2026-02-06 AI创业新闻

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

The distributed denial-of-service ( DDoS ) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds. Cloudflare, which automatically detected and mitigated the activity, said it’s part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth quarter of 2025. The attack took place in November 2025. AISURU/Kimwolf has also been linked to another DDoS campaign codenamed The Night Before Christmas that commenced on December 19, 2025.

Per Cloudflare, the average size of the hyper-volumetric DDoS attacks during the campaign was 3 billion packets per second (Bpps), 4 Tbps, and 54 requests per second (Mrps), with the maximum rates touching 9 Bpps, 24 Tbps, and 205 Mrps. “DDoS attacks surged by 121% in 2025, reaching an average of 5,376 attacks automatically mitigated every hour,” Cloudflare’s Omer Yoachimik and Jorge Pacheco said. “In 2025, the total number of DDoS attacks more than doubled to an incredible 47.1 million.” The web infrastructure company noted that it mitigated 34.4 million network-layer DDoS attacks in 2025, compared to 11.4 million in 2024. In Q4 2025 alone, network-layer DDoS attacks accounted for 78% of all DDoS attacks.

Put together, the number of DDoS attacks surged by 31% over the previous quarter and 58% over 2024. In 2025 Q4, hyper-volumetric attacks increased by 40% compared to the previous quarter, witnessing a jump from 1,304 to 1,824. A total of 717 attacks were recorded in Q1 2025. The spike in the number of attacks has been complemented by an uptick in the size of these attacks, growing by over 700% compared to the large attacks seen in late 2024.

AISURU/Kimwolf has ensnared more than 2 million Android devices, most of which are compromised, off-brand Android TVs , into its botnet, often by tunneling through residential proxy networks like IPIDEA. Last month, Google disrupted the proxy network and initiated legal action to take down dozens of domains used to control devices and proxy traffic through them. It also partnered with Cloudflare to disrupt IPIDEA’s domain resolution, impacting their ability to command and control infected devices and market their products. “As part of the Google-led disruption effort, Cloudflare participated by suspending access to many accounts and domains that were misusing its infrastructure,” Cloudflare told The Hacker News over email.

“Threat actors were attempting to distribute malware and provide markets for people seeking access to the network of illicit residential proxies.” IPIDEA is assessed to have enrolled devices using at least 600 trojanized Android apps that embedded various proxy software development kits (SDKs), and over 3,000 trojanized Windows binaries posing as OneDriveSync or Windows updates. Furthermore, the Beijing-based company has advertised several VPN and proxy apps that silently turned users’ Android devices into proxy exit nodes without their knowledge or consent. What’s more, the operators have been found to run at least a dozen residential proxy businesses that masquerade as legitimate services. Behind the scenes, all these offerings are connected to a centralized infrastructure that’s under the control of IPIDEA.

Some of the other noteworthy trends observed by Cloudflare during Q4 2025 are as follows - Telecommunications, service providers, and carriers emerged as the most attacked sector, followed by information technology, gambling, gaming, and computer software verticals. China, Hong Kong, Germany, Brazil, the U.S., the U.K., Vietnam, Azerbaijan, India, and Singapore were the most attacked countries. Bangladesh surpassed Indonesia to become the largest source of DDoS attacks. Other top sources included Ecuador, Indonesia, Argentina, Hong Kong, Ukraine, Vietnam, Taiwan, Singapore, and Peru.

“DDoS attacks are rapidly growing in sophistication and size, surpassing what was previously imaginable,” Cloudflare said. “This evolving threat landscape presents a significant challenge for many organizations to keep pace. Organizations currently relying on on-premise mitigation appliances or on-demand scrubbing centers may benefit from re-evaluating their defense strategy.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface.

That’s the point. Entry is becoming less visible while impact scales later. Several findings also show how attackers are industrializing their work — shared infrastructure, repeatable playbooks, rented access, and affiliate-style ecosystems. Operations are no longer isolated campaigns.

They run more like services. This edition pulls those fragments together — short, precise updates that show where techniques are maturing, where exposure is widening, and what patterns are forming behind the noise. Startup espionage expansion Operation Nomad Leopard Targets Afghanistan In a sign that the threat actor has moved beyond government targets, the Pakistan-aligned APT36 threat actor has been observed targeting India’s startup ecosystem, using ISO files and malicious LNK shortcuts using sensitive, startup-themed lures to deliver Crimson RAT , enabling comprehensive surveillance, data exfiltration, and system reconnaissance. The initial access vector is a spear-phishing email carrying an ISO image.

Once executed, the ISO contains a malicious shortcut file and a folder holding three files: a decoy document, a batch script that acts as the persistence mechanism, and the final Crimson RAT payload, disguised as an executable named Excel. “Despite this expansion, the campaign remains closely aligned with Transparent Tribe’s historical focus on Indian government and defense-adjacent intelligence collection, with overlap suggesting that startup-linked individuals may be targeted for their proximity to government, law enforcement, or security operations,” Acronis said . Shared cybercrime infrastructure ShadowSyndicate Levels Up with New Tactics The threat activity cluster known as ShadowSyndicate has been linked to two additional SSH markers that connect dozens of servers to the same cybercrime operator. These hosts are then used for a wide range of malicious activities by various threat clusters linked to Cl0p, BlackCat, Ryuk, Malsmoke, and Black Basta.

A notable finding is that the threat actor tends to transfer servers between their SSH clusters. ShadowSyndicate continues to be associated with toolkits including Cobalt Strike, Metasploit, Havoc, Mythic, Sliver, AsyncRAT, MeshAgent, and Brute Ratel. “The threat actor tends to reuse previously employed infrastructure, sometimes rotating various SSH keys across their servers,” Group-IB said . “If such a technique is performed correctly, the infrastructure is transferred subsequently, much like in a legitimate scenario, when a server goes to a new user.” Ransomware KEV expansion CISA Marks 59 CVEs as Exploited in Ransomware Attacks The U.S.

Cybersecurity and Infrastructure Security Agency (CISA) has tweaked 59 actively exploited vulnerability notices in 2025 to reflect their use by ransomware groups. That list includes 16 entries for Microsoft, six for Ivanti, five for Fortinet, three for Palo Alto Networks, and three for Zimbra. “When it flips from ‘Unknown’ to ‘Known,’ reassess, especially if you’ve been deprioritizing that patch because ‘it’s not ransomware-related yet,” GreyNoise’s Glenn Thorpe said . Espionage and DDoS arrests Polish Authorities Detain Two People Polish authorities have detained a 60-year-old employee of the country’s defense ministry on suspicion of spying for a foreign intelligence agency.

The suspect worked in the Ministry of National Defense’s strategy and planning department, including on military modernization projects, officials said. While the name of the country was not revealed, Polish state officials told local media that the suspect had worked with Russian and Belarusian intelligence services. In a related development, Poland’s Central Bureau for Combating Cybercrime (CBZC) said a 20-year-old man has been arrested for allegedly conducting distributed denial-of-service (DDoS) attacks on high-profile websites, including those of strategic importance. The individual faces six charges and a potential five-year prison sentence.

Codespaces RCE vectors Supply-Chain Attack Vectors in GitHub Codespaces Multiple attack vectors have been disclosed in GitHub Codespaces that allow remote code execution simply by opening a malicious repository or pull request. The identified vectors include: (1) .vscode/settings.json with PROMPT_COMMAND injection, (2) .devcontainer/devcontainer.json with postCreateCommand injection, and (3) .vscode/tasks.json with folderOpen auto-run tasks. “By abusing VS Code-integrated configuration files that Codespaces automatically respects, an adversary can execute arbitrary commands, exfiltrate GitHub tokens and secrets, and even abuse hidden APIs to access premium Copilot models,” Orca Security researcher Roi Nisimi said . Microsoft has deemed the behavior to be by design.

