2026-04-23 AI创业新闻

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Cybersecurity researchers have warned of malicious images pushed to the official “ checkmarx/kics “ Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official release. The Docker repository has been archived as of writing. “Analysis of the poisoned image indicates that the bundled KICS binary was modified to include data collection and exfiltration capabilities not present in the legitimate version,” Socket said.

“The malware could generate an uncensored scan report, encrypt it, and send it to an external endpoint, creating a serious risk for teams using KICS to scan infrastructure-as-code files that may contain credentials or other sensitive configuration data.” Further analysis of the incident has uncovered that related Checkmarx developer tooling may also have been affected, such as recent Microsoft Visual Studio Code extension releases that come with malicious code to download and run a remote addon through the Bun runtime. “The behavior appeared in versions 1.17.0 and 1.19.0, was removed in 1.18.0, and relied on a hardcoded GitHub URL to fetch and run additional JavaScript without user confirmation or integrity verification,” Socket added. Organizations that may have used the affected KICS image to scan Terraform, CloudFormation, or Kubernetes configurations should treat any secrets or credentials exposed to those scans as likely compromised. “The evidence suggests this is not an isolated Docker Hub incident, but part of a broader supply chain compromise affecting multiple Checkmarx distribution channels,” the company noted.

The Hacker News has contacted Checkmarx for further information, and we will update the story if we hear back. (This is a developing story. Please check back for more details.) Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply chain worm has been detected by both Socket and StepSecurity , with the companies tracking the activity under the name CanisterSprawl owing to the use of an ICP canister to exfiltrate the stolen data, in a tactic reminiscent of TeamPCP’s CanisterWorm to make the infrastructure resilient to takedowns. The list of affected packages is below - @automagik/genie (4.260421.33 - 4.260421.40) @fairwords/loopback-connector-es (1.4.3 - 1.4.4) @fairwords/websocket (1.0.38 - 1.0.39) @openwebconcept/design-tokens (1.0.1 - 1.0.3) @openwebconcept/theme-owc (1.0.1 - 1.0.3) pgserve (1.1.11 - 1.1.14) The malware is triggered during install time via a postinstall hook to steal credentials and secrets from developer environments, and then leverage the stolen npm tokens to push poisoned versions of the packages to the registry with a new malicious postinstall hook so as to expand the reach of the campaign. Captured information includes - .npmrc SSH keys and SSH configurations .git-credentials .netrc cloud credentials for Amazon Web Services, Google Cloud, and Microsoft Azure Kubernetes and Docker configurations Terraform, Pulumi, and Vault material Database password files Local .env* files Shell history files In addition, it attempts to access credentials from Chromium-based web browsers and data associated with cryptocurrency wallet extension apps.

The information is exfiltrated to an HTTPS webhook (“telemetry.api-monitor[.]com”) and an ICP canister (“cjn37-uyaaa-aaaac-qgnva-cai.raw.icp0[.]io”). “It also contains PyPI propagation logic,” Socket said. “The script generates a Python .pth-based payload designed to execute when Python starts, then prepares and uploads malicious Python packages with Twine if the required credentials are present.” “In other words, this is not just a credential stealer. It is designed to turn one compromised developer environment into additional package compromises.” The disclosure comes as JFrog revealed that multiple versions of the legitimate Python package “xinference” (2.6.0, 2.6.1, and 2.6.2) have been compromised to include a Base64-encoded payload that fetches a second-stage collector module responsible for harvesting a wide range of credentials and secrets from the infected host “The decoded payload opens with the comment ‘# hacked by teampcp,’ the same actor marker seen in recent TeamPCP compromises,” the company said .

However, in a post shared on X, TeamPCP disputed they were behind the compromise and claimed it was the work of a copycat. Attacks Target npm and PyPI The findings are the latest additions to a long list of attacks that have targeted the open-source ecosystem. This includes two malicious packages, each on npm (kube-health-tools) and PyPI (kube-node-health), that masquerade as Kubernetes utilities, but silently install a Go-based binary to establish a SOCKS5 proxy, a reverse proxy, an SFTP server, and a large language model (LLM) proxy on the victim’s machine. The LLM proxy is an OpenAI-compatible API gateway that accepts requests and routes them to upstream APIs, including Chinese LLM routers like shubiaobiao.

“Beyond providing cheap access to AI, LLM routers like the one deployed here sit on a trust boundary that is easily abused,” Aikido Security researcher Ilyas Makari said . “Because every request passes through the router in plaintext, a malicious operator can […] inject malicious tool calls into responses of coding agents before they reach the client, introducing malicious pip install or curl | bash payloads mid-flight.” Alternatively, the router can be used to exfiltrate secrets from request and response bodies, including API keys, AWS credentials, GitHub tokens, Ethereum private keys, and system prompts. Another sustained npm supply chain attack campaign documented by Panther has impersonated phone insurance provider Asurion and its subsidiaries, publishing malicious npm packages (sbxapps, asurion-hub-web, soluto-home-web, and asurion-core) from April 1 through April 8, 2026, containing a multi-stage credential harvester. The stolen credentials were exfiltrated initially to a Slack webhook and then to an AWS API Gateway endpoint (“pbyi76s0e9.execute-api.us-east-1.amazonaws[.]com”).

