2026-05-08 AI创业新闻
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. It allows “a remotely authenticated user with administrative access to achieve remote code execution,” Ivanti said in an advisory released today. “We are aware of a very limited number of customers exploited with CVE-2026-6973.
Successful exploitation requires Admin authentication. If customers followed Ivanti’s recommendation in January to rotate credentials if you were exploited with CVE-2026-1281 and CVE-2026-1340 , then your risk of exploitation from CVE-2026-6973 is significantly reduced.” It’s currently not known who is behind the exploitation efforts, if any of those attacks were successful, and what the end goals of the attacks were. The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the flaw to its Known Exploited Vulnerabilities ( KEV ) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by May 10, 2026.
Also patched by Ivanti in EPMM are four other flaws - CVE-2026-5786 (CVSS score: 8.8) - An improper access control vulnerability that allows a remote authenticated attacker to gain administrative access. CVE-2026-5787 (CVSS score: 8.9) - An improper certificate validation vulnerability that allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-signed client certificates. CVE-2026-5788 (CVSS score: 7.0) - An improper access control vulnerability that allows a remote unauthenticated attacker to invoke arbitrary methods. CVE-2026-7821 (CVSS score: 7.4) - An improper certificate validation vulnerability that allows a remote unauthenticated attacker to enroll a device belonging to a restricted set of unenrolled devices, leading to information disclosure about the EPMM appliance and impacting the integrity of the newly enrolled device identity.
“The issues only affect the on-prem EPMM product, and are not present in Ivanti Neurons for MDM, Ivanti’s cloud-based unified endpoint management solution, Ivanti EPM (a similarly named, but different product), Ivanti Sentry, or any other Ivanti products,” the company said . Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. “The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting to spread to additional hosts,” SentinelOne security researcher Alex Delamotte said in a report published today. PCPJack is specifically designed to target cloud services like Docker, Kubernetes, Redis, MongoDB, RayML, and vulnerable web applications, allowing the operators to spread in a worm-like fashion, aswell as move laterally within the compromised networks. It’s assessed that the end goal of the cloud attack campaign is to generate illicit revenue for the threat actors through credential theft, fraud, spam, extortion, or resale of stolen access.
The What makes this activity notable is that it shares significant targeting overlaps with TeamPCP , a threat actor that rose to prominence late last year by exploiting known security vulnerabilities (e.g., React2Shell ) and misconfigurations in cloud services to enlist the endpoints in an ever-expanding network for conducting data theft and other post-exploitation actions. At the same time, PCPJack lacks a cryptocurrency mining component, unlike TeamPCP. While it’s not known why this obvious monetization strategy was not adopted, the similarities between the two clusters indicate that PCPJack could be the work of a former member of TeamPCP who is familiar with the group’s tradecraft. The starting point of the attack is a bootstrap shell script that’s used to prepare the environment – such as configuring the payload host – and download next-stage tooling, while simultaneously taking steps to infect its own infrastructure, terminate and remove processes or artifacts that are associated with TeamPCP, install Python, establish persistence, download six Python scripts, launch the orchestration script, and remove itself.
The six Python payloads are as follows - worm.py (written to disk as monitor.py), the main orchestrator that launches the purpose-built modules, conducts local credential theft, propagates the toolset to other hosts by exploiting known flaws ( CVE-2025-55182 , CVE-2025-29927 , CVE-2026-1357 , CVE-2025-9501 , and CVE-2025-48703 ), and uses Telegram for command-and-control (C2) parser.py (utils.py), to handle credential extraction to categorize stolen keys and secrets lateral.py (_lat.py), to facilitate reconnaissance, harvest secrets, and enable lateral movement across SSH, Kubernetes, Docker, Redis, RayML, and MongoDB services crypto_util.py (_cu.py), to encrypt credentials before exfiltration to the attacker’s Telegram channel cloud_ranges.py (_cr.py), to collect IP address ranges assigned to Amazon Web Services (AWS), Google Cloud, Microsoft Azure, Cloudflare, Cloudfront, and Fastly, and refresh the data every 24 hours cloud_scan.py (_csc.py), to run cloud port scanning for external propagation via Docker, Kubernetes, MongoDB, RayML, or Redis services Propagation targets for the orchestrator script come from parquet files that the worm pulls directly from Common Crawl, a non-profit that crawls the web and provides its archives and datasets to the public at no extra cost. “When exfiltrating system information and credentials, the PCPJack operator even collects success metrics on whether TeamPCP has been evicted from targeted environments in a ‘PCP replaced’ field sent to the C2,” Delamotte said. This “implies a direct focus on the threat actor’s activities rather than pure cloud attack opportunism.” Further analysis of the threat actor’s infrastructure has uncovered another shell script (“check.sh”) that detects the CPU architecture and fetches the appropriate Sliver binary. It also scans Instance Metadata Service (IMDS) endpoints, Kubernetes service accounts, and Docker instances for credentials associated with Anthropic, Digital Ocean, Discord, Google API, Grafana Cloud, HashiCorp Vault, OnePassword, and OpenAI, and transmits them to an external server.
“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior,” SentinelOne said. “This campaign does not [deploy miners], and it deliberately removes the miner functions associated with TeamPCP. Despite that, this actor has well-defined scopes for extracting cryptocurrency credentials.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches
The hardest part of cybersecurity isn’t the technology, it’s the people. Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one “Patient Zero” infection. In 2026, hackers are using AI to make these “first clicks” nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down the whole company?
Register for the Webinar: The Patient Zero Playbook What is “Patient Zero”? In medicine, Patient Zero is the first person to carry a disease into a population. In cybersecurity, it’s the first device an attacker hits. Once they are “in,” they don’t stay there—they move fast to find your data, your passwords, and your backups.
What You Will Learn Thisisn’t a boring lecture. It is a technical deep dive into how modern breaches start and how to kill them instantly. We are covering: The AI Phish: How attackers use generative AI to bypass your current filters. The 5-Minute Window: Why the first few minutes of an infection determine if you’ll be in the news tomorrow.
Zero Trust in Action: How to isolate an infected device so the “virus” has nowhere to go. The Recovery Blueprint: What to do the second you realize you have a Patient Zero. Why You Can’t Miss This Most security tools are great at finding “known” viruses. But they struggle with stealthy, custom-made attacks designed specifically for your company.
This webinar shows you how to build a defense that assumes someone will click a bad link—and ensures that click doesn’t cost you millions. Secure Your Spot – Register Now ➜ Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker to execute arbitrary code with root privileges by sending specially crafted packets. While fixes are expected to be released starting May 13, 2026, customers are advised to secure access to the PAN-OS User-ID Authentication Portal by restricting access to trusted zones, or by disabling it entirely if it’s not used. As additional mitigation, the company is recommending that organizations disable Response Pages in the Interface Management Profile for any L3 interface where untrusted or internet traffic can ingress.
Customers with Advanced Threat Prevention can also block exploitation attempts by enabling Threat ID 510019 from Applications and Threats content version 9097-10022. In an advisory issued Wednesday, the network security company said it’s aware of limited exploitation of the flaw. It’s tracking the activity under the CL-STA-1132 , a suspected state-sponsored threat cluster of unknown provenance. “The attacker behind this activity exploited CVE-2026-0300 to achieve unauthenticated remote code execution (RCE) in PAN-OS software.
Upon successful exploitation, the attacker was able to inject shellcode into an nginx worker process,” Palo Alto Networks Unit 42 said . The cybersecurity company said it has observed unsuccessful exploitation attempts against a PAN-OS device starting April 9, 2026, a week after which the attackers managed to successfully obtain remote code execution against the appliance and inject shellcode. As soon as initial access was achieved, the threat actors took steps to clear crash kernel messages, delete nginx crash entries and nginx crash records, and remove crash core dump files in an attempt to cover up the tracks. Post-exploitation activities conducted by the adversary included conducting Active Directory (AD) enumeration and dropping additional payloads like EarthWorm and ReverseSocks5 against a second device on April 29, 2026.
Both tools have been previously used by various China-nexus hacking groups. “Over the last five years, nation-state threat actors engaged in cyber espionage have increasingly focused their efforts on edge-network technological assets, including firewalls, routers, IoT devices, hypervisors and various VPN solutions, which provide high-privilege access while often lacking the robust logging and security agents found on standard endpoints,” Unit 42 said. “The reliance of the attackers behind CL-STA-1132 on open-source tooling, rather than proprietary malware, minimized signature-based detection and facilitated seamless environment integration. This technical choice, combined with a disciplined operational cadence of intermittent interactive sessions over a multi-week period, intentionally remained below the behavioral thresholds of most automated alerting systems.” Found this article interesting?
Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
Bad week. Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like some tired guy with a Telegram account and too much free time.
The worst part is how often this stuff still works. Meanwhile, AI tools are speeding up exploit hunting, browsers are keeping passwords sitting in memory for “performance reasons,” and even ransomware crews are pushing broken builds into the wild. Everybody’s scrambling to patch faster because attackers are automating faster. Anyway.
