DAILY WORKFLOW ARCHIVE

2026-04-28 AI创业新闻

候选线索仅供信息发现,请在引用或实践前回到原始来源核验。

2026-04-28 AI创业新闻

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. “Based on current evidence, we believe this data originated from Checkmarx’s GitHub repository, and that access to that repository was facilitated through the initial supply chain attack of March 23, 2026,” the Israeli security company said . It also emphasized that the GitHub repository is maintained separately from its customer production environment, adding that no customer data is stored in the repository. Checkmarx said its forensic probe into the incident is ongoing and that it’s actively working to verify the nature and scope of the posted data.

Furthermore, the company said it has locked down access to the affected GitHub repository as part of its incident response efforts. “If we determine that customer information was involved in this incident, we will notify customers and all relevant parties immediately,” it said. The development comes after the Dark Web Informer shared in an X post that the LAPSUS$ cybercrime group claimed three victims on its data leak site, one of which includes Checkmarx. The data, per the listing, contains source code, employee database, API keys, and MongoDB/MySQL credentials.

Checkmarx suffered a breach late last month following the Trivy supply chain attack, as a result of which two of its GitHub Actions workflows and two plugins distributed via the Open VSX marketplace were tampered with to push a credential stealer capable of harvesting a wide range of developer secrets. The threat actor known as TeamPCP claimed responsibility for the attack. Last week, the financially motivated group is suspected to have compromised Checkmarx’s KICS Docker image, along with the two VS Code extensions and a GitHub Actions workflow with a similar credential-stealing malware. This, in turn, had a cascading impact, leading to a brief compromise of the Bitwarden CLI npm package .

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More

Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap.

Supply chains got hit. Fake help desks worked. Weird research showed how easy some attacks still are. Most of it feels like stuff we should have fixed years ago.

Bad extensions. Stolen creds. Remote tools are getting abused. Malware hides in places people trust.

Same mess, cleaner packaging. Coffee is cold. The vuln list is ugly. Let’s get into it.

⚡ Threat of the Week New fast16 Malware Was Developed Years Before Stuxnet —A new Lua-based malware called fast16, created years before the notorious Stuxnet worm, is designed to primarily target high-precision calculation software to tamper with results. The framework dates back to 2005. Analysis suggests that fast16 was active at least five years before the emergence of Stuxnet. Widely regarded as a joint U.S.-Israeli project, Stuxnet marked a turning point in cyber warfare as the first disruptive digital weapon and eventually served as the blueprint for the Duqu information-stealing rootkit.

Fast16, however, establishes a much earlier timeline for such sophisticated operations. The development places its origin well before Stuxnet came into being. Although it’s currently not known if it was ever deployed in the wild, the investigation found three potential types of physical simulation software that the malware might have been designed to tamper with. “It focuses on making slight alterations to these calculations so that they lead to failures – very subtle ones, perhaps not immediately apparent,” security researcher Vitaly Kamluk told WIRED.

“Systems might wear out faster, collapse, or crash, and scientific research could yield incorrect conclusions, potentially causing serious harm.” Automated Session Termination & Activity Summaries: Goodbye Manual Log Reviews Threats move fast. KeeperAI moves faster. With real-time, agentic AI threat detection and response, high-risk sessions are instantly terminated, and every action is categorized into risk levels and summarized. Automate insider threat detection and eliminate manual log reviews forever.

Start a Free Trial ➝ 🔔 Top News UNC6692 Resorts to Teams Help Desk Impersonation —A new threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named Snow, which consists of a browser extension, a tunneler, and a backdoor. The end goal is to steal sensitive data after network compromise through credential theft and domain takeover. “This component is where active reconnaissance and mission completion occur,” Google Mandiant noted. “Attacker commands (such as whoami or net user) are sent through the SnowGlaze tunnel, intercepted by the SnowBelt extension, and then proxied to the SnowBasin local server via HTTP POST requests.

SnowBasin executes these commands and relays the results back through the same pipeline to the attacker.” U.S. Federal Agency Targeted by FIRESTARTER Backdoor —The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with a new malware called FIRESTARTER. FIRESTARTER is assessed to be a backdoor designed for remote access and control.

It’s believed to be deployed as part of a “widespread” campaign orchestrated by an advanced persistent threat (APT) actor to obtain access to Cisco Adaptive Security Appliance (ASA) firmware by exploiting now-patched security flaws such as CVE-2025-20333 and CVE-2025-20362. Given the backdoor’s ability to survive patches and system reboots, Cisco is recommending users reimage and update to the latest fixed versions. Lotus Wiper Malware Targets Venezuelan Energy Systems —A previously undocumented data wiper codenamed Lotus Wiper has been used in attacks targeting the energy and utilities sector in Venezuela at the end of last year and the start of 2026. “Two batch scripts are responsible for initiating the destructive phase of the attack and preparing the environment for executing the final wiper payload,” Kaspersky said.

“These scripts coordinate the start of the operation across the network, weaken system defenses, and disrupt normal operations before retrieving, deobfuscating, and executing a previously unknown wiper.” Once deployed, the wiper erases recovery mechanisms, overwrites the content of physical drives, and systematically deletes files across affected volumes, effectively leaving the system in an inoperable state. The Gentlemen Deploys SystemBC Malware —Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. The ransomware group has quickly made a name for itself in a matter of months, claiming more than 320 victims on its data leak site since its emergence in July 2025. According to Comparitech , the group claimed 202 attacks last quarter, second only to Qilin’s 353 claims.

NCC Group found The Gentlemen was responsible for 34 attacks in January and 67 in February 2026, making it a prominent player alongside other established groups like Qilin, Akira, and Cl0p. “The emergence of The Gentlemen group among the top three most active threat actors is notable as it demonstrates how a relatively new group can scale operations rapidly,” NCC Group said . The development comes as another nascent ransomware group called Kyber has attracted attention for becoming the first RaaS crew to adopt the Kyber1024 (aka ML-KEM) post-quantum encryption algorithm for its Windows variant of the locker. In related news, the threat actors linked to the Trigona ransomware, dubbed Rhantus , have been observed using a custom data exfiltration tool that’s designed to provide attackers with more control over what files to choose (or ignore) and facilitate rapid data transfer by opening five parallel connections per file.

The attacks were detected in March 2026. It’s not known why the threat actors shifted from readily available tools like Rclone. The use of custom tooling in the ransomware landscape is something of a rarity, even as it’s a double-edged sword for attackers. “While it requires development resources and time, these tools can provide a level of stealth that generic tools cannot match, at least until they’re discovered,” the Symantec and Carbon Black Threat Hunter Team said.

Bitwarden CLI Compromised in Supply Chain Campaign —Bitwarden CLI, the command-line interface for the password manager Bitwarden, was compromised as part of a new supply chain attack that targeted Checkmarx’s Docker images, Visual Studio Code extensions, and GitHub Actions workflow. The affected package, @bitwarden/cli@2026.4.0, contained malicious code to steal sensitive data from developer systems. The malware also features self-propagation capabilities, using stolen npm credentials to identify packages the victim can modify and inject them with malicious code to expand its reach. Bitwarden has since addressed the issue.