By April 7, the AWS exfiltration URL is said to have been obfuscated using XOR encoding. Last but not least, Google-owned cloud security firm Wiz shed light on an artificial intelligence (AI)-powered campaign dubbed prt-scan that has systematically exploited the “ pull_request_target “ GitHub Actions workflow trigger since March 11, 2026, to steal developer secrets. The attacker, operating under the accounts testedbefore, beforetested-boop, 420tb, 69tf420, elzotebo, and ezmtebo, has been found to search for repositories using the trigger, fork those repositories, create a branch with a pre-defined naming convention (i.e., prt-scan-{12-hex-chars}), inject a malicious payload into a file that’s executed during CI, open a pull request, and then steal developer credentials when the workflow is triggered and publish a malicious package version if npm tokens are discovered. “Across over 450 analyzed exploit attempts, we have observed a <10% success rate,” Wiz researchers said.

“In most cases, successful attacks were against small hobbyist projects, and only exposed ephemeral GitHub credentials for the workflow. For the most part, this campaign did not grant the attacker access to production infrastructure, cloud credentials, or persistent API keys, barring minor exceptions.” “The campaign demonstrates that while pull_request_target vulnerabilities remain exploitable at scale, modern CI/CD security practices, particularly contributor approval requirements, are effective at protecting high-profile repositories.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. “The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2) channel, allowing it to bypass traditional perimeter network defenses,” the Symantec and Carbon Black Threat Hunter Team said in a report shared with The Hacker News. The cybersecurity company said it identified artifacts uploaded to the VirusTotal platform from India and Afghanistan, suggesting that the two countries may be the target of the espionage activity. Harvester was first publicly documented by Symantec in late 2021, linking it to an information-stealing campaign aimed at telecommunications, government, and information technology sectors in South Asia since June 2021, using a bespoke implant called Graphon that used the Microsoft Graph API for C2.

Subsequent activity flagged in August 2024 connected the hacking group to an attack targeting an unnamed media organization in South Asia with a never-before-seen Go-based backdoor called GoGra. The latest findings suggest that the adversary is continuing to expand its toolset beyond Windows and infecting Linux machines with a new variant of the same backdoor. The attacks employ social engineering to trick victims into opening ELF binaries disguised as PDF documents. The dropper then proceeds to display a lure document while stealthily running the backdoor.

Like its Windows counterpart, the Linux version of GoGra abuses Microsoft’s cloud infrastructure to contact a specific Outlook mailbox folder named “Zomato Pizza” every two seconds using Open Data Protocol (OData) queries. The backdoor scans the inbox for incoming email messages with a subject line starting with the word “Input.” Once an email matching the criteria is received, it decrypts the Base64-encoded message body and executes it as shell commands using “/bin/bash.” The results of the execution are sent back to the operator in an email message with the subject line “Output.” After the exfiltration step is complete, the implant wipes the original tasking message to cover up the tracks. “Despite using different deployment architectures and operating systems, the underlying C2 logic remains unchanged,” Symantec and Carbon Black said, adding the teams “also identified several matching, hard-coded spelling errors across both platforms, which points towards the same developer being behind both tools.” “The use of a new Linux backdoor shows that Harvester is continuing to expand its toolset and actively develop new tooling in order to go after a wider range of victims and machines.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper , the novel file wiper has been used in a destructive campaign targeting the energy and utilities sector in Venezuela, per findings from Kaspersky. “Two batch scripts are responsible for initiating the destructive phase of the attack and preparing the environment for executing the final wiper payload,” the Russian cybersecurity vendor said . “These scripts coordinate the start of the operation across the network, weaken system defenses, and disrupt normal operations before retrieving, deobfuscating, and executing a previously unknown wiper.” Once deployed, the wiper erases recovery mechanisms, overwrites the content of physical drives, and systematically deletes files across affected volumes, effectively leaving the system in an inoperable state.

No extortion or payment instructions are baked into the artifact, indicating that the aggressive wiper activity is not motivated by financial gain. It’s worth noting that the wiper was uploaded to a publicly available platform in mid-December 2025 from a machine in Venezuela, weeks before the U.S. military action in the country in early January 2026. The sample was compiled in late September 2025.