ThreatsDay’s rough this week. Let’s get into it. Credential theft campaign New MicroStealer Spotted A new stealer called MicroStealer has been observed targeting education and telecom sectors to steal sensitive data. It was first observed in the wild in December 2025.
“It specializes in stealing browser credentials, active session data, screenshots, cryptocurrency wallets, and system information,” ANY.RUN said . “It spreads quickly with low detection rates thanks to a sophisticated multi-stage delivery chain and exfiltrates data via Discord webhooks and attacker-controlled servers.” Location data crackdown FTC and Kochava Announce Settlement The Federal Trade Commission (FTC) and location data broker Kochava said they agreed to a settlement in which the company and its subsidiary Collective Data Solutions would be blocked from selling, sharing, or disclosing sensitive location data without consumers’ explicit consent. The company was found to be illegally obtaining and selling consumers’ yearly incomes, mobile device IDs, app usage, and nearly real-time geolocation data within 10 meters without their consent or awareness. While the proposed order does not impose a fine on Kochava, the company is required to establish a data retention schedule that will mandate consumers’ data be deleted in a predetermined time frame.
Quantum-safe email upgrade Proton Adds PQC Support in Proton Mail Proton has added support for post-quantum encryption as an optional feature in Proton Mail. “Once enabled, Proton Mail can generate and use post-quantum-ready keys for new encrypted emails to protect your personal messages and business communications against today’s threats and a future where current public-key cryptography may no longer be enough,” the Swiss privacy-focused company said . “Enabling PQC helps protect new encrypted emails going forward. It does not retroactively re-encrypt the emails already in your mailbox, for now.” Supply chain hardening pnpm 11 Rolls Out New Security Measures to Tackle Supply Chain Attacks pnpm 11 has been released with new supply chain protections in place, including defaulting the minimum release age to 24 hours to reduce the risk of installing compromised packages and blocking exotic sub-dependencies that resolve from non-standard sources, such as Git repositories or direct tarball URLs.
“Newly published package versions are not resolved until they are at least one day old. Teams can opt out by setting minimumReleaseAge: 0, but pnpm’s default posture now favors a built-in waiting period before fresh package releases enter installs,” Socket said . With most package compromise campaigns relying on automated installs to expand their reach, the new effort aims to reduce the risk of packages getting installed immediately after publication. AI age verification push Meta Plans to Use AI to Strengthen Underage Enforcement Meta said it’s deploying artificial intelligence (AI) tools to bolster its underage enforcement measures and remove people under 13 from its services like Facebook and Instagram.
Acknowledging that “knowing someone’s age online is a complex, industry-wide challenge,” the company said it’s using AI to analyze profiles for contextual clues, as well as scan photos and videos for physical cues to assess whether a user is under 13 on Instagram and Facebook. “We want to be clear: this is not facial recognition. Our AI looks at general themes and visual cues, for example, height or bone structure, to estimate someone’s general age; it does not identify the specific person in the image,” Meta said . “By combining these visual insights with our analysis of text and interactions, we can significantly increase the number of underage accounts we identify and remove.” North Korea-linked cybercrime case South Korean Court Upholds Jail Term for Man Who Hired N.
Korean Hacker South Korea’s highest court has upheld the one-year prison term for a man , identified as Oh Dae-hyun, who hired an unnamed North Korean cybercriminal to conduct attacks against rival game servers in exchange for a payment of more than $16,300 between October 2014 and March 2015. Per details revealed by NK News last November, the defendant operated an illegal online game server for Lineage and sought access to a file that would allow him to bypass the game’s security system and enable users to play the game at a lower cost. To obtain the file, the defendant is said to have communicated with a North Korean cyber actor via the Chinese messaging app QQ. The court also found Oh recruiting the same North Korean national to conduct distributed denial-of-service (DDoS) attacks on rival gaming servers.
Per court documents, the North Korean national is a head of the development team at a trading company under the Workers’ Party of Korea. The company is also believed to have been involved in the creation and sale of DDoS attack programs and cyberterrorism tools to generate revenue for Pyongyang. Critical ICS security flaws Vulnerabilities in Eclipse BaSyx V2 Two security vulnerabilities have been disclosed in Eclipse BaSyx V2 that pose a severe risk to industrial environments. The vulnerabilities in question are CVE-2026-7411 (CVSS score: 10.0), an unauthenticated path traversal flaw that could be exploited to write arbitrary files, leading to code execution, and CVE-2026-7412 (CVSS score: 8.6), a blind SSRF flaw that forces the BaSyx server to act as a proxy and execute HTTP POST requests to arbitrary internal or external targets.
The issues have been patched in version 2.0.0-milestone-10. “By chaining or utilizing these flaws, an external attacker can completely bypass network segmentation,” Mohamed Lemine Ahmed Jidou, security researcher and founder of AegisSec, told The Hacker News. “The compromised Digital Twin server can be weaponized to pivot internally and send unauthorized commands directly to isolated Programmable Logic Controllers (PLCs) and industrial sensors, posing a direct threat to physical manufacturing lines.” Critical MOVEit exposure <100 Exposed MOVEit Automation Instances Found Attack surface management platform Censys said it has observed less than 100 exposed MOVEit Automation web admin interfaces globally, with nearly two-thirds of hosts located in the U.S. The development comes in the aftermath of CVE-2026-4670 (CVSS score: 9.8), a critical authentication bypass flaw in MOVEit Automation that could potentially result in CVE-2026-4670 is a critical authentication bypass vulnerability in MOVEit Automation that could result in unauthorized access, administrative control, and data exposure.
Broken ransomware encryption VECT 2.0 Encryptor Weaknesses A new analysis of VECT 2.0 ransomware binaries has uncovered multiple critical flaws in both full and intermittent encryption modes, making data recovery impossible even if a ransom payment is made. “VECT’s FULL encryptor contains an insufficient memory allocation flaw that restricts successful encryption to files 32 KB or smaller,” Halcyon said . “VECT’s intermittent mode discards the nonces for all encrypted segments except the final one, retaining only the last 12-byte nonce in the file footer. The decryption algorithm requires the unique nonce for each segment, all segments preceding the final block are cryptographically unrecoverable by the victim and the attacker alike.” What’s more, a race condition vulnerability exists in the multi-threaded encryption implementation that causes files to be renamed with the .vect extension without their contents being encrypted.
In some cases, the contents of one file is saved and renamed as a different file name, or two different files are encrypted and saved with the same name, potentially resulting in the loss of one file. “These issues collectively undermine the reliability and repeatability of the Vect2.0 encryption and renaming logic,” Halcyon said. Oracle accelerates patching Oracle Shifts to Monthly Patch Cycle for Critical Flaws Oracle said it will supplement the quarterly Critical Patch Update (CPU) fixes with monthly security releases focused on high-priority vulnerabilities, citing the increased pace of AI-assisted vulnerability disclosures stemming from the adoption of AI models like Anthriopic Mythos to aid with code analysis, security testing, and vulnerability detection. Several vendors like Microsoft, SAP, Adobe, andGoogle (for Android) already release patches on a monthly cadence, most of which occur on the second Tuesday of each month.
Oracle’s release cycle, however, will be on the third Tuesday of each month. The first monthly Critical Security Patch Updates (CSPUs) will arrive on May 28, 2026. “CSPUs provide targeted fixes for critical vulnerabilities in a smaller, more focused format, allowing customers to address high-priority issues without waiting for the next quarterly release,” Oracle said. “Security depends on identifying vulnerabilities quickly and applying fixes just as quickly.” Global smishing surge Scammers Use Fake Text Messages to Steal Data Scammers are sending tens of thousands of fraudulent text messages to mobile users across 12 countries, impersonating transport authorities, toll operators, and parking services, as part of a new mass smishing campaign, per Bitdefender Labs.
The active campaign, called Operation Road Trap, has been active since December 2025. More than 79,000 fraudulent messages have already been detected in 40 distinct SMS scam campaigns. Countries targeted include the U.S., Canada, Australia, New Zealand, France, Spain, Colombia, Brazil, India, the U.K., Ireland, and Luxembourg. “All messages share a common goal: to persuade recipients to pay a fake fine, hand over sensitive information, or install spyware,” the company said .
“At this stage, there’s no confirmed link tying these campaigns together, beyond a shared theme of messages about unpaid tolls, parking violations, or traffic fines.” The activity has not been attributed to a specific threat actor or group. Encrypted backup hardening Meta Announces Updates for End-to-End Encrypted Backups Meta has updated its infrastructure used for protecting end-to-end encrypted backups for WhatsApp and Messenger using a hardware security module (HSM)-based Backup Key Vault with two updates: over-the-air fleet key distribution for Messenger and a commitment to publishing evidence of secure fleet deployments. “The vault is deployed as a geographically distributed fleet across multiple datacenters, providing resilience through majority-consensus replication,” Meta said . “To verify the authenticity of the HSM fleet, clients validate the fleet’s public keys before establishing a session.
