2026-06-19 AI创业新闻
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth audio SDK that makes it possible to pair a Bluetooth audio device without user consent. Successful exploitation of the flaw could lead to remote escalation of privilege without requiring any additional execution privileges or user interaction. The issue has been addressed in Beats Firmware Update 1B211.
“An attacker within Bluetooth range may be able to listen through the microphone of a device which is not yet paired and actively seeking pair requests,” Apple said in an advisory released this week. Details of the vulnerability first emerged in June 2025 when ERNW GmbH researchers Dennis Heinze and Frieder Steinmetz flagged it alongside two other flaws in Airoha SoCs (CVE-2025-20700 and CVE-2025-20702) at the TROOPERS security conference in Germany. Similar patches were released by Jabra in December 2025. “In most cases, these vulnerabilities allow attackers to fully take over the headphones via Bluetooth.
No authentication or pairing is required,” the researchers noted at the time. “The vulnerabilities can be triggered via Bluetooth BR/EDR or Bluetooth Low Energy (BLE). Being in Bluetooth range is the only precondition. It is possible to read and write the device’s RAM and flash.” “These capabilities also allow attackers to hijack established trust relationships with other devices, such as the phone paired to the headphones.
These capabilities allow for multiple attack scenarios.” New Unpatchable Exploit Discovered in Apple’s A12 and A13 Chips The disclosure comes as Paradigm Shift disclosed a novel iPhone SecureROM (aka BootROM) vulnerability impacting Apple’s A12 and A13 chips, in addition to a proof-of-concept (PoC) exploit codenamed usbliter8 . “The exploit leverages both a hardware bug in the USB controller and a specific configuration flaw present in the device firmware,” the European cybersecurity company said . “As these vulnerabilities reside in immutable code, affected users should be aware that migrating to newer hardware remains the most effective mitigation.” At a high level, the exploit works by leveraging a flaw in the USB controller built into Apple SoCs. The controller uses a memory buffer to store SETUP and OUT packets transmitted at the start of data transfer.
The research found that it’s possible to trigger a buffer underflow primitive by taking advantage of the fact that the controller also accepts smaller packets, effectively allowing for malicious code injection and execution under certain conditions. The problem, Paradigm Shift noted, is likely rooted in the USB controller hardware itself, not in Apple’s software. The A11 chip is not susceptible to the vulnerability, while A12 and A13 are confirmed to be susceptible. “The difference is that the A11 USB driver manually resets the DMA address to its initial value after receiving each packet,” the company said.
“On A12 and A13, USB DART is configured in bypass mode, allowing us to overwrite SRAM data freely. In contrast, A14 and later generations appear to configure the DART correctly in SecureROM, making the vulnerability unexploitable.” The usbliter8 exploit is comparable to checkm8 , the publicly known BootROM exploit of this kind that impacted all iOS devices ranging from iPhone 4s (A5 chip) to iPhone 8 and iPhone X (A11 chip). “The usbliter8 exploit demonstrates that even on more recent SecureROM generations, including those protected by Pointer Authentication , subtle hardware bugs can still be leveraged to achieve full code execution and break the chain of trust,” Paradigm Shift said. “The security of the BootROM is critical: vulnerabilities at this level can compromise the integrity of the entire device.
Although usbliter8 doesn’t affect SEP itself, it opens up wider attack vectors to compromise the Secure Enclave.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network
If an autonomous AI agent interacts with your company’s core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a simple no . The rush to adopt internal AI tools has left a massive trail of administrative debt: orphaned agents (AI tools left running after their creator leaves the company) and standing privileges (AI that retains permanent, unrestricted access it no longer needs). When an employee moves on, the automated tools they built stay active—often keeping unmonitored access to sensitive databases and source code long after the human’s credentials are revoked.
To help security teams bridge this line of accountability, The Hacker News is hosting a technical briefing. Secure your spot today for the live webinar: Orphaned Agents & Standing Privileges: The Hidden Access Risks of Internal AI . Why Existing Security Tools Miss the Signal Traditional access tools treat AI like standard software. But AI does not stay static; it continuously pulls, shifts, and interacts with data on its own.
A standard security filter sees an AI tool pull an entire repository and assumes the application is just doing its job. It cannot see that the employee who originally spun up that tool left the company last week. The system cannot judge whether the action is malicious because it doesn’t know whose identity the agent is borrowing. Trying to secure an AI tool by itself does not work.
Finding these hidden scripts is only half the problem; you still have to map them back to a living owner. Register now to look at the plumbing required to unify human, machine, and AI identities under one control plane. What the Session Covers This technical deep dive skips the AI marketing hype to focus on practical architecture: The identity gap: Why securing an AI tool in isolation fails if you do not know whose credentials it is running on. Finding Shadow AI: A step-by-step walkthrough to track down undocumented tools active on your network right now.
Deployment reality: How to get immediate visibility into enterprise AI use without adding network infrastructure bottlenecks. The developer who built the automation may have left months ago, but the access token hasn’t. Join SailPoint and The Hacker News to learn how to revoke access before an attacker uses it for you. 📅 Save Your Spot Today: Register for the Webinar Here .
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Moses Frost Trains You to Think Like an AI-Armed Attacker - Online in Aug
ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths.
macOS attacks ran in memory and left almost nothing behind. Cloud agents looked like helpers until attackers treated them like open shells. Add exposed edge gear, poisoned packages, cash courier scams, stealers, loaders, and phishing that barely bothers pretending anymore. Here’s the full mess.
DoH lands in Windows Server 2025 Microsoft Makes DoH Generally Available on Windows DNS Server Microsoft has announced that DNS-over-HTTPS (DoH) for Windows DNS Server is generally available on Windows Server 2025 for client-to-server DNS traffic. “With general availability, organizations can now deploy encrypted and authenticated client-to-resolver DNS traffic directly within their existing on-premises DNS infrastructure,” the company said . “The goal is to help improve privacy, reduce spoofing risk, and advance Zero Trust DNS without requiring a new resolver architecture. Enabling DoH on Windows DNS Server introduces encrypted communication for supported clients over HTTPS while preserving compatibility with most existing DNS deployments.
Organizations can expect DoH traffic between DoH clients and Windows DNS Server to be encrypted via TLS, DNS queries to be transported as HTTPS requests, existing DNS functionality to continue operating as expected, and mixed environments, encrypted and traditional DNS, to be supported.” Search hijacks hide monetization layer SearchJack Extensions Monetize Users’ Searches A cluster of 23 deceptive Chrome browser extensions has been found stealthily overriding users’ default search engines and routing queries through monetization middleware before delivering results. “Each extension presents a different advertised purpose - satellite imagery, productivity tools, news readers, maps – while the actual business is search affiliate revenue,” security researcher Jean-Marie R. said . “The campaign spans at least 8 distinct monetization brokers and ~758,000 affected users.
