DAILY WORKFLOW ARCHIVE

2026-06-30 AI创业新闻

候选线索仅供信息发现,请在引用或实践前回到原始来源核验。

2026-06-30 AI创业新闻

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that could be abused to take over susceptible instances. “Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments,” according to a description of the flaw in the NIST National Vulnerability Database (NVD). “Successful attacks of this vulnerability can result in the takeover of Oracle Payments.” The shortcoming impacts versions from 12.2.3 through 12.2.15.

Patches for the flaw were shipped by Oracle as part of its Critical Security Patch Update last month. CVE-2026-46817 has since come under active exploitation, with Defused Cyber noting on Monday that “over the weekend, we observed an actor exploiting the vulnerability on our Oracle E-Business honeypots,” adding “this vulnerability has no known previous exploitation and no public PoC [proof-of-concept] code exists.” That said, there are currently no details available on how the security flaw is being exploited, who is behind them, and if it’s part of a broader opportunistic or targeted campaign aimed at unpatched systems. Late last year, another critical flaw in the same product ( CVE-2025-61882 , CVSS score: 9.8) was weaponized by threat actors linked to the Cl0p ransomware operation, with early attacks launched as far back as August 2025. Earlier this month, the company addressed a critical missing authentication zero-day vulnerability in PeopleSoft Suite ( CVE-2026-35273 , CVSS score: 9.8) that was actively exploited in ShinyHunters data theft and extortion attacks.

Automaker Nissan has since acknowledged that it was among those impacted, stating it was the victim of a break-in that involved the exploitation of the PeopleSoft flaw, potentially exposing payroll records, bank details, Social Security numbers, and other personal and financial data belong to its employees in the U.S., Canada, Mexico, and Brazil. “What stood out was that CVE-2026-35273 isn’t just another trivial, easy-to-exploit single-request vulnerability,” Jake Knott, principal security researcher at watchTowr, said in a statement. “The attack chain is considerably more involved, combining multiple vulnerabilities to plant a malicious file that doesn’t execute immediately but waits until the server restarts.” “Where we would normally see simple bugs, this is a chain of multiple vulnerabilities, suggestive of a threat actor with genuine knowledge of and familiarity with the underlying codebase, and the ability to develop targeted capabilities against it.” Knott also pointed out that threat actors are exploiting vulnerabilities faster than ever before, urging organizations to  assume compromise and activate incident response processes to determine whether access was obtained before patches were applied, what was accessed, and whether persistence was established. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real results. Microsoft says Google removed it from the store after responsible disclosure. The extension was called “Search for perplexity ai” (ID flkebkiofojicogddingbdmcmkpbplcd) and used a look-alike domain, perplexity-ai[.]online, to pass for the real service at perplexity.ai.

Microsoft’s Defender research team says the point was to intercept searches and collect data. It found no proof of password theft, but far more access than a search box should ever need. Once installed, the extension sets itself as the browser’s default search engine. When you searched, the query went first to perplexity-ai[.]online, where the attacker’s server logged it with your browser headers, IP address, and user agent.

A rule then bounced you to a real search engine (Perplexity, Google, or Bing), so the results looked normal. The theft happened on that first stop, before the redirect. The address bar made it worse. The extension also pointed the browser’s live search suggestions (the suggest_url) to the same attacker domain.

So your input went to the attacker’s server before you pressed Enter. Not just finished searches, but every character as you typed it. Chrome permits search-provider overrides , and legitimate extensions use them. Rewriting and redirecting your traffic is the part a search box has no business doing.

This one asked for the declarativeNetRequest family of permissions to do exactly that, then shipped server-side code that logged every request. Microsoft calls that proof the collection was deliberate, not a side effect of the redirect. The extension also shipped disabled redirect rules for Google and Bing, so the same setup could be switched on for those engines too. It even left room to run WebAssembly code later, which a simple search tool has no reason to do.

This fits a steady run of malicious extensions that hide behind AI branding. Some swap the default search engine to capture what you type . Others hijack the search provider or skim ChatGPT and DeepSeek chats . Microsoft’s own research tied that chat-skimming wave to roughly 900,000 installs across more than 20,000 company networks.

The difference here is the target: not your AI chats, but your searches and the characters you type into the address bar, collected through Chrome’s own extension machinery. If you installed “Search for perplexity ai,” remove it and check that your default search engine has not been changed. For teams, Microsoft suggests the basics: Allow only approved extensions through the browser or company policy. Watch for changed search settings, strange extension permissions, and traffic to unfamiliar domains.

Treat AI-branded tools with extra suspicion, and check the publisher and domain before installing. No one has been named as the operator, and Microsoft did not say how many people installed it before the takedown. The AI branding got the install. The search override did the collecting.

Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform. The optional feature is designed to help users connect with someone on the service through usernames, as opposed to directly sharing their phone numbers. Username reservations will start rolling out starting today, enabling users to create and reserve a username before the feature becomes generally available later this year. “You choose your own, and it doesn’t have to match your handle on any other app,” the Meta-owned messaging app said in a statement shared with The Hacker News ahead of publication.

“At its core, it’s a privacy feature, not a social media handle – there’s no directory to browse and no suggestions, so people need to know your exact username to contact you for the first time.” As it goes without saying, choosing a username should be unique and can be anywhere between three and 35 characters. WhatsApp said it will provide a username generator to assist users with picking one. That said, certain usernames are reserved for businesses, governments, public figures, and can’t be claimed by others. Users also have the option to set up a username key for an extra layer of protection, which requires someone to know it the first time when they attempt to contact them.

A Meta spokesperson told The Hacker News that username keys provide an extra layer of protection by letting users control who can reach them on WhatsApp with their username. “Others will need to know not only your exact username but also your key to message you for the first time with your username,” the spokesperson said. “You can reset your key at any time to cut off new inbound contact.” Content creators, small businesses, and organizations that may want to maintain a consistent online presence across platforms can choose to claim their existing Instagram or Facebook username on WhatsApp. The major benefit of this change is that once it’s enabled, other accounts can no longer view or access a user’s phone number.

Users can reserve a username by navigating to: Settings > Account > Username. “We’ll be rolling out usernames gradually over the coming months and will notify you in WhatsApp when they’re available in your country,” WhatsApp said. The development comes more than two years after Signal announced a username feature in its messaging app as a way to shield phone numbers from others. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active compromises inside Indian government networks, including machines used by senior administrative staff, and worked with CERT-In on notification and cleanup. The malware abuses Zoho WorkDrive , a cloud storage platform common in India’s government sector, to pass commands and exfiltrate data. That is the whole idea: the traffic looks like ordinary cloud activity, so it hides inside the network it is stealing from.