Nordic finance targeting Lazarus Group Linked to New Campaign Targeting the Nordics The financial sector in the Nordics has been targeted by the North Korea-linked Lazarus Group as part of a long-running campaign dubbed Contagious Interview that drops a stealer and downloads a named BeaverTail. “BeaverTail contains functionality that will automatically search the victim’s machine for cryptocurrency-related data, but can also be used as a remote access tool for further attacks,” TRUESEC said. Volunteer DDoS force NoName057(16) and DDoSia Project Detailed In a new analysis, SOCRadar said the pro-Russian hacktivist outfit known as NoName057(16) is using a volunteer-distributed DDoS weapon called DDoSia Project to disrupt government, media, and institutional websites tied to Ukraine and Western political interests. Through active Telegram channels with over 20,000 followers, the group frames the disruptive (but non-destructive) attacks as “self-defense” against Western aggression and provides real-time evidence of successful disruptions.

Its ideologically driven campaigns often coincide with major geopolitical events, countering sanctions and military aid announcements with retaliatory cyber attacks. “Unlike traditional botnets that compromise systems without user knowledge, DDoSia operates on a disturbing premise: thousands of willing participants knowingly install the tool and coordinate attacks against targets designated by the group’s operators,” SOCRadar said . “Through propaganda, gamification, and cryptocurrency rewards, NoName057(16) has built a distributed attack force that requires minimal technical skill to join, yet demonstrates remarkable operational sophistication.” According to Censys , targeting of the purpose-built tool is heavily focused on Ukraine, European allies, and NATO states in government, military, transportation, public utilities, financial, and tourism sectors. Affiliate crypto drainers Rublevka Team, a Russian Crypto Drainer Operation A major cybercriminal operation dubbed Rublevka Team specializes in large-scale cryptocurrency theft since its inception in 2023, generating over $10 million through affiliate-driven wallet draining campaigns.

“Rublevka Team is an example of a ‘traffer team,’ composed of a network of thousands of social engineering specialists tasked with directing victim traffic to malicious pages,” Recorded Future said . “Unlike traditional malware-based approaches such as those used by the trafficker teams Markopolo and Crazy Evil , Rublevka Team deploys custom JavaScript scripts via spoofed landing pages that impersonate legitimate crypto services, tricking victims into connecting their wallets and authorizing fraudulent transactions.” Rublevka Team offers affiliates access to fully automated Telegram bots, landing page generators, evasion features, and support for over 90 wallet types. This further lowers the technical barrier to entry, allowing the threat actors to build an extensive ecosystem of global affiliates capable of launching high-volume scams with minimal oversight. Rublevka Team’s primary Telegram channel has approximately 7,000 members to date.

TLS deprecation deadline Microsoft Urges Migration to TLS 1.2 for Azure Blob Storage Microsoft is urging customers to secure their infrastructure with Transport Layer Security (TLS) version 1.2 for Azure Blob Storage, and remove dependencies on TLS version 1.0 and 1.1. “On February 3, 2026, Azure Blob Storage will stop supporting versions 1.0 and 1.1 of Transport Layer Security (TLS),” Microsoft said . “TLS 1.2 will become the new minimum TLS version. This change impacts all existing and new blob storage accounts, using TLS 1.0 and 1.1 in all clouds.

Storage accounts already using TLS 1.2 aren’t impacted by this change.” Voicemail social engineering German-Language Voicemail Lure Leads to Remote Access In a new campaign, fake voicemail messages with bank-themed subdomains have been found to direct targets to a convincing “listen to your message” experience that’s designed to look routine and trustworthy. In reality, the attack leads to the deployment of Remotely RMM, a legitimate remote access software, that enrolls the victim system into an attacker-controlled environment to enable persistent remote access and management. “The flow relies on social engineering rather than exploits, using lures to persuade users to approve installation steps,” Censys said . “The end goal is installation of an RMM (remote monitoring and management) tool, enrolling the device into an attacker-controlled environment.” Global proxy botnet SystemBC Botnet Has Over 10K Infected IPs A long-running malware operation known as SystemBC (aka Coroxy or DroxiDat) has been tied to more than 10,000 infected IP addresses globally, including systems associated with sensitive government infrastructure in Burkina Faso and Vietnam.

The highest concentration of infected IP addresses has been observed in the U.S., followed by Germany, France, Singapore, and India, per Silent Push. Known to be active since at least 2019, the malware is commonly used to proxy traffic through compromised systems, to maintain persistent access to internal networks, or deploy additional malware. “SystemBC-associated infrastructure presents a sustained risk due to its role early in intrusion chains and its use across multiple threat actors,” Silent Push said . “Proactive monitoring is critical, as activity tied to SystemBC is often a precursor to ransomware deployment and other follow-on abuse.” Screensaver initial access Windows Screensavers Lead to RMM Deployment A new spear-phishing campaign using business-themed lures has been observed luring users into running a Windows screensaver (.SCR) file that discreetly installs a legitimate RMM tool like SimpleHelp, giving attackers interactive remote control.

“The delivery chain is built to evade reputation-based defenses by hiding behind trusted services,” ReliaQuest said . “This reduces attacker-owned infrastructure and makes takedown and containment slower and less straightforward. SCR files are a reliable initial-access vector because they’re executables that don’t always receive executable-level controls. When users download and run them from email or cloud links, attackers can trigger code execution while bypassing policies tuned primarily for EXE and MSI files.” Driver abuse escalation BYOVD Attacks Become the Norm in Ransomware Playbook Threat actors are abusing a legitimate but revoked Guidance Software ( EnCase ) kernel driver as part of a bring your own vulnerable driver ( BYOVD ) attack to elevate privileges and attempt to disarm 59 security tools.

In an attack observed earlier this month, attackers leveraged compromised SonicWall SSL-VPN credentials to gain initial access to a victim network and deployed an EDR that abused the driver (“EnPortv.sys”) to terminate security processes from kernel mode. “The attack was disrupted before ransomware deployment, but the case highlights a growing trend: threat actors weaponizing signed, legitimate drivers to blind endpoint security,” Huntress researchers Anna Pham and Dray Agha said . “The EnCase driver’s certificate expired in 2010 and was subsequently revoked, yet Windows still loads it, a gap in Driver Signature Enforcement that attackers continue to exploit.” Ransomware crypto bug Flaw in Nitrogen Ransomware’s VMware ESXi Variant Security researchers have discovered a coding mistake in Nitrogen ransomware that causes it to encrypt all the files with the wrong public key, irrevocably corrupting them. “This means that even the threat actor is incapable of decrypting them, and that victims that are without viable backups have no ability to recover their ESXi encrypted servers,” Coveware said .

“Paying a ransom will not assist these victims, as the decryption key/ tool will not work.” AI cloud escalation AI-Assisted Cloud Intrusion Achieves Admin Access in Less Than 10 Minutes An offensive cloud operation targeting an Amazon Web Services (AWS) environment went from initial access to administrative privileges in eight minutes. The speed of the attack notwithstanding, Sysdig said the activity bears hallmarks of large language model (LLM) use to automate reconnaissance, generate malicious code, and make real-time decisions. “The threat actor gained initial access to the victim’s AWS account through credentials discovered in public Simple Storage Service (S3) buckets,” Sysdig said . “Then, they rapidly escalated privileges through Lambda function code injection, moved laterally across 19 unique AWS principals, abused Amazon Bedrock for LLMjacking , and launched GPU instances for model training.” Cloud phishing chain Fake Dropbox Phishing Campaign Conducts Credential Theft A phishing scheme has utilized phishing emails themed around procurements and tenders to distribute PDF attachments that initiate a multi-stage attack chain to steal users’ Dropbox credentials and send them to a Telegram bot.