The attack appears to be the work of a threat actor known as TeamPCP , although references to the string “Shai-Hulud: The Third Coming” have complicated attribution. 🔥 Trending CVEs Bugs drop weekly, and the gap between a patch and an exploit is shrinking fast. These are the heavy hitters for the week: high-severity, widely used, or already being poked at in the wild. Check the list, patch what you have, and hit the ones marked urgent first — CVE-2026-40372 (Microsoft ASP.NET Core), CVE-2026-33626 (LMDeploy), CVE-2026-5760 (SGLang), CVE-2026-5752 (Cohere AI Terrarium), CVE-2026-3517, CVE-2026-3518, CVE-2026-3519, CVE-2026-4048 (Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager, and MOVEit WAF), CVE-2026-21876 (Progress MOVEit WAF), CVE-2026-32173 (Microsoft Azure SRE Agent), CVE-2026-25262 ( Qualcomm ), CVE-2025-24371 (CometBFT), CVE-2026-5754 (Radware Alteon), CVE-2026-40872 (Mailcow), CVE-2026-27654 (Nginx), CVE-2026-5756 (DRC INSIGHT), CVE-2026-5757 (Ollama), CVE-2026-41651 aka Pack2TheRoot (Linux PackageKit), CVE-2026-33824 (Microsoft Windows IKEv2), CVE-2026-21571, CVE-2026-33871 (Atlassian Bamboo Data Center), CVE-2026-40050 (CrowdStrike LogScale), CVE-2026-32604, CVE-2026-32613 (Spinnaker), CVE-2026-33694 ( Tenable Nessus Agent on Windows ), TRA-2026-30 (Windows-driver-samples), TRA-2026-35 (Yuma AI), and a remote code execution flaw in Slippi (no CVE).

🎥 Cybersecurity Webinars Stop Testing, Start Validating: Outsmart Hackers with Agentic AI → Stop guessing which security gaps matter most while hackers use AI to find them for you. Most tools just follow a static checklist, but “Agentic Exposure Validation” actually thinks like an attacker, uncovering hidden paths into your network that traditional scans miss. Join this webinar to see how autonomous AI agents can test your defenses 24/7 and help you fix the risks that truly matter before they are exploited. Stop the Spread: How to Kill “Patient Zero” Before Your Network Goes Down → It only takes one “Patient Zero” to bring down your entire company.

While traditional tools look for old threats, modern hackers are using AI-powered tricks to slip past your defenses undetected. Join this webinar to see how these new attacks work and learn simple “Zero Trust” steps to stop a breach before it spreads. Don’t wait for a crisis—learn how to lock down your network today. Connect the Dots: Stop Attackers Before They Reach Your Data → Hackers aren’t just looking for one big bug; they are chaining small, hidden gaps in your code and cloud to create a direct path to your data.

Most security tools only see these issues in isolation, leaving you blind to the “big picture” thatan attacker sees. Join this webinar to learn how to map these complex attack paths and fix the real risks before they are exploited. 📰 Around the Cyber World Turning the Web Into a Trap for LLMs —Google has revealed that indirect prompt injections (IPI) are a top security priority, calling it a “primary attack vector for adversaries to target and compromise AI agents.” Unlike regular prompt injection that seeks to manipulate a chatbot into executing malicious instructions, IPI occurs when an AI system processes content, like a website, email, or document, that contains nefarious commands. As this content is processed by the AI, it may end up following the attacker’s commands instead of the user’s original intent.

This is complicated by the fact that attackers use a gaggle of tricks to hide malicious instructions from human eyes while keeping them fully visible to AI. This often involves making the text invisible through CSS, encoding it in various formats, or stashing it in unexpected locations. In at least one malicious scenario, Google flagged a number of websites that attempt to vandalize the machines of anyone using AI assistants. If executed, the commands in this example would try to delete all files on the user’s machine.

Some websites include prompt injections for the purpose of SEO, trying to manipulate AI assistants into promoting their business over others. “Additionally, even though sophistication was low, we observed an uptick in detections over time: We saw a relative increase of 32% in the malicious category between November 2025 and February 2026, repeating the scan on multiple versions of the [CommonCrawl] archive,” Google said . “This upward trend indicates growing interest in IPI attacks.” Meta Debuts Improved Meta Account —Meta has introduced an improved Meta Account as a centralized way to sign in and manage Meta apps and devices like Facebook, Instagram, and AI glasses. Besides adding support for passkeys, Meta also allows users to “optionally set up a single password to log into your apps and devices so you no longer have to remember multiple passwords.” X Launches XChat —X launched XChat as a standalone app for iOS, allowing users on the platform to connect with others for messaging, file sharing, audio and video calls, as well as group chats.

The company claims all messages are end-to-end encrypted and PIN-protected — though security experts have previously disputed the company’s encryption claims when an early version was teased last year. XChat’s app listing page shows that it can collect location, contacts, search history, usage data, identifiers, and device diagnostics, and link that information to a user’s identity directly. Meta Plans to Track Employee Mouse Movements, Keystrokes for AI Model Training —Meta is installing tracking software on the systems of U.S. employees to capture mouse movements, clicks, and keystrokes, per a report from Reuters.

Meta said the data will be used to train its artificial intelligence (AI) models and will not be used for employee reviews. In a similar development, GitHub notified users that the GitHub CLI now collects anonymous usage telemetry by default and that they should disable the feature if they do not want to share such information. Surge in Attacks Involving Compromised Bomgar Instances —Huntress has recorded an uptick in incidents involving compromised Bomgar remote monitoring and management (RMM) instances. “The surge follows intermittent waves of exploitation we have seen over the past two months, after BeyondTrust first disclosed a critical-severity flaw ( CVE-2026-1731 ) in Bomgar in February,” the company said .

“On February 6, 2026, BeyondTrust issued fixes for the flaw in Bomgar (rebranded as BeyondTrust Remote Support), which could be exploited by an unauthenticated attacker to remotely execute code.” The specific root cause behind these attacks is not clear, but the incidents likely stem from the exploitation of CVE-2026-1731. Fortra has also spotted phishing campaigns trying to lure victims into installing Datto’s CentraStage remote monitoring and management tool, which attackers are then using to connect back into the victim’s internal network. The findings demonstrate threat actors’ continued shift toward exploiting RMMs rather than using traditional malware. Over 1.2K C2 Servers Linked to Russian Infrastructure Providers —A large-scale study of the Russian web hosting space has found more than 1,250 malicious command-and-control servers hosted inside Russia this year.

Most of the servers are linked to malware families and IoT botnets, such as Keitaro, Hajime, Cobalt Strike, Sliver, Mozi, and Mirai, according to Hunt.io. Tether Freezes $344M —Tether announced that it supported the U.S. Government in freezing $344 million USD₮ across two addresses. “The freeze was executed after the addresses were identified, preventing further movement of funds,” the company said .

“The freeze follows information shared with Tether by several U.S. authorities about activity tied to unlawful conduct. When wallets are identified as connected to sanctions evasion, criminal networks, or other illicit activity, Tether can move to restrict those assets.” Malicious Chrome Extension Masquerades as Google Authenticator —A malicious Chrome extension posing as the official Google Authenticator app was identified in the official extension marketplace as part of an ongoing malicious campaign codenamed AIFrame , active since at least early 2026. “The extension appears to use Chrome’s localization system and skeleton code to bypass security reviews,” DomainTools said .

“Despite its functional appearance, it requests broad, unnecessary permissions and contains ‘dormant infrastructure.’ This extension is linked to at least six others through a shared developer front, two of which already carry fully operational malicious payloads. These extensions utilize hidden iframes to inject attacker-controlled content into every webpage, deploy fraudulent paywalls for free services, and maintain bidirectional communication with C2 servers.” Compromised WordPress Sites Push ClickFix Schemes — Multiple websites have been compromised by a ClickFix clipboard hijacker that aims to trick users into pasting malicious commands into the Windows Run dialog or the macOS Terminal app to deliver malware. The kill chain is assessed to share overlaps with a known traffic distribution system (TDS) named KongTuke . New Phishing Toolkits Discovered —A number of new phishing-as-a-service toolkits have been spotted in the wild: OLUOMO , ATHR , VENOM , p1bot , TMoscow Bot , REFUNDEE , and UPMI .