It’s currently not known if these two events are related, but Kaspersky noted that the sample was uploaded “during a period of increased public reports of malware activity targeting the same sector and region,” suggesting the wiper attack is extremely targeted in nature. The attack chain begins with a batch script that triggers a multi-stage sequence responsible for dropping the wiper payload. Specifically, it attempts to stop the Windows Interactive Services Detection (UI0Detect) service, which is used to alert users when a background service running in Session 0 attempts to display a graphical interface or interactive dialog. UI0Detect has been removed from modern versions of Windows.

The presence of such a setting indicates that the batch script is designed to operate on machines running versions prior to Windows 10 version 1803, which eliminated the feature. The script then checks for a NETLOGON share and accesses a remote XML file, after which it checks for the presence of a corresponding file with the same name in a local directory defined previously (“C:\lotus” or “%SystemDrive%\lotus”). Irrespective of whether such a local file exists, it proceeds to execute a second batch script. “The local check most likely tries to determine whether the machine is part of an Active Directory domain,” Kaspersky said.

“If the remote file is not found, the script exits. In cases where the NETLOGON share is initially unreachable, the script introduces a randomized delay of up to 20 minutes before retrying the remote check.” The second batch script, if not run already, enumerates local user accounts, disables cached logins, logs off active sessions, deactivates network interfaces, and runs the “diskpart clean all” command to wipe all identified logical drives on the system. It also recursively mirrors folders to overwrite existing contents or delete them using the robocopy command-line utility, and calculates available free space and utilizes fsutil to create a file that fills the entire drive to exhaust storage capacity and impair recovery. Once the compromised environment is prepared for destructive activity, the Lotus Wiper is launched to delete restore points, overwrite physical sectors by writing all zeroes, clear the update sequence numbers (USN) of the volumes’ journals, and erase all the system’s files for each mounted volume.

Organizations and government organizations are advised to monitor for NETLOGON share changes, potential credential dumping or privilege escalation activity, and the use of native Windows utilities like fsutil, robocopy, and diskpart to perform the destructive actions. “Given that the files included certain functionalities targeting older versions of the Windows operating system, the attackers likely had knowledge of the environment and compromised the domain long before the attack occurred,” Kaspersky said. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Toxic Combinations: When Cross-App Permissions Stack into Risk

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API keys shared between agents, stored in the same unencrypted table as the tokens needed to hijack the agent itself. This is the shape of a toxic combination: a permission breakdown between two or more applications, bridged by an AI agent, integration, or OAuth grant, that no single application owner ever authorized as its own risk surface.

Moltbook’s agents sat at that bridge, carrying credentials for their host platform and for the outside services their users had wired them into, in a place that neither platform owner had line of sight into. Most SaaS access reviews still examine one application at a time, which is the blind spot attackers are learning to target. How Toxic Combinations Form Toxic combinations are rarely the product of a single bad decision. They appear when an AI agent, an integration, or an MCP server bridges two or more applications through OAuth grants, API scopes, or tool-use chains, and each side of the bridge looks fine on its own because the bridge itself is what no one reviewed.

As an example, imagine a developer installs an MCP connector so their IDE can post code snippets into a Slack channel on request. The Slack admin signs off on the bot; the IDE admin signs off on the outbound connection; neither signs off on the trust relationship between source editing and business messaging that exists the moment both sides are live. It runs in both directions: prompt injections inside the IDE push confidential code into Slack, and instructions planted in Slack flow back into the IDE’s context on the next session. The same shape appears wherever an AI agent bridges Drive and Salesforce, a bot wires a source repository into a team channel, or any intermediary makes two apps trust each other through a grant that looks normal in each.

Why Single-App Reviews Miss Them Conventional access review rarely catches this shape. It strains in the territory modern SaaS has opened up: non-human identities like service accounts, bots, and AI agents with no human behind them, trust relationships that form at runtime rather than at provisioning time, and OAuth and MCP bridges are wired between apps without the governance catalog knowing. Answering “who holds this scope plus those two other scopes, and what can those scopes accomplish together” becomes much harder once the scopes in question live on a token nobody provisioned through any identity system to begin with. The telemetry gap is widening quite fast.

AI agents, MCP servers, and third-party connectors now sit across two or three adjacent apps by default, and non-human identities outnumber human ones in most SaaS environments. The Cloud Security Alliance’s State of SaaS Security 2025 report found that 56% of organizations are already concerned about over-privileged API access across their SaaS-to-SaaS integrations. Things Worth Thinking About Closing the gap is largely a matter of shifting where review happens, from inside each app to between them. Here are a handful of things worth thinking about to address this type of issue: Area to review What it looks like in practice Non-human identity inventory Every AI agent, bot, MCP server, and OAuth integration sits in the same register as a user account, with an owner and a review date.

Cross-app scope grants A new write scope on an identity that already holds read scopes in a different app is flagged before approval, not after. Bridge review on creation Every connector that links two systems has a review trail naming both sides and the trust relationship between them. Long-lived token hygiene Tokens whose activity has drifted from the scopes they were originally granted are candidates for revocation, not renewal. Runtime drift monitoring Cross-app scope anomalies and identities operating across a new app combination are the tells a toxic combination is forming.