Once the data is transmitted, it simulates a login process using a 5-second delay and is configured to display an “Invalid email or password” error message. “The malicious chain relies on seemingly legitimate cloud infrastructure, such as Vercel Blob storage, to host a PDF that ultimately redirects victims to a Dropbox-impersonation page designed to harvest credentials,” Forcepoint said . “Because Dropbox is a familiar and trusted brand, the request for credentials appeared reasonable to the unsuspecting users. It’s here that the campaign moves from deception to impact.” Sandbox escape flaw Critical Flaw in Sandboxie A critical-rated security flaw in Sandboxie ( CVE-2025-64721 , CVSS score: 9.9) has been disclosed that, if successfully exploited, could allow sandboxed processes to execute arbitrary code as SYSTEM, fully compromising the host.

The problem is rooted in a service named “SboxSvc.exe,” which runs with SYSTEM permissions and functions as the “Responsible Adult” between sandboxed processes and the real computer resources. The issue has been addressed in version 1.16.7. “In this case, the reliance on manual C-style pointer arithmetic over a safe interface definition (like IDL) left a gap,” depthfirst researcher Mav Levin, who discovered the vulnerability, said . “A single missing integer overflow check, coupled with implicit trust in client-provided message lengths, turned the Responsible Adult into a victim.” AsyncRAT infrastructure exposed AsyncRAT C2 Activity Mapped Attack surface management platform Censys said it’s tracking 57 active AsyncRAT-associated hosts exposed on the public internet as of January 2026.

First released in 2019, AsyncRAT enables long-term unauthorized access and post-compromise control, making it a reliable tool for credential theft, lateral movement staging, and follow-on payload delivery. Out of the 57 total assets, the majority are hosted on APIVERSA (13% of hosts), Contabo networks (11% combined), and AS-COLOCROSSING (5.5%), indicating operators prioritize low-cost, abuse-tolerant hosting over major cloud providers. “These hosts are primarily concentrated within a small number of VPS-focused autonomous systems and frequently reuse a distinctive self-signed TLS certificate identifying the service as an ‘AsyncRAT Server,’ enabling scalable discovery of related infrastructure beyond sample-based detection,” Censys said . Typhoon tradecraft overlap Overlapping Tactics Between Violet Typhoon and Volt Typhoon An analysis of various campaigns mounted by Chinese hacking groups Violet Typhoon and Volt Typhoon has revealed the use of some common tactics: exploiting zero-day flaws in edge devices, living-off-the-land (LotL) techniques to traverse networks and hide within normal network activity, and Operational Relay Box (ORB) networks to conceal espionage operations.

“Not only will Chinese nation-state threat actors almost certainly continue to pursue high-value targets, but it is probable they will scale up their operations to conduct global campaigns and target as many entities in each region or sector as possible to maximize their gains at every exploitation,” Intel471 said . “The acceleration of improvements in the cybersecurity posture of numerous key targeted countries has compelled Chinese state-sponsored intelligence forces to become more innovative with their attack strategies.” ClickFix distribution surge From ErrTraffic to IClickFix Threat actors are using a framework named IClickFix that can be used to build ClickFix pages on hacked WordPress sites. According to security firm Sekoia, the framework has been live on more than 3,800 sites since December 2024. “This cluster uses a malicious JavaScript framework injected into compromised WordPress sites to display the ClickFix lure and deliver NetSupport RAT,” the French cybersecurity company said .

The malware distribution campaign leverages the ClickFix social engineering tactic through a Traffic Distribution System ( TDS ). It’s suspected that the attacker abuses the open-source URL shortener YOURLS as the TDS. In recent months, threat actors have also been found using another TDS called ErrTraffic to inject malicious JavaScript in compromised websites so as to cause them to glitch and then suggest a fix to address the non-existent problem. Across these updates, the common thread is operational efficiency.

Attackers are cutting time between access and impact, removing friction from tooling, and relying more on automation, prebuilt frameworks, and reusable infrastructure. Speed is no longer a byproduct — it’s a design goal. Another shift sits on the defensive side. Several cases show how security gaps are forming not from unknown threats, but from known behaviors — legacy configurations, trusted integrations, overlooked exposure, and assumptions about how tools should behave.

Taken together, the signals point to a threat environment that is scaling quietly rather than loudly — broader reach, lower visibility, and faster execution cycles. The fragments in this bulletin map that direction. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

The Buyer’s Guide to AI Usage Control

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening governance gap where AI usage grows exponentially, but visibility and control do not. With AI becoming central to productivity, enterprises face a new challenge: enabling the business to innovate while maintaining governance, compliance, and security.

A new Buyer’s Guide for AI Usage Control argues that enterprises have fundamentally misunderstood where AI risk lives. Discovering AI Usage and Eliminating ‘Shadow’ AI will also be discussed in an upcoming virtual lunch and learn . The surprising truth is that AI security isn’t a data problem or an app problem. It’s an interaction problem.

And legacy tools aren’t built for it. AI Everywhere, Visibility Nowhere If you ask a typical security leader how many AI tools their workforce uses, you’ll get an answer. Ask how they know, and the room goes quiet. The guide surfaces an uncomfortable truth: AI adoption has outpaced AI security visibility and control by years, not months.

AI is embedded in SaaS platforms, productivity suites, email clients, CRMs, browsers, extensions, and even in employee side projects. Users jump between corporate and personal AI identities, often in the same session. Agentic workflows chain actions across multiple tools without clear attribution. And yet the average enterprise has no reliable inventory of AI usage, let alone control over how prompts, uploads, identities, and automated actions are flowing across the environment.

This isn’t a tooling issue, it’s an architectural one. Traditional security controls don’t operate at the point where AI interactions actually occur. This gap is exactly why AI Usage Control has emerged as a new category built specifically to govern real-time AI behavior. AI Usage Control Lets You Govern AI Interactions AUC is not an enhancement to traditional security but a fundamentally different layer of governance at the point of AI interaction.

Effective AUC requires both discovery and enforcement at the moment of interaction , powered by contextual risk signals, not static allowlists or network flows. In short, AUC doesn’t just answer “What data left the AI tool?” It answers “Who is using AI? How? Through what tool?

In what session? With what identity? Under what conditions? And what happened next?” This shift from tool-centric control to interaction-centric governance is where the security industry needs to catch up.

Why Most AI “Controls” Aren’t Really Controls Security teams consistently fall into the same traps when trying to secure AI usage: Treating AUC as a checkbox feature inside CASB or SSE Relying purely on network visibility (which misses most AI interactions) Over-indexing on detection without enforcement Ignoring browser extensions and AI-native apps Assuming data loss prevention alone is enough Each of these creates a dangerously incomplete security posture. The industry has been trying to retrofit old controls onto an entirely new interaction model and it simply doesn’t work. AUC exists because no legacy tool was built for this. AI Usage Control Is More Than Just Visibility In AI usage control, visibility is only the first checkpoint not the destination.