🔧 Cybersecurity Tools Malfixer → Stop wasting hours manually repairing broken malware just to see how it works. Malfixer does the heavy lifting by automatically rebuilding corrupted or “packed” files so they are ready for analysis in seconds. It is a simple, effective way to bypass the tricks hackers use to hide their code, letting you get straight to your investigation. SmokedMeat → Most developers have no idea how many “shadow” tools and scripts are hidden inside their software build pipelines.

Smokedmeat shines a light on these forgotten GitHub Actions and third-party tools by quickly scanning your environment to show you exactly what is running. It is a simple way to find hidden back doors and security risks before attackers do. Disclaimer: This is strictly for research and learning. It hasn’t been through a formal security audit, so don’t just blindly drop it into production.

Read the code, break it in a sandbox first, and make sure whatever you’re doing stays on the right side of the law. Conclusion Same pattern, new mess. Patch the obvious stuff first. Check the weird logins.

Look hard at browser extensions, remote tools, and anything that touches your build chain. The boring checks are boring until they save prod. That’s it for this week. Keep backups clean, MFA tight, and your trust budget low.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren’t Ready for the Remediation Side

Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI system capable of identifying vulnerabilities at scale and raising serious questions about how quickly organizations can validate, prioritize, and remediate what it finds. The debate that followed has mostly focused on the right questions: Is this a step-change or an incremental advance? Does restricting access to Microsoft, Apple, AWS, and JPMorgan actually reduce risk, or does it just concentrate defensive advantage among the already-well-defended?

What happens when adversaries—state actors, criminal enterprises—build equivalent capability? These are important. But there’s a quieter operational problem that’s getting less airtime, and it’s the one that will actually determine whether most organizations survive this shift. The Discovery-to-Remediation Gap The Mythos announcement, and the broader AI security conversation it kicked off, is largely about finding vulnerabilities faster.

That’s valuable. But finding a vulnerability and fixing it are two entirely different workflows, and the gap between them is where most security programs quietly bleed out. That’s exactly the gap PlexTrac was built to close. Consider what typically happens after a penetration test or a vulnerability scan surfaces a critical finding: it goes into a spreadsheet, or a ticket, or a PDF report that lands in someone’s inbox.

The security team knows about it. The engineering team may or may not know about it. Remediation ownership is ambiguous. There’s no clean way to track whether the patch actually shipped, or whether it was deprioritized, or whether a re-test was ever scheduled.

Meanwhile, the findings are. AI models like Mythos will accelerate the input side of this pipeline dramatically. They can discover vulnerabilities at a pace and depth that human red teams simply can’t match. But if the organizational infrastructure for triaging, prioritizing, communicating, and verifying fixes hasn’t kept pace, faster discovery just means a faster-growing backlog of unresolved critical issues.

This is the problem that a model like Mythos actually makes more acute. If your current pentest process takes three weeks to surface ten high-severity findings, and remediation is already struggling to keep up, what happens when that same surface area is scanned continuously and generates findings at ten times the rate? Schneier’s False Positive Problem Is Real Bruce Schneier raised a sharp point in his writeup: we don’t know Mythos’s false positive rate on unfiltered output. Anthropic reports 89% severity agreement with human contractors on the findings they showcased —but that’s a curated sample, not a full-run distribution.

AI systems that detect nearly every real bug also tend to generate plausible-sounding vulnerabilities in patched or corrected code. This matters operationally. A tool that generates high-confidence-sounding false positives at scale doesn’t reduce security team burden—it increases it. Every spurious critical finding that has to be triaged and dismissed is time a security engineer isn’t spending on a real one.

The value of AI-assisted vulnerability discovery is only realized if the findings that come out of it can be efficiently evaluated, contextualized against actual business risk, and routed to the right people. What the Infrastructure Problem Actually Looks Like The teams best positioned to absorb Mythos-era discovery velocity are the ones that already have three things in place: Centralized findings management. Not a ticket system, not a JIRA board bolted onto a spreadsheet. A purpose-built place where vulnerability findings from multiple sources—scanner output, pentest reports, red team engagements—live in a normalized, queryable format.

Without this, integrating AI-generated findings just adds another data silo. Risk-contextualized prioritization . Raw CVSS scores are a starting point, not a decision. A critical finding in a system that’s air-gapped and internal is not the same risk as the same finding in a customer-facing API.

Organizations that can only sort by severity score will be overwhelmed when AI discovery starts producing findings at volume; organizations that can score against asset criticality, business impact, and exposure context can triage intelligently. Dynamic, Risk-Based Remediation via Configurable Scoring Closed-loop remediation tracking . This is where most programs actually fail. A finding that isn’t verified as fixed is just a liability that has a name.

Continuous re-testing, structured remediation workflows, and clear ownership handoffs aren’t exciting features—they’re the difference between a security program that improves over time and one that just accumulates documented risk. PlexTrac is a pentest reporting and exposure management platform that’s been building in exactly this direction—centralized findings data, contextual risk prioritization, and structured remediation workflows. Mythos (and tools like it) is going to be very good at telling you your house has structural problems. PlexTrac is the operational layer that makes sure those problems actually get fixed, the right contractor gets assigned, and someone verifies the work before closing the job.

Both are necessary. Most organizations have invested in the equivalent of better home inspections while letting the repair tracking system stay in a shared Google Doc. The Access Problem Schneier Identified Is Also a Workflow Problem One critique of Project Glasswing is that concentrating Mythos access among 50 large vendors means the organizations best-equipped to act on findings get them first. Fortune 500 enterprises, as the Fortune piece from the former national cyber director noted, are better positioned to absorb and remediate; it’s SMEs, regional infrastructure operators, and specialized industrial systems that are most exposed and least resourced.

This is a structural access problem that policy will have to address. But embedded in it is also a workflow problem: even if access were democratized, many smaller organizations don’t have the operational infrastructure to turn AI-generated security findings into executed remediations. Tooling that reduces the overhead of that process—faster reporting, clearer findings communication, lower-friction remediation handoffs—is arguably more important for those organizations than it is for the enterprises that can already throw headcount at the problem. The Practical Takeaway The Mythos moment is a useful forcing function.

Not because it means your systems will definitely be compromised tomorrow, but because it makes visible a gap that’s been quietly growing for years: security teams are getting better at finding problems while the organizational machinery for fixing them has evolved much more slowly. The right response isn’t panic, and it isn’t waiting to see whether Glasswing access eventually expands to include you. It’s taking the Mythos announcement as a prompt to audit your own remediation pipeline: How long does it take a critical finding to go from discovery to verified fix? How many open high-severity findings are currently in some ambiguous state of “being worked on”?

Can you actually re-test after remediation, or do you just trust the engineering ticket was closed? Those questions don’t require access to Mythos to answer. And for most teams, the answers will be more uncomfortable than anything in Anthropic’s 245-page technical document. Found this article interesting?

This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That’s according to a report published by Positive Technologies, which found the threat actors to be leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible servers. “Despite the fact that there are no exploits for this chain of vulnerability in public access, attackers from PhantomCore managed to conduct their research and reproduce vulnerabilities, which led to a large number of cases of its operation in Russian organizations,” researchers Daniil Grigoryan and Georgy Khandozhko said . PhantomCore , also called Fairy Trickster, Head Mare, Rainbow Hyena, and UNG0901, is the name assigned to a politically- and financially-motivated hacking crew that has been active since 2022 following the Russo-Ukrainian war.