In WhatsApp, these keys are hardcoded into the application. To support Messenger – where new HSM fleets need to be deployed without requiring an app update – we built a mechanism to distribute fleet public keys over the air as part of the HSM response.” Fake ManageWP ads Malvertising Campaign Targets ManageWP Guardio has detailed a phishing campaign that’s delivered through Google sponsored search results and aims to steal credentials for ManageWP, GoDaddy’s WordPress admin platform, using an adversary-in-the-middle (AitM) phishing page. “The ad click first hits a cloaker, then flips real users to a fake ManageWP login while too easily dodging Google’s inspection of who authorized this sponsored search result,” Guardio said . “Attacker gets real-time login attempts to Telegram and controls it all from their C2.
They log in to the victims’ accounts on their end while orchestrating a fake login flow on the victim’s screen.” NuGet supply chain threat Malicious NuGet Packages Steal Data Five malicious NuGet packages published under the account bmrxntfj have been found to typosquat widely used Chinese .NET UI and infrastructure libraries. “Each package grafts a .NET Reactor protected infostealer payload onto a decompiled copy of a legitimate open source library,” Socket said . “The stealer targets saved credentials across 12 browsers, 8 desktop cryptocurrency wallets, 5 browser wallet extensions and exfiltrates to a newly-registered C2 domain.” The packages, IR.DantUI, IR.Infrastructure.Core, IR.Infrastructure.DataService.Core, IR.iplus32, and IR.OscarUI,have been collectively downloaded approximately 65,000 times. Critical Salesforce flaws Security Flaws Disclosed in Salesforce Marketing Cloud Details have emerged about five now-patched, critical vulnerabilities in Salesforce Marketing Cloud that could be exploited to leak the entire contacts DB via a template injection and even access all emails ever sent using the service.
The vulnerabilities have been assigned the identifiers: CVE-2026-22585 , CVE-2026-22586 , CVE-2026-22582 , CVE-2026-22583 , and CVE-2026-2298 . The issues were fixed by Salesforce on January 24, 2026, following responsible disclosure by Searchlight Cyber. There is no evidence that the flaws were exploited to obtain unauthorized access to or misuse of customer data. Rust malware aviation campaign Aviation Sectors Targeted in Operation Silent Rotor Unmanned Aerial Systems (UAS) and aviation sectors in Russia, Tajikistan, Central Asia, Europe, and the Middle East are the target of a new campaign that uses spear-phishing lures to deliver ZIP archives containing a Rust-based executable (along with multiple decoy documents), which displays one of the lure documents, fingerprint the system, and contacts an attacker-controlled domain to fetch and execute a next-stage payload.
The activity, codenamed Operation Silent Rotor, has not been attributed to any known threat actor. “The campaign uses realistic aviation-related documents to gain the victim’s trust, with content linked to the ‘Unmanned Aviation 2026’ forum in Moscow,” Seqrite Labs said . “The delivered malware is a Rust-based executable that collects system information, communicates with a remote server over encrypted HTTPS, and downloads a second-stage payload for execution.” Stealthy Vidar infection chain Multi-Stage Campaign Drops Vidar Stealer A new multi-stage malware campaign has employed layered obfuscation and trusted Windows components to achieve stealthy execution and persistence, ultimately leading to the deployment of Vidar Stealer. The initial infection vectors for Vidar have leveraged various methods to deceive unsuspecting users: fake CAPTCHA or ClickFix pages, free game cheats, legitimate-but-compromised sites, and fake or trojanized GitHub repositories disguised as legitimate utilities, cracked software, or leaked development tools.
In one case detailed by Point Wild, the entry point is a Go-compiled dropper binary that extracts and deploys a VBScript file, which contains embedded PowerShell code to continue the infection chain. “The PowerShell script connects to a remote IP-based server and downloads the next-stage payload, which is delivered in JPEG and TXT file formats used as disguised carriers for malicious content or staged payload data rather than conventional executables,” the company said . “These files are further processed to retrieve or reconstruct the final payload, ultimately leading to Vidar execution.” Silent AI model downloads Google Chrome May Download a 4GB Model Weights File A new analysis from web privacy expert Alexander Hanff has found that Google Chrome installs a 4GB on-device AI model file to disk without users’ consent. It is a weights file associated with Gemini Nano.
If a user deletes the file, it’s automatically re-downloaded unless the “on-device AI” setting is turned off. Google noted in October 2025 that the “Gemini Nano model is automatically deleted if the device’s free disk space drops below a certain threshold” and is “purged if an enterprise policy disables the feature, or if a user hasn’t met other eligibility criteria for 30 days.” The company also said the on-device AI model is used for scam detection, tab organization, and summarization. Last month, the researcher detailed the various browser fingerprinting techniques (e.g., WebGL, WebGPU, CNAME cloaking , link decoration, and canvas fingerprinting, among others) used by online trackers and how Chrome doesn’t do anything to block them. In all, Chrome ships with over 30 active fingerprinting vectors, 23 distinct storage and tracking mechanisms, no native CNAME cloaking protection, and no fingerprinting defenses of any kind.
- It’s worth mentioning that Google
- abandoned
- its plans to deprecate third-party tracking cookies in Chrome after a six-year effort called Privacy Sandbox. Edge memory exposure
- Microsoft Edge Stores Passwords in Cleartext, But It’s Not as Severe as It Sounds
- An attacker with administrative privileges can gain access to Microsoft Edge user passwords even when they’re not in use by taking advantage of the fact that the browser stores them in cleartext in process memory. An attacker could
- exploit
- this behavior to
- create a memory dump
- of Edge’s “browser” sub-task via the Windows Task Manager. Security researcher Tom Jøran Sønstebyseter Rønning, who revealed the issue,
- said
- “When you save passwords in Edge, the browser decrypts every credential at startup and keeps them, resident in process memory.
This happens even if you never visit a site that uses those credentials. At the same time, Edge requires you to re-authenticate before showing those same passwords in the Password Manager UI – yet the browser process already has them all in plaintext.” Further testing has revealed that Edge is the only Chromium-based browser that exhibits this behavior, which Microsoft has described as by design to speed up the sign-in process. Unlike Edge, other browsers built on Chromium encrypt credentials only when needed, instead of keeping all passwords in memory at all times. It’s worth noting that to pull off a successful attack, a threat actor must have already compromised the device by some other means.
A similar method to extract cleartext credentials directly from Chromium’s memory was demonstrated by CyberArk in 2022. As VX-Underground noted in a post on X: “This method is interesting, I like the research performed, however, it isn’t something super critical. If you’re using this method in an enterprise environment, then that company has been completely compromised down to the bone, and they’ve got much larger issues.” 72-hour patch mandate U.S. Mulls Cutting Patch Deadlines to 3 Days for Exploited Flaws U.S.
cybersecurity officials are considering sharply shorter deadlines for fixing critical flaws in government IT systems, amid concerns bad actors could exploit them using artificial intelligence tools, Reuters reported . Under the new proposal, the deadline for patching vulnerabilities added to the Known Exploited Vulnerabilities (KEV) catalog would be slashed from three weeks to three days. According to a Flashpoint study , the time between vulnerability disclosure and exploitation has plunged 94% over the past five years. The time to exploit (TTE) dropped from 745 days in 2020 to just 44 days last year, dramatically reducing the time security and IT teams have to patch.
This phenomenon has exacerbated in recent months, with threat actors attempting to exploit newly disclosed flaws within 24 hours of public disclosure . “At face value, three days is aggressive. Traditional patching workflows involve change control, testing, and stakeholder sign-off, and compressing them into 72 hours runs counter to how most enterprises actually operate,” Ryan Dewhurst, watchTowr’s head of threat intelligence, told The Hacker News. “But the trend over recent months has been unambiguous.
Exploitation of emerging threats is accelerating, and industry data consistently shows high-impact vulnerabilities being weaponized far faster than a 3-day window would allow. CISA’s shift to a 3-day deadline is a candid acknowledgment of how little time defenders actually have, balanced against the operational realities that still make patching complex. The uncomfortable truth: if you need three days, you’re already operating behind the threat.” SEBI flags AI cyber risks India’s SEBI Issues Alert on Advanced AI Tools for Vulnerability Discovery The Securities and Exchange Board of India (SEBI) has released an advisory, stating the emergence of tools like Mythos “may give rise to heightened risk exposure by enabling identification and potential exploitation of existing vulnerabilities using speed and scale,” adding “it may also introduce concerns relating to data confidentiality, application integrity, and reliability of outputs.” SEBI said it’s also establishing a cyber task force to examine the cybersecurity risks posed by AI models and devise a mitigation strategy, facilitate threat intelligence sharing, flag vulnerabilities that could impact the securities markets, and review third-party vendors for their cybersecurity posture. AI-fueled cyber race Anthropic CEO Warns of Narrow Window to Fix Flaws Anthropic CEO Dario Amodei has warned that AI has created a narrow window of about six to 12 months for organizations across the world to fix tens of thousands of software vulnerabilities found by its AI model before Chinese AI catches up.The development comes as advanced AI models like Anthropic Mythos are being used to find vulnerabilities in widely used software.This includes the discovery of over 270 flaws in Mozilla Firefox , some of which went undetected for years.
