojan with remote shell, file management, screenshot capture, and information gathering features, and a USB worm codenamed TONEDISK . Kaspersky’s analysis of the browser credential stealer has also uncovered code-level similarities with a cookie stealer used by LuminousMoth, suggesting some level of tool sharing between the two clusters.

On top of that, Mustang Panda has been identified as using batch and PowerShell scripts to gather system information, conduct document theft activities, and steal browser login data. “With capabilities such as keylogging, clipboard monitoring, proxy credential theft, document exfiltration, browser credential harvesting, and large-scale file theft, HoneyMyte’s campaigns appear to go far beyond traditional espionage goals like document theft and persistence,” the company said. “These tools indicate a shift toward the active surveillance of user activity that includes capturing keystrokes, collecting clipboard data, and harvesting proxy credentials.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Password Reuse in Disguise: An Often-Missed Risky Workaround

When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. These attack methods continue to evolve and rightly command attention. However, one of the most persistent and underestimated risks to organizational security remains far more ordinary. Near-identical password reuse continues to slip past security controls, often unnoticed, even in environments with established password policies.

Why password reuse still persists despite strong policies Most organizations understand that using the exact same password across multiple systems introduces risk. Security policies, regulatory frameworks, and user awareness training consistently discourage this behavior, and many employees make a genuine effort to comply. On the surface, this suggests that password reuse should be a diminishing problem. In reality, attackers continue to gain access through credentials that technically meet policy requirements.

The reason is not always blatant password reuse, but a subtler workaround known as near-identical password reuse. What is near-identical password reuse? Near-identical password reuse occurs when users make small, predictable changes to an existing password rather than creating a completely new one. While these changes satisfy formal password rules, they do little to reduce real-world exposure.

Here are some classic examples: Adding or changing a number Summer2023! → Summer2024! Appending a character P@ssword → P@ssword1 Swapping symbols or capitalization Welcome! → Welcome?

AdminPass → adminpass Another common scenario occurs when organizations issue a standard starter password to new employees , and instead of replacing it entirely, users make incremental changes over time to remain compliant. In both cases, the password changes appear legitimate, but the underlying structure remains largely intact. When poor user experience leads to risky workarounds These small variations are easy to remember, which is precisely why they are so common. The average employee is expected to manage dozens of credentials across work and personal systems, often with different and sometimes conflicting requirements.

As organizations increasingly rely on software-as-a-service applications, this burden continues to grow. Specops research found that a 250-person organization may collectively manage an estimated 47,750 passwords, significantly expanding the attack surface. Under these conditions, near-identical password reuse becomes a practical workaround rather than an act of negligence. From a user’s perspective, a tweaked password feels different enough to meet compliance expectations while remaining memorable.

These micro-changes satisfy password history rules and complexity requirements, and in the user’s mind, the requirement to change a password has been fulfilled. Predictability is exactly what attackers exploit From an attacker’s perspective, the situation looks very different. These passwords represent a clear and repeatable pattern. Modern credential-based attacks are built on an understanding of how people modify passwords under pressure, and near-identical password reuse is assumed rather than treated as an edge case.

This is why most contemporary password cracking and credential stuffing tools are designed to exploit predictable variations at scale. How attackers weaponize password patterns Rather than guessing passwords randomly, attackers typically begin with credentials exposed in previous data breaches . These breached passwords are aggregated into large datasets and used as a foundation for further attacks. Automated tools then apply common transformations such as: Adding characters Changing symbols Incrementing numbers When users rely on near-identical password reuse, these tools can move quickly and efficiently from one compromised account to another.

Importantly, password modification patterns tend to be highly consistent across different user demographics. Specops password analysis has repeatedly shown that people follow similar rules when adjusting passwords, regardless of role, industry, or technical ability. This consistency makes password reuse, including near-identical variants, highly predictable and therefore easier for attackers to exploit. In many cases, a modified password is also reused across multiple accounts, further amplifying the risk.