These are procedural disciplines more than product choices, and they work with whatever access review tooling is in place. The reality is that seeing these connections at scale is hard without a platform built to watch the runtime graph continuously. Manual review doesn’t scale past the first few dozen integrations. Where Dynamic SaaS Security Platforms Fit In Dynamic SaaS security platforms automate the cross-app view that procedural review sets up.

Where IGA inventories roles for onboarded systems, dynamic SaaS security watches the runtime graph continuously: which identities exist, which apps they touch, what scopes live on which tokens, and which trust relationships have been wired in after the last provisioning review. The monitoring has to run continuously, because the bridges these platforms need to catch are created at the speed of an MCP install or an OAuth consent click. Reco is one example of this category. Its platform connects identities, permissions, and data flows across the whole SaaS environment, so a combination of scopes in Slack, Drive, and Salesforce is evaluated as one exposure rather than three separate approvals.

The first step is discovering every AI agent, integration, and OAuth identity operating across the environment, so the inventory any cross-app review depends on actually exists. Agents that security teams did not know were there, or agents that quietly gained new connections after initial onboarding, surface alongside the sanctioned ones. Reco’s AI Agents Inventory, showing discovered agents connected to GitHub. Once the agents are inventoried, Reco’s Knowledge Graph maps every human and non-human identity to the apps it reaches and the bridges between them.

When an MCP server connects an IDE to a messaging channel, or an AI agent wires a document store into a CRM, the graph surfaces the combination automatically and flags it as a permission breakdown no single app owner authorized. Reco’s Knowledge Graph, showing a toxic combination between Slack and Cursor. From there, Reco catches the moment an integration starts behaving outside what it was approved for, and revokes risky access before anyone gets a chance to use it. The chain, rather than the app, becomes the thing you review, and that shift is what makes toxic combinations visible in the first place.

The next breach at most organizations won’t announce itself with a new zero-day. It will look like an agent doing exactly what it was authorized to do, all the way through to exfiltration. Whether that gets caught at approval time or written up in a post-mortem comes down to whether anyone can see the full chain. Seeing the full chain is what Reco’s Dynamic SaaS Security platform was built to do.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372 , carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.

“Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network,” Microsoft said in a Tuesday advisory. “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” The tech giant said an attacker could abuse the vulnerability to disclose files and modify data, but emphasized that successful exploitation hinges on three prerequisites - The application uses Microsoft.AspNetCore.DataProtection 10.0.6 from NuGet (either directly or through a package that depends on it, such as Microsoft.AspNetCore.DataProtection.StackExchangeRedis). The NuGet copy of the library was actually loaded at runtime. The application runs on Linux, macOS, or another non-Windows operating system.

The vulnerability has been addressed by Microsoft in ASP.NET Core version 10.0.7 . “A regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages cause the managed authenticated encryptor to compute its HMAC validation tag over the wrong bytes of the payload and then discard the computed hash in some cases,” Microsoft explained in its release notes. In such scenarios, an attacker could forge payloads that pass DataProtection’s authenticity checks, as wellas decrypt previously-protected payloads in authentication cookies, antiforgery tokens, and others. “If an attacker used forged payloads to authenticate as a privileged user during the vulnerable window, they may have induced the application to issue legitimately-signed tokens (session refresh, API key, password reset link, etc.) to themselves,” it added.

“Those tokens remain valid after upgrading to 10.0.7 unless the DataProtection key ring is rotated.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector. “The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than financially motivated objectives,” Acronis researchers Subhajeet Singha and Santiago Pontiroli said in an analysis. The use of LOTUSLITE was previously observed in spear-phishing attacks targeting U.S. government and policy entities using decoys associated with the geopolitical developments between the U.S.

and Venezuela. The activity was attributed with medium confidence to a Chinese nation-state group tracked as Mustang Panda. The latest activity flagged by Acronis involves deploying an evolved version of LOTUSLITE that demonstrates “incremental improvements” over its predecessor, indicating that the malware is being actively maintained and refined by its operators. The deviation from the prior attack wave relates to a geographic pivot that focuses mainly on the banking sector of India, while keeping the rest of the operational playbook mostly intact.