While this might look like simple adware, it is a real security risk. First, it is a massive privacy violation: every search a user makes is sent to anonymous third-party brokers. Second, because the operators control the web traffic, they can easily switch from showing regular search results to injecting phishing links or malicious downloads at any time – all without ever updating the extension code itself.” Fileless macOS ClickFix attack chain macOS ClickFix Lures Deliver AppleScript Stealer and RAT A Russian-speaking attacker has been observed targeting victims mainly in Asia, North America, and Oceania across technology, media, and business services sectors using ClickFix lures to deliver an AppleScript-based infostealer to macOS users. The ClickFix pages masquerade as downloads for a malware scanning utility.
“To evade detection, the entire infection chain, starting from the initial clipboard paste to payload execution, is completely fileless, leaving no static artifacts on disk until persistence is established,” Netskope Threat Labs said . “Victims are socially engineered into executing a curl command that fetches a gzip-compressed stager, which pipes the second-stage AppleScript directly into osascript memory.” The second-stage, codenamed “Meow (DEBUG),” uses a fake system dialog to harvest credentials, browser data, session cookies, and keychain contents. It’s also equipped with capabilities to trojanize legitimate desktop cryptocurrency wallet applications and maintain persistent command-and-control (C2) access, allowing the operator to run arbitrary payloads. Claude chat abuse fuels malware delivery Claude Shared Chats Abused for ClickFix Malvertising Campaign In another ClickFix campaign, threat actors have been spotted weaponizing Anthropic Claude’s shared chat feature , abusing the trust associated with a legitimate domain to deliver the MacSync credential-stealing malware.
“Cybercriminals hijacked Google Ads searches for popular AI developer tools to funnel over 2,000 victims toward malicious download pages before quietly moving their operation onto claude.ai’s own platform, turning the trusted domain into a delivery mechanism for credential-stealing malware,” Trend Micro said . “The Asia-Pacific region bore the brunt of the campaign, accounting for 67.2% of all confirmed victims, with Taiwan alone representing 30.5% of total traffic, a concentration that points to deliberate geographic ad targeting rather than opportunistic spread.” As many as 106 unique malicious hostnames have been identified over a span of seven weeks across six distinct attack waves.Anthropic has since banned the accounts responsible, disabled the malicious shared conversations, and is implementing additional abuse mitigations for its shared chat feature. WhatsApp booking fraud spreads globally WhatsApp Hotel Scams Target Travelers Bitdefender haș warned of an ongoing phishing campaign impersonating hotels, resorts, and accommodation providers across more than 10 countries. “Unlike traditional travel scams that rely on generic phishing emails, this operation uses real booking information, localized messaging, and convincing hotel branding to trick travelers into handing over payment card details,” the Romanian cybersecurity company said .
“Victims receive personalized messages containing names, stay dates, reservation details, and cancellation warnings. The campaign relies exclusively on WhatsApp, with no matching email or SMS infrastructure observed.” Observed languages include English, German, French, Spanish, Romanian, and Polish. Similar campaigns have been reported by Sekoia and Netcraft in the past. AI agent targets vulnerability chaos Amazon Announces AWS Continuum for Vulnerability Management Amazon Web Services (AWS) has announced a new artificial intelligence (AI)-powered security agent called AWS Continuum for code vulnerabilities, as models like Claude Mythos by attackers and defenders accelerate the ability to find and exploit vulnerabilities.
AWS Continuum “addresses the full lifecycle of managing code vulnerabilities at machine speed. It continuously discovers vulnerabilities, validates which are genuinely exploitable, prioritizes them by business context, and helps you remediate them across the full stack within guardrails you define,” AWS said. The tech giant said the agent is model agnostic, and that it uses multiple frontier models where they perform best. AI export controls reshape model access Mythos 5 Restrictions Linked to Korean Telecom Giant In a new report, WIRED said the U.S.
government’s decision to restrict Anthropic’s Claude Fable 5 and Mythos 5 models came after it ordered the AI company to revoke South Korea-based SK Telecom’s access over its alleged ties to China. SD-WAN zero-day scope expands Cisco Updates CVE-2026-20127 Advisory Cisco has updated its February 2026 advisory for CVE-2026-20127 , a critical privilege escalation flaw in Catalyst SD-WAN Controller and Catalyst SD-WAN Manager, to note that the vulnerability also affects Catalyst SD-WAN Validator. The security flaw has been exploited as a zero-day since 2023 by a sophisticated threat actor known as UAT-8616. It allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges on an affected system by sending a crafted request.
AI coding agent trust bypass exposed Code Execution Bypass in Cline Manifold Security has flagged two high-severity local code-execution paths on a developer’s machine via a malicious repository in Cline , an AI coding agent VS Code extension with more than 4.3 million installs. The repository’s content, in turn, tricks the agent into executing attacker-supplied shell commands under the developer’s account, enabling access to credentials, source code, and other sensitive data. “Cline ships an Approve/Deny dialog and a “Safe Commands” auto-approve filter that are supposed to stop exactly this. Both fail,” Ax Sharma, head of research at Manifold Security, said .
“Clicking the URL preview tile to verify where the agent is fetching from runs an OS-level command instead. The Approve/Deny dialog never gates the click. ‘Safe Commands’ doesn’t inspect commands. It asks the AI agent whether its own command is safe, and trusts the answer, even after the same agent has been manipulated by attacker content.” While the findings have been classified as “out of scope,” Cline plans to release fixes in an upcoming release.
HTTP/2 abuse shifts to live reconnaissance Reconnaissance and PoC Validation Target HTTP/2 Bomb Earlier this month, Calif used OpenAI’s Codex to discover an exploit called the HTTP/2 Bomb . Formally tracked as CVE-2026-49975, the vulnerability ironically chains together two features that were expressly designed to save internet bandwidth to help attackers amplify junk traffic by orders of magnitude. Imperva has since reported that attackers in the wild were “running specialized tools designed to map out” vulnerable servers. A working proof-of-concept (PoC) is publicly available.