Why traditional password policies fail to stop near-identical reuse Many organizations believe they are protected because they already enforce password complexity rules . These often include minimum length requirements, a mix of uppercase and lowercase letters, numbers, symbols, and restrictions on reusing previous passwords. Some organizations also mandate regular password rotation to reduce exposure. While these measures can block the weakest passwords, they are poorly suited to addressing near-identical password reuse.

A password such as FinanceTeam!2023 followed by FinanceTeam!2024 would exceed all complexity and history checks, yet once one version is known, the next is trivial for an attacker to infer. With a well-placed symbol or a capitalized letter, users can remain compliant while still relying on the same underlying password. Another challenge is the lack of uniformity in how password policies are enforced across an organization’s broader digital environment . Employees may encounter different requirements across corporate systems, cloud platforms, and personal devices that still have access to organizational data.

These inconsistencies further encourage predictable workarounds that technically comply with policy while weakening security overall. Recommended steps to reduce password risk Reducing the risk associated with near-identical password reuse requires moving beyond basic complexity rules. Security starts with understanding the state of credentials within the environment. Organizations need visibility into whether passwords have appeared in known breaches and whether users are relying on predictable similarity patterns.

This requires continuous monitoring against breach data combined with intelligent similarity analysis, not static or one-time checks. It also means reviewing and updating password policies to explicitly block passwords that are too similar to previous ones, preventing common workarounds before they become entrenched behavior. Closing the gap with smarter password controls Organizations that miss this basic aspect of password policy leave themselves unnecessarily exposed. Specops Password Policy consolidates these capabilities in a single solution, allowing organizations to manage password security in a more structured and transparent way.

Specops Password Policy Specops Password Policy enables centralized policy management, making it easier to define, update, and enforce password rules across Active Directory as requirements evolve. It also provides clear, easy-to-understand reports that help security teams assess password risk and demonstrate compliance. In addition, this tool continuously scans Active Directory passwords against a database of more than 4.5 billion known breached passwords. Interested in understanding which Specops tools apply to your organization’s environment.

Book a live demo of Specops Password Policy today . Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. “Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated threat actors continue to exploit this n-day across disparate operations,” the Google Threat Intelligence Group (GTIG) said . “The consistent exploitation method, a path traversal flaw allowing files to be dropped into the Windows Startup folder for persistence, underscores a defensive gap in fundamental application security and user awareness.” The vulnerability in question is CVE-2025-8088 (CVSS score: 8.8), which was patched by WinRAR version 7.13 released on July 30, 2025. Successful exploitation of the flaw could allow an attacker to obtain arbitrary code execution by crafting malicious archive files that are opened by a vulnerable version of the program.

ESET, which discovered and reported the security defect, said it observed the dual financial and espionage-motivated threat group known as RomCom (aka CIGAR or UNC4895) exploiting the flaw as a zero-day as far back as July 18, 2025, to deliver a variant of the SnipBot (aka NESTPACKER) malware. It’s worth noting that Google is tracking the threat cluster behind the deployment of Cuba Ransomware under the moniker UNC2596. Since then, the vulnerability has come under widespread exploitation, with attack chains typically concealing the malicious file, such as a Windows shortcut (LNK), within the alternate data streams ( ADS ) of a decoy file inside the archive, causing the payload to be extracted to a specific path (e.g., the Windows Startup folder) and automatically executing it once the user logs in to the machine after a restart. Some of the other Russian threat actors who have joined the exploitation bandwagon are listed below - Sandworm (aka APT44 and FROZENBARENTS), which has leveraged the flaw to drop a decoy file with a Ukrainian filename and a malicious LNK file that attempts further downloads Gamaredon (aka CARPATHIAN), which has leveraged the flaw to strike Ukrainian government agencies with malicious RAR archives containing HTML Application (HTA) files that act as a downloader for a second stage Turla (aka SUMMIT), which has leveraged the flaw to deliver the STOCKSTAY malware suite using lures centred around Ukrainian military activities and drone operations GTIG said it also identified a China-based actor weaponizing CVE-2025-8088 to deliver Poison Ivy via a batch script dropped into the Windows Startup folder that’s then configured to download a dropper.