Acronis names three new tools. SHARDLOADER is a loader that runs by sideloading a malicious DLL through a legitimately signed binary, a Solid PDF Creator executable in one campaign, and a Citrix Receiver binary in the other. It deploys one of two implants. MINIRECON is a reworked variant of the Toneshell backdoor documented by IBM X-Force , now beaconing over a WebSocket connection on HTTPS.

ZOHOMURK is the novel piece: it carries hardcoded Zoho OAuth credentials and uses them to run an attacker-controlled WorkDrive account as a dead drop, reading commands from an inbox folder and writing stolen output to an outbox. Both campaigns arrive as ZIP archives with the malicious DLL marked hidden. Acronis believes they were delivered by spear-phishing. The lures fit the targets: one themed around a hydropower cooperation proposal, the other around a memorandum of understanding between Indian and Taiwanese institutions.

Per Acronis, the goal is intelligence on India’s hydropower plans and its defense ties with Taiwan. Acronis attributes the activity to Mustang Panda with high confidence. The report includes the reused Solid PDF Creator sideloading chain, code overlap with Toneshell, command servers sitting in the same network block as infrastructure IBM X-Force tied to the group, and a recurring typo, RunOnece, carried across multiple implants. Operational security was thin.

Hardcoded tokens, plaintext identifiers, and reused infrastructure all helped analysts pin it down. Active beaconing ran from June 12 to June 22, 2026. This continues a steady push against Indian targets. In April, Acronis tied the group’s LOTUSLITE backdoor to attacks on India’s banking sector and South Korean policy circles, also staged through a legitimate cloud service.

The broader China-linked interest in India’s power sector goes back further: the 2021 RedEcho campaign targeted the country’s electricity grid with ShadowPad. There is no patch to apply. The defense is catching the delivery and the cloud abuse. Acronis published indicators and hunting tips, including the persistence Run keys, a scheduled task named SolidPDFPcl2Bmp, the C2 domain couldinstallup[.]com, and the Zoho user agents that turn up on non-browser processes.

Government and energy organizations, especially those tied to cross-border deals likely to interest Beijing, should watch for geopolitical lures and sideloading from signed binaries. And flag any endpoint process calling cloud APIs that it has no reason to touch. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More

This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open. The noise is not all noise, either. Forums are talking, researchers are finding easy cracks, and defenders have more cleanup waiting.

Here’s the full Monday recap. ⚡ Threat of the Week New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets — Cybersecurity researchers detailed a new variant of the Dirty Frag Linux kernel flaw. Called DirtyClone (aka CVE-2026-43503), it allows local users to gain root privileges via cloned packets. The exploit works successfully on Debian, Ubuntu, and Fedora systems with default namespace configurations.

“Any local user on a server or device running a vulnerable kernel who holds or can acquire the CAP_NET_ADMIN capability (frequently obtainable via unprivileged user namespaces) [is exploitable],” JFrog said. “This poses the highest risk to multi-tenant cloud environments, Kubernetes clusters, and containerized workloads where user namespaces are enabled, or privileged containers are deployed.” Building Securely with AI: Takeaways from Chainguard Innovation Week Reactive network operations slow teams down and increase business risk. Join Tines and Netskope to discover a practical five-step framework for improving visibility, accelerating response, and creating secure, reliable operations across modern hybrid environments. Explore Innovation Week ➝ 🔔 Top News Critical PTC Windchill PDMlink and PTC FlexPLM Flaw Exploited — A critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software has come under active exploitation in the wild to deploy JSP web shells on susceptible systems.

The vulnerability, tracked as CVE-2026-12569, is a case of improper input validation that could allow an attacker to execute arbitrary code by sending a malicious request to the network. Patches for the vulnerability have been released. OpenAI Previews GPT-5.6 Sol, Terra, and Luna — OpenAI officially unveiled GPT-5.6 Sol, Terra, and Luna, with Sol described as the most capable model yet for cybersecurity. The models are being released in a staggered manner with approval from the U.S.

government. The release came days after the company released an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative and launched a new project called Patch the Planet in collaboration with Trail of Bits to help secure open-source projects. OpenAI has also warned about the dual-use nature of the technology, acknowledging that the same capability that helps a red teamer find a zero-day can also assist a bad actor in exploiting one, and that it will prioritize patching jailbreak techniques against the model. In addition, it has framed the effort as getting the tools in the hands of more defenders before attackers gain the same edge.

Much of the concern surrounding the frontier models stems from the fact that artificial intelligence can now identify existing bugs within codebases and work towards creating exploits for them. While the automation of cybercrime is not new, these tools undoubtedly have the potential to further lower the barrier to entry for bad actors. New Gaslight macOS Malware Discovered — A newly discovered macOS malware dubbed Gaslight is designed to confuse AI-assisted malware analysis tools through embedded prompt injection strings and fake debugging data within the executable. With cybersecurity researchers using AI-powered tools to assist with malware analysis and reverse engineering, the malware attempts to gaslight such tools into thinking there is some issue, potentially causing them to abort, truncate, or refuse an analysis of the artifact.

Gaslight has been attributed with high confidence to a North Korean-linked threat actor. The malware itself is a Rust binary with backdoor and information-stealing functionality, enabling the operator to gain a persistent foothold over the infected host. The findings highlight how threat actors are experimenting with anti-analysis methods designed specifically to bypass AI-assisted security platforms. Turla Uses STOCKSTAY Backdoor in Ukraine Attacks — The Russian state-sponsored threat actor known as Turla has leveraged a previously undocumented .NET backdoor called STOCKSTAY in attacks targeting government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy.

STOCKSTAY shares significant code and functional overlaps with Kazuar, a staple implant put to use by the adversary since 2017. Suspected development activity of malware dates back to December 2022. Amadey, StealC Malware Operations Disrupted in Operation Endgame — A coordinated law enforcement operation, in partnership with private sector companies, dismantled criminal infrastructure powering Amadey and StealC. According to Europol, the operation led to the disruption of 326 servers and 142 domains, the identification of more than €41 million ($47 million) in cryptocurrency linked to criminal activity, and the recovery of approximately 27 million credentials stolen from over 385k compromised systems.

Amadey and StealC are sold to cybercriminals under a malware-as-a-service (MaaS) model. Microsoft said criminals use Amadey to gain an initial foothold on victim devices to deploy additional malware, such as StealC, which then steals credentials, cryptocurrency wallets, and other sensitive information that can later be sold or leveraged in follow-on attacks. The two malware families were linked to more than 140,000 infected devices during the first two weeks of May 2026 alone. That said, no arrests were announced as part of the operation.

