According to a recent disclosure on Hacker News, an insecure file-hosting configuration has exposed personal identifiable information (PII), including completed tax forms, that were exchanged between freelancers and clients.

The Cloudinary Misconfiguration

The root of the data exposure lies in how Fiverr handles file sharing within its internal messaging system.

The platform relies on a third-party service called Cloudinary to process and host images and PDF documents, including final work products delivered to clients.

While Cloudinary operates similarly to an Amazon S3 digital storage bucket and supports secure, expiring web links, Fiverr reportedly configured the service incorrectly.

Instead of requiring authentication, Fiverr opted to generate fully public URLs for these sensitive attachments. Because these files were left open to the public, search engines like Google were able to crawl and index them.

This suggests that the public file links may have been exposed through unprotected HTML pages somewhere on Fiverr’s network.

The impact of this oversight is severe, as anyone can allegedly use specific Google search queries to surface private documents.

For example, running a site-specific search for “form 1040” on Fiverr’s Cloudinary domain instantly reveals private tax documents containing highly sensitive financial and personal data.

Interestingly, the researcher highlighted a troubling contradiction. Fiverr actively purchases Google Ads for tax preparation services, yet the platform fails to secure the resulting financial work products.

This exposure raises immediate regulatory concerns. By failing to lock down financial documents properly, the platform and its tax preparation freelancers could be in direct violation of the FTC Safeguards Rule and the Gramm-Leach-Bliley Act (GLBA), which mandate strict protections for consumer financial data.

The researcher who discovered the issue claims to have followed standard responsible disclosure protocols. A detailed vulnerability report was sent to Fiverr’s designated security team 40 days before the public release.

After receiving no response or remediation efforts from the company, the researcher opted to publish the findings on Hacker News to warn affected users.

Key Takeaways and Mitigations

Until Fiverr resolves this public exposure, users are at risk of identity theft and financial fraud. Both freelancers and clients should take immediate precautions:

• Halt sensitive transfers: Users should temporarily stop sending sensitive documents, such as tax forms or medical records, through Fiverr’s messaging system.
• Implement signed URLs: Fiverr must urgently update its Cloudinary integration to utilize signed, time-limited URLs for all user-to-user file transfers to ensure files expire after being downloaded.
• Request search de-indexing: The company needs to issue urgent takedown requests to Google to remove the exposed domain directories from public search results.
• Monitor for identity theft: Clients who purchased financial or tax preparation gigs on Fiverr should monitor their credit reports for unauthorized activity.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Fiverr Allegedly Leaks User Information to Google Indexing, Researchers Say appeared first on Cyber Security News.

According to recent threat research published by Fortinet’s FortiGuard Labs, threat actors are exploiting a known command injection vulnerability to hijack TBK DVR systems and construct a large-scale Distributed Denial-of-Service (DDoS) botnet.

Fortinet researchers report that the campaign specifically targets TBK DVR-4104 and DVR-4216 models by exploiting CVE-2024-3721. This OS command injection flaw allows attackers to deliver a downloader script by manipulating arguments within the device system.

During the exploitation phase, network traffic reveals a custom HTTP header reading “X-Hacked-By: Nexus Team – Exploited By Erratic,” leading FortiGuard Labs to attribute the campaign to a relatively unknown threat actor identified as the “Nexus Team“.

Once the downloader script executes, it fetches multi-architecture payloads supporting ARM, MIPS, and x86-64 environments, subsequently displaying a console message stating “nexuscorp has taken control”.

Technical Capabilities and Infection Mechanisms

Fortinet’s analysis reveals that Nexcorium shares fundamental architecture with traditional Mirai variants, utilizing XOR-encoded configurations and modular components. The technical operation relies on several core mechanisms:

• Modular Architecture: The malware deploys standard Mirai features, including a watchdog module to distinguish sub-processes, a scanner for network propagation, and an attacker module for DDoS execution.
• Legacy Exploit Integration: To maximize its infection radius, Nexcorium incorporates the older CVE-2017-17215 vulnerability, which targets Huawei router devices.
• Aggressive Brute-Forcing: The malware launches Telnet-based brute-force attacks against other networked hardware using a hardcoded list of common and default credentials.
• Self-Preservation: Nexcorium verifies its own integrity using FNV-1a hashing algorithms; if the binary is altered or unreadable, it dynamically duplicates itself under a new filename to evade detection.