Knowing where AI is being used matters, but the real differentiation lies in how a solution understands, governs, and controls AI interactions at the moment they happen. Security leaders typically move through four stages:
Discovery: Identify all AI touchpoints: sanctioned apps, desktop apps, copilots, browser-based interactions, AI extensions, agents and shadow AI tools. Many assume discovery defines the full scope of risk. In reality, visibility without interaction context often leads to inflated risk perceptions and crude responses like broad AI bans.
Interaction Awareness: AI risk occurs in real-time while a prompt is being typed, a file is being auto-summarized, or an agent runs an automated workflow. It’s necessary to move beyond “which tools are being used” to “what users are actually doing.” Not every AI interaction is risky, and most are benign. Understanding prompts, actions, uploads, and outputs in real-time is what separates harmless usage from true exposure. Identity & Context: AI interactions often bypass traditional identity frameworks, happening through personal AI accounts, unauthenticated browser sessions, or unmanaged extensions.
Since legacy tools assume identity equals control, they miss most of this activity. Modern AUC must tie interactions to real identities (corporate or personal), evaluate session context (device posture, location, risk), and enforce adaptive, risk-based policies. This enables nuanced controls such as: “Allow marketing summaries from non-SSO accounts, but block financial model uploads from non-corporate identities.”
Real-Time Control: This is where traditional models break down. AI interactions don’t fit allow/block thinking.
The strongest AUC solutions operate in the nuance: redaction, real-time user warnings, bypass, and guardrails that protect data without shutting down workflows. Architectural Fit: The most underestimated but decisive stage. Many solutions require agents, proxies, traffic rerouting, or changes to the SaaS stack. These deployments often stall or get bypassed.

Buyers quickly learn that the winning architecture is the one that fits seamlessly into existing workflows and enforces policy at the actual point of AI interaction. Technical Considerations: Guide the Head, But Ease of Use Drives the Heart While technical fit is paramount, non-technical factors often decide whether an AI security solution succeeds or fails: Operational Overhead – Can it be deployed in hours, or does it require weeks of endpoint configuration? User Experience – Are controls transparent and minimally disruptive, or do they generate workarounds? Futureproofing – Does the vendor have a roadmap for adapting to emerging AI tools, agentic AI, autonomous workflows, and compliance regimes, or are you buying a static product in a dynamic field?

These considerations are less about “checklists” and more about sustainability, ensuring the solution can scale with both organizational adoption and the broader AI landscape. The Future: Interaction-centric Governance Is the New Security Frontier AI isn’t going away, and security teams need to evolve from perimeter control to interaction-centric governance . The Buyer’s Guide for AI Usage Control offers a practical, vendor-agnostic framework for evaluating this emerging category. For CISOs, security architects, and technical practitioners, it lays out: What capabilities truly matter How to distinguish marketing from substance And why real-time, contextual control is the only scalable path forward AI Usage Control isn’t just a new category; it’s the next phase of secure AI adoption.

It reframes the problem from data loss prevention to usage governance, aligning security with business productivity and enterprise risk frameworks. Enterprises that master AI usage governance will unlock the full potential of AI with confidence. Download the
Buyer’s Guide for AI Usage Control
to explore the criteria, capabilities, and evaluation frameworks that will define secure AI adoption in 2026 and beyond. Join the
virtual lunch and learn: Discovering AI Usage and Eliminating ‘Shadow’ AI.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of January 2026. “The threat actor stopped maintaining its C2 servers on January 8 for the first time since we began monitoring their activities,” Tomer Bar, vice president of security research at SafeBreach, said in a report shared with The Hacker News. “This was the same day a country-wide internet shutdown was imposed by Iranian authorities in response to recent protests, which likely suggests that even government-affiliated cyber units did not have the ability or motivation to carry out malicious activities within Iran.” The cybersecurity company said it observed renewed activity on January 26, 2026, as the hacking crew set up new C2 servers, one day before the Iranian government relaxed internet restrictions within the country. The development is significant, not least because it offers concrete evidence that the adversary is state-sponsored and backed by Iran.

Infy is just one of many state-sponsored hacking groups operating out of Iran that conduct espionage, sabotage, and influence operations aligned with Tehran’s strategic interests. But it’s also one of the oldest and lesser-known groups that has managed to stay under the radar, not attracting attention and operating quietly since 2004 through “laser-focused” attacks aimed at individuals for intelligence gathering. In a report published in December 2025, SafeBreach disclosed new tradecraft associated with the threat actor, including the use of updated versions of Foudre and Tonnerre, with the latter employing a Telegram bot likely for issuing commands and collecting data. The latest version of Tonnerre (version 50) has been codenamed Tornado.

Continued visibility into the threat actor’s operations between December 19, 2025, and February 3, 2026, has uncovered that the attackers have taken the step of replacing the C2 infrastructure for all versions of Foudre and Tonnerre, along with introducing Tornado version 51 that uses both HTTP and Telegram for C2. “It uses two different methods to generate C2 domain names: first, a new DGA algorithm and then fixed names using blockchain data de-obfuscation,” Bar said. “This is a unique approach that we assume is being used to provide greater flexibility in registering C2 domain names without the need to update the Tornado version.” There are also signs that Infy has weaponized a 1-day security flaw in WinRAR (either CVE-2025-8088 or CVE‑2025‑6218 ) to extract the Tornado payload on a compromised host. The change in attack vector is seen as a way to increase the success rate of its campaigns.

The specially-crafted RAR archives were uploaded to the VirusTotal platform from Germany and India in mid-December 2025, suggesting the two countries may have been targeted. Present within the RAR file is a self-extracting archive (SFX) that contains two files - AuthFWSnapin.dll, the main Tornado version 51 DLL reg7989.dll, an installer that first checks if Avast antivirus software is not installed, and if yes, creates a scheduled task for persistence and executes the Tornado DLL Tornado establishes communication with the C2 server over HTTP to download and execute the main backdoor and harvest system information. If Telegram is chosen as the C2 method, Tornado uses the bot API to exfiltrate system data and receive more commands. It’s worth noting that version 50 of the malware used a Telegram group named سرافراز (literally translates to “sarafraz,” meaning proudly) that featured the Telegram bot “@ttestro1bot” and a user with the handle “@ehsan8999100.” In the latest version, a different user called “ @Ehsan66442 “ has been added in place of the latter.

“As before, the bot member of the Telegram group still doesn’t have permissions to read the group’s chat messages,” Bar said. “On December 21, the original user @ehsan8999100 was added to a new Telegram channel named Test that had three subscribers. The goal of this channel is still unknown, but we assume it is being used for command and control over the victim’s machines.” SafeBreach said it managed to extract all messages within the private Telegram group, enabling access to all exfiltrated Foudre and Tonnerre files since February 16, 2025, including 118 files and 14 shared links containing encoded commands sent to Tonnerre by the threat actor. An analysis of this data has led to two crucial discoveries - A malicious ZIP file that drops ZZ Stealer, which loads a custom variant of the StormKitty infostealer A “very strong correlation” between the ZZ Stealer attack chain and a campaign targeting the Python Package Index (PyPI) repository with a package named “ testfiwldsd21233s “ that’s designed to drop a previous iteration of ZZ Stealer and exfiltrate the data through the Telegram bot API A “weaker potential correlation” between Infy and Charming Kitten (aka Educated Manticore) owing to the use of ZIP and Windows Shortcut (LNK) files, and a PowerShell loader technique “ZZ Stealer appears to be a first-stage malware (like Foudre) that first collects environmental data, screenshots, and exfiltrates all desktop files,” SafeBreach explained.