‎️‍🔥 Trending CVEs Bugs drop weekly, and the gap between a patch and an exploit is shrinking fast. These are the heavy hitters for the week: high-severity, widely used, or already being poked at in the wild. Check the list, patch what you have, and hit the ones marked urgent first — CVE-2026-47729 aka Squidbleed (Squid), CVE-2026-12957 (Amazon Q Developer), CVE-2026-12569 (PTC Windchill PDMlink and PTC FlexPLM), CVE-2026-43503 aka DirtyClone, CVE-2026-46331 aka pedit COW (Linux Kernel), CVE-2026-30040, CVE-2026-30041 (FastStone Image Viewer), CVE-2026-45585 (Microsoft WinRE), CVE-2026-8461 aka PixelSmash (FFmpeg), CVE-2026-55200 (libssh2), CVE‑2026‑20971 (Samsung KNOX kernel), CVE-2026-10086, CVE-2026-10712, CVE-2026-12053 (GitLab CE and EE), CVE-2026-13028, CVE-2026-13032, CVE-2026-13033, CVE-2026-13038 (Google Chrome), CVE-2026-53605 (Reachy Mini Wireless image), CVE-2026-13136, CVE-2025-15660, CVE-2026-13135 (Synology MailPlus Server), CVE-2026-11374 (ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus and ADAudit Plus), and a critical Infoblox NIOS privilege escalation vulnerability (no CVE). 🎥 Cybersecurity Webinars Stop AI-Driven Cyberattacks Before They Stop Your Business → Hackers are now using AI to launch cyberattacks at machine speed.

If your defenses are built for human-speed threats, you are at risk. Join this webinar to get a step-by-step blueprint to fight back. Learn exactly how to block AI-driven attacks and protect your company before a crisis hits. When AI Goes Rogue: How to Secure the New Cyber Attack Surface → As companies rush to adopt AI, hackers are turning these tools into a massive liability by hijacking AI agents and leaking trade secrets.

Join this urgent webinar to see exactly how attackers weaponize AI against businesses. You’ll get a practical blueprint to lock down your setups, fix risky configurations, and stop your own tech from going rogue. Building at Machine Speed: How to Secure AI Software Delivery → AI tools are generating code faster than security teams can review it, introducing hidden risks into software pipelines. Join this webinar to learn how to catch vulnerabilities and govern AI risk without slowing down development.

You’ll get a practical roadmap to protect your software supply chain and scale AI engineering safely. 📰 Around the Cyber World China’s New Zhipu AI Reportedly Matches Claude Mythos in Vulnerability Discovery — The Wall Street Journal reported that a new model released by China’s Zhipu AI, GLM-5.2, matches the performance of Anthropic Mythos when it comes to finding vulnerabilities, narrowing the gap between top U.S. models and those developed by Chinese companies. The ability of AI systems to autonomously find security defects in software has created new urgency to efforts that entail the use of models to quickly close them before they can be exploited by bad actors.

There are also worries that these models, in the wrong hands, can become potential enablers of cyber warfare. The Trump administration has called for the creation of a framework that grants the federal government the ability to evaluate AI models’ capabilities and determine which qualify as “covered frontier models,” a designation for AI systems with advanced cyber capabilities. Indirect Prompt Injection in Agentic Coding Tools — Mozilla’s Zero Day Investigative Network (0DIN) characterized indirect prompt injection as a “very real and serious attack vector that can result in catastrophic damage, much of which will be irreversible.” In the case of agentic IDEs and coding agents, they can request access to various tools, which, once approved, can pave the way for code execution, file system operations, and network calls. Specifically, an attacker can obtain code execution using a seemingly harmless repository by chaining trusted setup instructions, routine error handling, and automated agent behavior.

The attacker-controlled repository does not even have to contain any malicious code. Instead, it’s fetched at runtime from a DNS TXT record by framing it as an essential step during the installation phase when a developer copies the repository link and instructs the agent to get it running. “In short, agentic coding tools have access to everything they need for this: private data, including environment variables, credentials, API keys, and local configuration files,” 0DIN said. “Untrusted content, such as repositories, documentation, and error messages from recently installed packages, can inject malicious models to steal this data.” New KuinaExtractor Rust Infostealer Spotted — A new Rust-based information stealer called KuinaExtractor comes fitted with capabilities to harvest web browser data, crypto wallets and credentials for services such as Roblox, Steam and Discord.

Said to be in active development since December 2025, the stealer also includes a Chrome app-bound encryption ( ABE ) bypass. In parallel, the malware developer worked on two short-lived projects known as KuinaCookieExtractor and Zenith C2 before they were abandoned. KuinaCookieExtractor goes beyond browser cookies to include Roblox and Steam sessions, Minecraft and FileZilla logins, Telegram tdata and Discord tokens, and exfiltrates over a Discord webhook rather than Telegram. New LokiBot Campaign Surfaces After a Hiatus — A new email phishing campaign has been observed delivering LokiBot via a JavaScript attachment.

Once launched, the script triggers the execution of a PowerShell loader that runs a .NET injector payload that deploys the LokiBot malware. LokiBot is capable of harvesting credentials from password managers like 1Password, Enpass, and KeePass, and contacts an external server to receive and execute commands. Phishing Campaign Drops Malicious Chrome Extension — Invoice-themed email phishing lures written in Italian are being used to launch JavaScript attachments masquerading as PDF documents. “The most interesting part of this infection was not the initial JavaScript.

The malware installed a malicious Google Chrome extension and paired it with a Native Messaging Host,” D3 Lab said . “This combination allowed code running inside Chrome to request PowerShell commands on the Windows system.” Time as an Attack Surface — New research from NCC Group has argued the need for treating time as a “first‑class attack surface,” stating clock drift, time synchronisation failures, and deliberate oscillator manipulation can be exploited to undermine cryptography, authentication, industrial automation, and safety systems. “The risk is amplified by broader technological trends,” NCC Group’s Andy Davis said . “Cloud computing, containerisation, and virtual machines abstract time away from physical hardware, placing it under the control of hypervisors and orchestration layers.

At the same time, Industrial Control Systems, IoT devices, and safety-critical platforms increasingly rely on low‑cost oscillators and commodity components that are vulnerable to environmental influence and physical manipulation. Systems that once relied on isolated, deterministic timing sources are now interconnected, synchronised, and exposed.” Threat actors Exploit Xiongmai DVR Flaw to Deliver Proxy SDK — Threat actors have been exploiting CVE-2024-3765 , a vulnerability in Xiongmai DVR, to deploy commercial residential proxy SDKs using a Mirai botnet-derived HTTP downloader. “All DDoS and scanning capability has been stripped,” the Nokia Deepfield Emergency Response Team (ERT) said . “What remains is a minimal HTTP client and an embedded userspace ELF loader – Mirai reduced to a delivery truck.” The main stager installed following a successful compromise deploys a proxy binary called PacketSDK, which is part of the IPIDEA residential proxy network disrupted by Google earlier this year.