To maintain long-term access to compromised systems, the malware establishes persistence through four distinct mechanisms rather than relying on a single configuration file. The botnet secures its foothold by:

• Modifying /etc/inittab to ensure automatic process restarts if the malware is terminated.
• Updating /etc/rc.local to guarantee execution during the device’s system startup sequence.
• Creating a dedicated systemd service named persist.service for persistent background operation.
• Planting scheduled tasks via crontab for reliable post-reboot execution.

Following this extensive setup, Fortinet notes that Nexcorium deletes its original binary from the execution path to thwart security analysts.

The primary objective of the Nexus Team campaign is launching devastating DDoS attacks. Based on FortiGuard Labs’ decryption of the malware’s configuration table, Nexcorium communicates with a centralized command-and-control (C2) server to receive attack directives.

Instead of a narrow attack scope, the botnet is equipped with a versatile arsenal of flood techniques. These include standard UDP, TCP ACK, TCP SYN, SMTP, and TCP PSH floods, alongside specialized attack vectors like VSE query floods and UDP blast attacks.

The discovery of Nexcorium highlights the continuous weaponization of legacy IoT devices. Security experts strongly advise organizations to immediately patch CVE-2024-3721, replace default manufacturer credentials, and isolate critical infrastructure from vulnerable IoT endpoints using network segmentation.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Nexcorium-Associated Mirai Variant Uses TBK DVR Exploit to Scale Botnet Operations appeared first on Cyber Security News.

While this marks a significant 40% decline from the 10.1 million servers observed in 2024, the presence of this decades-old protocol continues to pose an exposure risk due to widespread insecure default configurations.

The Censys report highlights that the dominant story of FTP exposure in 2026 is not purpose-built file transfer infrastructure, but rather an accumulation of platform defaults on shared hosting networks and broadband providers.

The State of Encryption and Regional Risks

When it comes to securing these servers, the data reveals a mixed landscape. Censys found that roughly 58.9% of observed FTP hosts completed a Transport Layer Security (TLS) handshake, meaning they support encrypted connections.

However, this leaves approximately 2.45 million hosts without observed evidence of encryption, potentially allowing them to transmit files and credentials in cleartext.

The lack of encryption adoption varies significantly by region. According to Censys data, mainland China and South Korea have the lowest TLS adoption rates among the top 10 hosting countries, at 17.9% and 14.5%, respectively.

Meanwhile, Japan accounts for 71% of all FTP servers globally that still rely on outdated, deprecated legacy encryption protocols such as TLS 1.0 and 1.1.

The security posture of these 6 million servers is heavily influenced by the default settings of the software daemons running them.

Key technical observations from the Censys report include:

• Pure-FTPd Dominance: Operating on roughly 1.99 million services, this is the most common FTP daemon, largely driven by its inclusion as a default in cPanel hosting environments.
  
• The IIS FTP Configuration Trap: Over 150,000 Microsoft IIS FTP services return a “534” error response, indicating TLS was never configured.
  
  While IIS defaults to a policy that appears to require encryption, it does not bind a security certificate upon a fresh installation.
  
  Consequently, the server accepts cleartext credentials, even though the configuration appears to enforce TLS.
  
• Hidden Nonstandard Ports: Relying only on port 21 scans miss a significant portion of the attack surface.
  
  Tens of thousands of FTP services run on alternate ports, such as 10397 or 2121, often tied to specific telecom operations or network-attached storage devices.

Mitigation and Hardening Strategies

For enterprise defenders and infrastructure administrators, Censys strongly recommends evaluating whether FTP is truly necessary before attempting to harden it.