“Exposure in this set is led by communication services at 24.9% of observed assets, with information technology contributing 18.0% and healthcare close behind at 17.0%,” CyCognito said . Exposed email server becomes phishing hub Threat Actor Abuses Terminal Server as a Phishing Stager Cybersecurity researchers have discovered an “interesting attack” where an unknown actor leveraged a victim’s internet-facing terminal server as a phishing stager. Huntress said it recovered the full staging directory, including a legitimate bulk email software application (Gammadyne Mailer), a project file named dracii.mmp , and six target lists holding 8,894,920 email addresses. “The campaign impersonated the U.K.
pharmacy chain Boots, using a ‘free gift’ survey as a lure,” the company said . “The payload it pointed victims at was hosted on a compromised Bolivian government website, ipelc.gob[.]bo.” The payload is a Boots phishing web page hosted within the /boots_store/ subdirectory that urges users to complete a survey and redeem a free gift by entering their personal and financial information. Bank phishing delivers in-memory stealer Phishing Campaign Targets Banks with Phantom Stealer An active phishing campaign is targeting banks to deliver Phantom Stealer , an infostealer that’s sold under a subscription model for between $70 to $240 by a threat actor operating under the alias Oldphantomoftheopera. “The attack begins with phishing emails containing malicious attachments disguised as business documents,” Fortra said .
“Once executed, the malware runs entirely in memory, helping it evade traditional defenses. “The combination of targeted phishing delivery, advanced evasion techniques, broad credential harvesting capabilities, and a resilient multi-channel exfiltration infrastructure places this threat in the high-severity category.” Phantom Stealer targets major web browsers as well as Discord, Telegram, and Steam. It is also used to steal financial information, cryptocurrency assets, and collect keystrokes, screenshots, and clipboard data. Quantum-safe mandate timeline set France Plans to Stop Certifying Products Without Quantum-Safe Encryption France’s cybersecurity agency ANSSI said it would stop certifying security products that lack quantum-resistant encryption starting from 2027.
It also requires businesses to purchase only quantum-safe products by 2030. State filters .ru email traffic Estonia to Screen Emails Sent From .ru Domain According to local media reports , Estonia plans to implement additional security screening for emails sent from Russia’s .ru top-level domain before they reach government officials, citing heightened cyber risk. The new measures are expected to take effect starting August 31, 2026. Imposter scams hit $3.5B losses Americans Lose $3.5B to Imposter Scams in 2025 The U.S.
Federal Trade Commission (FTC) revealed that Americans lost a staggering $3.5 billion to imposter scams in 2025, with reported losses nearly tripling since 2020. “These scams lured consumers through text, phone, email, social media, search engine results, and other means. Some of the costliest impersonation scams start with a fake security alert, often from a bank,” the FTC said . “People are convinced to move money to ‘protect’ it, with their losses often limited only by their available funds.” In all, about $16 billion has been reported lost in 2025 to all types of fraud.
Conti operator admits ransomware role Ukrainian National Pleads Guilty to Conti Attacks Oleksii Oleksiyovych Lytvynenko, 44, has pleaded guilty to wire fraud conspiracy in connection with Conti, a ransomware variant that infected more than 1,000 computers and networks across the world. “Lytvynenko, of Cork, Ireland, conspired with others to deploy Conti ransomware to extort victims and steal their data,” the U.S. Department of Justice said . “Lytvynenko admitted to joining the Conti conspiracy no later than approximately September 2021.
He admitted to possessing data from eight U.S. and four overseas victims, which had been stolen by Conti conspirators. Lytvynenko further admitted to joining a team run by a Conti conspirator during which time Lytvynenko was directed to work on coding a ‘loader,’ which is typically a type of malware, or malicious software, that is used to load programs necessary to execute other malicious attacks.” As of January 2022, Conti ransomware attacks resulted in at least $150 million in ransom payments. The Ukrainian national was extradited to the U.S.
in October 2025. He is scheduled to be sentenced on September 10, 2026, and faces a maximum penalty of 20 years in prison. Steam wallpapers turn into account theft vector Malicious Wallpapers in Steam Workshop Spread Malware Threat actors are abusing Steam Workshop to spread malware hidden in dozens of wallpaper packages, putting gamers’ accounts at risk. The activity has been active since late 2025.
“The attackers are primarily targeting gamers in China and Russia, aiming to hijack their accounts,” Kaspersky said . “To pull this off, they are exploiting Wallpaper Engine – a popular live wallpaper app available on Steam – specifically leveraging its Workshop sharing feature. The malware is hidden inside the wallpaper packages users share with one another. Running one of these compromised wallpapers can lead to a stolen Steam account or leave the victim’s system infected with backdoors or crypto miners.” Rust C2 framework hits npm supply chain NastyC2 Framework Distributed via npm Packages Three npm packages, node-ci-utils@2.1.4, win-env-setup@3.0.6, macos-ci-utils@1.0.0, have been found to act as droppers for Linux, Windows, and macOS systems to deliver a previously undocumented post-exploitation framework codenamed NastyC2.
“Written entirely in Rust, it implements over 80 commands spanning credential harvesting, Active Directory attacks, container escape, cloud metadata theft, and fileless execution,” Panther said . “The framework is comparable in scope to Cobalt Strike or Sliver, overlapping with both on BOF/COFF execution, reflective DLL loading, multi-technique process injection, AD-native Kerberoasting and DCSync, AMSI/ETW patching, SOCKS5 pivoting, and encrypted sleep.” npm package delivers worm + miner + LPE Malicious npm Package Drops Malware Trifecta A malicious npm package named crypto-javascript@4.2.5 has been observed installing three different payloads, including a supply chain worm that spreads across six build ecosystems (Rust, Cargo, Python, CMake, and npm), a Monero cryptocurrency miner, and an exploit for Dirty Frag , a local privilege escalation (LPE) vulnerability impacting the Linux kernel. “All three run from memory, leaving no named file on disk,” Panther said . “The embedded kernel exploit carries a GCC build timestamp of 2026-04-30 1, seven days before public disclosure of the Dirty Frag vulnerability.” Although ELF timestamps can be forged, the development has raised the possibility that the threat actor may have had access to a working exploit code while details of the flaw were still under wraps.
Multi-stage loader evades analysis chain New OnionDrop Loader Analyzed An active campaign is leveraging a multi-stage loader called OnionDrop to deliver malware families like LegionLoader (aka CurlyGate), CGrabber, and Vidar Stealer. OnionDrop is an advanced piece of malware with extensive defense evasion and anti-analysis features. “The chain starts with a ZIP archive and a legitimate Adobe-signed executable used for DLL side-loading,” Cyderes said . “From there, the malicious DLL walks through four transformation stages: custom byte-pair decoding, Xpress Huffman decompression via RtlDecompressBufferEx, AES-256-CBC decryption with rotating key material, and final shellcode execution through TpPostWork callback abuse inside the Windows Thread Pool.