The starting point of the attack is a Compiled HTML (CHM) file embedding the malicious payloads – a legitimate executable and a rogue DLL – along with an HTML page that contains a pop-up which prompts the user to click “Yes.” This step is designed to silently retrieve and execute a JavaScript malware from a remote server (“cosmosmusic[.]com”), whose primary responsibility is to extract and run the malware contained inside the CHM file using DLL side-loading . The DLL (“dnx.onecore.dll”) is an updated version of LOTUSLITE that communicates with the domain “editor.gleeze[.]com” to receive commands and exfiltrate data of interest. Further analysis of the campaign has uncovered similar artifacts designed to target South Korean entities, specifically individuals within the policy and diplomatic community. “We believe that the group had been targeting certain entities belonging to the South Korean and U.S.

diplomatic and policy communities, specifically those involved in Korean peninsula affairs, North Korea policy discussions and Indo-Pacific security dialogues,” Acronis said. “What stands out is the broadening of the group’s targeting, from U.S. government entities with geopolitical lures, to India’s banking sector through implants embedded with HDFC Bank references and pop-ups masquerading as legitimate banking software, and now to South Korean and U.S. policy circles through the impersonation of a prominent figure in Korean peninsula diplomacy, delivered via spoofed Gmail accounts and Google Drive staging.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752 , is rated 9.3 on the CVSS scoring system. “Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according to a description of the flaw in CVE.org. Developed by Cohere AI as an open-source project, Terrarium is a Python sandbox that’s used as a Docker-deployed container for running untrusted code written by users or generated with assistance from a large language model (LLM).

Notably, Terrarium runs on Pyodide, a Python distribution for the browser and Node.js, enabling it to support standard Python packages. The project has been forked 56 times and starred 312 times. According to the CERT Coordination Center (CERT/CC), the root cause relates to a JavaScript prototype chain traversal in the Pyodide WebAssembly environment that enables code execution with elevated privileges on the host Node.js process. Successful exploitation of the vulnerability can allow an attacker to break out of the confines of the sandbox and execute arbitrary system commands as root within the container.

In addition, it can permit unauthorized access to sensitive files, such as “/etc/passwd,” reach other services on the container’s network, and even possibly escape the container and escalate privileges further. It bears noting that the attack requires local access to the system but does not require any user interaction or special privileges to exploit. Security researcher Jeremy Brown has been credited with discovering and reporting the flaw. Given that the project is no longer actively maintained, the vulnerability is unlikely to be patched.

As mitigations, CERT/CC is advising users to take the following steps - Disable features that allow users to submit code to the sandbox, if possible. Segment the network to limit the attack surface and prevent lateral movement. Deploy a Web Application Firewall to detect and block suspicious traffic, including attempts to exploit the vulnerability. Monitor container activity for signs of suspicious behavior.

Limit access to the container and its resources to authorized personnel only. Use a secure container orchestration tool to manage and secure containers. Ensure that dependencies are up-to-date and patched. “The sandbox fails to adequately prevent access to parent or global object prototypes, allowing sandboxed code to reference and manipulate objects in the host environment,” SentinelOne said .

“This prototype pollution or traversal technique bypasses the intended security boundaries of the sandbox.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC . According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led to the discovery of a botnet of more than 1,570 victims. “SystemBC establishes SOCKS5 network tunnels within the victim’s environment and connects to its C&C server using a custom RC4‑encrypted protocol,” Check Point said. “It can also download and execute additional malware, with payloads either written to disk or injected directly into memory.” Since its emergence in July 2025, The Gentlemen has quickly established itself as one of the most prolific ransomware groups, claiming more than 320 victims on its data leak site.

Operating under a classic double-extortion model, the group is versatile as it’s sophisticated, exhibiting capabilities to target Windows, Linux, NAS, and BSD systems with a Go-based locker as well as employing legitimate drivers and custom malicious tools to subvert defenses. Exactly how the threat actors obtain initial access is unclear, although evidence suggests that internet-facing services or compromised credentials are being abused to establish an initial foothold, followed by engaging in discovery, lateral movement, payload staging (i.e., Cobalt Strike, SystemBC, and the encryptor), defense evasion, and ransomware deployment. A notable aspect of the attacks is the abuse of Group Policy Objects (GPOs) to facilitate domain-wide compromise. “By tailoring their tactics against specific security vendors, The Gentlemen have demonstrated an acute awareness of their targets’ environments and a willingness to engage in in-depth reconnaissance and tool modification throughout the course of their operation,” security vendor Trend Micro noted in an analysis of the group’s tradecraft in September 2025.

The latest findings from Check Point show that an affiliate of The Gentlemen RaaS deployed SystemBC on a compromised host, with the C2 server linked to the proxy malware commandeering hundreds of victims across the globe, including the U.S., the U.K., Germany, Australia, and Romania. While SystemBC has been used in ransomware operations as far back as 2020, the exact nature of the connection between the malware and The Gentlemen e-crime scheme remains unclear, such as whether it’s part of the attack playbook or if it’s something deployed by a specific affiliate for data exfiltration and remote access. “During lateral movement, the ransomware makes an attempt to blind Windows Defender on each reachable remote host by pushing a PowerShell script that disables real-time monitoring, adds broad exclusions for the drive, staging share, and its own process, shuts down the firewall, re-enables SMB1, and loosens LSA anonymous access controls, all before deploying and executing the ransomware binary on that host,” Check Point said. The ESXi variant incorporates fewer functionalities than the Windows variant, but is equipped to shut down virtual machines to enhance the effectiveness of the attack, adds persistence via crontab, and inhibits recovery before the ransomware binary is deployed.