Organizations should consider the following mitigation strategies:

• Migrate to Secure Alternatives: Whenever possible, replace FTP with SSH File Transfer Protocol (SFTP), which encrypts credentials and data by default over port 22.
  
• Enforce Explicit TLS: If legacy FTP infrastructure must remain online, administrators should configure their daemons to enforce Explicit TLS (FTPS) and refuse cleartext connections.
  
• Fix IIS Certificate Bindings: Windows Server administrators using IIS FTP must ensure that a valid certificate is bound to the FTP site and verify that the SSL policy actively enforces encryption.

Ultimately, while the internet’s reliance on FTP is slowly shrinking, millions of instances continue to run quietly in the background.

As Censys warns, the primary risk is not advanced zero-day attacks, but the simple failure to update default configurations that leave systems unnecessarily exposed.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Nearly 6 Million Internet-Facing FTP Servers Still Exposed in 2026, Censys Warns appeared first on Cyber Security News.

The flaw allows an unauthenticated attacker to execute arbitrary operating system commands as root, the highest privilege level, without requiring any login credentials.

The vulnerability was originally discovered in November 2025 and has now been made public following Fortinet’s patch release in April 2026.

Security researchers and defenders are urged to apply the fix immediately, as a working exploit is now freely available on GitHub.

CVE-2026-39808 is an OS command injection vulnerability affecting Fortinet’s FortiSandbox, a widely used sandboxing solution designed to detect and analyze advanced threats and malware. The flaw resides in the /fortisandbox/job-detail/tracer-behavior endpoint.

How Simple Is the Attack?

An attacker can inject malicious operating system commands through the jid GET parameter by using the pipe symbol (|) a common technique used to chain commands in Unix-based systems.

Because the vulnerable endpoint fails to properly sanitize user input, the injected commands are executed directly by the underlying operating system with root-level privileges.

FortiSandbox versions 4.4.0 through 4.4.8 are confirmed to be affected by this vulnerability.

What makes CVE-2026-39808 especially alarming is how easy it is to exploit.

According to researcher samu-delucas, who published the PoC on GitHub, a single curl command is enough to achieve unauthenticated remote code execution (RCE) as root:

curl -s -k --get "http://$HOST/fortisandbox/job-detail/tracer-behavior" --data-urlencode "jid=|(id > /web/ng/out.txt)|"

In this example, the attacker redirects command output to a file stored in the web root, which can then be retrieved through a browser.

This means an attacker could read sensitive files, drop malware, or fully compromise the host system all without ever logging in.

Fortinet’s Response

Fortinet patched the vulnerability and published its official advisory under FG-IR-26-100 through its FortiGuard PSIRT portal.

The advisory confirms the severity of the flaw and outlines affected versions. Organizations running FortiSandbox 4.4.0 through 4.4.8 should upgrade to a patched version without delay.

• Patch immediately:  upgrade FortiSandbox to a version beyond 4.4.8 as specified in Fortinet’s official advisory.
  
• Audit exposed instances: check whether FortiSandbox management interfaces are exposed to untrusted networks or the public internet.
  
• Review logs:  look for unusual GET requests to the /fortisandbox/job-detail/tracer-behavior endpoint as indicators of exploitation attempts.
  
• Apply network segmentation: restrict access to FortiSandbox administrative interfaces to trusted IP ranges only.

With a working PoC now publicly available, the window for exploitation is open. Security teams should treat this as a critical-priority patch and act immediately to secure affected systems.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands appeared first on Cyber Security News.

The vulnerability, tracked as CVE-2023-33538, affects multiple TP-Link models that no longer receive vendor updates, leaving users with no official patch to apply.

The affected routers include the TL-WR940N (versions 2 and 4), TL-WR740N (versions 1 and 2), and TL-WR841N (versions 8 and 10).

These devices share a common weakness in their web management interfaces, where a specific parameter inside an HTTP GET request is not properly checked for harmful content.

This missing input validation gives attackers a clear opening to inject and run commands on the router without triggering any warning on the device.

The attacks work by sending malicious HTTP GET requests to the /userRpm/WlanNetworkRpm endpoint. The requests carry commands embedded in the ssid parameter, which the router’s firmware processes without filtering harmful input.