“In addition, upon receiving the command ‘8==3’ from the C2 server, it will download and execute the second-stage malware also named by the threat actor as ‘8==3.’” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that was patched by n8n in December 2025. “Additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613,” n8n’s maintainers said in an advisory released Wednesday. “An authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n.” The issue affects the following versions - <1.123.17 (Fixed in 1.123.17) <2.5.2 (Fixed in 2.5.2) As many as 10 security researchers, including Fatih Çelik, who reported the original bug CVE-2025-68613, as well as Endor Labs’ Cris Staicu, Pillar Security’s Eilon Cohen, and SecureLayer7’s Sandeep Kamble, have been acknowledged for discovering the shortcoming.

In a technical deep-dive expounding CVE-2025-68613 and CVE-2026-25049, Çelik said “they could be considered the same vulnerability, as the second one is just a bypass for the initial fix,” adding how they allow an attacker to escape the n8n expression sandbox mechanism and get around security checks. “An attacker creates a workflow with a publicly accessible webhook that has no authentication enabled,” SecureLayer7 said . “By adding a single line of JavaScript using destructuring syntax, the workflow can be abused to execute system-level commands. Once exposed, anyone on the internet can trigger the webhook and run commands remotely.” Successful exploitation of the vulnerability could allow an attacker to compromise the server, steal credentials, and exfiltrate sensitive data, not to mention open up opportunities for threat actors to install persistent backdoors to facilitate long-term access.

The cybersecurity company also noted that the severity of the flaw significantly increases when it’s paired with n8n’s webhook feature, permitting an adversary to create a workflow using a public webhook and add a remote code execution payload to a node in the workflow, causing the webhook to be publicly accessible once the workflow is activated. Pillar’s report has described the issue as permitting an attacker to steal API keys, cloud provider keys, database passwords, OAuth tokens, and access the filesystem and internal systems, pivot to connected cloud accounts, and hijack artificial intelligence (AI) workflows. “The attack requires nothing special. If you can create a workflow, you can own the server,” Cohen said.

Endor Labs, which also shared details of the vulnerability, said the problem arises from gaps in n8n’s sanitization mechanisms that allow for bypassing security controls. “The vulnerability arises from a mismatch between TypeScript’s compile-time type system and JavaScript’s runtime behavior,” Staicu explained . “While TypeScript enforces that a property should be a string at compile time, this enforcement is limited to values that are present in the code during compilation.” “TypeScript cannot enforce these type checks on runtime attacker-produced values. When attackers craft malicious expressions at runtime, they can pass non-string values (such as objects, arrays, or symbols) that bypass the sanitization check entirely.” If immediate patching is not an option, users are advised to follow the workarounds below to minimize the impact of potential exploitation - Restrict workflow creation and editing permissions to fully trusted users only Deploy n8n in a hardened environment with restricted operating system privileges and network access “This vulnerability demonstrates why multiple layers of validation are crucial.

Even if one layer (TypeScript types) appears strong, additional runtime checks are necessary when processing untrusted input,” Endor Labs said. “Pay special attention to sanitization functions during code review, looking for assumptions about input types that aren’t enforced at runtime.” Besides CVE-2026-25049, n8n has also released security alerts for four other flaws, including two that are rated critical in severity - CVE-2026-25053 (CVSS score: 9.4) - An operating system command injection vulnerability in the Git node that allows authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host (Fixed in versions 2.5.0 and 1.123.10) CVE-2026-25054 (CVSS score: 8.5) - A stored cross-site scripting (XSS) vulnerability affecting a markdown rendering component used in n8n’s interface, including workflow sticky notes, that allows an authenticated user with permission to create or modify workflows to execute scripts with same-origin privileges when other users interact with a maliciously crafted workflow, potentially leading to session hijacking and account takeover (Fixed in versions 2.2.1 and 1.123.9) CVE-2026-25055 (CVSS score: 7.1) - A path traversal vulnerability that allows files to be written to unintended locations on remote systems when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata, potentially leading to remote code execution on those systems (Fixed in versions 2.4.0 and 1.123.12) CVE-2026-25056 (CVSS score: 9.4) - A vulnerability in the Merge node’s SQL Query mode that allows authenticated users with permission to create or modify workflows to write arbitrary files to the n8n server’s filesystem, potentially leading to remote code execution (Fixed in versions 2.4.0 and 1.118.0) Given the criticality of the identified vulnerabilities, Users are recommended to update their instances to the latest version for optimal protection. (The story was updated after publication to include additional insights published by security researcher Fatih Çelik.) Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker’s infrastructure. Datadog Security Labs said it observed threat actors associated with the recent React2Shell ( CVE-2025-55182 , CVSS score: 10.0) exploitation using malicious NGINX configurations to pull off the attack. “The malicious configuration intercepts legitimate web traffic between users and websites and routes it through attacker-controlled backend servers,” security researcher Ryan Simon said. “The campaign targets Asian TLDs (.in, .id, .pe, .bd, .th), Chinese hosting infrastructure (Baota Panel), and government and educational TLDs (.edu, .gov).” The activity involves the use of shell scripts to inject malicious configurations into NGINX, an open-source reverse proxy and load balancer for web traffic management.

These “location” configurations are designed to capture incoming requests on certain predefined URL paths and redirect them to domains under the attackers’ control via the “ proxy_pass “ directive. The scripts are part of a multi-stage toolkit that facilitates persistence and the creation of malicious configuration files incorporating the malicious directives to redirect web traffic. The components of the toolkit are listed below - zx.sh , which acts as the orchestrator to execute subsequent stages through legitimate utilities like curl or wget. In the event that the two programs are blocked, it creates a raw TCP connection to send an HTTP request bt.sh , which targets the Baota (BT) Management Panel environment to overwrite NGINX configuration files 4zdh.sh , which enumerates common Nginx configuration locations and takes steps to minimize errors when creating the new configuration zdh.sh , which adopts a narrower targeting approach by focusing mainly on Linux or containerized NGINX configurations and targeting top-level domains (TLDs) such as .in and .id ok.sh , which is responsible for generating a report detailing all active NGINX traffic hijacking rules “The toolkit contains target discovery and several scripts designed for persistence and the creation of malicious configuration files containing directives intended to redirect web traffic.

The disclosure comes as GreyNoise said two IP addresses – 193.142.147[.]209 and 87.121.84[.]24 – account for 56% of all observed exploitation attempts two months after React2Shell was publicly disclosed. A total of 1,083 unique source IP addresses have been involved in React2Shell exploitation between January 26 and February 2, 2026. “The dominant sources deploy distinct post-exploitation payloads: one retrieves cryptomining binaries from staging servers, while the other opens reverse shells directly to the scanner IP,” the threat intelligence firm said . “This approach suggests interest in interactive access rather than automated resource extraction.” It also follows the discovery of a coordinated reconnaissance campaign targeting Citrix ADC Gateway and Netscaler Gateway infrastructure using tens of thousands of residential proxies and a single Microsoft Azure IP address (“52.139.3[.]76”) to discover login panels.

“The campaign ran two distinct modes: a massive distributed login panel discovery operation using residential proxy rotation, and a concentrated AWS-hosted version disclosure sprint,” GreyNoise noted . “They had complementary objectives of both finding login panels, and enumerating versions, which suggests coordinated reconnaissance.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence (AI) systems. The tech giant’s AI Security team said the scanner leverages three observable signals that can be used to reliably flag the presence of backdoors while maintaining a low false positive rate. “These signatures are grounded in how trigger inputs measurably affect a model’s internal behavior, providing a technically robust and operationally meaningful basis for detection,” Blake Bullwinkel and Giorgio Severi said in a report shared with The Hacker News. LLMs can be susceptible to two types of tampering: model weights, which refer to learnable parameters within a machine learning model that undergird the decision-making logic and transform input data into predicted outputs, and the code itself.