“Most ransomware groups make noise when they launch and then disappear. The Gentlemen are different,” Eli Smadja, group manager at Check Point Research, said in a statement shared with The Hacker News. “They’ve cracked the affiliate recruitment problem by offering a better deal than anyone else in the criminal ecosystem. When we got inside one of their operator’s servers, we found over 1,570 compromised corporate networks that hadn’t even made the news yet.

The real scale of this operation is significantly larger than what’s publicly known, and it’s still growing.” The findings come as Rapid7 highlighted the inner workings of another relatively new ransomware family called Kyber that surfaced in September 2025, targeting Windows and VMware ESXi infrastructures using encryptors developed in Rust and C++, respectively. “The ESXi variant is specifically built for VMware environments, with capabilities for datastore encryption, optional virtual machine termination, and defacement of management interfaces,” the cybersecurity company said . “The Windows variant, written in Rust, includes a self-described ‘experimental’ feature for targeting Hyper-V.” “Kyber ransomware isn’t a masterpiece of complex code, but it is highly effective at causing destruction. It reflects a shift toward specialization over sophistication.” According to data compiled by ZeroFox, at least 2,059 separate ransomware and digital extortion (R&DE) incidents have been observed in Q1 2026, with March accounting for no less than 747 incidents.

The most active groups during the time period were Qilin (338), Akira (197), The Gentlemen (192), INC Ransom, and Cl0p. “Notably, North America-based victims accounted for approximately 20 percent of The Gentlemen’s attacks in Q3 2025, 2% in Q4 2025, and 13% in Q1 2026,” ZeroFox said . “This largely goes against typical regional targeting trends by other R&DE collectives, at least 50 percent of whose victims are North America-based.” The Shifting Velocity of Ransomware Attacks Cybersecurity company Halcyon, in its 2025 Ransomware Evolution Report , revealed that the threat continues to mature into something more disciplined and a business-driven criminal enterprise, even as ransomware attacks targeting the automotive industry more than doubled in 2025 , taking up 44% of all cyber incidents across the sector. Other significant trends include attempts to impair security Endpoint Detection and Response (EDR) tools, use of the Bring Your Own Vulnerable Driver ( BYOVD ) attack technique to escalate privileges and disable security solutions, blurring of nation-state and criminal ransomware campaigns , and increased targeting of small and mid-sized organizations and operational technology (OT) environments.

“Ransomware continued to grow as a durable, industrialized ecosystem built on specialization, shared infrastructure, and rapid regeneration rather than any single brand,” it said. “Law enforcement pressure and infrastructure seizures disrupted major operations, driving fragmentation, rebranding, and intensified competition across a more fluid landscape.” Ransomware operations are increasingly fast-moving, with dwell times collapsing from days to hours. About 69% of observed attack attempts have been found to be deliberately staged during nights and weekends to outpace defender response. For instance, attacks involving Akira ransomware have demonstrated an unusual swiftness, rapidly escalating from initial foothold to full encryption within an hour in some cases without detection, highlighting a well-oiled attack engine designed to maximize impact.

“Akira’s combination of rapid compromise capabilities, disciplined operational tempo, and investment in reliable decryption infrastructure sets it apart from many ransomware operators,” Halcyon said. “Defenders should treat Akira not as an opportunistic threat, but as a capable, persistent adversary that will exploit every available weakness to reach its objective.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed online globally. “Some of these vulnerabilities allow attackers to take full control of mission-critical devices connected via serial links,” the cybersecurity company said in a report shared with The Hacker News. Serial-to-IP converters are hardware devices that enable users to remotely access, control, and manage any serial device over an IP network or the internet by “bridging” legacy applications and industrial control systems (ICS) that operate over TCP/IP.