The stager also contains a remote code execution backdoor that polls an external server for updates every 2 minutes. Nation-State Targeting of Water Systems — DomainTools warned that water and wastewater infrastructure have become strategic pressure points for state and state-aligned actors from China , Iran , and Russia . “The combination of chronic underinvestment and weak baseline operational technology (OT) security makes many of these critical systems easy to compromise,” the company said . “Such intrusions can have both physical and psychological impact, and disruptions often affect civilian life, public health, and trust in government.” Anthropic Accuses Alibaba of Obtaining Illicit Access to Claude — Anthropic has accused the Chinese company Alibaba of what it described as the “largest campaign to illicitly extract Claude’s capabilities.” The attacks occurred between April 22 and June 5, 2026, when “operators affiliated with Alibaba and Alibaba Qwen, Alibaba’s AI lab,” allegedly generated “more than 28.8 million exchanges with Claude through almost 25,000 fraudulent accounts,” per Anthropic.

The distillation campaign targeted its capabilities, such as agentic reasoning, software engineering, and long-horizon tasks, while evading detection using obfuscation techniques and proxy networks . Linux Foundation Unveils Akrites and OSERA — The Linux Foundation has announced Akrites as a coordinated effort to address and disclose vulnerabilities in critical open-source software as AI accelerates both the scale and speed of vulnerability discovery. “The initiative provides a single, trusted place to coordinate, remediate, and disclose, with a shared SIRT [Security Incident Response Team] serving as a predictable partner for maintainers rather than a flood of uncoordinated reports,” the foundation said . The initiative also plans to work with critical infrastructure operators to help deploy fixes before in-the-wild exploitation.

The Linux Foundation has also announced its intent to form an Open Source Enterprise Resiliency Alliance (OSERA) that aims to strengthen the open-source components that underpin the financial services sector through a vendor-neutral, upstream-aware approach. “OSERA complements the recently announced Akrites, the cross-industry effort enabling coordinated disclosure and upstreaming,” the foundation said . “As financial-services downstream complement to Akrites, OSERA will collaborate with Akrites in the upstreaming process and, together with the Open Source Security Foundation, to represent the voice of the industry in defining remediation standards.” Microsoft Extends Windows 10 Consumer Extended Security Updates by a Year — Microsoft quietly extended the Extended Security Updates (ESU) program for Windows 10 consumers by a year, letting eligible users get updates through October 12, 2027. To enroll in the consumer Windows 10 ESU program, devices need to be running Windows 10, version 22H2 Home, Professional, Pro Education, or Workstations edition and cannot be offered for devices in kiosk mode or those that are joined to an Active Directory domain or Microsoft Entra and/or enrolled in a Mobile Device Management (MDM) solution.

Microsoft’s Secure Boot Certificates Have Expired — In related Microsoft news, the certificates that manage UEFI Secure Boot trust – namely, Microsoft Corporation KEK CA 2011, Microsoft UEFI CA 2011, and Microsoft UEFI CA 2011 – expired on June 24 and 27 2026. A third certificate, Microsoft Windows Production PCA 2011, will expire on October 19, 2026. “Many Windows PCs manufactured since 2024 already have the updated 2023 certificates,” Microsoft said . “For the remaining devices, Microsoft is delivering new Secure Boot certificates through Windows monthly updates, with partner original equipment manufacturers (OEMs) making firmware updates available to help ensure compatibility.” Google Cloud has also released guidance on how to update Compute Engine Shielded VM instances to trust the updated Microsoft Secure Boot certificates for UEFI Secure Boot.

To apply Secure Boot certificate updates for Linux on Azure virtual machines, it’s recommended to follow the actions outlined by Microsoft here . Separately, Linux users are advised to update their shims to the latest versions signed by the new key. It’s important to note that devices that haven’t received the newer 2023 certificates will continue to function normally, and standard Windows updates will continue to install. However, these devices will no longer receive new security protections for the early boot process, including updates to Windows Boot Manager, Secure Boot databases, revocation lists, or mitigations for newly discovered boot-level vulnerabilities.

Fake OpenAI Organization Invites Used in New Poisoned Tenant Campaign — Phishing emails are being sent from threat actor-controlled ChatGPT tenants, inviting recipients to join an organization with the likely goal of harvesting sensitive information shared in the AI chatbot. “The emails came from OpenAI’s legitimate notification address (noreply@tm.openai.com), passed all standard email authentication checks, and referenced our company by name,” Push Security said . “They looked exactly like a routine organizational invitation because, technically, they were one.” The development comes as threat actors are abusing AI chatbot chat sharing functionality to distribute pages containing malicious instructions, turning them into malware delivery platforms. “The attacker has used ChatGPT’s code rendering feature to build a fully designed fake page that mimics a ChatGPT service disruption, redirecting victims to a convincing clone of ChatGPT’s download page that delivers a malicious executable,” Push Security noted .

The activity has been codenamed LLMShare. 🔧 Cybersecurity Tools Sulla → It is an open-source security tool by Praetorian that scans internal network SMB file shares to find exposed credentials and sensitive data. Operating as a fast, low-noise static binary, it maps Active Directory environments and uses multi-layered filtering with the Titus engine to perform in-memory analysis for cloud keys, passwords, and tokens. It outputs structured, real-time results to help security teams identify and remediate internal data exposure before it can be exploited.

Karna → It is a Web Application Firewall (WAF) module specifically engineered for the Kong Gateway to provide modern, scalable security for web applications. By integrating directly into the Kong ecosystem, it allows organizations to enforce fine-grained security policies and filter malicious traffic at the gateway layer, ensuring that protection is applied consistently across distributed services without adding significant latency. Disclaimer: This is strictly for research and learning. It hasn’t been through a formal security audit, so don’t just blindly drop it into production.

Read the code, break it in a sandbox first, and make sure whatever you’re doing stays on the right side of the law. Conclusion This week, keep it simple. Break the small thing, find the forgotten access, wait for someone to say they meant to patch it. No genius required.

Just old mistakes with fresh damage. Shut the door. Check the locks. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers

New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App . The templates power bogus cryptocurrency exchanges, multi-language pig-butchering operations, WhatsApp phishing networks, fake gambling platforms, brand-impersonation sites, and crypto wallet drainers. A total of 236,493 distinct second-level domains have been identified by the DNS threat intelligence company. “For the last two years, there’s been a dramatic scaling up of scam websites using the DCloud framework, and operators of these sites continue to launch complex real-world schemes to trick victims,” Infoblox said in an exhaustive report published last week.