Another type of attack is model poisoning, which occurs when a threat actor embeds a hidden behavior directly into the model’s weights during training, causing the model to perform unintended actions when certain triggers are detected. Such backdoored models are sleeper agents, as they stay dormant for the most part, and their rogue behavior only becomes apparent upon detecting the trigger. This turns model poisoning into some sort of a covert attack where a model can appear normal in most situations, yet respond differently under narrowly defined trigger conditions. Microsoft’s study has identified three practical signals that can indicate a poisoned AI model - Given a prompt containing a trigger phrase, poisoned models exhibit a distinctive “double triangle” attention pattern that causes the model to focus on the trigger in isolation, as well as dramatically collapse the “randomness” of model’s output Backdoored models tend to leak their own poisoning data, including triggers, via memorization rather than training data A backdoor inserted into a model can still be activated by multiple “fuzzy” triggers, which are partial or approximate variations “Our approach relies on two key findings: first, sleeper agents tend to memorize poisoning data, making it possible to leak backdoor examples using memory extraction techniques,” Microsoft said in an accompanying paper.

“Second, poisoned LLMs exhibit distinctive patterns in their output distributions and attention heads when backdoor triggers are present in the input.” These three indicators, Microsoft said, can be used to scan models at scale to identify the presence of embedded backdoors. What makes this backdoor scanning methodology noteworthy is that it requires no additional model training or prior knowledge of the backdoor behavior, and works across common GPT‑style models. “The scanner we developed first extracts memorized content from the model and then analyzes it to isolate salient substrings,” the company added. “Finally, it formalizes the three signatures above as loss functions, scoring suspicious substrings and returning a ranked list of trigger candidates.” The scanner is not without its limitations.

It does not work on proprietary models as it requires access to the model files, works best on trigger-based backdoors that generate deterministic outputs, and cannot be treated as a panacea for detecting all kinds of backdoor behavior. “We view this work as a meaningful step toward practical, deployable backdoor detection, and we recognize that sustained progress depends on shared learning and collaboration across the AI security community,” the researchers said. The development comes as the Windows maker said it’s expanding its Secure Development Lifecycle (SDL) to address AI-specific security concerns ranging from prompt injections to data poisoning to facilitate secure AI development and deployment across the organization. “Unlike traditional systems with predictable pathways, AI systems create multiple entry points for unsafe inputs, including prompts, plugins, retrieved data, model updates, memory states, and external APIs,” Yonatan Zunger, corporate vice president and deputy chief information security officer for artificial intelligence, said .

“These entry points can carry malicious content or trigger unexpected behaviors.” “AI dissolves the discrete trust zones assumed by traditional SDL. Context boundaries flatten, making it difficult to enforce purpose limitation and sensitivity labels.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of “disciplined tradecraft and clever abuse of legitimate system features” to bypass traditional detection mechanisms and deploy a remote access trojan (RAT) known as AsyncRAT . “The attack leverages IPFS-hosted VHD files, extreme script obfuscation, runtime decryption, and in-memory shellcode injection into trusted Windows processes, never dropping a decrypted binary to disk,” Securonix researchers Akshay Gaikwad, Shikha Sangwan, and Aaron Beardslee said in a report shared with The Hacker News. AsyncRAT is an open-source malware that provides attackers with extensive control over compromised endpoints, enabling surveillance and data collection through keylogging, screen and webcam capture, clipboard monitoring, file system access, remote command execution, and persistence across reboots. The starting point of the infection sequence is a phishing email delivering a Virtual Hard Disk (VHD) hosted on the decentralized InterPlanetary Filesystem ( IPFS ) network.

The VHD files are disguised as PDF files for purchase orders to deceive targets. The multi-stage campaign has been funded to leverage Windows Script Files (WSF), heavily obfuscated batch scripts, and self-parsing PowerShell loaders to deliver an encrypted x64 shellcode. The shellcode in question is AsyncRAT, which is injected directly into trusted Windows processes and executed entirely in memory, effectively minimizing any forensic artifacts on disk. “After downloading, when a user simply tries to open this PDF-looking file and double-clicks it, it mounts as a virtual hard drive,” the researchers explained.

“Using a VHD file is a highly specific and effective evasion technique used in modern malware campaigns. This behavior shows how VHD files bypass certain security controls.” Presented within the newly mounted drive “E:" is a WSF script that, when executed by the victim, assuming it to be a PDF document, drops and runs an obscured batch script that first runs a series of checks to ascertain if it’s not running inside a virtualized or sandboxed environment, and it has the necessary privileges to proceed further. Once all the conditions are satisfied, the script unleashes a PowerShell-based process injector and persistence module that’s designed to validate the execution environment, decrypt embedded payloads, set up persistence using scheduled tasks, and inject the final malware into Microsoft-signed Windows processes (e.g., RuntimeBroker.exe, OneDrive.exe, taskhostw.exe, and sihost.exe) to avoid writing the artifacts to disk. The PowerShell component lays the foundation for a “stealthy, resilient execution engine” that allows the trojan to run entirely in memory and blend into legitimate system activity, thereby allowing for long-term access to compromised environments.

To further enhance the degree of stealth, the malware controls execution timing and throttles execution using sleep intervals in order to reduce CPU usage, avoid suspicious rapid Win32 API activity, and make runtime behavior less anomalous. “Modern malware campaigns increasingly rely on trusted file formats, script abuse, and memory-resident execution to bypass traditional security controls,” the researchers said. “Rather than delivering a single malicious binary, attackers now construct multi-stage execution pipelines in which each individual component appears benign when analyzed in isolation. This shift has made detection, analysis, and incident response significantly more challenging for defenders.” “In this specific infection chain, the decision to deliver AsyncRAT as encrypted, memory-resident shellcode significantly increases its stealth.

The payload never appears on disk in a recognizable executable form and runs within the context of trusted Windows processes. This fileless execution model makes detection and forensic reconstruction substantially more difficult, allowing AsyncRAT to operate with a reduced risk of discovery by traditional endpoint security controls.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker Amaranth-Dragon , which it said shares links to the APT 41 ecosystem. Targeted countries include Cambodia, Thailand, Laos, Indonesia, Singapore, and the Philippines. “Many of the campaigns were timed to coincide with sensitive local political developments, official government decisions, or regional security events,” the cybersecurity company said in a report shared with The Hacker News.

“By anchoring malicious activity in familiar, timely contexts, the attackers significantly increased the likelihood that targets would engage with the content.” The Israeli firm added that the attacks were “narrowly focused” and “tightly scoped,” indicating efforts on the part of the threat actors to establish long-term persistence for geopolitical intelligence collection. The most notable aspect of threat actors’ tradecraft is the high degree of stealth, with the campaigns “highly controlled” and the attack infrastructure configured such that it can interact only with victims in specific target countries in an attempt to minimize exposure. Attack chains mounted by the adversary have been found to abuse CVE-2025-8088 , a now-patched security flaw impacting RARLAB WinRAR that allows for arbitrary code execution when specially crafted archives are opened by targets. The exploitation of the vulnerability was observed about eight days after its public disclosure in August .

"”The group distributed a malicious RAR file that exploits the CVE-2025-8088 vulnerability, allowing the execution of arbitrary code and maintaining persistence on the compromised machine,” Check Point researchers noted. “The speed and confidence with which this vulnerability was operationalized underscores the group’s technical maturity and preparedness.” Although the exact initial access vector remains unknown at this stage, the highly targeted nature of the campaigns, coupled with the use of tailored lures related to political, economic, or military developments in the region, suggests the use of spear-phishing emails to distribute the archive files hosted on well-known cloud platforms like Dropbox to lower suspicion and bypass traditional perimeter defenses. The archive contains several files, including a malicious DLL named Amaranth Loader that’s launched by means of DLL side-loading, another long-preferred tactic among Chinese threat actors. The loader shares similarities with tools such as DodgeBox, DUSTPAN (aka StealthVector), and DUSTTRAP , which have been previously identified as used by the APt41 hacking crew.