According to Axios and Bloomberg , the U.S. National Security Agency has been testing the Mythos model despite the Pentagon’s insistence that the company poses a supply chain risk. An evaluation of Mythos and OpenAI GPT-5.5 has since revealed that both models are capable of solving multi-step cyber attack simulations end-to-end, demonstrating their growing offensive cyber skills. But the emergence of these models, albeit in a limited preview, has also raised concerns that it could outpace current cybersecurity defenses, turbocharge exploit development, and expose weaknesses faster than they can be fixed.
The worries stem from the dual-use nature of these systems, as the same capability that helps defenders identify hundreds of flaws can be turned against them if they end up in the wrong hands. Late last month, Bloomberg reported that a “small group of unauthorized users” had had access to Mythos through a third-party contractor that works for Anthropic since the day the model was officially announced. “These capabilities, however guardrailed, will not stay contained. Similar advances will appear across other major AI labs, Chinese models, and open source models,” Palo Alto Networks said .
“Attackers will find the seams in those guardrails. They will use advanced AI to discover zero-day vulnerabilities at scale, generate exploits in near real time, and develop autonomous attack agents unlike anything the industry has faced.” Android banking malware spike Android Malware Driven Financial Fraud Surges 67% A new analysis from Zimperium has uncovered that Android malware-driven financial transactions have increased 67% year-on-year. The mobile security company said it tracked 34 active malware families targeting 1,243 financial brands across 90 countries in 2025. TsarBot , Copybara , and HOOK are the top three malware families that collectively target more than 60% of the global banking and fintech apps analyzed.
“The U.S. has the highest concentration of targeted apps globally, with 162 banking applications under active targeting, up from 109 in 2023,” the company said . “Nearly half of the malware families analyzed have financial extortion capabilities, including ransomware capabilities, allowing attackers to encrypt files on the device.” Major cybercrime prosecutions Recent Law Enforcement Actions Bryan Fleming, the founder of the surveillance tool pcTattletale, was sentenced to time served and a $5,000 fine for operating stalkerware that allowed users to secretly keep tabs on victims. This case marks the first federal conviction of a spyware developer in more than a decade and signals a potential shift in how the government prosecutes creators of intrusive tracking technology.
Fleming pleaded guilty earlier this January. pcTattletale shut down in 2024 after suffering a data breach. Other actions announced by the U.S. Department of Justice include the indictment of Jonathan Spalletta , a Maryland resident, in connection with theft of more than $50 million from decentralized cryptocurrency exchange Uranium Finance in 2021, leading to its shutdown; the extradition of Gavril Sandu , a Romanian national, to the U.S.
for his alleged role in a voice phishing scheme; and the sentencing of Latvian national Deniss Zolotarjovs , a member of the Karakurt group, to 102 months in prison for his involvement in a series of ransomware attacks and extort payments from more than 54 companies. Zolotarjovs was extradited to the U.S. in August 2024. Hijacked .edu subdomains Attack Hijacks University Domains to Host Spam and Porn Bad actors have been observed taking over subdomains for the Massachusetts Institute of Technology, Harvard, Stanford, Johns Hopkins, and dozens of other universities to post explicit porn spam that Google indexed under the trusted “.edu” domains.
The attack was carried out by hijacking DNS records that the universities had abandoned. Fake AI app malware wave Searches for Claude and Antigravity Lead to Stealer Malware Malvertising campaigns on Google Search are using lures for Antigravity to direct users to a fake website that serves a trojanized installer designed to deliver a stealer malware capable of harvesting sensitive data from the compromised system. Similar campaigns have leveraged Google Ads to serve fake landing pages for Claude to deliver MacSync infostealer on macOS. The activity has been codenamed Claude Fraud .
In another campaign spotted by Malwarebytes, fake websites impersonating legitimate services like Proton VPN, code hosting platforms, and free web hosting providers such as onworks[.]net are being used to stage malicious payloads that deliver a new Rust-based infostealer dubbed NWHStealer. “Once installed, it can collect browser data, saved passwords, and cryptocurrency wallet information, which attackers may use to access accounts, steal funds, or carry out further attacks,” the company said. A new evolution of the Browser runtime to distribute the stealer. The use of fake websites as lures has been observed in two other campaigns: a fake website promoting a tool called TradingClaw that acts as a delivery vehicle for a stealer codenamed Needle Stealer and a typosquatting website impersonating Slack that’s used to drop a modified installer.
The executable, besides launching a working copy of Slack, sets up a HVNC session for remote attackers to browse, access accounts, and interact with the system. That’s the week. Same internet, new fires. Patch what you can, double-check what you install, and don’t trust random ads pretending to be tools.
See you next ThreatsDay. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Day Zero Readiness: The Operational Gaps That Break Incident Response
Having an incident response retainer, or even a pre-approved external incident response firm, is not the same as being ready for an incident. A retainer means someone will answer the phone. Operational readiness determines whether that team can do meaningful work the moment they do. That distinction matters far more than many organizations realize.
In the first hours of a security incident, attackers are not waiting for your identity team to provision emergency accounts, for legal to decide whether an outside firm can access sensitive systems, or for someone to figure out who owns the EDR console. Every delay gives the attacker more uninterrupted time in your environment. Every hour lost to logistics increases the likelihood of deeper compromise, broader impact, and more expensive recovery. The same is true internally.
An organization may have an incident response plan, a capable security team, and a list of escalation contacts, yet still be unprepared to respond under pressure. Readiness is not measured by what exists on paper. It is measured by how quickly responders, internal or external, can gain visibility, understand what the attacker has already touched, and make informed decisions. On Day Zero, responders are not asking for unlimited control.
They are asking for visibility first and authority second. Without visibility, containment decisions are made blindly, timelines cannot be reconstructed, and the true scope of the compromise remains unknown while the response team debates access and approvals. This guide outlines what responders need on Day Zero, where organizations most often fall short, and how to ensure your internal team and external IR partner can begin effective work immediately when an incident is declared. What determines response speed Whether the first responders are internal security staff, an external retainer firm, or both working in parallel, they need access to the same core systems.
Internal teams may already have some of that access. External responders usually do not unless it has been prepared in advance. Not all access is equally urgent. Identity comes first, because identity reveals the blast radius.
It shows how the attacker got in, which credentials are compromised, how privilege may have changed, and where the attacker is likely to move next. Cloud, endpoint, and logging access are all critical, but without identity visibility, responders are building a timeline on guesswork. Identity and authentication access Modern attacks run on identity. Stolen credentials, abused tokens, misconfigured privileges, and compromised sessions are now central to how attackers gain persistence and move laterally.
If responders cannot see identity activity, they cannot explain the initial compromise, trace privilege escalation, or identify which accounts are already unsafe to trust. For external IR firms, identity access is often the first major bottleneck. Organizations delay access while teams debate permissions, search for the right administrator, or attempt to create accounts during the incident itself. During that delay, responders are effectively blind to the attacker’s movement.
On Day Zero, responders need read and investigative access to the identity provider, directory services, SSO platforms, and federation layers. They need visibility into authentication logs, MFA events, token issuance, session activity, privileged accounts, service accounts, and recent permission changes. They also need a defined path for urgent actions such as credential resets, token invalidation, or temporary restrictions on privileged users. Cloud and SaaS access In cloud environments, attacker activity often looks normal unless responders can see it in context.
It may appear as API calls, configuration changes, new role assignments, service account abuse, or use of legitimate automation. Without immediate access, critical evidence may disappear before it is reviewed. On Day Zero, responders need read access to relevant cloud accounts, subscriptions, and SaaS platforms. They need visibility into audit logs, control plane activity, IAM and RBAC configurations, compute workloads, storage access patterns, serverless functions, service accounts, and secrets management.
Delays in cloud access are especially damaging because some telemetry is ephemeral. If it is not captured quickly, it may be gone permanently. Endpoint and EDR access Endpoint telemetry often provides the clearest picture of attacker behavior, especially in the early stages of an investigation. Process execution, command-line activity, credential dumping, persistence mechanisms, and lateral movement frequently show up first in the EDR.
Without direct access, responders are forced to rely on screenshots, summaries, or findings relayed through internal teams who are already under pressure. That is not a serious investigation. It is a game of telephone during a crisis. On Day Zero, responders need investigator-level access to EDR tools, visibility into process and network activity, the ability to query historical telemetry across hosts, and the authority to isolate systems or initiate containment when needed.