At a high level, as many as eight security flaws have been discovered in Lantronix products (EDS3000PS Series and EDS5000 Series) and 14 in Silex SD330-AC. These shortcomings fall under the following broad categories - Remote code execution - CVE-2026-32955, CVE-2026-32956, CVE-2026-32961, CVE-2025-67041, CVE-2025-67034, CVE-2025-67035, CVE-2025-67036, CVE-2025-67037, and CVE-2025-67038 Client-side code execution - CVE-2026-32963 Denial-of-service (DoS) - CVE-2026-32961, CVE-2015-5621, CVE-2024-24487 Authentication bypass - CVE-2026-32960, CVE-2025-67039 Device takeover - FSCT-2025-0021 (no CVE assigned), CVE-2026-32965, CVE-2025-70082 Firmware tampering - CVE-2026-32958 Configuration tampering - CVE-2026-32962, CVE-2026-32964 Information disclosure - CVE-2026-32959 Arbitrary file upload - CVE-2026-32957 Successful exploitation of the aforementioned flaws could allow attackers to disrupt serial communications with field assets, conduct lateral movement, and tamper with sensor values or modify actuator behavior. In a hypothetical attack scenario, a threat actor could gain initial access to a remote facility through an internet-exposed edge device , such as an industrial router or firewall, and then weaponize BRIDGE:BREAK vulnerabilities to compromise the serial-to-IP converter, and alter serial data moving to or from the IP network. Lantronix and Silex have released security updates to address the identified issues - Lantronix EDS3000PS Series Lantronix EDS5000 Series Silex Besides applying patches, users are advised to replace default credentials, avoid using weak passwords, segment networks to prevent bad actors from reaching vulnerable serial-to-IP converters or using them as jumping-off points to other critical assets, and ensure the devices are not exposed to the internet.

“This research highlights weaknesses in serial-to-IP converters and the risks they can introduce in critical environments,” Forescout said. “As these devices are increasingly deployed to connect legacy serial equipment to IP networks, vendors and end-users should treat their security implications as a core operational requirement.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino , 41, of Land O’Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime gang in extracting higher amounts as ransoms. “Working as a negotiator on behalf of five different ransomware victims, Martino provided BlackCat attackers with confidential information about the negotiating position and strategy of his company’s clients without the clients’ or his employer’s knowledge or permission,” the U.S.

Department of Justice (DoJ) said in a Monday announcement. The information, which included the victims’ insurance policy limits and internal negotiation positions, maximized the ransoms they were required to pay. Martino was financially compensated in exchange for providing the details. Martino, who was charged last month, also admitted to collaborating with two other incident responders, Ryan Goldberg and Kevin Martin, to successfully deploy BlackCat ransomware against multiple victims in the U.S.

between April 2023 and November 2023. Martino and Martin worked for DigitalMint, while Goldberg was an incident response manager for cybersecurity company Sygnia. In one case, the defendants successfully extorted one victim for approximately $1.2 million in Bitcoin, and then split the illicit proceeds among themselves and laundered the funds through various means. In all, authorities seized $10 million of assets from Martino, including digital currency, vehicles, a food truck, and a luxury fishing boat.

Martino has pleaded guilty to one count of conspiracy to obstruct, delay or affect commerce or the movement of any article or commodity in commerce by extortion. He is scheduled to be sentenced on July 9, 2026, and faces a maximum penalty of 20 years in prison. Martin and Goldberg pleaded guilty to the crime in December 2025 and are expected to be sentenced later this month. Like Martino, both individuals could be awarded a jail term of up to 20 years.

“Angelo Martino’s clients trusted him to respond to ransomware threats and help thwart and remedy them on behalf of victims,” said Assistant Attorney General A. Tysen Duva of the DoJ’s Criminal Division. “Instead, he betrayed them and began launching ransomware attacks himself by assisting cyber criminals and harming victims, his own employer, and the cyber incident response industry itself.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory exposure, and brand damage. The root cause of slow MTTR is almost never “not enough analysts.” It is almost always the same structural problem: threat intelligence that exists outside the workflow. Feeds that require manual lookup.

Reports that live in a shared drive. Enrichment that happens in a separate tab. Every handoff costs minutes; over the course of a workday, those minutes become hours. Mature SOCs have collapsed those handoffs.

Their intelligence is embedded in the workflow itself at the exact moment a decision needs to be made. Below are the five places where separation matters most. 1. Detection: Catching Threats Before They Become Incidents In many SOCs, detection begins only when an alert fires.

By that point, the attacker may already have a foothold, persistence, or worse. Mature SOCs shift this dynamic by extending their visibility beyond internal signals . With ANY.RUN Threat Intelligence Feeds , they continuously ingest fresh indicators from real-world attacks and match them against their own telemetry. This means suspicious infrastructure can be flagged even before it triggers traditional alerts.

The effect is subtle but powerful. Detection moves upstream. Instead of reacting to confirmed incidents, teams start catching activity in its early stages, when containment is faster and far less expensive. TI Feeds: data sources and benefits From a business perspective , this is where risk is quietly reduced.

The earlier a threat is identified, the less opportunity it has to evolve into a costly breach. 2. Triage: Turning Uncertainty into Instant Clarity If detection is about seeing, triage is about deciding. And this is where many SOCs lose momentum.

In less mature environments, triage often turns into a mini-investigation. Analysts pivot between tools, search for context, and escalate alerts “just in case.” The process becomes cautious, slow, and expensive in terms of human effort. Mature SOCs compress this step dramatically. Using ANY.RUN Threat Intelligence Lookup , they enrich indicators instantly, pulling in behavioral context from real malware executions.