Once executed, the loader is designed to contact an external server to retrieve an encryption key, which is then used to decrypt an encrypted payload retrieved from a different URL and execute it directly in memory. The final payload deployed as part of the attack is the open-source command-and-control (C2 or C&C) framework known as Havoc . In contrast, early iterations of the campaign detected in March 2025 made use of ZIP files containing Windows shortcuts (LNK) and batch (BAT) to decrypt and execute the Amaranth Loader using DLL side-loading. A similar attack sequence was also identified in a late October 2025 campaign using lures related to the Philippines Coast Guard.

In another campaign targeting Indonesia in early September 2025, the threat actors opted to distribute a password-protected RAR archive from Dropbox so as to deliver a fully functional remote access trojan (RAT) codenamed TGAmaranth RAT instead of Amaranth Loader that leverages a hard-coded Telegram bot for C2. Besides implementing anti-debugging and anti-antivirus techniques to resist analysis and detection, the RAT supports the following commands - /start, to send a list of running processes from the infected machine to the bot /screenshot, to capture and upload a screenshot /shell, to execute a specified command on the infected machine and exfiltrate the output /download, to download a specified file from the infected machine /upload, to upload a file to the infected machine What’s more, the C2 infrastructure is secured by Cloudflare and is configured to accept traffic only from IP addresses within the specific country or countries targeted in each operation. The activity also exemplifies how sophisticated threat actors weaponize legitimate, trusted infrastructure to execute targeted attacks while remaining operational clandestinely. Amaranth-Dragon’s links to APT41 stem from overlaps in malware arsenal, alluding to a possible connection or shared resources between the two clusters.

It’s worth noting that Chinese threat actors are known for sharing tools, techniques, and infrastructure. “In addition, the development style, such as creating new threads within export functions to execute malicious code, closely mirrors established APT41 practices,” Check Point said. “Compilation timestamps, campaign timing, and infrastructure management all point to a disciplined, well-resourced team operating in the UTC+8 (China Standard Time) zone. Taken together, these technical and operational overlaps strongly suggest that Amaranth-Dragon is closely linked to, or part of, the APT41 ecosystem, continuing established patterns of targeting and tool development in the region.” Mustang Panda Delivers PlugX Variant in New Campaign The disclosure comes as Tel Aviv-based cybersecurity company Dream Research Labs detailed a campaign orchestrated by another Chinese nation-state group tracked as Mustang Panda that has targeted officials involved in diplomacy, elections, and international coordination across multiple regions between December 2025 and mid-January 2026.

The activity has been assigned the name PlugX Diplomacy . “Rather than exploiting software vulnerabilities, the operation relied on impersonation and trust,” the company said . “Victims were lured into opening files that appeared to be U.S.-linked diplomatic summaries or policy documents. Opening the file alone was sufficient to trigger the compromise.” The documents pave the way for the deployment of a customized variant of PlugX , a long-standing malware put to use by the hacking group to covertly harvest data and enable persistent access to compromised hosts.

The variant, called DOPLUGS , has been detected in the wild since at least late December 2022. The attack chains are fairly consistent in that malicious ZIP attachments centred around official meetings, elections, and international forums act as a catalyst for detonating a multi-state process. Present within the compressed file is a single LNK file that, when launched, triggers the execution of a PowerShell command that extracts and drops a TAR archive. “The embedded PowerShell logic recursively searches for the ZIP archive, reads it as raw bytes, and extracts a payload beginning at a fixed byte offset,” Dream explained.

“The carved data is written to disk using an obfuscated invocation of the WriteAllBytes method. The extracted data is treated as a TAR archive and unpacked using the native tar.exe utility, demonstrating consistent use of living-off-the-land binaries (LOLBins) throughout the infection chain.” The TAR archive contains three files - A legitimate signed executable associated with AOMEI Backupper is vulnerable to DLL search-order hijacking (“RemoveBackupper.exe”) An encrypted file that contains the PlugX payload (“backupper.dat”) A malicious DLL that’s sideloaded using the executable (“comn.dll”) to load PlugX The execution of the legitimate executable displays a decoy PDF document to the user to give the impression to the victim that nothing is amiss, when, in the background, DOPLUGS is installed on the host. “The correlation between actual diplomatic events and the timing of detected lures suggests that analogous campaigns are likely to persist as geopolitical developments unfold,” Dream concluded. “Entities operating in diplomatic, governmental, and policy-oriented sectors should consequently regard malicious LNK distribution methods and DLL search-order hijacking via legitimate executables as persistent, high-priority threats rather than isolated or fleeting tactics.” Found this article interesting?

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge: Identity Lives Outside the Identity Stack Identity and access management tools were built to govern users and directories. Modern enterprises run on applications. Over time, identity logic has moved into application code, APIs, service accounts, and custom authentication layers.

Credentials are embedded. Authorization is enforced locally. Usage patterns change without review. These identity paths often operate outside the visibility of IAM, PAM, and IGA.

For security and identity teams, this creates a blind spot - what we call Identity Dark Matter. This dark matter is responsible for the identity risk that cannot be directly observed. Why Traditional Approaches Fall Short Most identity tools rely on configuration data and policy models. That works for managed users.

It does not work for: Custom-built applications Legacy authentication logic Embedded credentials and secrets Non-human identities Access paths that bypass identity providers As a result, teams are left reconstructing identity behavior during audits or incident response. This approach does not scale. Learn how to uncover this invisible layer of identity . Orchid’s Approach: Discover, Analyze, Orchestrate, Audit Orchid Security addresses this gap by providing continuous identity observability across applications.

The platform follows a four-stage operational model aligned to how security teams work. Discover: Identify Identity Usage Inside Applications Orchid begins by discovering applications and their identity implementations. Lightweight instrumentation analyzes applications directly to identify authentication methods, authorization logic, and credential usage. This discovery includes both managed and unmanaged environments.

Teams gain an accurate inventory of: Applications and services Identity types in use Authentication flows Embedded credentials This establishes a baseline of identity activity across the environment. Analyze: Assess Identity Risk Based on Observed Behavior Once discovery is complete, Orchid analyzes identity usage in context. The platform correlates identities, applications, and access paths to surface risk indicators such as: Shared or hardcoded credentials Orphaned service accounts Privileged access paths outside IAM Drift between intended and actual access Analysis is driven by observed behavior rather than assumed policy. This allows teams to focus on identity risks that are actively in use.

Orchestrate: Act on Identity Findings With analysis complete, Orchid enables teams to take action. The platform integrates with existing IAM, PAM, and security workflows to support remediation efforts. Teams can: Prioritize identity risks by impact Route findings to the appropriate control owner Track remediation progress over time Orchid does not replace existing controls. It coordinates them using an accurate identity context.

Audit: Maintain Continuous Evidence of Identity Control Because discovery and analysis run continuously, audit data is always available. Security and GRC teams can access: Current application inventories Evidence of identity usage Documentation of control gaps and remediation actions This reduces reliance on manual evidence collection and point-in-time reviews. Audit becomes an ongoing process rather than a periodic scramble. Practical Outcomes for Security Teams Organizations using Orchid gain: Improved visibility into application-level identity usage Reduced exposure from unmanaged access paths Faster audit preparation Clear accountability for identity risk Most importantly, teams can make decisions based on verified data rather than assumptions.