If those permissions are not ready in advance, valuable time is lost, and the risk of misunderstanding grows. Logging and monitoring access Logs are how responders reconstruct the full story of an attack, not just what happened after detection, but what happened before it. Too often, organizations discover that their retention periods are designed for compliance or cost efficiency rather than investigation. Fourteen days of retention is common.
Ninety days should be the minimum baseline. If an attacker has been active for six weeks before detection, a 14-day window means the initial access event, early reconnaissance, and much of the lateral movement may already be gone. Responders need access to centralized SIEM or log aggregation tools, firewall and IDS/IPS logs, VPN and remote access logs, email security logs, cloud and SaaS audit trails across all relevant tenants. If those logs are incomplete, siloed, or overwritten, responders are forced to make high-stakes decisions with partial evidence.
Access must be real, not theoretical Access is only useful if it can be activated immediately. If access depends on a chain of approvals, manual setup, or first-time configuration, it will fail when the pressure is highest. Operational readiness means required accounts already exist across identity, cloud, EDR, and logging systems. MFA enrollment must already be completed.
Permissions must already be approved and mapped to responder roles. The team responsible for enabling access must know exactly how to do it and must have practiced the procedure before. On Day Zero, access should function like a switch: predefined, controlled, and fast to activate. Anything else is a delay, and in incident response, delay always benefits the attacker.
Communication under breach conditions Access problems receive the most attention in readiness discussions, but communication failures are just as damaging. Even with perfect technical visibility, an incident response breaks down quickly if teams cannot coordinate, make decisions, and share sensitive information securely. Assume normal channels may be compromised During an active breach, organizations should assume that email, chat platforms, and internal collaboration tools may no longer be private. If the attacker has access to those systems, then discussions about containment, investigative findings, and next steps may also be visible.
That applies to internal conversations and communication with an external IR firm. Sharing credentials, containment plans, or investigative conclusions over a compromised channel can give the attacker visibility into your response in real time. Establish out-of-band communication Every organization needs an out-of-band communication method that is separate from corporate identity, production email, and the internal network. This could be a dedicated secure messaging platform, a preconfigured encrypted group, or a structured phone-based process.
The specific tool matters less than the requirements. The channel must be independent of the compromised environment. It must include internal responders and external retainer contacts. It must support secure sharing of sensitive information.
Most importantly, it must be tested. A communication channel that has never been used is not a response plan. It is an experiment being conducted in the middle of a crisis. Designate an incident manager Every response needs a single point of coordination.
This is not necessarily the most senior person in the room. It is the person with the clearest operational ownership and the authority to keep the response aligned. The incident manager coordinates activity across security, IT, legal, leadership, and external responders. They control information flow, maintain a consistent picture of scope and status, and serve as the primary interface to the IR firm.
Without that role, organizations drift into fragmented communication, conflicting instructions, and slow decision-making. Define stakeholder notification paths Who gets notified, when, and by whom should never become a live debate during an incident. Notification tiers need to be defined in advance. Internal escalation thresholds, executive updates, legal and regulatory decision-making, customer communications, and external messaging all need clear ownership.
Organizations should also define exactly what information is shared with the IR firm on initial contact, who acts as the consistent liaison, and how updates are handled. Poor communication is not just inconvenient. It measurably slows containment and increases damage. Building a pre-approved IR access policy A pre-approved incident response access policy exists to eliminate decision-making overhead at the worst possible moment.
When an incident is declared, the question of who can access what should already be answered. What the policy should define The most common failure in IR access policies is vagueness. A statement such as “responders will be granted appropriate access upon incident declaration” is not an operational policy. It is a placeholder that guarantees confusion later.
An effective policy should clearly define who can declare an incident and trigger emergency procedures. This should not require a full executive chain. A CISO, security leader, or designated on-call authority should be empowered to make that call. It should define who can approve temporary access for external responders without reopening procurement, legal review, or vendor onboarding.
Those controls matter, but they are not built for incident timelines unless pre-cleared. It should specify the scope of access by responder role, such as IR investigator or IR lead, rather than negotiating permissions during a live event. It should also define time-boxed access, with a clear review and revocation cadence, and designate who is responsible for removing access once the incident stabilizes. Finally, it should require post-incident cleanup, access validation, and governance review.
Governance should catch up after stabilization, not slow down the first hours of investigation. Pre-created accounts and tested workflows Policy is only as good as the workflows behind it. If the accounts do not exist, the permissions have not been validated, or the identity team has never enabled them under realistic conditions, then the organization does not have a capability. It has documentation.
Dormant IR accounts should be created in advance across the identity provider, EDR, SIEM, and cloud tenants. They should be disabled by default, with a documented and tested enable procedure. MFA enrollment should already be complete. Hardware tokens or secure authentication workflows should be assigned before an incident occurs.
Role assignments should also be pre-approved. Enabling emergency access should be a single action, not the beginning of a conversation. Background checks and legal friction Background checks are a common friction point, especially in regulated sectors. The issue is not whether checks are appropriate.
It is when they are enforced. If background checks are first raised during an active incident, the organization has already failed the readiness test. Reputable IR firms handle vetting, certifications, and internal controls during onboarding. Those conversations belong in the retainer setup phase, not in the first hours of a breach.
The same is true of legal approval. If legal needs to decide in real time whether external responders can access production systems or regulated data, the response will slow immediately. Those decisions should be resolved before the incident. A practical Day Zero readiness checklist Organizations can test readiness by asking simple, operational questions.
Can a dormant IR account be enabled and used to pull authentication logs within 30 minutes? Is a scoped read-only cloud role already defined, and are audit logs enabled across all relevant tenants? Does the EDR platform have an investigator role that an external responder can use immediately, with access to at least 30 days of historical telemetry? Can an external responder query the SIEM directly, and does retention cover at least 90 days across identity, endpoint, network, and cloud sources?
Who can authorize host isolation, VPN shutdown, credential rotation, or account suspension, and has that authority been exercised in an exercise? If any of these questions produce hesitation, uncertainty, or the phrase “we’ll figure it out during an incident,” then that area is not ready. For organizations with an IR retainer , additional questions matter. Are dormant accounts already created for retainer responders?
Is MFA preconfigured? Are legal approvals complete? Does the IR firm have current contact information for the incident manager, CISO, and identity lead? Is there an established out-of-band channel that includes the IR firm?
Has the full activation workflow been tested in a tabletop exercise from initial call through working access? If several of these answers are no, the retainer is a contract, not an operational capability. What organizations commonly overlook Even mature organizations with strong security tooling and formal plans routinely discover important gaps only after a real incident begins. Backups are a common example.
Many organizations know backup jobs are completing, but have not verified that backups are isolated from the environment that an attacker has already compromised. If the same credentials, networks, or service accounts can reach backup infrastructure, attackers may be able to destroy recovery options before deploying ransomware. A backup that has never been restored, and never been tested for isolation, is still an assumption. Containment authority is another frequent gap.
Teams may know whether a system should be isolated or credentials should be rotated, but no one has explicit authority to disrupt operations. As the decision moves through leadership, legal, finance, or business operations, the attacker remains active. Prepared organizations decide in advance which systems can be shut down immediately, who can authorize those actions, and how emergency decisions will be escalated when necessary. Short or fragmented logging retention is also common.
Logs may exist but only for seven to fourteen days, or they may be scattered across tools and teams with no centralized access. In those cases, the organization can often see what is happening now but not how it started. Untested response plans are equally dangerous. Many plans look complete in a binder and fail in practice because people do not know their roles, approvals take too long, and critical steps have never been exercised.
Testing does not need to be elaborate. It needs to be realistic, cross-functional, and honest about what breaks. Finally, many organizations lack a current asset inventory or network map. Systems are deployed outside formal processes, cloud resources are spun up without central registration, and ownership is unclear.
Responders cannot investigate what they do not know exists. Untracked assets are not just documentation gaps. They are blind spots that attackers actively exploit. A readiness exercise you can run now Most of the recommendations in this guide can be tested this week with the people and systems already in place.
Start with access. Create dormant IR accounts and measure how long it takes to enable them. Attempt to pull 90 days of authentication logs. Ask your EDR administrator to create or validate an external investigator role.
Confirm cloud audit logging is enabled across all relevant tenants and that a scoped read-only role can be activated immediately. Then test the response itself. Run a tabletop exercise in which the IR firm has just been called in. Measure how long it takes before they can access identity logs, endpoint telemetry, and cloud audit trails.
Test whether the incident manager can be reached and whether the out-of-band channel can be established quickly. Run a containment decision through the approval chain and time it. Whatever fails in that exercise will fail the same way during a real incident. The difference is that during a real breach, the attacker is operating inside that gap while the organization is still figuring it out.
Conclusion Readiness is not a policy document, a signed retainer, or a successful audit. It is the result of practical decisions made before an incident begins: access provisioned, authority clarified, communication paths tested, and operational gaps closed before an attacker can exploit them. The organizations that contain incidents quickly are rarely the ones with the most impressive slide decks. They are the ones who did the unglamorous work in advance.