It’s being assessed that unknown threat actors are selling DCloud investment scam templates, although there are indications of centralized ownership across a significant chunk of the DCloud-built investment scam websites. This is based on drops in new domain registrations observed across scam websites on diverse hosts, raising the possibility that a centralized party is either facing disruption or making coordinated changes to their DCloud investment scam sites. Other signs include specific technical fingerprints, communication methods to victims, and hosting decisions. Among the identified domains is the infamous RainbowEx platform , a bogus cryptocurrency exchange that made headlines in late 2024 for operating a Ponzi scheme that impacted tens of thousands of people living in San Pedro, Argentina.

Later that year, seven people linked to the operation were arrested by law enforcement authorities. While the use of DCloud itself is not an indicator of malicious intent, Infoblox said it has some common traits among them: fake brokerage interfaces, cryptocurrency wallet-drainer prompts, gambling interfaces with rigged outcomes, brand-impersonation storefronts, and bulletproof hosting (BPH). The rogue domains span every continent, target speakers of at least eight languages, and masquerade as brands ranging from major stock exchanges to retail giants to messaging platforms, the company said. The fraudulent operations have been ongoing since mid-2022.

From the DCloud-fingerprinted sites, two related but distinct populations have emerged - Sites carrying the DCloud Uni-App framework’s basic signatures that go back to 2021 and include both legitimate Chinese businesses and malicious operations An investment scam-specific subset that has been active since mid-2022 “Counterintuitively, the investment scam population is larger than what the simple DCloud framework fingerprint alone reveals, because more sophisticated operators have stripped the default DCloud scaffolding to evade fingerprint-based identification,” Infoblox noted. The second set DCloud scam websites is run by multiple unrelated operators, comprising a wide variety of fraudulent schemes - Fake cryptocurrency exchanges and deposit-and-trade platforms that impersonate well-known exchanges and trick users into making investments, displaying fictitious trading activity until the victims attempt to withdraw their funds Cryptocurrency wallet drainers that entice users into connecting their wallets by masquerading as BNB Chain or Tether verification flows Prediction-market and gambling impersonations that imitate Polymarket-style prediction markets, or fake casinos and lottery platforms WhatsApp and messaging platform phishing that aim to extract credentials by impersonating WhatsApp’s Security Help Center using lookalike domains (e.g., “whats-zwp[.]vip” or “faq-whatsapp-center[.]com”) Generic template phishing and credential collection that feature simple login and registration pages “In the United States, the same playbook has now manifested twice in publicly known operations: first in the LSSC scooter sharing investment scam that scaled into a major federal-and-state fraud investigation last year, and second in a bicycle sharing investment-themed scam that is actively recruiting victims right now under a U.K.-registered corporate front with a genuine U.S. federal money-services license,” the company said. The scooter investment scam built using the Uni-App framework is being operated under the Yuechi Sharing Technology Ltd.

brand, and primarily targets Australia, New Zealand, and the U.S. Yuechi’s front-end features a login or registration form, the latter of which prompts users to enter their phone number, SMS verification code, and an invitation code that’s shared by an existing affiliate of the pyramid scheme. “The invitation code gate is common across investment scam websites: a prospective victim cannot create an account or reach the deposit screen without first being recruited by an existing affiliate,” Infoblox explained. “This requirement aligns with the fact that most operators seek to convert each victim into a recruiter who will then try to recruit their own friends, family, and co-workers to bring in more investments and build out the pyramid.” The site also incorporates a customer service component that redirects victims to an off-platform branded chat to handle issues like registration errors, withdrawal blocks, and deposit holds.

What’s more, Infoblox’s analysis of the DCloud-built investment scam infrastructure has revealed that the majority of the domains are hosted on legitimate providers such as Cloudflare, Alibaba Cloud, Tencent Cloud, and Amazon Web Services. About 6% of visible DCloud-built investment scam domains have been found to leverage BPH providers like CTG Server Limited (AS152194), which has been previously flagged for malicious cyber activity. “Sites in the evasive tier, where operators took the trouble to obscure the framework signature, run on bulletproof hosting at roughly double the rate of the vanilla tier,” the company said, where the vanilla tier refers to scam sites that carry the default DCloud framework fingerprint, while the evasive tier consists of sites that don’t carry the fingerprint. “The interpretation is straightforward: Operators sophisticated enough to recognize and strip framework fingerprints are also operators sophisticated enough to seek out infrastructure providers that resist takedown requests.

The two behaviors tend to go hand in hand. Conversely, the cheapest and least sophisticated operators, those who download a template and deploy it as-is, are also the most likely to be using mainstream hosting, where they are simultaneously easier to identify and easier to remove.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Why Post-Quantum Cryptography Starts With Credentials

Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no machine today can break elliptic curve cryptography or RSA, quantum hardware is advancing rapidly and will inevitably change how organizations protect their data. Ciphertext and credentials captured by attackers can now be stored and decrypted as soon as quantum computing catches up. How urgent is quantum-resistant cryptography?

The Global Risk Institute’s 2025 Quantum Threat Timeline report shows that surveyed security specialists believe a cryptographically relevant quantum computer is likely to be available within 15 years, with 51-70% indicating so. The threat dates back to 1994, when Peter Shor proved that a powerful quantum computer could efficiently factor large numbers and compute discrete logarithms. However, Shor’s algorithm applies to public-key cryptography, posing no meaningful threat to symmetric encryption like AES-256 or modern hashing. This distinction matters because public-key cryptography is what two systems use to establish trust and agree on the keys that protect their data.

If a quantum computer can break that step, the attacker can unlock the protected data and credentials behind it. What makes the quantum threat relevant today, rather than solely in the future, is a tactic known as Harvest Now, Decrypt Later, in which an attacker captures encrypted traffic today, stores it, then decrypts it when a quantum computer is available. With a capable quantum computer plausibly available within 15 years, any data intercepted and harvested today should be treated as data already exposed. Q-day deadlines Even though it’s unclear exactly when a quantum computer will arrive, government agencies are setting deadlines around the milestone known as Q-day for when cryptography must change.

NSA’s Commercial National Security Algorithm Suite 2.0 will require new national security systems to start supporting quantum-resistant algorithms starting January 1, 2027. While deadlines are staggered for various system categories throughout the early 2030s, the NSA hopes to make all national security systems quantum-resistant by 2035. NIST is moving on a parallel track with its draft IR 8547, which deprecates RSA-2048 and ECC P-256 after 2030 and disallows them entirely after 2035. These dates may seem far away, but a full enterprise transition could take 5 to 15 years, since the discovery phase alone can take 1 to 2 years in large enterprises.