Once the router accepts the request, the commands instruct it to download an ELF binary named arm7 from a remote server at IP address 51.38.137[.]113, assign it full execution permissions, and run it immediately.

Unit 42 analysts and researchers at Palo Alto Networks identified this malicious activity after CISA added CVE-2023-33538 to its Known Exploited Vulnerabilities (KEV) catalog in June 2025.

Their telemetry systems detected large-scale, automated exploitation attempts around that same period, with multiple probes targeting the same vulnerable endpoint across numerous devices in the wild.

The downloaded arm7 binary is a variant of the Condi IoT botnet malware, a Mirai-based family tied to previous campaigns. Once running on the infected router, the malware connects to a command-and-control (C2) server and folds the device into a larger botnet.

The C2 domain cnc.vietdediserver[.]shop is directly associated with these Mirai-like botnet operations and was confirmed malicious.

Inside the Arm7 Malware Binary

After gaining access to the device, the arm7 binary carries out a structured set of tasks to maintain its presence and grow the botnet.

It waits for specific byte-pattern commands from the C2 server and responds by sending heartbeat signals, triggering self-updates, and launching internal HTTP server functions.

One particularly notable behavior is the self-update routine. The binary uses the update_bins() function to connect back to 51.38.137[.]113 on TCP port 80 and pull fresh copies of itself built for eight different CPU architectures, including arm6, mips, sh4, and x86_64.

The IP address and port are hard-coded directly inside the binary, as confirmed during disassembly.

The arm7 binary also starts an HTTP server on the infected device using a port randomly chosen between 1024 and 65535.

Once active, this server delivers fresh malware copies to other devices that connect to it, spreading the infection further without requiring any additional input from the attacker.

This allows each newly infected host to go on recruiting more victims. Despite their scale, the in-the-wild exploit attempts observed by researchers carried technical errors.

The attackers targeted the ssid parameter rather than the correct and vulnerable ssid1 parameter, and their injected commands depended on wget, a utility absent from the router’s limited BusyBox environment.

Even so, the research team confirmed that the underlying vulnerability is real and that a more accurate attacker using the correct parameter could successfully exploit it.

Regarding recommendations, TP-Link confirmed the affected devices are end-of-life and no vendor patches will be made available. The company advises users to replace these units with currently supported hardware.

Changing the default admin:admin login credentials is also strongly recommended, as exploitation of this vulnerability requires authenticated access to the router’s web interface.

Administrators should monitor outbound traffic for connections to known malicious domains and retire any affected TP-Link router models still active on their networks.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts appeared first on Cyber Security News.

The surge was largely tied to a single piece of malware that silently spread through phishing emails, reaching ICS networks in every region of the world within just two months.

At the center of this threat wave is a backdoor worm known as Backdoor.MSIL.XWorm, a malware built to settle into infected systems and hand attackers full remote control over compromised machines.

What makes this outbreak particularly alarming is that this threat had no presence on ICS computers in the previous quarter, yet it appeared across all global regions in Q4 2025, representing a sudden and widespread jump.

The overall percentage of ICS computers on which worms were blocked rose by 1.6 times to 1.60% during this period, a sharp uptick driven almost entirely by this single campaign.

Securelist analysts identified that the active spread of Backdoor.MSIL.XWorm through phishing emails was closely tied to a specific malware obfuscation technique that threat actors used heavily during mass phishing campaigns throughout Q4 2025.

These campaigns, known since 2024 under the name “Curriculum-vitae-catalina,” relied on a deceptively simple but effective trick.

Attackers sent emails to HR managers, recruiters, and employees involved in hiring decisions, disguising malicious messages as job applications with subject lines such as “Resume” or “Attached Resume.”

The emails carried a malicious executable file presented as a curriculum vitae, typically named Curriculum Vitae-Catalina.exe, which infected the system the moment it was opened.

The infection did not unfold all at once. In Q4 2025, the threat rolled out in two distinct waves. The first hit in October, targeting Russia, Western Europe, South America, and North America, specifically Canada.