“Financially motivated threat actors also quickly adopted the vulnerability to deploy commodity RATs and information stealers against commercial targets,” it added. Some of these attacks have led to the deployment of Telegram bot-controlled backdoors and malware families like AsyncRAT and XWorm. In another case highlighted by Google’s threat intelligence team, a cybercrime group known for targeting Brazilian users via banking websites is said to have delivered a malicious Chrome extension that’s capable of injecting JavaScript into the pages of two Brazilian banking sites to serve phishing content and steal credentials. The broad exploitation of the flaw is assessed to have been the result of a thriving underground economy, where WinRAR exploits have been advertised for thousands of dollars.

One such supplier, “zeroplayer,” marketed a WinRAR exploit around the same time in the weeks leading to the public disclosure of CVE-2025-8088. “Zeroplayer’s continued activity as an upstream supplier of exploits highlights the continued commoditization of the attack lifecycle,” GTIG said. “By providing ready-to-use capabilities, actors such as zeroplayer reduce the technical complexity and resource demands for threat actors, allowing groups with diverse motivations […] to leverage a diverse set of capabilities.” The development comes as another WinRAR vulnerability ( CVE-2025-6218 , CVSS score: 7.8) has also witnessed exploitation efforts from multiple threat actors, including GOFFEE, Bitter, and Gamaredon, underscoring the threat posed by N-day vulnerabilities. Found this article interesting?

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access trojan (RAT). The packages, named spellcheckerpy and spellcheckpy , are no longer available on PyPI, but not before they were collectively downloaded a little over 1,000 times. “Hidden inside the Basque language dictionary file was a base64-encoded payload that downloads a full-featured Python RAT,” Aikido researcher Charlie Eriksen said . “The attacker published three ‘dormant’ versions first, payload present, trigger absent, then flipped the switch with spellcheckpy v1.2.0, adding an obfuscated execution trigger that fires the moment you import SpellChecker.” Unlike other packages that conceal the malicious functionality within “init.py” scripts, the threat actor behind the campaign has been found to add the payload inside a file named “resources/eu.json.gz” that contains Basque word frequencies from the legitimate pyspellchecker package.

While the package appears harmless at first glance, the malicious behavior is triggered when the archive file is extracted using the test_file() function with the parameters: test_file(“eu”, “utf-8”, “spellchecker”), causing it to retrieve a Base64-encoded downloader hidden in the dictionary under a key called “spellchecker.” Interestingly, the first three versions of the package only fetched and decoded the payload, but never executed it. However, that changed with the release of spellcheckpy version 1.2.0, published on January 21, 2026, when it gained the ability to run the payload as well. The first stage is a downloader that’s designed to retrieve a Python-based RAT from an external domain (“updatenet[.]work”). It’s capable of fingerprinting the compromised host, parsing incoming commands, and executing them.

The domain, registered in late October 2025, is associated with 172.86.73[.]139, an IP address managed by RouterHosting LLC (aka Cloudzy), a hosting provider that has a history of offering its services to nation-state groups. This is not the first time fake Python spell-checking tools have been detected in PyPI. In November 2025, HelixGuard said it discovered a malicious package named “spellcheckers” that featured the ability to retrieve and execute a RAT payload. It’s suspected that these two sets of attacks are the work of the same threat actor.