Why credentials carry major risk in a post-quantum future Not all encrypted data within an organization carries the same risk when the cryptography protecting it eventually becomes obsolete. Most secrets, like session tokens, have a confidentiality lifetime measured in months; credentials may persist for years or as long as their associated systems remain in service. To attackers, that makes credentials worth harvesting now and holding onto until a quantum computer can decrypt them. What makes this a major security risk is scale, especially since most organizations have growing populations of Non-Human Identities (NHIs) like service accounts and API keys.

These machine credentials tend to be long-lived because no human user is responsible for rotating them, and they likely have not been inventoried for cryptographic exposure, making them ideal targets for harvesting. How to start a credentials-first quantum migration Since most of the risk is concentrated in credentials, the migration should begin with them as well. Organizations should take a credentials-first approach to quantum migration by doing the following. Inventory existing cryptography The main reason migrations are such lengthy processes is that organizations cannot itemize their cryptographic dependencies.

A credentials-first inventory begins with finding the systems that hold or broker secrets, including password managers, secrets managers and Privileged Access Management (PAM) platforms. This phase is likely to expose forgotten service accounts, hardcoded secrets or integrations that have been dormant for years. Prioritize risk over size While organizations may want to start protecting their largest systems, it is smarter to prioritize confidentiality lifetime based on exposure, like how long a secret must remain private, combined with how reachable it is to an attacker. With this logic, a small, long-lived secret that brokers access to critical systems outweighs a vast but short-lived dataset.

Prioritizing risk this way ensures the credentials most vulnerable to Harvest Now, Decrypt Later are secured first. Migrate to hybrid cryptography Instead of replacing classical algorithms outright, organizations should adopt hybrid cryptography by combining a classical algorithm with a quantum-resistant one in the same key exchange. This keeps a connection protected against both today’s traditional attackers and future quantum attackers. Hybrid cryptography also prevents organizations from betting everything on a single, relatively new algorithm, since the classical component remains in place and nothing is removed to add quantum-resistant protection.

Build for crypto-agility Given that algorithms get deprecated and parameters change, organizations should expect that the current migration will not be the final one. Build with crypto-agility in mind: That way, cryptographic algorithm swaps are configuration changes rather than major re-engineering overhauls. For credentials in particular, this means keeping cryptography in a centralized location so that when the algorithm needs to change, it can be updated once rather than reworked across multiple applications, pipelines and integrations. Start protecting where the risk is highest While the urge to procrastinate on quantum-resistant cryptography may be strong, organizations must remember that quantum migration is a lengthy process and that today’s data must remain secret far into the future.

A quantum computer does not need to exist yet for the threat of harvested and then decrypted credentials to be a real issue. Transitioning to quantum-resistant cryptography should begin with credentials since they are where confidentiality lifetime and blast radius intersect. In November 2025, the rollout of quantum-resistant cryptography began across all Keeper client applications, adopting Kyber Hybrid Key Encapsulation Mechanisms (KEM) to help secure vaults from Harvest Now, Decrypt Later and other quantum computing threats. Protecting credentials against a quantum future is what organizations should prioritize now, before more advanced hardware forces them to do so.

Note : This article was thoughtfully written and contributed for our audience by Ashley D’Andrea, Content Writer at Keeper Security. Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half of the year. Primary targets of these efforts include Ukrainian governmental and military institutions. “Throughout 2025, Gamaredon stayed highly active and remained focused solely on Ukraine,” ESET said .

“The group’s ultimate goal continues to be the exfiltration of sensitive information and other critical data that could be exploited to support Russian interests in the ongoing war in Ukraine.” The spear-phishing campaigns make use of archive attachments or XHTML files that employ HTML smuggling to deliver malicious HTA downloaders that are responsible for dropping additional payloads, such as PteroSand. Some of the attacks have also weaponized a now-patched flaw in WinRAR ( CVE-2025-8088 ) as a way of placing the malicious HTA downloader into the victim’s Windows Startup folder. This, in turn, causes the downloader to be automatically executed on the next login, thereby adding a persistence mechanism to the compromise chain. Gamaredon’s attacks are known to rely on weaponizers like PteroLNK and PteroPaste to facilitate lateral movement by infecting USB drives and network drives with malicious LNK files that, when opened by an unsuspecting user, trigger the retrieval of downloader malware.

Also used is PteroSetup, an older Visual Basic Script (VBScript) weaponizer first detected in January 2021 and likely assumed to be discontinued. The tool scans USB and mapped network drives for legitimate installer files, and if found, replaces them with 7z self-extracting (SFX) archives containing the original installer and a malicious VBScript downloader. “In 2025, the group’s reliance on third-party services grew significantly, with tunnel services and serverless worker platforms becoming an increasingly important part of how it hid its real back-end infrastructure,” ESET said. The attacks are also characterized by the introduction of six new malicious PowerShell tools, broadening its custom malware arsenal - PteroDee and PteroCache for fetching and executing PowerShell payloads in memory PteroDum for fetching and executing VBScript payloads in memory PteroOdd for fetching a single PowerShell payload using the Telegra.ph API and likely used in campaigns in which the Gamaredon actors collaborated with Turla PteroEffigy for fetching the command-and-control (C2) server using the GoFile cloud storage service PteroPaste , for weaponizing USB drives and downloading additional PowerShell payloads via an encrypted channel “While the group took a short operational break in January 2025, Gamaredon spent much of its effort in the first half of that year developing and deploying new tools,” ESET researcher Zoltán Rusnák said.

“Many updates were made in the lead-up to major holidays in Russia and Crimea. Notably, no updates were observed during or immediately after these holidays, further suggesting that Gamaredon operators are probably government-affiliated employees.” Another noteworthy aspect of the threat actor’s campaign revolves around the use of a wide range of legitimate services as data exfiltration channels and dead drop resolvers to obtain details of the C2 server and to point malware to infrastructure already hidden behind tunnels or serverless workers. These include - Telegra.ph Teletype Rentry.co Write.as Dropbox GoFile DEV Community (dev.to) Mastodon Lesma Nopaste.net Paste.ee Wasabi Tebi Intercolo Dropbox “As in previous years, the group compensated for the relative simplicity of its malware with persistence, frequent updates, and an increasingly creative abuse of legitimate online services,” ESET said. “Gamaredon further expanded its use of dead drops, tunnels, workers, dynamic DNS, and cloud storage, making its operations more flexible and harder to disrupt.” Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts

Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal credentials and run ad fraud. The company calls it StegoAd , a mash-up of steganography and adware, and ties 119 extensions to a single threat actor it says has been active since at least 2021. The extensions were the kind people install without a second thought: ad blockers, VPNs, translators, video downloaders. Each one did its job and earned reviews.