This is a professionally engineered evasion framework that anyone with access can point at any target.” Courier pickups extend crypto fraud lifecycle Scammers Use Couriers to Collect Cash in Crypto Investment Scams The U.S. Federal Bureau of Investigation (FBI) has warned that scammers are instructing victims, usually senior citizens, to participate in cash pickups after engaging with them online by posing as individuals seeking business or romantic relationships. After establishing a relationship with the victim, the fraudster suggests investing in cryptocurrency and instructs the victim to download certain cryptocurrency trading applications and create investment accounts. “The scammers arrange for couriers to meet the victims in person to retrieve cash for fraudulent investments,” the FBI said .
“Legitimate financial institutions may deny suspicious funds transfers by victims, so scammers inform victims in-person cash pickups are required to continue investing with the fraudulent investment firm or to pay purported fines to withdraw their investments. Alternatively, the fraudulent cryptocurrency exchange may inform victims their account has been ‘flagged,’ allowing the scammer to suggest the use of cash couriers as an alternative.” The dispatched couriers identify themselves using an agreed-upon code or a specific dollar bill serial number. When victims attempt to withdraw their perceived profits, the threat actors force them to pay non-existent taxes and penalties, again using couriers for cash pickups to continue the fraud. Belarus-linked Gmail phishing surge Ghostwriter Targets Polish Gmail Accounts CERT Polska has revealed that the Belarus-aligned Ghostwriter group has been running phishing campaigns targeting Gmail users through bogus messages designed to imitate official Gmail communications and trick recipients into clicking on malicious URLs that harvest their credentials.
“These campaigns are carried out with high intensity, mainly on weekdays,” the agency said . “Notably, they enable the theft of two-factor authentication (2FA) credentials. In recent weeks, our team has observed the use of new domains serving phishing pages almost daily.” The campaign has targeted researchers, journalists, employees of public administration and law enforcement, and individuals connected to these groups through family or social relationships. OAuth device flow abused for account takeover Device Code Phishing Targets Microsoft 365 Accounts ReversingLabs has detailed a Microsoft 365 device code phishing campaign that makes use of Microsoft’s legitimate OAuth 2.0 Device Authorization Grant flow to obtain access to victim accounts.
“The initial email sent to victims uses a lure that appears to be an approval for an estimate sent from a vendor to one of their customers,” security researcher Robert Simmons said . “Rather than stealing passwords through a counterfeit login page, the phishing kit persuades victims to complete a legitimate Microsoft authentication process that authorizes an attacker-controlled device.” Stealer-as-a-service adds refund guarantee New OnyxC2 Stealer Emerges A new information stealer called OnyxC2 is being marketed on underground forums, giving customers access to a web panel and a payload builder. Most importantly, paying users are eligible for refunds if a build gets caught. “For $250 a month, operators get a kit that harvests browser credentials, password managers, two-factor authentication (2FA), and crypto wallets across roughly 210 applications and extensions, then ships it all back over an encrypted channel,” BlackFog said .
“The stealer reaches 37 Chromium-based and 8 Gecko-based browsers, then 95 Chromium and 14 Gecko extensions, including 6 dedicated two-factor authentication extensions. It also covers 5 password managers, 17 cryptocurrency wallets, 11 FTP clients, and 5 email clients, with a further set of VPN, remote access, messaging, note-taking, and gaming targets.” A premium subscription is available for $500 per month. OnyxC2 also goes beyond a traditional steal by incorporating HVNC over a web browser, LSASS dumping, RunPE in memory and on disk, a reverse SOCKS5 proxy, screenshot capture, a keylogger, a file manager, and a reverse shell over HTTP, and a built-in TOR tunnel. AI-themed phishing drops AsyncRAT AI Hype Used as Lure to Deliver AsyncRAT A new campaign has been observed delivering malicious files disguised as AI-related documents in phishing emails to install AsynRAT.
The attachments are distributed in the form of ZIP archives containing a Windows Shortcut (LNK) file that acts as a starting point for a stealthy, multi-stage attack chain. “These lures are designed to target users actively seeking AI-related learning resources,” Fortinet FortiGuard Labs said . “The attack chain behind these files is remarkably complex, using multiple staged scripts to hide activity before ultimately deploying AutoHotkey-based loaders that reflectively inject a .NET remote access trojan [named clay_Client] and AsynRAT into memory for command-and-control communication and follow-on execution.” GCP telemetry gap exposes detection blind spots Security Risks with Google Cloud serviceData Permiso Security said it discovered an “interesting and practically significant inconsistency” associated with serviceData, a field that has been deprecated in favor of metadata for obtaining service-specific information. “If serviceData were cleanly deprecated and services had migrated away from it, one would expect a predictable pattern: events after the deprecation date would stop populating the serviceData field and would start populating the relevant data in metadata instead,” security researcher Art Ukshini said .
However, further testing has uncovered that some events still populate serviceData correctly, while others produce empty serviceData objects. The security company said this unreliable behavior of serviceData translates into a concrete set of security risks that can affect detection coverage, incident response, and compliance, requiring organizations to validate log telemetry end-to-end. Worm weaponizes AI refusal behavior Shai-Hulud Worm Attempts to Defeat AI Guardrails A variant of the Shai-Hulud worm has been found to include an adversarial prompt for “synthesizing weaponized biological agents suitable for aerosol dispersal” with an aim to target AI-powered malware scanners with an aim to trick the model into refusing a response for violating a safety guardrail, as opposed to classifying it as benign. “A refusal is supposed to be the safe outcome,” JFrog said .
“It’s the model declining to do something harmful. Here, the refusal is the attack. If the scanner balks at the top of the file, it never reads the bottom, and the malware ships un-analyzed. Not because the model was fooled into trusting it, but because it was goaded into closing the book.” Risk-based patching gets enforcement layer CISA Asks Organizations to Patch Smarter The U.S.
Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive, BOD 26-04 , that prioritizes security updates for Federal Civilian Executive Branch (FCEB) agencies, requiring them to remediate high-risk vulnerabilities within accelerated timeframes based on internet exposure, presence of a vulnerability in the Known Exploited Vulnerabilities (KEV) catalog, whether exploitation can be automated for large-scale attacks, and if the exploitation can translate to partial or total control of a system. Based on these risk factors, agencies may have to address these flaws within three days. The development is a sign that AI is not only lowering the barrier to exploit development and accelerating vulnerability research, but also allowing attackers to quickly incorporate newly disclosed flaws into their arsenal. “Cyber threat actors exploit unpatched vulnerabilities, and their use of AI may further narrow the time defenders have to react between patch release and possible exploitation,” CISA said .