Attacks mounted by the group are known to steal sensitive data and disrupt target networks, in some cases even deploying ransomware based on the leaked source code of Babuk and LockBit. “The group runs large-scale operations while maintaining strong stealth – remaining invisible in victim networks for extended periods – enabled by continual updates and evolution of in-house offensive tools,” the company noted back in September 2025. The TrueConf Server vulnerabilities exploited in the attacks are listed below - BDU:2025-10114 (CVSS score: 7.5) - An insufficient access control vulnerability that could allow an attacker to make requests to certain administrative endpoints (/admin/*) without authentication. BDU:2025-10115 (CVSS score: 7.5) - A vulnerability that could allow an attacker to read arbitrary files on the system.

BDU-2025-10116 (CVSS score: 9.8) - A command injection vulnerability that could allow an attacker to execute arbitrary operating system commands. Successful exploitation of the three vulnerabilities could permit an attacker to bypass authentication and gain access to the organization’s network. Although security patches to address the issues were released by TrueConf on August 27, 2025, the first attacks aimed at TrueConf servers were detected around mid-September 2025, per Positive Technologies. In the attacks observed by the Russian security vendor, the compromise of the TrueConf Server enabled the threat actors to use it as a springboard to move laterally across the internal network and drop malicious payloads to facilitate reconnaissance, defense evasion, and credential harvesting, as well as set up communication channels using tunneling utilities.

At least one such successful compromise is said to have led to the deployment of a PHP-based web shell that’s capable of uploading files to the infected host and executing remote commands, along with a PHP file that functions as a proxy server to disguise malicious requests as coming from a legitimate server. Some of the other tools delivered as part of the attack are as follows - PhantomPxPigeon , a malicious TrueConf video conferencing client that implements a reverse shell to connect to a remote server and receive tasks for subsequent execution, allowing it to run commands, launch executables, and allow traffic to be proxied through the aforementioned web shell PhantomSscp (DLL), MacTunnelRat (PowerShell), PhantomProxyLite (PowerShell), for establishing a foothold in a breached environment via a reverse SSH tunnel ADRecon, for reconnaissance Veeam-Get-Creds , a modified version of the PowerShell script to recover passwords related to the Veeam Backup & Replication software DumpIt and MemProcFS, for credential harvesting Windows Remote Management (WinRM) and Remote Desktop Protocol (RDP), for lateral movement within the network perimeter Velociraptor , for remote access microsocks , rsocx , and tsocks , for controlling compromised hosts from attacker-controlled infrastructure using a SOCKS proxy Select intrusions have utilized a DLL to create a rogue user named “TrueConf2” with administrative privileges on a compromised video conferencing server. PhantomCore’s attack chains have also been found to use phishing lures for initial access to Russian organizations as recently as January and February 2026, using crafted ZIP or RAR archives to distribute a backdoor that can run remote commands on the host and serve arbitrary payloads. “The PhantomCore group is one of the most active groups in the Russian threat landscape,” the researchers concluded.

“Its arsenal includes both publicly available tools (Velociraptor, Memprocfs, Dokan, DumpIt) and proprietary tools (MacTunnelRAT, PhantomSscp, PhantomProxyLite). The group targets government and private organizations across a wide range of industries.” “PhantomCore actively searches for vulnerabilities in domestic software, develops exploits, and thereby gains the ability to infiltrate a large number of Russian companies.” In recent months, industrial and aviation sectors in Russia have been targeted by phishing campaigns orchestrated by a financially motivated group named CapFIX to deploy a backdoor dubbed CapDoor that can run PowerShell commands, DLLs, and executables retrieved from a remote server, install MSI files, and take screenshots. The moniker CapFIX is a reference to the fact that CapDoor was first discovered in 2025, distributed using the ClickFix social engineering tactic. A deeper analysis of the threat actor’s campaigns in October and November 2025 has uncovered the threat actor’s use of ClickFix to deploy off-the-shelf malware families like AsyncRAT and SectopRAT .

“While the group previously relied on financially themed phishing emails (cryptocurrency and anything money-related), they are now increasingly masking their emails as official communications from government agencies,” Positive Technologies said . PhantomCore and CapFIX are among a growing list of threat activity clusters that have mounted attacks against Russian entities. Some of the other prominent groups include - Geo Likho , which has mainly targeted aviation and shipping sectors in Russia and Belarus since July 2024, using phishing attacks that deliver information-stealing malware. Isolated infections have also been detected in Germany, Serbia, and Hong Kong, and are suspected to be accidental.

Mythic Likho , which uses phishing lures via email to deliver loaders like HuLoader, Merlin (a Mythic agent ), or ReflectPulse that are designed to unpack the final payload, a backdoor called Loki that’s a Mythic-compatible version of an agent designed for the Havoc post-exploitation framework. Evidence has indicated that the group shares ties with another group known as ExCobalt , owing to the use of the latter’s proprietary rootkit, Megatsune. Paper Werewolf (aka GOFFEE), which has used a dedicated Telegram channel to distribute a trojan called EchoGather under the guise of a tool to add Starlink devices to an exception list, in addition to sharing links to phishing pages that are designed to harvest victims’ Telegram account credentials. The group has also been observed using a bogus website advertising a drone pilot simulator to drop EchoGather.

Versatile Werewolf (aka HeartlessSoul ), which has used a phony website (“stardebug[.]app”) to distribute a fake MSI installer for Star Debug, an alternative tool to manage Starlink devices, in order to deploy the Sliver post‑exploitation framework. Another website tied to the threat actor (“alphafly-drones[.]com”) has used rogue drone simulator apps to likely drop SoullessRAT, a Windows trojan that can run commands, upload files, capture screenshots, and execute binaries. Eagle Werewolf , a previously undocumented threat group that has compromised drone‑focused Telegram channels to distribute AquilaRAT via a Rust dropper that masquerades as a checklist for Starlink device activation. A Rust-based trojan, AquilaRAT, can perform file operations and run commands.

“Despite sharing a common goal and employing similar techniques, the clusters operated autonomously, showing no evidence of direct coordination,” Russian cybersecurity company BI.ZONE said . “In addition to malware distribution, Paper Werewolf hijacks Telegram accounts. The cluster likely uses them as trusted channels to support future attacks. Versatile Werewolf leverages generative AI to develop tools used in their attacks, accelerating the development process.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm . The cluster of 73 extensions has been identified as cloned versions of their legitimate counterparts. Of these, six have been confirmed to be malicious, with the remaining acting as seemingly harmless sleeper packages to get users to download them and build trust, before their true intent is manifested through a subsequent update. All the extensions were published at the start of the month, per application security company Socket, which is tracking the latest iteration under the moniker GlassWorm v2 .

In total, more than 320 artifacts have been identified since December 21, 2025. The list of extensions identified as malicious is below - outsidestormcommand.monochromator-theme keyacrosslaud.auto-loop-for-antigravity krundoven.ironplc-fast-hub boulderzitunnel.vscode-buddies cubedivervolt.html-code-validate winnerdomain17.version-lens-tool The cloned sleepers, besides typosquatting the names of the original packages (CEINTL.vscode-language-pack-tr vs. Emotionkyoseparate.turkish-language-pack), use the same icon and description as their corresponding legitimate versions in an attempt to fool unsuspecting developers and trick them into installing the extensions. This “visual trust” acts as an effective social engineering tactic to boost install counts organically before it’s poisoned to serve malware to the downstream users.