The malicious code stayed dormant until the extension cleared a stack of evasion checks, which is how it sat in the store for years. Combined, the 119 extensions had an install base of up to 2.6 million users. Microsoft is clear that this is a ceiling, not a victim count. A multi-day delay, server-side validation, and a 10% execution gate on some variants meant the payload never fired for many installs.

How many people were actually compromised is not known. Code hidden in pictures and fonts The trick that names the campaign is steganography: tucking executable code inside files that look completely normal. The earliest variants appended JavaScript after the IEND marker of a PNG icon, so the image rendered fine everywhere while carrying a payload that static scanners never flagged. As detection caught up, the actor moved to WebP images, then to WOFF2 font files, hiding code in glyph ranges that read as Asian text or font metadata.

Microsoft calls steganography at this scale rare in the browser extension ecosystem. Some high-impact variants did not even ship the payload locally. They fetched a normal-looking image from a command-and-control server. The extension decoded it through layers of case swaps, digit swaps, Base64, and XOR, then checked it against a signature before running it.

The C2 server only served the real file to requests that passed a fingerprint and a User-Agent check; anyone probing it directly, researchers included, got an empty decoy response. Extensions also watched for open DevTools and extended their dormancy if they spotted an analyst looking. Ad fraud on top, credential theft underneath The visible damage was ad fraud: injected ads, hijacked affiliate commissions on Amazon, eBay, and AliExpress, and redirected searches, all skimming money while degrading browsing. Microsoft’s analysis of retrieved payloads found a lot more underneath.

The payloads included a remote code execution backdoor that ran arbitrary JavaScript pushed from the server. They also stole Google credentials and second-factor codes at sign-in, harvested WordPress admin logins, and exfiltrated cookies in bulk for session hijacking. Microsoft says seven Google Analytics tracking IDs appear to have served as covert telemetry, giving the operator near real-time dashboards on the campaign through Google’s own infrastructure. The plumbing matched the ambition.

Microsoft counts more than ten C2 domains with automatic failover. The actor proxied traffic through Cloudflare Workers and abused GitHub Pages to host beacons. A polymorphic framework ran across roughly 66 extensions under 15-plus naming variants, and the operation migrated from Manifest V2 to V3 as the actor adapted to platform changes. What to do Microsoft says it has removed all 119 extensions and suspended the 90-plus developer accounts behind them.

The full list of extension IDs is in the company’s technical report . Open edge://extensions and compare your installed add-ons against that list. If anything matches, or if Edge removed one automatically, treat the browser as exposed. Change passwords for Google, WordPress, banking, and other sensitive accounts.

Review recent sign-in activity, and turn on strong two-factor authentication. Hardware security keys hold up against this kind of credential theft in a way that SMS codes do not. Microsoft published indicators of compromise for use across Chrome, Firefox, and other Chromium browsers. StegoAd looks less like a new campaign than a new face on a known one.

Its credential payload exfiltrates to mitarchive.info, a domain Koi Security ties to DarkSpectre , the Chinese operation it linked in December to the ShadyPanda and GhostPoster extension campaigns. The connection goes beyond the domain. StegoAd hides code inside an extension’s own icon, the same method GhostPoster used months earlier. The two even share extension names, such as Ads Block Ultimate.

Microsoft has not named the actor, but the overlap is clear. The operator is still active, Microsoft says. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

A public proof-of-concept is now out for CVE-2026-55200 , a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug affects every release up to and including 1.11.1 and carries a CVSS 4.0 score of 9.2 . libssh2 is a client-side SSH library, not a server.

That distinction matters. It is embedded in curl, Git, PHP, backup agents, firmware updaters, and a long tail of appliances. Anything that links it and reaches out to an untrusted SSH endpoint is a potential target. Many of those copies are statically linked, so a distro package update will not touch them, and you may not know they are there.

How the bug works The flaw lives in ssh2_transport_read() in transport.c, the function that parses incoming SSH packets during the handshake. It read the attacker-controlled packet_length field and rejected only values below 1. It never enforced an upper bound. The size calculation adds packet_length to a couple of small values using 32-bit arithmetic, so a length of 0xffffffff wraps around to a tiny number.

libssh2 then allocates a buffer sized for the tiny number, while later code writes the full, oversized packet into it. The result is an out-of-bounds heap write, classed as CWE-680 , integer overflow to buffer overflow, a classic primitive for code execution. The fix adds the missing check, rejecting any packet_length above LIBSSH2_PACKET_MAXPAYLOAD before the math runs. libssh2 has tripped over this before.

In 2019, it shipped version 1.8.1 to fix a batch of nine flaws led by CVE-2019-3855 , a near-identical integer overflow in its transport read that also let a malicious server run code on a connecting client. Seven years later, the same class of bug is back in the same code. Security researcher Tristan Madani reported the issue. Maintainers merged the patch through pull request #2052 on June 12.

VulnCheck published the CVE on June 17. A public proof-of-concept has been published in “exploitarium,” a GitHub archive of exploit code whose author says entries were posted without prior reporting. The archive contains a locally verified SSH trigger scaffold and a controlled local RCE harness for the libssh2 bug, not a turnkey remote exploit. Reliable code execution against a live application would still depend on the target binary, allocator behavior, mitigations, and how the software embeds libssh2.

The context is worth weighing. The author concedes the archive went out incomplete, with some entries weak and AI driving the fuzzing. As of now, CISA’s exploitation rating for the CVE still reads none, and no in-the-wild use has been reported. What to do There is no fixed libssh2 release yet.

The patch sits in the mainline source, and a tagged release is still being prepared , so Linux distributions and downstream projects are backporting it themselves; Debian, for one, already has a repaired build in testing. NHS England Digital has issued an advisory urging affected organizations to update. Inventory everything that links libssh2, including static or bundled copies that package managers will not flag. curl, Git, and PHP deployments are common carriers.

Apply a build that includes commit 97acf3d, whether a distro backport or a patched source build, and watch your vendor’s advisory channel for release status. Until patched, restrict outbound SSH connections to trusted servers and verify host keys. Give priority to clients that reach external SSH servers or resolve hosts through names that an attacker could redirect. Watch for oversized-packet anomalies and unexplained client crashes.