The development coincides with the discovery of several malicious npm packages to facilitate data theft and target cryptocurrency wallets - flockiali (1.2.3-1.2.6), opresc (1.0.0), prndn (1.0.0), oprnm (1.0.0), and operni, which contain a single JavaScript file that, when loaded, serves a fake Microsoft-branded login screen as part of a targeted spear-phishing campaign hitting employees at specific industrial and energy companies located in France, Germany, Spain, the U.A.E, and the U.S. with malicious links ansi-universal-ui (1.3.5, 1.3.6, 1.3.7, 1.4.0, 1.4.1), which masquerades as a UI component library but deploys a Python-based stealer dubbed G_Wagon that exfiltrates web browser credentials, cryptocurrency wallets, cloud credentials, and Discord tokens to an Appwrite storage bucket The disclosure also comes as Aikido highlighted the threat associated with slopsquatting , wherein artificial intelligence (AI)-powered agents can hallucinate non-existent packages that could then be claimed by a threat actor to push malicious code to downstream users. In one case highlighted by the supply chain security company, it has been found that a fictitious npm package named “react-codeshift” is referenced by 237 GitHub repositories since it was made up by a large language model in mid-October 2025, with some of them even instructing AI agents to install it. “How did it spread to 237 repos?

Agent skill files. Copy-pasted, forked, translated into Japanese, never once verified,” Eriksen said . “Skills are the new code. They don’t look like it.

They’re Markdown and YAML and friendly instructions. But they’re executable. AI agents follow them without asking, ‘Does this package actually exist?’” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-24858 (CVSS score: 9.4), has been described as an authentication bypass related to FortiOS single sign-on (SSO). The flaw also affects FortiManager and FortiAnalyzer. The company said it’s continuing to investigate if other products, including FortiWeb and FortiSwitch Manager, are impacted by the flaw.

“An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in FortiOS, FortiManager, FortiAnalyzer may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices,” Fortinet said in an advisory released Tuesday. It’s worth noting that the FortiCloud SSO login feature is not enabled in the default factory settings. It’s only turned on in scenarios where an administrator registers the device to FortiCare from the device’s GUI, unless they have taken steps to explicitly toggle the “Allow administrative login using FortiCloud SSO” switch. The development comes days after Fortinet confirmed that unidentified threat actors were abusing a “new attack path” to achieve SSO logins without requiring any authentication.

The access was abused to create local admin accounts for persistence, make configuration changes granting VPN access to those accounts, and exfiltrate those firewall configurations. Over the past week, the network security vendor said it has taken the following steps - Locked out two malicious FortiCloud accounts (cloud-noc@mail.io and cloud-init@mail.io) on January 22, 2026 Disabled FortiCloud SSO on the FortiCloud side on January 26, 2026 Re-enabled FortiCloud SSO on January 27, 2026, while disabling the option to login from devices running vulnerable versions In other words, customers are required to upgrade to the latest versions of the software for the FortiCloud SSO authentication to function. Fortinet is also urging users who detect signs of compromise to treat their devices as breached and recommends the following actions - Ensure the device is running the latest firmware version Restore configuration with a known clean version or audit for any unauthorized changes Rotate credentials, including any LDAP/AD accounts that may be connected to the FortiGate devices The development has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add CVE-2026-24858 to its Known Exploited Vulnerabilities ( KEV ) catalog, mandating Federal Civilian Executive Branch (FCEB) agencies to remediate the issues by January 30, 2026.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

Meta on Tuesday announced it’s adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do. The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as journalists or public-facing figures, from sophisticated spyware by trading some functionality for enhanced security. Once this security mode is enabled, some of the account settings will be locked to the most restrictive options, while simultaneously blocking attachments and media from people not in a user’s contacts. “This lockdown-style feature bolsters your security on WhatsApp even further with just a few taps by locking your account to the most restrictive settings like automatically blocking attachments and media from unknown senders, silencing calls from people you don’t know, and restricting other settings that may limit how the app works,” Meta said .

The feature can be enabled by navigating to Settings > Privacy > Advanced. Meta said the feature is rolling out gradually over the coming weeks. In tandem, the social media giant said it’s adopting the use of the Rust programming language in its media sharing functionality to help keep users’ photos, videos, and messages safe from spyware attacks. It described the development as the “largest rollout globally of any library written in Rust.” The company also said the use of Rust made it possible to develop a secure, high-performance, cross-platform library (“wamedia”) for media sharing in WhatsApp across devices, adding it’s investing in a three-pronged approach to combat memory safety issues - Design the product to minimize unnecessary attack surface exposure Invest in security assurance for the remaining C and C++ code By default, the choice of memory-safe languages for new code “WhatsApp has added protections like CFI, hardened memory allocators, safer buffer handling APIs, and more,” the company said .