They created the accounts, tested the workflows, validated the logs, practiced the decisions, and ensured that when the call came in, the response could begin immediately. That is the real meaning of Day Zero readiness: not just having help available but being prepared to use it the moment it matters most. Found this article interesting? This article is a contributed piece from one of our valued partners.
Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. “While these wheel packages do implement the features described on their PyPI web pages, their true purpose is to covertly deliver malicious files,” Kaspersky said . “Unlike traditional malware, ZiChatBot does not communicate with a dedicated command-and-control (C2) server, but instead uses a series of REST APIs from the public team chat app Zulip as its C2 infrastructure.” The activity has been described as a “carefully planned and executed PyPI supply chain attack” by the Russian cybersecurity company. The names of the packages, which have since been taken down, are listed below - uuid32-utils (1,479 downloads) colorinal (614 downloads) termncolor (387 downloads) All three packages were uploaded to PyPI during a short window between July 16 and 22, 2025.
While uuid32-utils and colorinal make use of similar malicious payloads, termncolor is a benign-looking package that lists colorinal as a dependency. On Windows systems, once any of the first two packages is installed, the malicious code extracts a DLL dropper (“terminate.dll”) and write it to disk. At the time the library is imported into a project, the DLL is loaded, acting as a dropper for ZiChatBot, after which it establishes an auto-run entry in the Windows Registry, and runs code to delete itself from the host. The Linux version of the shared object dropper (“terminate.so”) plants the malware in the “/tmp/obsHub/obs-check-update” path and configures a crontab entry.
Regardless of the operating system it’s running on, ZiChatBot is designed to execute shellcode received from its C2 server. After executing the command, the malware sends a heart emoji as a response to signal the server that the operation was successful. Exactly who is behind the campaign is not clear. However, Kaspersky said the dropper shares a “64% similarity” to another dropper used by a Vietnam-aligned hacking group named OceanLotus (aka APT32).
In late 2024, the threat actor was observed targeting the Chinese cybersecurity community with poisoned Visual Studio Code projects masquerading as Cobalt Strike plugins to deliver a trojan that’s executed automatically when the project is compiled. The malware uses the Notion note-taking service as C2, per an analysis from ThreatBook. Kaspersky pointed out that if the PyPI supply chain campaign is indeed the work of OceanLotus, it represents the threat actor’s strategy to expand its targeting scope. “Although phishing emails are still a common initial infection method for OceanLotus, the group is also actively exploring new ways to compromise victims through diverse supply chain attacks,” it said.
Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems. vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host environment. The security flaws are listed below - CVE-2026-24118 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via “lookupGetter” and permits an attacker to run arbitrary code on the underlying host. (Affects versions <= 3.10.4, patches in 3.11.0) CVE-2026-24120 (CVSS score: 9.8) - A patch bypass for CVE-2023-37466 (CVSS score: 9.8) that could allow attackers to escape the sandbox through the species property of promise objects and execute arbitrary commands on the underlying host.
(Affects versions <= 3.10.3, patched in 3.10.5) CVE-2026-24781 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via the “inspect” function and permits an attacker to run arbitrary code on the underlying host. (Affects versions <= 3.10.3, patches in 3.11.0) CVE-2026-26332 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via “SuppressedError” and permits an attacker to run arbitrary code on the underlying host. (Affects versions <= 3.10.4, patches in 3.11.0) CVE-2026-26956 (CVSS score: 9.8) - A protection mechanism failure vulnerability that allows sandbox escape with arbitrary code execution by triggering a TypeError produced by Symbol-to-string coercion. (Affects version 3.10.4, confirmed on Node.js 25.6.1, patched in 3.10.5) CVE-2026-43997 (CVSS score: 10.0) - A code injection vulnerability that allows an attacker to obtain the host Object and escape the sandbox, leading to arbitrary code execution.
(Affects versions <= 3.10.5, patched in 3.11.0) CVE-2026-43999 (CVSS score: 9.9) - A vulnerability that allows a bypass of NodeVM’s built-in allowlist and enables an attacker to load excluded builtins like child_process and achieve remote code execution. (Affects version 3.10.5, patched in 3.11.0) CVE-2026-44005 (CVSS score: 10.0) - A vulnerability that allows attacker-controlled JavaScript to escape the sandbox and enable prototype pollution. (Affects versions 3.9.6-3.10.5, patched in 3.11.0) CVE-2026-44006 (CVSS score: 10.0) - A code injection vulnerability via “BaseHandler.getPrototypeOf” that enables sandbox escape and remote code execution. (Affects versions <= 3.10.5, patched in 3.11.0) CVE-2026-44007 (CVSS score: 9.1) - An improper access control vulnerability that allows sandbox escape and execution of arbitrary operating system commands on the underlying host.
(Affects versions <= 3.11.0, patched in 3.11.1) CVE-2026-44008 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via “neutralizeArraySpeciesBatch()” and permits an attacker to execute arbitrary commands on the underlying host. (Affects versions <= 3.11.1, patched in 3.11.2) CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an attacker to execute arbitrary commands on the underlying host. (Affects versions <= 3.11.1, patched in 3.11.2) The disclosure comes a couple of months after vm2 maintainer Patrik Simek released patches for another critical sandbox escape flaw ( CVE-2026-22709 , CVSS score: 9.8) that could lead to arbitrary code execution on the underlying host system. The string of newly identified sandbox escapes illustrates the challenge of securely isolating untrusted code in JavaScript-based sandbox environments, with Simek acknowledging previously that new bypasses will likely be discovered in the future.
Users of vm2 are advised to update to the latest version ( 3.11.2 ) for optimal protection. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Cybersecurity researchers have exposed a new Mirai -derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge ( ADB ) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks. Hunt.io, which detailed the malware, said it made the discovery after identifying an exposed directory on a Netherlands-hosted server at the IP address “176.65.139[.]44” without requiring any authentication. The malware supports “21 flood variants across TCP, UDP, and raw protocols, including RakNet and OpenVPN-shaped UDP, capable of bypassing consumer-grade DDoS protection,” Hunt.io said, adding it’s offered as a DDoS-for-hire service designed for targeting game servers and Minecraft hosts. What makes xlabs_v1 notable is that it seeks out Android devices running an exposed ADB service on TCP port 5555, meaning any gear that comes with the tool enabled by default, such as Android TV boxes, set-top boxes, smart TVs, could be a potential target.
Besides an Android APK (“boot.apk”, the malware supports multi-architecture builds covering ARM, MIPS, x86-64, and ARC, indicating it’s also designed to target residential routers and internet-of-things (IoT) hardware. The result is a purpose-built botnet engineered to receive an attack command from the operator’s panel (“xlabslover[.]lol”) and generate a flood of junk traffic on demand, specifically directing the DDoS attack against game servers. “The bot is statically-linked ARMv7, runs on stripped Android firmwares, and is delivered through ADB-shell pastes into /data/local/tmp,” Hunt.io explained. “The operator’s nine-variant payload list is tuned for Android TV boxes, set-top boxes, smart TVs, and IoT-grade ARM hardware that ships with ADB enabled.” There is evidence indicating that the DDoS-for-hire service features bandwidth-tiered pricing.
This assessment is based on the presence of a bandwidth-profiling routine that collects victim bandwidth and geolocation. This component opens 8,192 parallel TCP sockets to the geographically nearest Speedtest server, saturates them for 10 seconds, and reports the measured data transfer rate back to the panel. The goal, Hunt.io noted, is to assign each compromised device to a pricing tier for its paying customers. An important aspect to note here is that the botnet exists after sending the bandwidth information in Megabits per second (Mbps), meaning the operator must re-infect the device a second time through the same ADB exploitation channel, given the absence of a persistence mechanism.
“The bot does not write itself to disk persistence locations, does not modify init scripts, does not create systemd units, and does not register cron jobs,” Hunt.io said. “This design suggests the operator views bandwidth probing as an infrequent fleet-tier-update operation rather than a per-attack pre-flight check, and the resulting exit-and-re-infect cycle is the design intent.” xlabs_v1 also features a “killer” subsystem to terminate competitors so that it can usurp the victim device’s full upstream bandwidth to itself and use it to carry out the DDoS attack. It’s currently not known who is behind the malware, but the threat actor goes by the moniker “Tadashi,” as evidenced by a ChaCha20-encrypted string embedded in every build of the bot. Further analysis of the co-located infrastructure has uncovered a VLTRig Monero-mining toolkit on host 176.65.139[.]42, although it’s currently not known if the two sets of activities are the work of the same threat actor.