“These factors provide federal agencies with a comprehensive risk picture to make informed decisions that significantly reduce risk without burdening IT managers with extra processes that do not change outcomes.” The lesson this week is not subtle. Trust is the attack surface now. The browser extension, the AI chat link, the OAuth flow, the coding agent, the package install, and the “known good” cloud helper. Attackers are not always breaking down the door anymore.
They are finding the doors we already propped open for convenience. That means defense has to get less romantic about defaults. Watch the tools users trust, not just the files they download. Audit agents like accounts.
Treat packages like code execution. Treat links from trusted platforms like links, not proof of safety. The internet did not collapse this week. It reminded us that “legitimate” is not the same as safe.
Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2
Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026 with clipboard-intercepting malware with self-spreading capabilities and using the Tor anonymity network to hide communication. “The clipper in this campaign relies on Windows Script Host and ActiveX-driven logic to launch a bundled Tor proxy and poll a hidden-service C2 [command-and-control] server,” the Microsoft Defender Security Research Team said in an analysis published Tuesday. “It carries out high-frequency clipboard theft, screenshot exfiltration, and wallet-address substitution.” “The execution of this clipper is notable because it does not depend on a traditional installer or exposed IP-based C2 infrastructure. Instead, it deploys a portable Tor client, routes traffic through a local SOCKS5 proxy, and blends data theft with remote code execution, turning a financially motivated stealer into a lightweight backdoor.” Clipper malware refers to a type of malicious software that silently monitors a user’s clipboard and intercepts sensitive data pasted into the short-term buffer.
It primarily targets cryptocurrency transactions by substituting wallet address strings that match known blockchain address patterns to reroute them to addresses under their control. The attacks involve distributing a malicious Windows Shortcut (LNK) file via USB storage devices, opening which triggers a worm component that checks is the machine is already infected and only proceeds to fetch the payload from a remote server if it’s not present. A second module deployed is the clipper that harvests and exfiltrates cryptocurrency wallet information. The LNK payload scans the USB device for common document types like DOC, XLSX, and PDF, and if found, hides them and creates new LNK files with the same file names and containing arguments that line to the worm component.
Thus, when an unsuspecting user launches the shortcut thinking they are opening a harmless document, it triggers the execution of the malware. The worm component, besides ensuring propagation to other uncompromised USB drives, deploys scheduled tasks as a form of persistence for both the worm component and the stealer component. The clipper, for its part, uses WScript and ActiveXObject to interact with the operating system, and exits if Task Manager is among the list of actively running processes to evade detection. In the final stage, the malware launches a renamed Tor binary in a hidden window, generates a unique victim identifier, and registers it with the external server.
Once this step is complete, the malware enters a continuous loop, periodically polling the C2 server for instructions while simultaneously monitoring the clipboard about every 500 milliseconds to extract seed phrases and private keys. “It also hijacks cryptocurrency addresses by replacing copied wallet values with attacker-controlled alternatives and uploads screenshots through Tor,” Microsoft said. “If the C2 returns an EVAL response, the malware executes attacker-supplied code at runtime.” The tech giant has recommended that defenders prioritize behavioral detections over static signatures, specifically looking for PowerShell-based screen capture and the use of WScript, CScript, or related script engines for launching curl, cmd.exe, PowerShell, or unexpected executables. Other mitigations include disabling AutoRun/AutoPlay for all removable media, blocking LNK execution from removable drives via Group Policy Objects (GPOs), restricting unnecessary use of wscript.exe or cscript.exe, and review clipboard-related and screen-capture behaviors on devices handling sensitive financial workflows.
Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than 830 victims since August 2023. “The disruption of LockBit and the shutdown of BlackCat created opportunities for INC to expand as affiliates migrated to alternative ransomware operations,” Acronis researcher Darrel Virtusio said . “United States organizations account for more than 65% of listed victims, with legal services, manufacturing, construction, technology and health care among the most targeted sectors.” INC’s Windows and Linux/ESXi encryptors have also been rewritten in Rust to facilitate easier cross-platform development and better resist reverse engineering efforts. Attacks deploying the ransomware are characterized by the use of an updated credential dumper capable of targeting newer Veeam backup deployments that use the salted DPAPI credential encryption.
What’s more, the sale of INC’s Windows and Linux variants on the cybercrime underground in May 2024 has led to the emergence of related ransomware families such as Lynx and Sinobi with “significant code overlap,” even as the brand has continued to evolve. “INC ransomware affiliates utilize a diverse range of tools and techniques in targeting victims,” Acronis said. “In their latest campaigns, they continue to target unpatched edge devices for initial access, dump credentials from Veeam backup servers, and use a mix of LOLBins and commercial RMM tools to move through victim networks.” The overall attack chain adopted by the double extortion crew is as follows - Obtain initial access via a wide range of methods, including spear-phishing, account credentials purchased from IABs, and the exploitation of vulnerabilities in public-facing applications such as Citrix Netscaler ( CVE-2023-3519 and CVE-2025-5777 ), Fortinet EMS ( CVE-2023-48788 ), and SimpleHelp ( CVE-2024-57727 ). Extract sensitive credentials from the compromised environment.
Use living-off-the-land binaries (LOLBins), such as remote desktop protocol (RDP) and PsExec, for lateral movement. Employ the bring your own vulnerable drive ( BYOVD ) technique using filwfp.sys, filnk.sys, fildds.sys to impair system defenses. Drop Cobalt Strike, AnyDesk, ScreenConnect, and TeamViewer for command-and-control. Exfiltrate data of interest using Rclone after staging them as password-protected archives.
Run the encryptor and speed up the process using techniques like multithreading and partial encryption. The payload features a command-line interface that gives the operator more control during hands-on deployments. When it’s executed with the “–esxi” argument, it attempts to shut down virtual machines. The findings show that ransomware groups can find success and scale up by following widely known techniques without having to lean on advanced tradecraft or bespoke tooling, effectively producing a steady stream of victims spanning various geographies and sectors.
Data compiled by ZeroFox shows that INC ransomware emerged as the fourth most prominent ransomware group in Q1 2026 after Qilin (338), Akira (197), and The Gentlemen (192), accounting for over 120 incidents during the time period. “INC continues to strengthen its ransomware operation through Rust-based payload rewrites and continuous toolkit enhancement, while carefully targeting industries such as health care, legal services, professional services, manufacturing, and construction where operational downtime creates strong financial pressure to pay,” Acronis said. “This threat is further amplified because these sectors depend heavily on uninterrupted operations and supply chains, increasing the risk of collateral exposure across vendor networks and downstream partners when breaches occur.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
The Scripts on Your Checkout Page Are Now a PCI DSS Problem
An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their browser is running far more than your code. Analytics tags, a tag manager, a support widget, a payment iframe: a modern checkout loads dozens of third-party scripts, and any one of them can be turned into a skimmer. This is how Magecart works.