“This is an important step forward in adding additional security behind the scenes for users and part of our ongoing defense-in-depth approach.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities

Indian government entities have been targeted in two campaigns undertaken by a threat actor that operates in Pakistan using previously undocumented tradecraft. The campaigns have been codenamed Gopher Strike and Sheet Attack by Zscaler ThreatLabz, which identified them in September 2025. “While these campaigns share some similarities with the Pakistan-linked Advanced Persistent Threat (APT) group, APT36 , we assess with medium confidence that the activity identified during this analysis might originate from a new subgroup or another Pakistan-linked group operating in parallel,” researchers Sudeep Singh and Yin Hong Chang said . Sheet Attack gets its name from the use of legitimate services like Google Sheets, Firebase, and email for command-and-control (C2).

On the other hand, Gopher Strike is assessed to have leveraged phishing emails as a starting point to deliver PDF documents containing a blurred image that’s superimposed by a seemingly harmless pop-up instructing the recipient to download an update for Adobe Acrobat Reader DC. The main purpose of the image is to give the users an impression that it’s necessary to install the update in order to access the document’s contents. Clicking the “Download and Install” button in the fake update dialog triggers the download of an ISO image file only when the requests originate from IP addresses located in India and the User-Agent string corresponds to Windows. “These server-side checks prevent automated URL analysis tools from fetching the ISO file, ensuring that the malicious file is only delivered to intended targets,” Zscaler said.

The malicious payload embedded within the ISO image is a Golang-based downloader dubbed GOGITTER that’s responsible for creating a Visual Basic Script (VBScript) file if it does not already exist in the following locations: “C:\Users\Public\Downloads,” “C:\Users\Public\Pictures,” and “%APPDATA%.” The script is designed to fetch VBScript commands every 30 seconds from two pre-configured C2 servers. GOGITTER also sets up persistence using a scheduled task that’s configured to run the aforementioned VBScript file every 50 minutes. In addition, it ascertains the presence of another file named “adobe_update.zip” in the same three folders. If the ZIP file is not present, it pulls the archive from a private GitHub repository (“github[.]com/jaishankai/sockv6”).

The GitHub account was created on June 7, 2025. Once the download is successful, the attack chain sends an HTTP GET request to the domain “adobe-acrobat[.]in” likely to signal the threat actors that the endpoint has been infected. GOGITTER then extracts and executes “edgehost.exe” from the ZIP file. A lightweight Golang-based backdoor, GITSHELLPAD, leverages threat actor-controlled private GitHub repositories for C2.

Specifically, it polls the C2 server every 15 seconds by means of a GET request to access the contents of a file named “command.txt.” It supports six different commands - cd .. , to change working directory to the parent directory cd , to change directory to the specified path run , to run a command in the background without capturing the output upload , to upload a local file specified by the path to the GitHub repository download , to download a file to the specified path default case , to run a command using cmd /c and capture the output The results of the command execution are stored in a file called “result.txt” and uploaded to the GitHub account via an HTTP PUT request. The “command.txt” is then deleted from the GitHub repository once the command is successfully executed. Zscaler said it observed the threat actor also downloading RAR archives using cURL commands after gaining access to the victim’s machine.

The archives include utilities to gather system information and drop GOSHELL, a bespoke Golang-based loader used to deliver Cobalt Strike Beacon after multiple rounds of decoding. The tools are wiped from the machine after use. “GOSHELL’s size was artificially inflated to approximately 1 gigabyte by adding junk bytes to the Portable Executable (PE) overlay, likely to evade detection by antivirus software,” the cybersecurity company said. “GOSHELL only executes on specific hostnames by comparing the victim’s hostname against a hard-coded list.” Found this article interesting?