Instead of guessing whether something is malicious, analysts immediately understand what it does and how serious it is. Decisions become faster, escalations more precise, and Tier 1 analysts handle far more on their own. For example, just look up a suspicious domain spotted in your perimeter and find out instantly that it belongs to MacSync stealer infrastructure: Domain lookup with a quick “malicious” verdict and IOCs What further accelerates this process is the AI-powered search inside TI Lookup. Instead of relying on precise syntax, complex filters, or deep familiarity with query parameters, analysts can describe what they are looking for and get it translated into structured queries, removing a layer of friction that traditionally slows down investigations.

This doesn’t just make experts faster; it makes less experienced analysts far more effective. The barrier to advanced search capabilities drops, and the time spent figuring out how to search is replaced by focusing on what the results mean. Decisions become faster, escalations more precise, and Tier 1 analysts handle far more on their own. For the business , this translates into efficiency that doesn’t require additional hiring.

The SOC simply becomes more capable with the same resources. Stop threats before they start to cost: integrate live TI . 3. Investigation: From Fragmented Clues to a Coherent Story Investigation is where time can stretch the most.

In many SOCs, it’s a process of stitching together fragments: logs from one system, reputation checks from another, behavioral guesses built on limited data. This fragmentation is expensive. Not just in minutes, but in cognitive load. Mature SOCs reduce that complexity by anchoring investigations in context-rich intelligence.

With ANY.RUN’s

threat intelligence ecosystem

indicators are not just labels. They are connected to real execution data, attack chains, and observable behaviors. Instead of reconstructing what might have happened, analysts can see what did happen. The investigation becomes less about searching and more about understanding.

This shift shortens analysis time and raises the overall quality of decisions. It also allows less experienced analysts to operate with greater confidence, which is often an overlooked advantage. From a business standpoint , faster and clearer investigations mean reduced dwell time, which directly limits the scale of potential damage. Built on real-time data from over 15,000 organizations and 600,000 analysts detonating live malware and phishing samples every day, this behavioral intelligence connects raw IOCs to actual attack execution, TTPs, and artifacts.

The result? MTTR drops dramatically because context is instant, automation is accurate, and decisions are confident. 4. Response: Acting at the Speed of Confidence Even when a threat is identified, response can lag.

Manual steps, inconsistent playbooks, and delays between decision and action all stretch MTTR. Mature SOCs treat response as something that should happen almost automatically once a threat is confirmed. By integrating ANY.RUN Threat Intelligence Feeds into SIEM and SOAR platforms, which ensure that known malicious indicators trigger immediate actions such as blocking or isolation. TI Feeds integrations and connectors There is a certain elegance to this.

The system reacts not with hesitation, but with certainty. The time between “we know this is bad” and “it’s contained” shrinks to seconds. For the business , this is where operational impact is minimized. Faster containment reduces downtime, protects critical assets, and keeps disruptions from cascading across systems.

1. Threat Hunting & Prevention: Learning Before It Hurts Again The final difference between mature and less mature SOCs lies in what happens between incidents. Reactive teams move from alert to alert, often encountering variations of the same attack without realizing it. There is little time or structure for proactive work.

Mature SOCs deliberately carve out that space. With ANY.RUN Threat Reports and continuously updated intelligence feeds, they track emerging campaigns, understand attacker techniques, and adapt their defenses in advance. Over time, this creates a compounding effect. The SOC doesn’t just respond faster.

It encounters fewer incidents to begin with. From a business perspective , this is where cybersecurity starts to feel less like firefighting and more like risk management. Fewer surprises, fewer disruptions, and a stronger overall security posture. Where the Time Really Goes What becomes clear across all five areas is that delays rarely come from a single dramatic failure.

They come from small, repeated inefficiencies. A missing piece of context here, an extra lookup there, a delayed decision somewhere in between. Individually, these moments seem minor. Together, they stretch MTTR far beyond what it should be.

Mature SOCs solve this not by speeding up people, but by redesigning how information flows. When ANY.RUN’s threat intelligence, incorporating TI Feeds, TI Lookup, and Threat Reports, is integrated into daily workflows; the need to search, verify, and cross-check is dramatically reduced. The work changes in nature. Analysts spend less time chasing data and more time making decisions.

Boost your SOC to maturity with behavioral threat intelligence. Cut MTTR & protect revenue. Contact ANY.RUN and choose your plan For leadership, the implications are straightforward but significant. Improving MTTR is not just a technical goal.

It is a business lever. Faster detection and response reduce the likelihood of major incidents, limit operational disruption, and improve the return on existing security investments. ANY.RUN Threat Intelligence supports this across every stage of SOC operations: It brings earlier visibility into threats; It accelerates decision-making during triage; It simplifies investigations with real behavioral context; It enables faster, automated response; It strengthens proactive defense through continuous insight. The result is not just a faster SOC, but a more resilient organization.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.