Sansec has counted more than 100,000 sites hit by web skimming and supply-chain attacks. The 2018 British Airways breach alone exposed 380,000 transactions and a fine that started at £183 million. The dangerous part: the malicious code usually arrives through a script you already approved. Attackers compromise a third-party vendor, and the payload rides in on a script you have run for months.
Nothing looks new. What changed is the script’s behavior, not its presence on the page. PCI DSS v4.0.1 closes that gap with two requirements, now fully in force. 6.4.3 says to inventory every payment-page script, authorize it, and prove its integrity.
11.6.1 says to detect tampering with page content and HTTP headers as the browser receives them. Done by hand, across hundreds of scripts that change constantly, this does not scale. Reflectiz data shows roughly 30% of payment-page scripts change within any two-week window. What the QSA Found Integrity360 Europe, a PCI Qualified Security Assessor and member of the PCI SSC Global Executive Assessor Roundtable, reviewed the Reflectiz PCI DSS Platform against both requirements and found it can effectively support compliance.
Three things stood out: It watches behavior, not just file hashes. A hash check misses a silent vendor-side swap. Reflectiz catches the script the moment it starts reaching for card data. It deploys agentless.
No code changes, no snippets, live in days, and it keeps working through refactors and CMS migrations. It produces QSA-ready evidence in one click. Full audit trail per page, ready for assessment. The SAQ A Catch Since January 2025, merchants can drop 6.4.3 and 11.6.1 from SAQ A only if they confirm their site is not susceptible to script attacks.
Full redirect to your processor? You are likely fine. Embed a payment iframe? A script on the parent page can still hijack the checkout before data reaches the secure frame, and you have to prove it cannot.
PCI SSC FAQ #1588 points straight back to these same controls. Get the Full Assessment The complete Integrity360 Europe white paper breaks down both requirements line by line, the monitoring workflow, and exactly what SAQ A now demands of iframe merchants. Download the white paper → Found this article interesting? This article is a contributed piece from one of our valued partners.
Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic
Threat actors associated with the DragonForce ransomware have been observed using a custom Go-based remote access trojan (RAT) called Backdoor.Turn to conceal command-and-control (C2) traffic inside Microsoft Teams relay infrastructure. According to findings from Broadcom-owned Symantec and Carbon Black, the backdoor was deployed against a major U.S. services firm. The name of the company was not disclosed.
“Backdoor.Turn obtains an anonymous Teams visitor token from Microsoft’s Skype-backed identity services, uses a legitimate Microsoft TURN relay to set up the connection, and then runs a QUIC session to the attacker’s real command-and-control (C2) server,” the Threat Hunter Team said in a report shared with The Hacker News. “To network defenders, the only traffic they could see was outbound connections to legitimate Microsoft Teams servers. The attackers were on the victim network for between one and two months.” The development marks the first publicly documented instance of the threat actors abusing Microsoft’s Traversal Using Relays around NAT ( TURN ) relay infrastructure. It’s suspected the threat actor obtained initial access by exploiting a vulnerability in either an SQL or MS-SQL server, although the exact nature of the flaw is unknown.
It’s also possible that the access was acquired from an initial access broker (IAB). Initial malicious activity on the victim network began in December 2025, with the attackers running a PowerShell command to drop a ZIP archive under the pretext of a tech support hotfix. The ZIP file responsible for launching a DLL side-loading attack, which then runs a rogue DLL to conduct reconnaissance, set up persistence, and silence security software using a Huawei driver (“HWAuidoOs2Ec.sys”). This is achieved by means of an attack technique called bring your own vulnerable driver (BYOVD) technique.
The driver has been put to use in a large-scale malvertising campaign targeting U.S.-based individuals searching for tax-related documents, although this is said to have taken place after the ransomware incident. Some of the other drivers used for this purpose are listed below - wsftprm.sys ( CVE-2023-52271 ) GameDriverX64.sys ( CVE-2025-61155 ) K7RKScan.sys ( CVE-2025-1055 ) ABYSSWORKER , a custom-built malicious driver previously observed in Medusa ransomware attacks What’s notable about the attack is the execution of Backdoor.Turn by injecting it into the legitimate “DbgView64.exe” process after the DragonForce ransomware has been deployed. This suggests an attempt to maintain continued access to the compromised host for later attacks or reselling it for profit. Backdoor.Turn’s underlying TURN-based mechanism leans on a stealthy C2 communication technique called Ghost Calls that was documented by Praetorian in August 2024.
The backdoor supports a wide range of capabilities, including command execution, process creation, network scanning, LDAP and Active Directory search, credential-based lateral movement, and browser credential theft. “The backdoor requests a visitor token from the Microsoft Teams/Skype backend, uses that token to interact with Teams-associated infrastructure (TURN relay), and then establishes outbound connectivity,” Symantec and Carbon Black explained. “It obtains a Teams visitor (anonymous) authentication token backed by Skype identity services. It then uses a legitimate Microsoft server as the TURN relay server during connection setup.
After relay-assisted setup, the malware establishes a direct QUIC session to the C&C server, which is malicious.” The findings paint a picture of a hacking group leaning on sophisticated cyber tradecraft to pull off high-impacted targeted attacks, while leaving victims in the dark about covert data exfiltration. This is particularly significant as Hackledorb, the threat actor behind DragonForce, has pivoted from a conventional ransomware-as-a-service (RaaS) model to a highly organized, formalized cartel structure. “The operational timeline reveals a pattern of continuous capability development, with the adoption of highly advanced techniques becoming a hallmark of their post-2025 activity,” the company said. “The deployment of Backdoor.Turn, combined with their multi-vector BYOVD evasion, marks them as one of the most capable and persistent ransomware groups operating today.” Found this article interesting?
Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threat actor also has at their disposal a dedicated WordPress phishing page that acts as the central hub, alongside GitHub and SourceForge projects promoted by fake accounts, a YouTube channel, and a cluster of accounts that engage in coordinated activity on VirusTotal with the intent to misclassify malicious files as safe. “To push a malicious ‘tool,’ a single threat actor borrowed the same playbook legitimate brands use to build buzz: inflated download counts, coordinated five-star reviews, influencer-style tutorial videos, and promotion on platforms people instinctively trust,” Check Point said in a report shared with The Hacker News. “The result is a fake reputation economy spanning every platform a curious victim might check before they click ‘download.’” The end goal of the campaign is to push a cryptocurrency clipboard hijacker that’s concealed within Solana and Pump.fun sniper bots and crash-game predictors, suggesting that cryptocurrency asset holders and online gamblers on the hunt for shortcuts and quick profits are the targets.