The disclosure comes as the threat actors behind the campaign are
actively evolving
their modus operandi, pivoting to sleeper packages and transitive dependencies to evade detection, while simultaneously using
Zig-based droppers
to deploy a secondary VSIX extension hosted on GitHub that can infect all integrated development environments (IDEs) on a developer’s machine. The extensions identified by Socket act as an innocuous loader for the actual payload, which is a VSIX extension that’s retrieved from GitHub and installed into every IDE identified in the system, including VS Code, Cursor, Windsurf, and VSCodium, using the “–install-extension” command. Irrespective of the method used,
the end goal is the same
run malware that avoids Russian systems, steal sensitive data, install a remote access trojan (RAT), and stealthily deploy a rogue Chromium-based extension to siphon credentials, bookmarks, and other information. “This approach achieves the same outcome as the binary-based variant, but keeps the delivery logic in obfuscated JavaScript,” the company said.

“The extension acts as a loader, while the payload is retrieved and executed after activation.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

99% of Mythos Findings Remain Unpatched. Defenders Are Building the Response

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers. According to a new report published by Infoblox, the operation is believed to have been active since at least June 2020, using methods like social engineering and back button hijacking in web browsers. As many as 35 phone numbers spanning 17 countries have been observed as part of the international revenue share fraud ( IRSF ) campaign. “The fake CAPTCHA has multiple steps, and each message crafted by the site is preconfigured with over a dozen phone numbers, meaning the victim isn’t charged for just a single message – they’re charged for sending SMSs to over 50 international destinations,” researchers David Brunsdon and Darby Wise said in an analysis.

“This type of scam also benefits from delayed billing, as the ‘international SMS’ charges often appear on the victim’s bill weeks later and the experience with the fake CAPTCHA has been long forgotten.” What makes the threat notable is the coming together of revenue share fraud and malicious traffic distribution systems ( TDSs ), with the activity using the infrastructure – traditionally responsible for routing traffic to malware or phishing pages though a redirection chain to evade detection – to conduct SMS scams at scale. IRSF schemes involve fraudsters illegally acquiring international premium rate numbers (IPRN) or number ranges and artificially inflating the volume of international calls or messages to those numbers to receive a share of the revenue generated from these calls from termination charges obtained by the number range holder for inbound traffic to the number ranges. In this context, a termination fee refers to the inter-carrier charges paid by an originating telecom operator to a terminating operator for completing a call on their network. It’s the exploitation of these “revenue sharing” agreements that drives IRSF, as the originating carrier ends up paying termination fees to the destination network for the incoming calls to the high-cost destinations, a portion of which is split with the fraudsters.

Infoblox said the observed campaign specifically registers phone numbers in countries with high termination fees or lax regulations, such as Azerbaijan, Kazakhstan, or certain premium-rate number ranges in Europe, and colludes with local telecom providers to pull off the scam. The entire campaign plays out like this: a user is redirected to a bogus web page using a commercial TDS, which serves a CAPTCHA that instructs them to send an SMS to “confirm you are human.”This, in turn, triggers a multi-stage “verification” chain, with each step triggering a separate SMS message to the server-designated numbers by programmatically launching the SMS apps on both Android and iOS devices with the phone numbers and message content pre-filled. In the process, as many as 60 SMS messages are sent to 15 unique numbers after four steps of CAPTCHA, which could end up costing a user $30. While it may be a relatively small amount, the DNS threat intelligence firm warned that they could quickly add up for the threat actor when carried out at scale.

The list of phone numbers spans 17 countries, such as Azerbaijan, the Netherlands, Belgium, Poland, Spain, and Turkey. The campaign heavily relies on cookies to track progression through the fake verification flow, using values stored in certain cookies (e.g., “successRate”) to determine the next course of action.If a user is deemed not suitable for the campaign, the page is designed to redirect them to an entirely different CAPTCHA page that’s likely part of a separate campaign or controlled by a different actor. Another novel strategy adopted by the scam operators is the use of back button hijacking, which relies on JavaScript to alter the browsing history such that any attempt made by the site visitor to navigate away from the CAPTCHA page by hitting the browser’s back button redirects the user back to the fake page, effectively trapping them in a navigation loop unless they opt to fully exit the browser. Redirection chain leading to a fake CAPTCHA page “This operation defrauds both individuals and telecommunication carriers simultaneously.

Individual victims face unexpected premium SMS charges on their bills and would have difficulty identifying and reporting the fraud when it originates from such an unexpected source,” Infoblox concluded. “Telecom carriers pay revenue share to the perpetrators while likely absorbing the losses from customer disputes or chargebacks.” How Threat Actors Abuse Keitaro TDS The disclosure comes as the company, in collaboration with Confiant , published a three-part analysis detailing how Keitaro TDS (aka Keitaro Tracker) is being abused, in some instances by acquiring stolen or cracked licenses (as in the case of TA2726 ), by a wide range of threat actors for malicious activities , including malware delivery, cryptocurrency theft, and investment scams that claim to employ artificial intelligence (AI) to automate trading and promise huge returns. The scam makes use of Facebook Ads to lure victims to the fraudulent AI‑powered platforms, in some cases even resorting to fabricating celebrity endorsements pushed via fake news articles and deepfake videos to promote the investment scheme. The use of synthetic videos has been attributed to a threat actor dubbed FaiKast.

“Keitaro is first and foremost a self-hosted advertising performance tracker designed to conditionally route visitors using flows,” the companies said . “Threat actors repurpose this mechanism, transforming a Keitaro server into an all-in-one tool that acts as a traffic distribution system, tracker, and cloaking layer.” Distribution of observed spam campaigns utilizing Keitaro In all, more than 120 distinct campaigns have abused Keitaro’s TDS for link delivery over a four-month period between October 2025 and January 2026. Infoblox noted that its customers recorded about 226,000 DNS queries spanning 13,500 domains associated with Keitaro‑related activity during the timeframe. Following responsible disclosure, Keitaro has stepped in to cancel over a dozen accounts linked to these activities.

“By combining an older but still highly effective investment fraud theme with modern AI technologies, actors have been able to launch large‑scale, highly convincing cyber campaigns,” Infoblox and Confiant said. “Approximately 96% of Keitaro‑linked spam traffic promoted cryptocurrency wallet‑drainer schemes, primarily via fake airdrop/giveaway lures centered on AURA, SOL (Solana token), Phantom (wallet), and Jupiter (DEX/aggregator).” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium enrichment centrifuges. According to a new report published by SentinelOne, the previously undocumented cyber sabotage framework dates back to 2005, primarily targeting high-precision calculation software to tamper with results. It has been codenamed fast16 . “By combining this payload with self-propagation mechanisms, the attackers aim to produce equivalent inaccurate calculations across an entire facility,” researchers Vitaly Kamluk and Juan Andrés Guerrero-Saade said in an exhaustive report published this week.

Fast16 is estimated to predate Stuxnet – the world’s first known digital weapon designed for disruptive actions – by at least five years. While Stuxnet is widely attributed to the U.S. and Israel and later served as the architectural foundation for the Duqu information-stealing rootkit, fast16 appears to have emerged much earlier. It also precedes the earliest known samples of Flame (aka Flamer and Skywiper), another sophisticated malware that was discovered in May 2012 incorporating a Lua virtual machine to realize its goals.

The discovery makes fast16 the first strain of Windows malware to embed a Lua engine. SentinelOne said it made the discovery after it identified an artifact named “ svcmgmt.exe “ that, at first blush, appeared to be a generic console‑mode service wrapper. The sample has a file creation timestamp of August 30, 2005, per VirusTotal, to which it was uploaded more than a decade later on October 8, 2016. However, a deeper investigation has revealed an embedded Lua 5.0 virtual machine and an encrypted bytecode container, along with various other modules that bind directly into Windows NT file system, registry, service control, and network APIs.