“In commercial-criminal terms, xlabs_v1 is mid-tier. It is more sophisticated than the typical script-kiddie Mirai fork […], but less sophisticated than the top tier of commercial DDoS-for-hire operations,” Hunt.io said. “This operator is competing on price and attack variety, not technical sophistication. Consumer IoT devices, residential routers, and small game-server operators are the target.” The development comes as Darktrace revealed that an intentionally misconfigured Jenkins instance in its honeypot network was targeted by unknown threat actors to deploy a DDoS botnet downloaded from a remote server (“103.177.110[.]202”), while simultaneously taking steps to evade detection.
“The presence of game-specific DoS techniques further highlights that the gaming industry continues to be extensively targeted by cyber attackers,” the company said . “This botnet has likely already been used against game servers, serving as a reminder for server operators to ensure appropriate mitigations are in place.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false flag” operation. The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident initially appeared to be consistent with a ransomware-as-a-service (RaaS) group operating under the Chaos brand, evidence points to it being a targeted state-backed attack that masquerades as opportunistic extortion. “The campaign was characterized by a high-touch social engineering phase conducted via Microsoft Teams , where the attackers utilized interactive screen-sharing to harvest credentials and manipulate multi-factor authentication (MFA),” Rapid7 said in a report shared with The Hacker News.
“Once inside, the group bypassed traditional ransomware workflows, forgoing file encryption in favor of data exfiltration and long-term persistence via remote management tools like DWAgent.” The findings indicate that MuddyWater is attempting to muddy attribution efforts by increasingly relying on off-the-shelf tools available in the cybercrime underground to conduct its attacks. This shift has also been documented by Ctrl-Alt-Intel, Broadcom, Check Point, and JUMPSEC in recent months, highlighting the adversary’s use of CastleRAT and Tsundere. With that said, this is not the first time MuddyWater has conducted ransomware attacks. In September 2020, the threat actor was attributed to a campaign targeting prominent Israeli organizations with a loader called PowGoop that deployed a variant of Thanos ransomware with destructive capabilities.
Then, in 2023, Microsoft disclosed that the hacking group teamed up with DEV-1084, a threat actor known to use the DarkBit persona, to conduct destructive attacks under the pretext of deploying ransomware. As recently as October 2025, the attackers are believed to have used the Qilin ransomware to target an Israeli government hospital. “In this case, the emerging picture was that the attackers were likely Iranian-affiliated operators working through the cyber criminal ecosystem, using a criminal ransomware brand and methods associated with the broader extortion market, while serving a strategic Iranian objective,” Check Point noted back in March. “The use of Qilin, and participation in its affiliate program, likely serves not only as a layer of cover and plausible deniability, but also as a meaningful operational enabler, especially as earlier attacks appear to have heightened security measures and monitoring by Israeli authorities.” Chaos is a RaaS group that emerged in early 2025.
Known for its double extortion model, the threat actor has advertised its affiliate program on cybercrime forums, like RAMP and RehubCom. Attacks mounted by the e-crime gang leverage a combination of mail flooding and vishing using Teams, often by impersonating IT support personnel, to trick victims into installing remote access tools like Microsoft Quick Assist, and then abuse that foothold to burrow deeper into the victim’s environment and deploy ransomware. “The group has also demonstrated triple extortion by threatening distributed denial-of-service (DDoS) attacks against the victim’s infrastructure,” Rapid7 said. “These capabilities are reportedly offered to affiliates as part of bundled services, representing a notable feature of its RaaS model.
Additionally, Chaos has been observed leveraging elements of quadruple extortion, including threats to contact customers or competitors to increase pressure on victims.” As of late March 2026, Chaos has claimed 36 victims on its data leak site, most of which are located in the U.S. Construction, manufacturing, and business services are some of the prominent sectors targeted by the group. In the intrusion analyzed by Rapid7, the threat actor is said to have initiated external chat requests via Teams to engage with employees and obtain initial access through screen-sharing sessions, followed by using compromised user accounts to conduct reconnaissance, establish persistence using tools like DWAgent and AnyDesk, move laterally, and exfiltrate data. The victim was then contacted via email for ransom negotiations.
“While connected, the TA [threat actor] executed basic discovery commands, accessed files related to the victim’s VPN configuration, and instructed users to enter their credentials into locally created text files,” Rapid7 explained. “In at least one instance, the TA also deployed a remote management tool (AnyDesk) to further facilitate access.” The threat actor has also been observed using RDP to download an executable (“ms_upd.exe”) from an external server (“172.86.126[.]208”) using the curl utility. Upon execution, the binary kicks off a multi-stage infection chain that delivers more malicious components. A brief description of the malware families is below - ms_upd.exe (aka Stagecomp ), which collects system information and reaches out to a command-and-control (C2) server to drop next-stage payloads (game.exe, WebView2Loader.dll, and visualwincomp.txt).
game.exe (aka Darkcomp ), which is a bespoke remote access trojan (RAT) that masquerades as a legitimate Microsoft WebView2 application. It’s a trojanized version of the official Microsoft WebView2APISample project . WebView2Loader.dll , a legitimate DLL downloaded by ms_upd.exe. It’s required by Microsoft Edge WebView2 to embed web content in Windows applications.
visualwincomp.txt , an encrypted configuration used by the RAT to obtain the C2 information. The RAT connects to the C2 server and enters an infinite loop to poll for new commands every 60 seconds, allowing it to run commands or PowerShell scripts, perform file operations, and spawn an interactive cmd.exe shell or PowerShell. The campaign’s links to MuddyWater stem from the use of a code-signing certificate attributed to “Donald Gay” to sign “ms_upd.exe.” The certificate has been previously put to use by the threat cluster to sign its malware, including a CastleLoader downloader called Fakeset . These findings underscore the growing convergence of state-sponsored intrusion activity and cybercriminal tradecraft to obscure attribution and delay appropriate defensive response.
“The use of a RaaS framework in this context may enable the actor to blur distinctions between state-sponsored activity and financially motivated cybercrime, thereby complicating attribution,” Rapid7 said. “Furthermore, the inclusion of extortion and negotiation elements could serve to focus defensive efforts on immediate impact, likely delaying the identification of underlying persistence mechanisms established via remote access tools such as DWAgent or AnyDesk.” “Notably, the apparent absence of file encryption, despite the presence of Chaos ransomware artifacts, represents a deviation from typical ransomware behavior. This inconsistency may indicate that the ransomware component functioned primarily as a facilitating or obfuscation mechanism, rather than as the primary objective of the intrusion.” In a statement shared with The Hacker News, Sergey Shykevich, group manager at Check Point Research, said the use of cyber crime tools among Iranian threat groups, including MuddyWater, has been growing. “This approach gives them considerably more operational flexibility and access to extensive toolkits without the need for internal development investment,” Shykevich said.
“It also makes attribution considerably more difficult, adding another layer of complexity for defenders tracking these actors.” The development comes as Hunt.io revealed details of an Iranian-nexus operation targeting Omani government institutions to exfiltrate more than 26,000 Ministry of Justice user records, judicial case data, committee decisions, and SAM and SYSTEM registry hives. “An open directory on 172.86.76[.]127, a RouterHosting VPS in the United Arab Emirates, surfaced an active intrusion campaign against the Omani government, with the toolkit, C2 code, session logs, and exfiltrated data all sitting in plain sight,” the company said . “The primary target was the Ministry of Justice and Legal Affairs (mjla.gov[.]om).” The discovery also coincides with continued activity from pro-Iran-aligned hacktivist groups, such as Handala Hack, which has claimed to have published details on nearly 400 U.S. Navy personnel in the Persian Gulf and carried out an attack on the Port of Fujairah in the United Arab Emirates, enabling it to gain access to its internal systems and leak about 11,000 sensitive documents related to invoices, shipping records, and customs documents.
“A month ago, we documented a broad escalation in Iranian-linked cyber operations — surveillance via hacked cameras , the leak of thousands of highly sensitive documents from Israel’s former Military Chief of Staff, and a measurable rise in attack volume across the region. We said then that further escalation was likely,” Shykevich told the publication. “The claimed attack on the Port of Fujairah is that escalation, if confirmed. What’s changed is the nature of the threat: this is no longer about intelligence gathering or public embarrassment.
Stolen port infrastructure data was allegedly used to enable physical missile targeting.” “The cyber and kinetic domains are now explicitly connected. This campaign is not slowing down. Every quiet period on the physical front has historically been followed by intensified cyber activity — and what we’re seeing now is the most serious manifestation of that pattern to date.” (The story was updated after publication to include a response from Check Point Research.) Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open
For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, and new threats. But behind every headline, there’s a quieter, better story. It’s the story of leaders making tough calls under pressure, teams building smarter defenses, and security products that keep hunting threats 24/7 — even when it’s hard. Most of the time, this work is invisible.
When everything goes perfectly, nothing happens. The world just stays safe, and no one notices. Today, we want the world to notice. Introducing the CyberStars Awards 2026 We are launching the Cybersecurity Stars Awards 2026 , a global program that recognizes excellence across the cybersecurity industry and highlights outstanding work that often goes unnoticed.