A second spike followed in November, spreading to additional regions before the campaign finally slowed in December.

The highest infection rates were recorded in Southern Europe, South America, and the Middle East, which are regions where ICS computers have historically faced elevated risks from email-based threats.

In Africa, the worm also found a different path in through removable storage devices, reflecting how diverse the spread vectors became.

Regionally, the percentage of ICS computers with blocked malicious objects ranged from 8.5% in Northern Europe to 27.3% in Africa in Q4 2025, showing just how wide the gap in exposure levels remains across the globe.

The oil and gas sector stood out as the only industry to see an increase in blocked threats during this period, particularly in Russia and Central Asia.

While the broader trend across all surveyed industries has been a gradual decline over multiple years, the worm-driven spike in Q4 2025 served as a clear reminder that email remains a powerful entry point into even the most sensitive industrial environments.

Inside the Infection Mechanism

The way Backdoor.MSIL.XWorm operates reveals a calculated approach to gaining and holding access inside industrial networks.

When a target opens the fake resume file, the malware quietly executes in the background, establishing persistence on the system so it survives reboots and routine maintenance.

From that point, it opens a channel for remote control, allowing attackers to monitor activity, move through the network, and potentially interfere with operational technology processes.

The obfuscation techniques used during the “Curriculum-vitae-catalina” campaigns helped the worm slip past standard detection tools by disguising its true behavior inside layered scripts and encoded payloads.

This is why the malware went undetected on ICS computers in Q3 2025, only to surge dramatically the very next quarter.

Southern Europe recorded the steepest increase, with worm-blocking activity rising by 2.16 times, largely because that region already had the highest rate of email-sourced threats among ICS environments globally.

Security teams managing ICS or OT environments should treat any unsolicited email with an executable attachment as a serious risk, even when those emails appear to come from genuine job seekers.

Organizations are advised to enforce strict email filtering policies that block executable attachments before they reach end users.

Employees in HR roles and anyone with access to OT-adjacent systems should receive focused training on identifying phishing attempts that mimic hiring communications.

Removable media policies should also be tightened, particularly in regions like Africa where USB-based infection proved to be an active vector during this campaign.

Keeping ICS endpoints updated and running behavior-based detection tools is essential to catching threats like XWorm that are specifically designed to evade signature-based defenses.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Email-Borne Worm Surge Drives New Threat Wave Across Industrial Control Systems appeared first on Cyber Security News.

Unlike attacks that exploit software flaws, this campaign relies entirely on social engineering, manipulating people rather than bypassing technical defenses.

The attack begins with a convincing story. Sapphire Sleet poses as a job recruiter on professional networking platforms, builds trust through career conversations, and schedules a fake technical interview.

At a critical point, the victim is directed to download a file called “Zoom SDK Update.scpt,” a compiled AppleScript that opens in the macOS Script Editor app.

Since the Script Editor is a trusted, Apple-built application, macOS raises no flags, and the user sees routine upgrade instructions while thousands of blank lines below conceal malicious code ready to execute.

Microsoft Threat Intelligence analysts identified this campaign and noted that the specific combination of execution patterns, including the use of AppleScript as a dedicated credential-harvesting component, had not been previously observed from Sapphire Sleet.

After discovering the activity, Microsoft shared findings with Apple through responsible disclosure, and Apple has since deployed XProtect signature updates and Safe Browsing protections in Safari to detect and block infrastructure linked to this campaign.

Sapphire Sleet primarily targets individuals and organizations in cryptocurrency, finance, venture capital, and blockchain sectors.

Once active, the malware harvests the victim’s login password, steals Telegram session data, browser credentials, crypto wallet keys from applications like Ledger Live and Exodus, SSH keys, and macOS keychain databases.

All stolen data is compressed and uploaded silently to attacker-controlled servers over port 8443.

The malware bypasses macOS security layers including Gatekeeper and Transparency Consent and Control.