The Rust-based clipper targets both Windows and macOS systems, and continuously monitors the clipboard for content that matches a cryptocurrency wallet address pattern. When a match is found, the malware substitutes the wallet address with an attacker-controlled address pulled from a hard-coded list, effectively routing the digital assets to them. What’s notable about the activity is the use of Ghost Networks to poison reputation-driven systems like VirusTotal, aiming to reduce suspicion and increase victims’ trust in the malicious files through a combination of upvotes and highly positive comments. This behavior also extends to GitHub, where the threat actor operates at least six GitHub accounts to cross-promote and distribute their malware.
These synthetically boosted signals are designed to lull users into a false sense of security and trust. One such repository has 146 stars and 62 forks. “On SourceForge, the download counter reached 44,485, with a suspicious 37,460 supposedly originating from Android devices, despite the developer only offering Windows and macOS versions,” Check Point explained. “A plausible explanation is the use of an Android farm to artificially inflate the download count on SourceForge.” Furthermore, the software solutions are promoted through a dedicated YouTube channel with over 91,000 subscribers.
The channel was created in July 2020, with the operators claiming that it’s “strictly for educational purposes only.” The tutorial-style videos feature AI‑generated narrators and positive comments to reinforce the illusion of popularity and trustworthiness. Perhaps the most unusual aspect of the campaign is the threat actor’s use of a press release distribution service like EIN Presswire to market their tool’s purported capabilities. The press release has since been syndicated across the service’s partner news websites , primarily the USA TODAY Network. “Manipulating sentiment and reputation across crowd-sourced platforms marks a meaningful shift in how attackers build trust,” Check Point said.
“The same playbook of fake reputation and aggressive cross-platform promotion can easily distribute information stealers or ransomware to higher-value targets over time.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it’s working to release a patch to address a Defender zero-day codenamed RoguePlanet . The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw. “Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender, publicly referred to as ‘RoguePlanet,’” the company said. “We are working to provide a high-quality security update that addresses this vulnerability.” The development comes nearly a week after a security researcher named Chaotic Eclipse (aka Nightmare-Eclipse) released RoguePlanet, calling the exploit a case of a race condition that grants attackers a shell with SYSTEM-level privileges.
- “The exploit is a race condition, so it’s a hit or miss,” the researcher noted. “I have managed to get a 100% success rate on some machines while it struggled to work on others.”
- In an update shared Tuesday, the researcher
- added
- “I forgot to add one thing, surprisingly, the PoC for RoguePlanet works regardless if real-time protection is on or not, which is hilarious. I think it even works in the case of passive mode, but not really sure, haven’t tested that.” Microsoft told The Hacker News last week that it’s aware of the reported vulnerability and that it’s “actively investigating the validity and potential applicability of these claims.” RoguePlanet is the fourth Defender vulnerability disclosed by Chaotic Eclipse after BlueHammer (CVE-2026-33825), UnDefend (CVE-2026-45498), and RedSun (CVE-2026-41091), all of which have since been patched by Microsoft. Found this article interesting?
Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim’s machine, building a way back in that did not run through the C2 at all. When the Havoc server went offline the next day, his access did not.
Eighteen days later, the C2 came back, his agents reconnected on their own, and he carried on. Cato Networks captured the whole operation command by command, 339 of them over 33 days, after the operator left his SSH keys and a step-by-step playbook in an open storage bucket. The write-up, published Tuesday by Cato CTRL researcher Vitaly Simonovich, is a rare view of an intrusion from the operator’s keyboard rather than the forensic leftovers. Researchers’ lesson is blunt: pulling a C2 server offline is not remediation if the attacker has already built a separate door.
The actor, handle “Poisson,” is not an APT. Researchers describe a junior operator on what looks like a school schedule, active after 3 p.m. CET with a long midday gap, all of it running on free-tier kit: DuckDNS, Backblaze B2, and a cheap IONOS VPS in Berlin. His tradecraft was thin.
He leaked his home directory five times, named his storage buckets after his own handle, and left a test file of his own keystrokes typed over and over inside the keylogger package. He failed at roughly half of what he tried. He compromised four machines anyway. The chain The malware ran almost entirely in memory.
A VBScript stager with a sandbox-evasion delay decrypted a PowerShell loader, which pulled down a .NET loader that ran Havoc’s Demon agent without dropping the implant to disk. For elevation, he used Start-Process -Verb RunAs, which is not a silent UAC bypass. It pops the Windows consent prompt and waits for someone to click Yes. On one victim, it took a dozen tries across two days.
After that came the nailing-down: a scheduled task running at every logon with highest privileges, shellcode injected into Explorer.exe, and a custom-built RustDesk as a backup channel. The credential grabber was a 70-line Python keylogger that wrote keystrokes to a local file, with no beacon and no exfil server. Poisson just logged in, grabbed the file by hand, and ran powercfg to keep the machines from sleeping, so harvesting never paused. The move that matters On April 7, in a five-hour overnight session, he installed OpenSSH Server and Tailscale, joined the victim’s machine to his private Tailscale network, and set up key-based SSH and a reverse tunnel.
Now he could reach the machine over Tailscale’s encrypted mesh with no C2 and no exposed ports. The next day, the Havoc infrastructure went offline. Cato does not say why, and it barely matters: the Tailscale path sat on a separate network, so the access lived. When the C2 returned on April 26, the agents reconnected automatically, no re-compromise required.
Over the final five days, he ran 145 more commands, probed smart-card and certificate stores (a sign he was eyeing certificate-based logins), ran two unexplained executables from a file named Thales.zip for about 32 minutes total, then deleted 17 files and went quiet on May 1. What he wanted was narrow. No Mimikatz, no lateral movement, no ransomware, and no sign he took the documents he browsed, from tax records to insurance. Just what people type: banking logins, email passwords, government portals.
For a small business owner, that is direct financial exposure. None of the tools is new, which is the point. China’s APT31 used Tailscale through 2024 and 2025 to tunnel quietly out of Russian IT firms, Scattered Spider has leaned on legitimate remote-access tools like Ngrok and Fleetdeck, and RustDesk, Poisson’s backup channel, turns up in recent Akira ransomware intrusions. The binaries are signed and legitimate, so detection that stops at bad files, not bad behavior, misses them.