Submissions are now open, and companies, products, and professionals can apply via the official awards portal: https://awards.thehackernews.com/ We don’t just want to report the news anymore. We want to recognize the people behind it. This program is designed to highlight organizations and individuals making meaningful contributions to cybersecurity across innovation, execution, and real-world impact, and to give them a platform to showcase their work. Why is this different?
One of the defining aspects of the program is its audience. The Hacker News reaches a global community that includes CISOs and senior security leaders, practitioners and engineers, and enterprise buyers. Recognition through the Cybersecurity Stars Awards is not just symbolic. It provides visibility among the people who evaluate, select, and deploy cybersecurity technologies.
Each submission is evaluated through a structured and impartial review process designed to maintain fairness and integrity. Award Categories We have opened four main paths for you to be recognized. Whether you are a solo hero or a global giant, there is a place for you: Cybersecurity Product / Service: Covers all areas of cybersecurity, including cloud, endpoint, identity, threat detection, application, and data protection. Choose the closest fit or request a new category.
Cybersecurity Industry Solution: For solutions built for specific industries such as finance, healthcare, government, or critical infrastructure, with clear impact. Cybersecurity Company: For organizations showing strong leadership, growth, and consistent execution. Cybersecurity Professional / Team: For individuals and teams driving innovation, resilience, and measurable impact. How to Apply We have made the process simple so you can focus on telling your story.
Here is how to get started: Visit the Awards Portal and create an account in seconds. Purchase nomination credits. Choose the most relevant category or categories to apply to. Complete the nomination form with details on your work, impact, and innovation.
Submit your entry before the deadline. For any questions or support, contact - awards@thehackernews.com Key Dates Submission Deadline: May 15, 2026 Winners Announcement: May 26, 2026 Why Does It Matter? Recognition in cybersecurity only matters when it is trusted. For vendors, trust drives credibility, adoption, and long-term value.
The Hacker News has built its reputation on independent, reliable reporting for a global audience of security professionals. The Cybersecurity Stars Awards extend that same foundation to provide credible, visible recognition for meaningful contributions across the industry. Apply Now If your organization, product, or team is contributing to the cybersecurity landscape, this is your opportunity to be recognized. Submit your nomination today: https://awards.thehackernews.com/ Submissions are open, and the deadline is approaching.
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of governance policy controls.” Enterprise leaders can request access to the Gartner Market Guide for Guardian Agents , available complimentary from Orchid Security. The challenge is not simply one of tooling. It is a structural gap in how identity has been managed over the past decades.
Traditional identity and access management were designed for human users to log in and out of systems. AI agents operate differently — they run continuously, span multiple applications, acquire permissions opportunistically, and generate activity at machine speed. The result is yet another form of what Orchid Security calls “identity dark matter”: an invisible and unmanaged layer of identity activity operating beneath the radar of conventional IAM platforms. According to Orchid’s analysis, roughly half of enterprise identity activity already occurs outside centralized IAM visibility.
Why? Because while many identities reside in central directories, and controls are available in central IAM tools, just as many identities and controls live in the applications themselves. This is the challenge of identity and access management (IAM), how do I manage what I can’t even see? Good news though, one answer is, “ask Orchid.” Here are some examples.
Three Questions Identity Teams Are Now Asking Ask Orchid is the AI agent built into Orchid’s platform for exactly this. It applies identity observability at the source - inside applications, at the binary and configuration layer - and answers natural language questions about the full identity estate. Here are three of the questions security and compliance leaders are bringing to it now. Question 1: “What AI Agents Are Running in Our Environment?” This is the question that most enterprises cannot yet answer — and it may be the most important one to ask.
AI agents are being spun up across business units, embedded in SaaS platforms, integrated via APIs, and built in-house by development teams. Governance processes have not kept pace. Many organizations have no centralized inventory of the agents operating within their environment, let alone visibility into what those agents are doing, what data they are accessing, or what identities they are using to do it. “Ask Orchid addresses this directly.
When asked “What AI agents are running in our environment?” it applies identity observability across every application — examining user accounts, authentication flows, authorization permissions, and runtime activity at the source. The platform does not simply flag agents that are active during a monitoring window. It provides: Automatic discovery of AI agents, including their likely purpose and risk profile Identification of areas where AI agents are confirmed not to be in use, for a complete picture Recommended actions to help establish appropriate oversight For governance, risk, and compliance leaders, this capability represents the difference between managing AI adoption and being managed by it. Question 2: “How Compliant Are We With NIST Identity Requirements Right Now?” For enterprise CISOs, regulatory compliance is a dual obligation — both a legal requirement and a security baseline.
But with application estates constantly evolving, knowing the actual state of NIST compliance, for example, at any given moment has historically required a third-party external audit. “Ask Orchid” changes that equation. When asked directly — “How compliant are we now with the identity requirements of NIST CSF ?” — it examines how identity controls are implemented inside each application, at the binary level, where they are ultimately defined. It then compares what is actually coded against what NIST requires, covering both the established 1.1 framework and the updated 2.0 version.
The output is not a generic scorecard. It includes: A clear view of which controls are properly implemented and where gaps exist Application-level detail, not just platform-level or tool-specific summaries A prioritized remediation roadmap with actionable next steps Rather than waiting for an auditor to reveal vulnerabilities after the fact, CISOs can now assess and address their compliance posture on demand — before the audit, not because of it. Question 3: “Do We Have Static Credentials That Should Be Rotated Immediately?” Static credentials are one of the oldest and most persistent problems in identity security. Service accounts, API access, machine-to-machine tokens, “break glass” credentials — they accumulate across every enterprise, often issued for legitimate reasons and then forgotten.
Left unmanaged, they become one of the highest-value targets for attackers and one of the most common footholds for AI agents exploiting identity dark matter by design. When asked “Do we have static credentials that should be rotated immediately?”, Ask Orchid examines credentials across every application - not just those connected to a central identity provider, but those in the cloud, on-premise, and in local accounts. The response includes: A complete inventory of static credentials across the environment Where they live and why they need to be rotated A risk-tiered prioritization, identifying which credentials pose the most urgent exposure Credential intelligence that used to be invisible is delivered in minutes. The Deeper Problem: Identity Dark Matter Is Accelerating The three scenarios above are not edge cases.
They represent the core challenge facing enterprise security teams today: the identity estate has grown far beyond what traditional IAM platforms were designed to see. Applications authenticate users locally. Service accounts are provisioned and forgotten. AI agents are granted new identities with broad permissions.
The sum of all this unmanaged activity (and more) — identity dark matter — is expanding at a pace that matches, and in many cases exceeds, the rate of AI adoption itself. What makes this particularly difficult is the gap’s structural nature. It is not simply a matter of adding more connectors to an existing IAM platform. The problem is that most identity tooling stops at the login event.
It does not observe what happens inside applications after authentication. How Orchid Security Closes the Gap Orchid Security was built for exactly this environment. It works inside applications, at the source of identity activity, rather than at the perimeter of a centralized IAM system. Through binary analysis and dynamic instrumentation, Orchid inspects native authentication and authorization logic directly within applications — without requiring APIs, source code changes, or lengthy integrations.
- This gives it visibility into the half of enterprise identity activity that falls outside conventional IAM visibility, including every AI agent operating across the estate. Recognized as a Representative Vendor in
- Gartner’s inaugural Market Guide for Guardian Agents
- — described as a vendor “managing the identities/access for AI agents with zero-trust policies and governance” — Orchid delivers what it calls full-spectrum identity authority: from observability to orchestration, across every identity, human and non-human. For agent AI in particular, its approach is grounded in five principles that govern secure AI-agent adoption:
- Human-to-Agent Attribution
- Every AI agent action is linked to a responsible human owner, ensuring accountability for machine-driven activity Comprehensive Activity Audit
- A complete chain of custody is recorded — Agent → Tool/API → Action → Target — enabling compliance reporting and incident response Dynamic, Context-Aware Guardrails
- Access decisions are evaluated continuously, based on real-time context, the sensitivity of the target resource, and the human owner’s entitlements, replacing broad standing privileges with purpose-bound authorization Least Privilege
- Just-in-Time elevation replaces persistent “god-mode” access across AI agents and machine identities Automated Remediation
- Risky behavior triggers automatic responses, including credential rotation and session termination, without requiring manual intervention To learn more, check out Orchid’s platform for guardrails on autonomous identity . Final Thought For security teams asking whether they have ungoverned AI agents in their environment, unrotated credentials sitting in forgotten applications, compliance gaps their last audit missed,Orchid provides the answers — and the remediation path — without waiting for a breach to make them visible.
Enterprise leaders responsible for cybersecurity, identity and access management, and AI agent governance can request access to the Gartner Market Guide for Guardian Agents , compliments of Orchid Security. Gartner does not endorse any vendor, product, or service depicted in its publications. Gartner publications reflect the opinions of Gartner’s research organization and should not be construed as statements of fact. Found this article interesting?
This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.