By convincing the user to manually run the file, Sapphire Sleet shifts execution into a user-initiated context where these protections no longer apply, placing behavioral awareness at the center of any meaningful defense.

Inside the Infection Chain

Once the victim opens the lure file, the attack moves through a fast chain of commands.

The script invokes the legitimate macOS “softwareupdate” binary with an invalid parameter to mimic a real system process, then uses “curl” to fetch a remote AppleScript payload and pass it directly to the “osascript” interpreter.

This pattern repeats across five stages, each tracked by user-agent strings mac-cur1 through mac-cur5, allowing Sapphire Sleet to manage payload delivery and monitor campaign progress.

The mac-cur1 stage acts as the orchestrator, collecting system details, registering the infected machine with Sapphire Sleet’s command-and-control servers, and deploying a host monitoring binary called “com.apple.cli.”

A backdoor named “services” simultaneously installs a launch daemon called “com.google.webkit.service.plist,” named to closely mimic legitimate Apple and Google services so it persists across reboots without drawing attention.

The mac-cur2 stage delivers the credential harvester, “systemupdate.app,” which displays a native password dialog identical to a real system prompt.

When the user enters their password, the malware validates it against the local authentication database and immediately sends it to Sapphire Sleet via the Telegram Bot API.

A second fake application named “softwareupdate.app” then displays a “system update complete” message so the victim has no reason to grow suspicious.

To reach protected data, the mac-cur3 stage manipulates the TCC database by directing Finder to rename the TCC folder temporarily, allowing the malware to insert permissions that let osascript access sensitive files without triggering a consent prompt.

A 575-line exfiltration script then collects nine categories of data and uploads them to attacker servers.

Users and organizations should treat any unsolicited request to run terminal commands during an online interview as a clear warning sign.

Blocking compiled AppleScript (.scpt) files, auditing LaunchDaemon plist files for unexpected entries, and monitoring the TCC database for unauthorized changes are all effective defensive steps.

Keeping macOS updated ensures Apple’s latest XProtect signatures and Safari Safe Browsing protections remain active to block known components of this campaign.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Fake Zoom SDK Update Delivers Sapphire Sleet Malware in New macOS Intrusion Chain appeared first on Cyber Security News.

The flaw, tracked as CVE-2026-39987, allows remote code execution without authentication, making it a dangerous entry point for threat actors leveraging it to install a new variant of the NKAbuse malware through a fake Hugging Face Space.

The advisory, identified as GHSA-2679-6mx9-h9xc, was published on GitHub on April 8, 2026. Within just 9 hours and 41 minutes, the first active exploitation was recorded.

From April 11 to April 14, 2026, attackers from 11 unique IP addresses across 10 countries launched 662 exploit events against exposed marimo instances.

What began as early scanning quickly escalated into a full-scale, multi-actor campaign targeting AI developer workstations.

Researchers at the Sysdig TRT identified and documented these attacks as they unfolded, noting four distinct post-exploitation patterns: credential harvesting, reverse shell attempts, DNS-based data exfiltration, and deployment of a previously undocumented NKAbuse variant.

The speed of weaponization confirmed that multiple threat actors were independently targeting the same vulnerability within days of its public disclosure.

The most alarming finding was the deployment of a Go-based backdoor named kagent through a typosquatted Hugging Face Space called vsccode-modetx, built to mimic a legitimate VS Code tool.

Using a simple curl command against a marimo endpoint, the attacker pulled and executed a shell dropper that downloaded the kagent binary to the victim system.

The Hugging Face domain carried zero malicious flags across 16 reputation sources at the time, allowing the payload to bypass standard security filters without raising any alarms.

The attack impact extended beyond a single compromised notebook. Attackers quickly pivoted from exploiting marimo to accessing connected PostgreSQL databases and Redis instances using credentials pulled from environment variables.

One operator extracted AWS access keys, database connection strings, and OpenAI API tokens, demonstrating that one exposed marimo instance could open a foothold into broader cloud infrastructure.