The implant’s core logic resides in the Lua bytecode, with the binary also referencing a kernel driver (“ fast16.sys “) via a PDB path – a file with a creation date of July 19, 2005 – that’s responsible for intercepting and modifying executable code as it’s read from disk. That said, it’s worth noting that the driver will not run on systems with Windows 7 or later. In what’s a finding that could give an indication of the tool’s origins, SentinelOne said it uncovered a reference to the string “fast16” in a text file called “drv_list.txt” that included a list of drivers designed for use in advanced persistent threat (APT) attacks. The nearly 250KB file was leaked by a mysterious hacking group nine years ago.

In 2016 and 2017, the collective – calling itself The Shadow Brokers – published vast troves of data allegedly stolen from the Equation Group , an advanced persistent threat group with suspected ties to the U.S. National Security Agency (NSA). This included a bevy of hacking tools and exploits under the nickname “Lost in Translation.” The text file was one of them. “The string inside svcmgmt.exe provided the key forensic link in this investigation,” SentinelOne said.

“The PDB path connects the 2017 leak of deconfliction signatures used by NSA operators with a multi-modal Lua‑powered ‘carrier’ module compiled in 2005, and ultimately its stealthy payload: a kernel driver designed for precision sabotage.” “Svcmgmt.exe” has been described as a “highly adaptable carrier module” that can alter its behavior based on the command-line arguments passed to it, enabling it to run as a Windows service or execute Lua code. It comes with three distinct payloads: Lua bytecode to handle configuration and propagation and coordination logic, an auxiliary ConnotifyDLL (“ svcmgmt.dll “), and the “fast16.sys” kernel driver. Specifically, it’s designed to parse the configuration, escalate itself as a service, optionally deploy the kernel implant, and launch a Service Control Manager ( SCM ) wormlet that scans for network servers and propagates the malware to other Windows 2000/XP environments with weak or default credentials. An important aspect worth mentioning here is that the propagation only occurs when it’s manually forced, or common security products aren’t found on the system by scanning the Windows Registry database for associated registry keys.

Some of the security tools it explicitly checks belong to Agnitum, F-Secure, Kaspersky, McAfee, Microsoft, Symantec, Sygate Technologies, and Trend Micro. The presence of Sygate Technologies is another indicator that the sample was developed in the mid-2000s, as the company was acquired by Symantec (now part of Broadcom) in August 2005, and sales and support for its products were formally discontinued by November. “For tooling of this age, that level of environmental awareness is notable,” SentinelOne said. “While the list of products may not seem comprehensive, it likely reflects the products the operators expected to be present in their target networks whose detection technology would threaten the stealthiness of a covert operation.” The ConnotifyDLL, on the other hand, is invoked each time the system establishes a new network connection using the Remote Access Service ( RAS ), and writes the remote and local connection names to a named pipe (“\.\pipe\p577”).

However, it’s the driver that’s responsible for the precision sabotage, targeting executables compiled with the Intel C/C++ compiler to perform rule-based patching and hijack execution flow through malicious code injections. One such block is capable of corrupting mathematical calculations, specifically going after tools used in civil engineering, physics, and physical process simulations. “By introducing small but systematic errors into physical‑world calculations, the framework could undermine or slow scientific research programs, degrade engineered systems over time, or even contribute to catastrophic damage,” SentinelOne explained. “By separating a relatively stable execution wrapper from encrypted, task-specific payloads, the developers created a reusable, compartmentalized framework that they could adapt to different target environments and operational objectives while leaving the outer carrier binary largely unchanged across campaigns.” Based on an analysis of the 101 rules defined in the patching engine and matching them against software used in the mid-2000s, it’s assessed that three high-precision engineering and simulation suites may have been the targets: LS-DYNA 970, PKPM, and the MOHID hydrodynamic modeling platform.

LS-DYNA , now part of the Ansys Suite, is a general-purpose multi physics simulation software package that’s used for simulating crashes, impacts, and explosions. In September 2024, the Institute for Science and International Security (ISIS) released a report detailing Iran’s likely use of computer modeling software like LS-DYNA related to nuclear weapons development based on an examination of 157 academic publications found in open-source scientific and engineering literature. This chain of evidence assumes significance considering Iran’s nuclear program is said to have suffered substantial damage after its uranium enrichment facility in Natanz was targeted by the Stuxnet worm in June 2010. What’s more, Symantec revealed in February 2013 an earlier version of Stuxnet that was used to attack Iran’s nuclear program in November 2007, with evidence indicating it was under development as early as November 2005.

“Stuxnet 0.5 is the oldest known Stuxnet version to be analyzed,” Symantec noted at the time. “Stuxnet 0.5 contains an alternative attack strategy, closing valves within the uranium enrichment facility at Natanz, Iran, which would have caused serious damage to the centrifuges and uranium enrichment system as a whole.” Taken together, the latest finding “forces a re‑evaluation” of the historical timeline of development for clandestine cyber sabotage operations, SentinelOne said, adding it shows state-backed cyber sabotage tooling against physical targets had been fully developed and deployed by the mid‑2000s. “In the broader picture of APT evolution, fast16 bridges the gap between early, largely invisible development programs and later, more widely documented Lua‑ and LuaJIT‑based toolkits ,” the researchers concluded. “It is a reference point for understanding how advanced actors think about long‑term implants, sabotage, and a state’s ability to reshape the physical world through software.

fast16 was the silent harbinger of a new form of statecraft, successful in its covertness until today.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2024-57726 (CVSS score: 9.9) - A missing authorization vulnerability in SimpleHelp that could allow low-privileged technicians to create API keys with excessive permissions, which can then be used to escalate privileges to the server admin role. CVE-2024-57728 (CVSS score: 7.2) - A path traversal vulnerability in SimpleHelp that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e., zip slip), which can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.

CVE-2024-7399 (CVSS score: 8.8) - A path traversal vulnerability in Samsung MagicINFO 9 Server that could allow an attacker to write arbitrary files as system authority. CVE-2025-29635 (CVSS score: 7.5) - A command injection vulnerability in end-of-life D-Link DIR-823X series routers that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. While both the SimpleHelp flaws have been marked as “Unknown” against the “Known To Be Used in Ransomware Campaigns?” indicator in the KEV catalog, reports from Field Effect and Sophos revealed early last year that the issues were exploited as a precursor to ransomware attacks. One such campaign was attributed to the DragonForce ransomware operation.

The exploitation of CVE-2024-7399 has been linked to malicious activity deploying the Mirai botnet in the past. As for CVE-2025-29635, Akamai disclosed earlier this week that it recorded attempts against D-Link devices to deliver a Mirai botnet variant named “tuxnokill.” To mitigate the active threats, Federal Civilian Executive Branch (FCEB) agencies are recommended to apply the fixes or, in the case of CVE-2025-29635, discontinue the use of the appliance by May 8, 2026. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with a new malware called FIRESTARTER . FIRESTARTER, per CISA and the U.K.’s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access and control. It’s believed to be deployed as part of a “widespread” campaign orchestrated by an advanced persistent threat (APT) actor to obtain access to Cisco Adaptive Security Appliance (ASA) firmware by exploiting now-patched security flaws such as - CVE-2025-20333 (CVSS score: 9.9) - An improper validation of user-supplied input vulnerability that could allow an authenticated, remote attacker with valid VPN user credentials to execute arbitrary code as root on an affected device by sending crafted HTTP requests.