What Poisson adds is command-level proof that the trick outlives a takedown, run by someone clearly still learning. What to watch Cato’s hunting list is concrete: Alert when OpenSSH Server installs on a Windows workstation, which is rarely legitimate. Watch for tailscale.exe on machines that have no reason to run a VPN. Look for ssh -R reverse tunnels heading to outside hosts.
Check for wscript.exe running .vbs files out of user staging folders. Flag scheduled tasks set to the highest privileges that launch script interpreters. Watch for powercfg standby-timeout changes that keep machines awake. Block DuckDNS.
The bigger one: when you find a C2, assume it is not the only way in, and go hunting for the quiet persistence layer behind it. What was in Thales.zip, and what those two programs did in their 32 minutes on the machine, is the question Cato leaves open. The answer that matters more: the C2 was never the intrusion, just one way into it. Kill it and leave OpenSSH, Tailscale, the scheduled task, and the keylogger running, and the attacker still has a way back in.
That is the part remediation keeps missing. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.
Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It’s validation. Security teams must decide which findings warrant action while operating under constant pressure and incomplete information.
Increasingly, the challenge is not discovering potential risks. It is determining which risks deserve attention first. Visibility Got Us Here. Validation Moves Us Forward.
The security industry has spent the better part of a decade improving visibility. Vulnerability scanners, cloud security posture tools, endpoint detection, attack surface platforms, code analysis, and threat intelligence feeds all contribute to a more complete understanding of the attack surface. The investment has been enormous, and it has largely worked. Modern enterprises can see their environments in ways that would have seemed remarkable ten years ago.
Yet improved visibility has not automatically translated into improved outcomes. The 2025 Verizon Data Breach Investigations Report highlights a persistent reality: exploitation of vulnerabilities is a leading initial access vector, while remediation timelines are often measured in days, weeks, or even years. Organizations are discovering more, but they are also being asked to evaluate and prioritize more. Whether findings originate from automated tools, attack surface monitoring, or penetration testing services , security teams still face the same question: Which risks deserve attention first?
That evolution has created a new challenge. Success increasingly depends on how quickly teams can determine which findings represent meaningful risk. From Detection to Decision Every new finding competes with every existing finding for a finite pool of attention, resources, and remediation capacity. In many cases, security teams have more visibility than ever before.
The challenge is understanding which findings represent meaningful, exploitable risk and which ones can be addressed over time. Those are two very different exercises. One is a detection problem. The other is a validation problem.
Organizations that excel at prioritization are not necessarily the ones with the fewest vulnerabilities. They are the ones who can consistently distinguish between theoretical exposure and practical risk. That ability allows them to focus resources where they will have the greatest impact. When every finding is presented as urgent, prioritization becomes more difficult.
Teams often find themselves balancing competing demands while trying to determine where action will make the biggest difference. The result is a lack of context. Context Is What Converts a Vulnerability into a Decision A vulnerability on its own provides only part of the picture. Security teams need to understand whether it is reachable, whether it can realistically be exploited, what systems sit downstream, and what business processes could be affected.
The answers to those questions determine whether a finding represents a routine issue or a priority that demands immediate attention. The organizations making the greatest progress in risk reduction are not necessarily collecting more data, but rather, they are building better ways to interpret it by creating workflows that connect technical findings to operational and business impact. This allows teams to make decisions with greater speed and confidence. Adversarial Exposure Validation Turns Context into Confidence This need for context is one reason Adversarial Exposure Validation (AEV) gained momentum within modern security programs.
As a core component of Continuous Threat Exposure Management (CTEM), AEV moves beyond identifying potential weaknesses and focuses on validating which exposures represent realistic risk. Unlike traditional assessment approaches that primarily surface findings, AEV evaluates how an attacker could interact with an environment. It uses adversary simulation to test security controls, attack paths, and response readiness while selectively incorporating adversary emulation techniques when deeper validation is required. The objective is not to generate more alerts.
It is to determine which exposures are actually reachable, exploitable, and consequential in the context of the organization’s environment. Security teams do not need additional evidence that vulnerabilities exist. They need confidence in understanding which vulnerabilities create meaningful business risk. By validating exposures through realistic attack scenarios, AEV helps transform findings into actionable priorities, enabling organizations to focus remediation efforts where they matter most.
Where AI Fits, and Where It Doesn’t This is also where the conversation about AI belongs. Automation provides tremendous value in discovery, scale, and signal processing across environments that are far too large for manual review alone. It can help organizations identify patterns, surface potential exposures, and accelerate analysis. What it cannot do on its own is solve a judgment problem.
The questions that matter most in security prioritization require an understanding of business context, risk tolerance, operational dependencies, and adversary behavior. Those inputs extend beyond what scanners and algorithms can observe. They require human expertise, organizational knowledge, and informed decision-making from experienced offensive security experts. AI can accelerate security operations, but confidence still comes from human accountability.
The Shift from Visibility to Validation Is Already Happening Many mature security programs have already begun making this shift. Conversations across the CISO community increasingly focus on exploitability, attack paths, and demonstrated exposure rather than raw finding counts. The goal is not simply to discover vulnerabilities. It is to understand which vulnerabilities create meaningful risk and require action.
That shift is as much about culture and process as it is about technology. Organizations leading the way have built workflows that ensure context accompanies findings before decisions are made. They have defined what exploitable means within their own environments. They have connected technical risk to business impact in language that resonates across leadership teams.
None of that requires a specific tool. It requires a different way of thinking about what security programs are designed to achieve. Confidence Is a Security Capability Worth Building The next phase of security maturity will not belong to organizations that discover the most vulnerabilities. For most enterprises, visibility is already well established.
What will distinguish leading security programs is their ability to turn visibility into confident action quickly, consistently, and at a pace that keeps up with an evolving threat landscape. Confidence is not a soft concept. It is an operational capability. It enables teams to prioritize effectively, communicate risk clearly, and invest resources where they can reduce the most exposure.
In an era defined by AI, automation, and an ever-expanding volume of findings, confidence may be one of the most important security capabilities that humans can bring. About BreachLock BreachLock is a global leader in offensive security, delivering scalable and continuous security testing. Trusted by global enterprises, BreachLock provides human-led and AI-powered attack surface management, penetration testing, red teaming, and adversarial exposure validation (AEV) services that help security teams stay ahead of adversaries. With a mission to make proactive security the new standard, BreachLock is shaping the future of cybersecurity through automation, data-driven intelligence, and expert-driven execution.
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.