Patch the rest of the batch too: CVE-2026-55199 (CVSS 8.2), a denial of service that traps a connecting client in a CPU loop via a bogus extension count, and CVE-2025-15661 (CVSS 8.3), an SFTP heap over-read. The core issue is a pre-auth memory-corruption bug in code that ships inside more clients and appliances than anyone has fully mapped. The open questions are how fast someone turns the local harness into a dependable remote exploit, and how many bundled copies stay vulnerable because no one remembers they shipped libssh2 inside. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts. “This attack avoids the most common npm execution paths through lifecycle scripts, perhaps in an attempt to remain ‘compatible’ with npm v12’s security hardenings ,” JFrog said in a technical analysis. “The package hides execution inside a VS Code task, configured to run automatically when the project folder is opened in VS Code. From there, the malware retrieves encrypted JavaScript from blockchain transaction data, connects to attacker-controlled infrastructure, launches a socket.io backdoor, and eventually deploys a Python infostealer.

The names of the identified npm packages are listed below - html-to-gutenberg fetch-page-assets (which lists html-to-gutenberg as a dependency) The two packages were uploaded to npm on May 25, 2026, and are no longer available for download from the registry. The starting point of the attack is a hidden Microsoft Visual Studio Code (VS Code) task named “eslint-check” that’s configured with the “runOn: ‘folderOpen’” option to trigger the execution of arbitrary code when the folder is opened as a workspace folder in an IDE like VS Code or Cursor. “They do not recursively execute every nested .vscode/tasks.json; in this case, the trigger fires when the malicious package directory itself is opened as the workspace and marked as trusted, or that the developer explicitly allowed automatic tasks,” JFrog said. “The command also disguises the payload as a font file - public/fonts/fa-solid-400.woff2, even though the file just contains JavaScript code.” It’s worth noting that the abuse of a VS Code auto-run task , coupled with the disguise of JavaScript malware as font files, has been attributed to North Korea.

The OpenSourceMalware team, which is tracking the activity under the moniker Fake Font, has described it as a variant of Contagious Interview , a long-running campaign targeting software developers and technical personnel through fraudulent job interview processes. “This ‘Fake Font’ campaign delivers a multi-stage loader that ultimately deploys the InvisibleFerret Python backdoor, designed to steal cryptocurrency wallets, browser credentials, and establish persistent access,” security researcher Paul McCarty noted back in January. “This is the third sub-campaign of the Contagious Interview’ campaign that has been ongoing since 2023.” The bogus font file uses blockchain infrastructure as a dead drop resolver, relying on TronGrid and Aptos as a fallback mechanism to fetch a next-stage JavaScript payload in a manner that’s resilient to takedown efforts. The JavaScript stage repeats the same dead drop retrieval pattern to configure a command-and-control (C2) server that enables file uploads and Python malware delivery.

This includes setting up a Socket.io backdoor that grants the operator remote control over the infected host through features like shell execution, clipboard harvesting, file system operations, file upload, process management, and arbitrary JavaScript execution. In parallel, the infection chain launches a Python loader component that’s responsible for retrieving the Python infostealer from the C2 server and installing the necessary dependencies. The artifact is a wide-ranging credential, browser, wallet, and developer artifact stealer that can siphon data stored in Chromium-based and Mozilla Firefox browsers, password managers, authenticators, and cryptocurrency wallets. It’s also equipped to harvest developer-oriented information like Git credentials, GitHub CLI hosts.yml, GitHub Desktop logs, VS Code, and global storage, as well as data from Windows Credential Manager, Linux Secret Service, KDE Wallet, macOS Keychain, and cloud storage metadata for Dropbox, Google Drive, Microsoft OneDrive, Apple iCloud, Box, Mega, and pCloud.

In the final stage, the collected data is packaged into compressed ZIP archives and uploaded to the C2 server, and to a Telegram bot if a bot token is provided by the attacker during runtime. The campaign has also targeted the Go ecosystem, with Nextron Systems discovering a set of 16 Go packages containing the same malware. The list is as follows - github.com/lambda-platform/lambda github.com/reauheau/goaubio github.com/glacialspring/go-winsparkle github.com/bm-197/chill github.com/naol7/dist-task-scheduler github.com/anatoli-derese/a2sv-excercise github.com/amantsehay/a2sv-go-course github.com/dexbotsdev/uniswap-v2-v3-arbitrage github.com/lambda-platform/ebarimt-rest-api github.com/lambda-platform/dan github.com/zainirfan13/graphql-client github.com/hngi/team-fierce-backend-golang github.com/glacialspring/static github.com/rickt/slack-weather-bot github.com/Barsu5489/commerce github.com/Setsu548/Logistic “Most appear to be legitimate packages whose latest released version included the malware alongside the original package contents, using the same structure and fake font file,” JFrog added. Users who have installed the packages are advised to remove them with immediate effect, search developer machines for hidden VS Code folder-open tasks, and rotate credentials, tokens, cloud credentials, API keys, browser-stored credentials, and wallet credentials.

“The payloads show that the attacker was interested in both immediate theft and interactive access,” the cybersecurity company concluded. “The socket.io-based backdoor provides command execution and file collection, while the Python stage performs wide credential and wallet harvesting across browsers, OS credential stores, developer tooling, and cryptocurrency applications.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S. The systematic cyber attacks aimed at stealing sensitive information from the victims, the agency added. “The goal of these ‘hacks’ is to gain access to sensitive military, political, and economic information exchanged by users, as well as to steal their personal data,” the agency warned in a post shared on Telegram.

To pull off the operation, the attackers send SMS messages that masquerade as the messaging platform’s support bot and urge users to disclose their account credentials. The SSU noted that these attacks include not only organizations, officials or public figures, but also personal accounts belonging to Ukrainian nationals. It did not attribute the campaign to a specific hacking group. However, similar attack waves directly aimed at Signal and WhatsApp messaging app users have been attributed to Russian threat activity clusters tracked as Star Blizzard, UNC5792 (aka UAC-0195), and UNC4221 (aka UAC-0185).

To counter the risk posed by such threats, it’s advised to periodically review active messaging app sessions and log out of unknown connections, enable two-factor authentication, refrain from scanning QR codes received from unknown users, not disclose confirmation codes, PIN codes, passwords, and account recovery keys, and click on suspicious links or open files from unknown or dubious chats. The development comes as the FBI attributed Russian Intelligence Services (RIS) cyber threat actors to an ongoing commercial messaging application (CMA) phishing campaign aimed at high-value targets to deceive them into handing over their backup recovery keys. Late last month, the Computer Emergency Response Team of Ukraine (CERT-UA) attributed to the Belarus-aligned threat actor known as UNC1151 (aka Ghostwriter and UAC-0057) a spear-phishing campaign that targeted government organizations using compromised accounts to deliver an information stealer called OYSTERBLUES. Found this article interesting?

Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.