CVE-2025-20362 (CVSS score: 6.5) - An improper validation of user-supplied input vulnerability that could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication by sending crafted HTTP requests. “FIRESTARTER can persist as an active threat on Cisco devices running ASA or Firepower Threat Defense (FTD) software, maintaining post-patching persistence and enabling threat actors to re-access compromised devices without re-exploiting vulnerabilities,” the agencies said. In the investigated incident, the threat actors have been found to deploy a post-exploitation toolkit called LINE VIPER that can execute CLI commands, perform packet captures, bypass VPN Authentication, Authorization, and Accounting (AAA) for actor devices, suppress syslog messages, harvest user CLI commands, and force a delayed reboot. The elevated access afforded by LINE VIPER served as a conduit for FIRESTARTER, which was deployed on the Firepower device before September 25, 2025, allowing the threat actors to maintain continued access and return to the compromised appliance as recently as last month.

A Linux ELF binary, FIRESTARTER can set up persistence on the device, and survive firmware updates and device reboots unless a hard power cycle occurs. The malware lodges itself into the device’s boot sequence by manipulating a startup mount list, ensuring it automatically reactivates every time the device reboots normally. The resilience aside, it also shares some level of overlap with a previously documented bootkit referred to as RayInitiator. “FIRESTARTER attempts to install a hook – a way to intercept and modify normal operations – within LINA, the device’s core engine for network processing and security functions,” according to the advisory.

“This hook enables the execution of arbitrary shell code provided by the APT actors, including the deployment of LINE VIPER.” “Although Cisco’s patches addressed CVE-2025-20333 and CVE-2025-20362, devices compromised prior to patching may remain vulnerable because FIRESTARTER is not removed by firmware updates.” Cisco, which is tracking the exploitation activity associated with the two vulnerabilities under the moniker UAT4356 (aka Storm-1849), described FIRESTARTER as a backdoor that facilitates the execution of arbitrary shellcode received by the LINA process by parsing specially crafted WebVPN authentication requests containing a “magic packet.” The exact origins of the threat activity are not known, although an analysis from attack surface management platform Censys in May 2024 suggested links to China. UAT4356 was first attributed to a campaign called ArcaneDoor that exploited two zero-day flaws in Cisco networking gear to deliver bespoke malware capable of capturing network traffic and reconnaissance. “To fully remove the persistence mechanism, Cisco strongly recommends reimaging and upgrading the device using the fixed releases,” Cisco said . “In cases of confirmed compromise on any Cisco Secure ASA or FTD platforms, all configuration elements of the device should be considered untrusted.” As mitigations until reimaging can be performed, the company is recommending that customers perform a cold restart to remove the FIRESTARTER implant.

“The shutdown, reboot, and reload CLI commands will not clear the malicious persistent implant, the power cord must be pulled out and plugged back in the device,” it added. Chinese Hackers Shift From Individually Procured Infrastructure to Covert Networks The disclosure comes as the U.S., the U.K., and various international partners released a joint advisory about large-scale networks of compromised SOHO routers and IoT devices commandeered by China-nexus threat actors to disguise their espionage attacks and complicate attribution efforts. State-sponsored groups like Volt Typhoon and Flax Typhoon have been using these botnets, consisting of home routers, security cameras, video recorders, and other IoT devices, to target critical infrastructure sectors and conduct cyber espionage in a “low-cost, low-risk, deniable way,” per the alert. Complicating matters further is the fact that the networks are constantly updated, not to mention multiple China-affiliated threat groups might use the same botnet at the same time, making it challenging for defenders to identify and block them using static IP blocklists.

“Covert networks mostly consist of compromised SOHO routers, but they also pull in any vulnerable device they can exploit at scale,” the agencies said. “Their traffic will be forwarded through multiple compromised devices, used as traversal nodes, before exiting the network from an exit node, usually in the same geographic region as the target.” The findings underscore a common pattern seen in state-sponsored attacks: the targeting of network perimeter devices belonging to residential, enterprise, and government networks with an aim to either turn them into a proxy node or intercept sensitive data and communications. Sergey Shykevich, group manager of threat intelligence at Check Point Software, said in a statement that China-nexus activity in 2025 leveraged edge and perimeter infrastructure as a primary means for obtaining footholdowing to the fact that they are stationed outside endpoint and identity security controls, are infrequently patched, and offer a persistent, low-visibility foothold into compromised environments. “Our own investigations into China-nexus activity in 2026 – including Silver Dragon , which targets government organizations in Europe and Southeast Asia, and Operation TrueChaos , which abused a trusted software update channel to deliver malware across government networks – both reflect the same underlying logic: use legitimate infrastructure and trusted channels to make malicious activity invisible,” Shykevich added.

“The advisory’s finding that multiple actor groups are running these networks in parallel, and in some cases sharing them, reflects a level of operational scale and maturity that should concern any organization operating critical infrastructure or government systems. The answer cannot be detection alone. By the time malicious traffic is identified inside a compromised network device, the attacker has often been present for weeks or months. Prevention has to extend to every point in the connectivity fabric, including the infrastructure that is easiest to overlook.” (The story was updated after publication to include insights from Check Point Software.) Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities, universities, and private companies, in violation of export control laws. “For years, NASA employees and research collaborators thought they were simply sharing software with colleagues,” the OIG said in a Thursday release.

“Instead, they were emailing sensitive defense technology to a Chinese national who was impersonating U.S. engineers.” The individual linked to the campaign was outed as Chinese national Song Wu in September 2024, when the U.S. Department of Justice (DoJ) announced charges against him for orchestrating a multi-year phishing scheme that stretched from January 2017 to December 2021 and involved targeting dozens of U.S. professors, researchers, and engineers.

Some of the victims of the campaign were employed at NASA, the Air Force, the Navy, the Army, and the Federal Aviation Administration, while the others worked at major universities and private sector firms. According to the 2024 indictment, Song was an engineer at the Aviation Industry Corporation of China (AVIC), a Chinese state-owned aerospace and defense conglomerate founded in 2008. In an attempt to obtain modeling software used for aerospace design and weapons development, Song and his co-conspirators are alleged to have conducted extensive research on their targets by masquerading as friends and colleagues to gain access to proprietary software and source code. The OIG said the scheme was successful in a handful of cases where victims shared the sensitive information with the imposter accounts managed by Song et al without realizing they were violating U.S.

export control laws. Song has been indicted on counts of wire fraud and 14 counts of aggravated identity theft, and faces a maximum sentence of 20 years in prison for each count of wire fraud. He also faces a two-year consecutive sentence if convicted of aggravated identity theft. The 40-year-old remains at large.

Adding Song to the U.S. Most Wanted List, the U.S. Federal Bureau of Investigation (FBI) said the specialized software could be used for industrial and military applications, including the development of advanced tactical missiles and aerodynamic design and assessment of weapons. “As phishing campaigns continue to become more sophisticated, there are common clues that can betray scammers and expose their export fraud schemes,” the OIG said.

“In Song’s case, he made multiple requests for the same software and did not justify why he needed it.” “Export control scammers also often suggest unusual payment methods (such as suspicious wire transfers); abruptly change the terms or source of payment; and use unconventional transfer methods to mask their identity and evade shipping restrictions.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine

The AI Agent Authority Gap - From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly. The issue is not simply that agents are new actors. It is that agents are delegated actors. They do not emerge with independent authority.

They are triggered, invoked, provisioned, or empowered by existing enterprise identities: human users, machine identities, bots, service accounts, and other non-human actors. That makes Agent-AI fundamentally different from both people and software, while still being inseparable from both. This is why the AI Agent Authority Gap is really a delegation gap. Enterprises are trying to govern an emerging actor without first governing the identities that delegate authority to it.