Learn more about how Orchid uncovers Identity Dark Matter. A few final words As identity continues to move beyond centralized directories, security teams need new ways to understand and govern access. Orchid Security provides continuous identity observability across applications, enabling organizations to discover identity usage, analyze risk, orchestrate remediation, and maintain audit-ready evidence. This approach aligns identity security with how modern enterprise environments actually operate.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is incomplete. I have seen IR teams recover from sophisticated intrusions with limited telemetry. I have also seen teams lose control of investigations they should have been able to handle.

The difference usually appears early. Not hours later, when timelines are built, or reports are written, but in the first moments after a responder realizes something is wrong. Those early moments are often described as the first 90 seconds. However, taken too literally, that framing misses the point.

This is not about reacting faster than an attacker or rushing to action. It is about establishing direction before assumptions harden and options disappear. Responders make quiet decisions right away, like what to look at first, what to preserve, and whether to treat the issue as a single system problem or the beginning of a larger pattern. Once those early decisions are made, they shape everything that follows.

Understanding why those choices matter (and getting them right) requires rethinking what the “first 90 seconds” of a real investigation represents. The First 90 Seconds Are a Pattern, Not a Moment One of the most common mistakes I see is treating the opening phase of an investigation as a single, dramatic event. The alert fires, the clock starts, and responders either handle it well or they do not. That is not how real incidents unfold.

The “first 90 seconds” happens every time the scope of an intrusion changes. You are notified about a system believed to be involved in an intrusion. You access it. You decide what matters, what to preserve, and what this system might reveal about the rest of the environment.

That same decision window opens again when you identify a second system, then a third. Each one resets the clock. This is where teams often feel overwhelmed. They look at the size of their environment and assume they are facing hundreds or thousands of machines at once.

In reality, they are facing a much smaller set of systems at a time. Scope grows incrementally. One machine leads to another, then another, until a pattern starts to emerge. Strong responders do not reinvent their approach each time that happens.

They apply the same early discipline every time they touch a new system. What was executed here? When did it execute? What happened around it?

Who or what interacted with it? That consistency is what allows scope to grow without control being lost. This is also why early decisions matter so much. If responders treat the first affected system as an isolated problem and rush to “fix” it, they close a ticket instead of investigating an intrusion.

If they fail to preserve the right artifacts early, they spend the rest of the investigation guessing. Those mistakes can compound as the scope expands. How Investigations are Hindered When early investigations go wrong, it is tempting to blame training, hesitation, or poor communication. Those issues do show up, but they are usually symptoms, not root causes.

The more consistent failure is that teams do not understand their own environment well enough when the incident begins. Responders are forced to answer basic questions under pressure. Where does data leave the network? What logging exists on critical systems?

How far back does the data go? Was it preserved or overwritten? Those questions should already have answers. When they do not, responders end up learning the critical components of their environment after it’s too late.

This is why logging that starts following a detection is so damaging. Forward visibility without backward context limits what can be proven. You may still reconstruct parts of the attack, but every conclusion becomes weaker. Gaps turn into assumptions, and assumptions turn into mistakes.

Another common failure is evidence prioritization. Early on, everything feels important, so teams jump between artifacts without a clear anchor. That creates activity without progress. In most investigations, the fastest way to regain clarity is to focus on evidence of execution .

Nothing meaningful happens on a system without something running. Malware executes. PowerShell runs. Native tools get abused.

Living off the land still leaves traces. If you understand what was executed and when, you can start to understand intent, access, and movement. From there, context matters. That could mean what system was accessed around that time, who connected to the system, or where the activity moved next.

Those answers do not exist in isolation. They form a chain, and that chain points outward into the environment. The final failure is premature closure. In the interest of time, teams often reimage a system, restore services, and move on.

Except that incomplete investigations can leave behind small, unnoticed pieces of access. Secondary implants. Alternate credentials. Quiet persistence.

A subtle indicator of compromise does not always reignite immediately, which creates the illusion of success. If it does resurface, the incident feels new when, in reality, it is not. It is the same one that was never fully remediated. Join us at SANS DC Metro 2026 Teams that can get the opening moments right enable difficult investigations to become more manageable.

Effective incident response is about discipline under uncertainty, applied the same way every time a new intrusion comes into scope. However, it is important to give yourself grace. No one starts out good at this. Every responder you trust today learned by making mistakes, then learning how not to repeat them the next time.

The goal is not to avoid incidents entirely. That is unrealistic. The goal is to avoid making repetitive mistakes under stress. That only happens when teams are prepared before an incident forces the issue.

Because when they understand their environments, they can practice identifying execution, preserving evidence, and expanding scope deliberately while the stakes are still low. When investigations are handled with that level of discipline, the first 90 seconds feel familiar rather than frantic. The same questions get asked, and the same priorities guide the work. That consistency is what allows teams to move faster later, with confidence instead of guesswork.

For responders who experience these challenges in their own investigations, this is exactly the mindset and methodology taught in our SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics class . I will be teaching FOR508 at SANS DC Metro on March 2-7, 2026, for teams that want to practice this discipline and turn insights into action. Register for SANS DC Metro 2026 here . Note: This article has been expertly written and contributed by Eric Zimmerman , Principal Instructor at SANS Institute.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale. The tech giant’s Defender Security Research Team said it observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix since late 2025 to distribute disk image (DMG) installers that deploy stealer malware families like Atomic macOS Stealer ( AMOS ), MacSync , and DigitStealer . The campaigns have been found to use techniques like fileless execution, native macOS utilities, and AppleScript automation to facilitate data theft. This includes details like web browser credentials and session data, iCloud Keychain, and developer secrets.

The starting point of these attacks is often a malicious ad, often served through Google Ads, that redirects users searching for tools like DynamicLake and artificial intelligence (AI) tools to fake sites that employ ClickFix lures, tricking them into infecting their own machines with malware. “Python-based stealers are being leveraged by attackers to rapidly adapt, reuse code, and target heterogeneous environments with minimal overhead,” Microsoft said . “They are typically distributed via phishing emails and collect login credentials, session cookies, authentication tokens, credit card numbers, and crypto wallet data.” One such stealer is PXA Stealer , which is linked to Vietnamese-speaking threat actors and is capable of harvesting login credentials, financial information, and browser data. The Windows maker said it identified two PXA Stealer campaigns in October 2025 and December 2025 that used phishing emails for initial access.

Attack chains involved the use of registry Run keys or scheduled tasks for persistence and Telegram for command-and-control communications and data exfiltration. In addition, bad actors have been observed weaponizing popular messaging apps like WhatsApp to distribute malware like Eternidade Stealer and gain access to financial and cryptocurrency accounts. Details of the campaign were publicly documented by LevelBlue/Trustwave in November 2025. Other stealer-related attacks have revolved around fake PDF editors like Crystal PDF that are distributed via malvertising and search engine optimization (SEO) poisoning through Google Ads to deploy a Windows-based stealer that can stealthily collect cookies, session data, and credential caches from Mozilla Firefox and Chrome browsers.

To counter the threat posed by infostealer threats, organizations are advised to educate users on social engineering attacks like malvertising redirect chains, fake installers, and ClickFix‑style copy‑paste prompts. It’s also advised to monitor for suspicious Terminal activity and access to the iCloud Keychain, as well as inspect network egress for POST requests to newly registered or suspicious domains. “Being compromised by infostealers can lead to data breaches, unauthorized access to internal systems, business email compromise (BEC), supply chain attacks, and ransomware attacks,” Microsoft said. Found this article interesting?