NKAbuse Variant and Persistence Tactics

The kagent binary is a stripped, UPX-packed Go ELF file that unpacks from 4.3 MB to 15.5 MB and communicates with a command-and-control server over the NKN blockchain network.

the NKN protocol uses decentralized relay nodes, there is no single IP address or domain to block, and C2 traffic blends with normal blockchain activity, making detection difficult with conventional tools.

The dropper script establishes persistence using three sequential methods: first creating a systemd user service at ~/.config/systemd/user/kagent.service, then adding a crontab @reboot entry, and finally installing a macOS LaunchAgent at ~/Library/LaunchAgents/com.kagent.plist.

All output is silently redirected to ~/.kagent/install.log, hiding activity from standard process monitoring. Defenders must check all three locations to fully remove the implant.

Compared to the original NKAbuse from December 2023, this 2026 variant targets AI developer tooling using a brand-new vulnerability, uses Hugging Face for delivery, and disguises the binary as a legitimate Kubernetes agent named kagent, where the original exploited a six-year-old Apache Struts flaw against Linux desktops and IoT devices.

The Sysdig TRT shared the following steps for defenders:

• Update marimo to version 0.23.0 or later immediately, as the vulnerability requires no authentication and is actively targeted.
• Hunt for the ~/.kagent/ directory, the kagent.service systemd entry, and any running kagent process on systems that ran marimo.
• Block vsccode-modetx.hf.space at the proxy or DNS level to stop the known payload delivery URL.
• Rotate all credentials on exposed marimo instances, focusing on DATABASE_URL, AWS keys, and API tokens stored in environment variables.
• Monitor network traffic for NKN blockchain relay patterns that indicate active C2 communication from an infected host.
• Audit Hugging Face Spaces and AI/ML dependencies, and restrict access to verified publishers only.
• Deploy runtime behavioral detection, as signature-based tools cannot catch zero-detection malware hosted on trusted platforms.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face appeared first on Cyber Security News.

The findings, posted to Reddit by user u/Past_Computer2901, have sent shockwaves through the crypto security community, revealing a highly coordinated operation that combines tampered hardware, trojanized software, and cross-platform malware deployment into a single unified phishing pipeline.

The researcher purchased the device at a price matching the official Ledger store, with packaging and product listings that appeared authentic at a glance. Suspicion arose only after the device failed Ledger’s built-in Genuine Check when connected to a legitimately installed copy of Ledger Live — prompting a full physical teardown.

Inside the shell, the deception became undeniable. The original secure element chip had been replaced with an ESP32-S3 microcontroller, a generic IoT component manufactured by Shanghai-based Espressif Systems, a chip with no business being inside a hardware security device.

The chip markings had been physically scraped off to prevent identification, and the device contained a WiFi/Bluetooth antenna entirely absent in genuine Ledger Nano S Plus units. During boot mode, the chip initially spoofed itself as a legitimate Ledger product, but once the boot sequence completed, it betrayed its true identity: Espressif Systems.

A full firmware dump confirmed the most alarming finding: every PIN entered, and seed phrase generated on the device was stored in plaintext and transmitted to attacker-controlled command-and-control (C2) servers, including the domain kkkhhhnnn[.]com.

The fake firmware was labeled “Nano S+ V2.1” — a version that does not exist in Ledger’s official firmware lineup — effectively impersonating a product release to instill false confidence. The operation was designed to drain wallets across approximately 20 different blockchain networks simultaneously.

The counterfeit device shipped with a QR code inside the box, not directing buyers to ledger.com, but to a cloned phishing website where they would download a trojanized version of the Ledger Live app.

The fake app contained a hardcoded “Genuine Check” that always returned a success screen, meaning first-time crypto users would never receive any warning that their device was compromised. The malicious app was not properly signed and silently exfiltrated wallet data the moment it was used.

The scope of the operation extends far beyond a single fake app. The threat actors behind this campaign have deployed malware across Android, Windows, macOS, and iOS, with the iOS variant distributed through Apple’s TestFlight program to entirely bypass App Store review requirements.

Infrastructure analysis revealed three C2 servers, a cloned website, and a QR code redirect chain all registered under a shell company based in Shanghai.