Traditional IAM was built to answer a narrower question: who has access. But once AI agents are introduced, the real question becomes: what authority is being delegated, by whom, under what conditions, for what purpose, and across what scope? First Things First: Governing the Delegation Chain Before Agent AI The crucial point is sequencing. An enterprise cannot safely govern Agent-AI unless it first governs, as much as possible, the traditional actors that serve as its delegation source.

Human identities and traditional machine identities are already fragmented across applications, APIs, embedded credentials, unmanaged service accounts, and application-specific identity logic. This is the identity dark matter Orchid describes: authority that exists, operates, and often accumulates risk outside the view of managed IAM. If that dark matter remains unobserved, then the agent inherits an already broken authority model. The result is predictable: the agent becomes an efficient amplifier of hidden access, hidden permissions, and hidden execution paths.

So the bridge to safe Agent-AI adoption is not to start with the agent in isolation. It is first to reduce identity dark matter across the traditional actor estate, so it won’t be delegated or abused for the sake of efficiency. That means illuminating all human and traditional machine identities across the application environment, understanding how they authenticate, where credentials are embedded, how workflows actually execute, and where unmanaged authority sits. Orchid’s continuous observability model is the essential foundation for safe Agent AI implementation because it establishes a verified baseline of real identity behavior across managed and unmanaged environments, rather than relying on incomplete static policy assumptions.

From Observability to Authority: Dynamic Governance for Agent AI Once that traditional actor layer is observed, analyzed, and optimized, that output becomes the input for a real-time Agent-AI Delegation Authority layer.This is where Orchid’s model becomes more powerful than conventional IAM. Its telemetry is not just visibility or insight. It becomes a continuous feed into an authority engine that evaluates the authority profile of the delegator, the context of the target application, the intent behind the requested action, and the effective scope of execution. In other words, the agent should not be governed only by its own nominal permissions.

It should be governed continuously by the posture and intent of the actor delegating authority to it, plus the context of what the agent is trying to do. That creates a much stronger model for control. Think about it. A human delegator with weak posture, risky behavior, or excessive hidden access should not yield the same Agent-AI authority as a tightly governed delegator operating in a constrained workflow.

Likewise, a machine or service account with broad but poorly understood access should not be allowed to trigger an agent with unconstrained downstream actionability. Orchid’s role in this model is to continuously assess the delegator, the delegated actor, and the application path between them, then enforce authority accordingly. That is what turns observability into governance. This is also why the destination state is not just better individual auditing of human, machine, and agent AI actors.

It is dynamic sequential delegation control. Orchid can map each agent identity to the applications it touches, the workflows it can invoke, the intent patterns it exhibits, and the scope of its intended actions. It can then use the live observability feed to determine, in real time, whether that agent should be allowed to act, allowed only to recommend, constrained to a limited tool set, or stopped entirely. That is the ultimate meaning of closing the authority gap: not just knowing what an agent can access, but continuously determining what it is allowed to decide and execute at machine speed.

Closing Reminders AI agents are not just a new identity type. They are a delegated identity type. Their authority originates from traditional enterprise actors: humans, bots, service accounts, and machine identities. That means the problem of Agent-AI governance does not begin with the agent.

It begins with the delegation source. If enterprises cannot observe and govern the human and traditional machine identities that trigger agent actions, then they cannot safely govern the agent either. Orchid’s model makes that sequencing explicit: first reduce identity dark matter across the traditional actor estate, then use continuous observability, analysis, and audit of those delegators as the live input into a real-time Agent-AI Delegation Authority layer. In that model, the agent is governed not only by its nominal permissions but by the posture, intent, context, and scope of the actor delegating authority to it.

That is the missing bridge between traditional IAM and safe Agent-AI adoption. Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases

Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025. “Once launched, these apps redirect users to browser pages designed to look similar to the App Store and distribute trojanized versions of legitimate wallets,” Kaspersky researcher Sergey Puzan said . “The infected apps are specifically engineered to hijack recovery phrases and private keys.” The 26 apps, collectively dubbed FakeWallet , mimic various popular wallets like Bitpie, Coinbase, imToken, Ledger, MetaMask, TokenPocket, and Trust Wallet. Many of these apps have since been taken down by Apple following disclosure.

There is no evidence that these apps were distributed via the Google Play Store. While malicious cryptocurrency wallets distributed in the past via bogus websites have abused iOS provisioning profiles to get users to install them, the latest crypto-theft scheme is an improvement in several ways. For starters, the apps are directly available for download from Apple’s App Store if a user has their Apple account set to China. These apps have icons that mirror the original but have intentional typos in their names (e.g., LeddgerNew) so as to trick unsuspecting users into downloading them.

In some cases, the app names and icons have no connection to cryptocurrency. Instead, they are used as placeholders to direct users to download the official wallet app through them, claiming they are “unavailable in the App Store” due to regulatory reasons. Kaspersky said it also identified several similar apps likely linked to the same threat actor that do not have the malicious features enabled, but have been found to mimic a benign service, such as a game, a calculator, or a task planner. Once launched, these apps open a link on the web browser and leverage enterprise provisioning profiles to install the wallet app on the victim’s device.

“The attackers have churned out a wide variety of malicious modules, each tailored to a specific wallet,” Puzan said. “In most cases, the malware is delivered via a malicious library injection, though we’ve also come across builds where the app’s original source code was modified.” The end goal of these infections is to look for mnemonic phrases from both hot and cold wallets, and exfiltrate them to an external server, allowing the operators to seize control of victims’ wallets and drain cryptocurrency assets or initiate fraudulent transactions. The seed phrases are captured either by hooking the code that’s responsible for the screen where the user enters their recovery phrase or serving a phishing page that instructs the victim to enter their mnemonics as part of a supposed verification step. It’s suspected the campaign could be the work of threat actors linked to the SparkKitty trojan campaign last year, given that some of the infected apps also come with a module to steal wallet recovery phrases using optical character recognition (OCR), and that both the campaigns appear to be the work of native Chinese speakers and specifically target cryptocurrency assets.

“The FakeWallet campaign is gaining momentum by employing new tactics, ranging from delivering payloads via phishing apps published in the App Store to embedding themselves into cold wallet apps and using sophisticated phishing notifications to trick users into revealing their mnemonics,” Kaspersky said. MiningDropper Android Malware Framework Emerges The discovery comes as Cyble sheds light on a sophisticated Android malware delivery framework known as MiningDropper (aka BeatBanker) that combines cryptocurrency mining with information theft, remote access, and banking malware in attacks targeting users in India, as well as in Latin America, Europe, and Asia as part of a BTMOB RAT campaign. MiningDropper has been distributed via a trojanized version of the open-source Android application project Lumolight , with the campaigns using fake websites impersonating banking institutions and regional transport offices to propagate the malware. Once launched, it activates a multi-stage sequence to extract the miner and the trojan payloads from an encrypted assets archive present within the package.

“MiningDropper employs a multi-stage payload delivery architecture that combines XOR-based native obfuscation, AES-encrypted payload staging, dynamic DEX loading, and anti-emulation techniques,” Cyble said . “MiningDropper employs a multi-stage payload delivery architecture that combines XOR-based native obfuscation, AES-encrypted payload staging, dynamic DEX loading, and anti-emulation techniques.” “MiningDropper demonstrates a layered, modular Android malware architecture designed to make static analysis difficult while giving threat actors flexibility in final payload delivery. This design allows the threat actor to reuse the same distribution and installation framework across hundreds of samples while adapting the final monetization objective to operational needs.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.