Critically, the researcher clarified that Ledger’s official cryptographic Genuine Check does successfully detect this counterfeit device, but only when using the real Ledger Live downloaded from ledger.com.

The scam’s effectiveness hinges entirely on ensuring the victim never interacts with the legitimate application. The researcher has submitted a full technical report to Ledger’s security team, and a deeper analysis is expected following their review.

How to Stay Protected

• Buy only from Ledger’s official website (ledger.com) or verified authorized resellers never from third-party Chinese marketplaces or auction sites
• Download Ledger Live exclusively from ledger.com — never scan QR codes from inside the box to obtain software
• Run the Genuine Check immediately upon first connecting any hardware wallet
• Treat any firmware version not listed on Ledger’s official changelog as a red flag.
• Report suspicious devices to Ledger’s security team at security@ledger.fr.

This incident marks one of the most technically sophisticated hardware wallet supply chain attacks documented to date, with confirmed financial losses from the fake app component alone surpassing $9.5 million across more than 50 victims.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Fake Ledger Hardware Wallets on Chinese Marketplaces Steal Crypto Seeds and PINs appeared first on Cyber Security News.

The release is notable because Anthropic is testing these protections on a broadly available model before considering wider access to its more powerful Mythos-class systems.

According to Anthropic, Opus 4.7 performs better than Opus 4.6 on difficult coding tasks, follows instructions more precisely, and can verify parts of its own work before responding.

What’s New in the Latest Update

The company also says the model has stronger vision capabilities, supporting images up to 2,576 pixels on the long edge, which can help with detailed screenshot analysis, diagram reading, and document understanding.

The cybersecurity angle is what makes this launch especially important.

Core Upgrades: Better coding (+10–15%), precise instructions, improved long-task reliability, self-checking, and stronger memory.

Vision: Higher-res images, improved UI/diagram reading, 98.5% visual accuracy.

Security: Real-time threat blocking, verification program, advanced safeguards.

Developer Features: xhigh mode, task budgets, improved tokenizer, 1-hour cache.

Claude Code: /ultrareview, fullscreen TUI, auto mode, xhigh default.

Availability & Pricing: Same pricing, available across major platforms.

Anthropic said Opus 4.7 includes safeguards that automatically detect and block prompts linked to prohibited or high-risk cyber activity.

At the same time, the company is inviting legitimate security researchers, red-teamers, and penetration testers to apply for a new Cyber Verification Program so they can use the model for approved security work with fewer restrictions.

This rollout follows Anthropic’s recent Project Glasswing initiative, which was created to study how advanced AI models can help defend critical software while reducing the risk of offensive misuse.

In that announcement, Anthropic said its unreleased Claude Mythos Preview demonstrated very strong vulnerability discovery and exploit development capabilities, strong enough that the company chose not to make it generally available.

Instead, Anthropic said it would test new cyber defenses first on a less capable model, and Opus 4.7 is the first product to carry that plan into production.

Anthropic also said Opus 4.7 keeps the same price as Opus 4.6, at $5 per million input tokens and $25 per million output tokens.

The model is now available across Claude products, the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry, providing enterprises with several deployment options. For developers, the update includes operational changes beyond safety.

Anthropic introduced a new xhigh effort level for harder reasoning tasks, public beta task budgets for managing token usage in long-running jobs, and a new /ultrareview feature in Claude Code for bug and design review.

The migration guide also notes that Opus 4.7 uses a new tokenizer that may increase token counts by 1.0 to 1.35 times, depending on content, meaning teams may need to retune prompts, budgets, and output limits when upgrading.

From a security industry perspective, this release shows how AI vendors are beginning to treat cyber capabilities as a governed feature rather than just a competitive advantage.

Anthropic is trying to balance stronger coding autonomy with automated misuse controls, using live deployment data from Opus 4.7 to shape how future, more capable models might be released safely.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Anthropic Releases Claude Opus 4.7 with Automated Real-Time Cybersecurity Safeguards appeared first on Cyber Security News.