Tech News Centre

Moody’s Highlights Rising Banking Sector Risks Amid AI Cyber Warfare

2026-06-03T00:26:09.990+05:30

Moody’s Warns AI Cyber Arms Race Is Escalating Risks for Banks

Advanced AI Is Reshaping the Cybersecurity Battlefield

The emergence of frontier artificial intelligence models is transforming the cybersecurity landscape at an unprecedented pace. While AI is delivering powerful benefits to organizations, it is also enabling attackers to discover and exploit software vulnerabilities faster than ever before.

According to a recent Moody’s report, financial institutions are among the sectors facing the greatest exposure as increasingly capable AI systems accelerate the cyber arms race between attackers and defenders.

The report, titled "Arms Race: Deep Defenses Will Help Banks Navigate Cyber Threats from New AI Models," highlights how advanced AI technologies are fundamentally changing the economics of cyberattacks and forcing banks to rethink their security strategies.

Financial Institutions Remain Prime Targets

Banks have long been attractive targets for cybercriminals due to the enormous volumes of money, sensitive customer information, and critical financial infrastructure they manage.

As cybercriminals gain access to increasingly sophisticated AI-powered tools, the scale and effectiveness of attacks are expected to rise significantly. Moody’s notes that data breaches are already becoming more expensive, with organizations facing record-breaking recovery and remediation costs.

The concern is no longer limited to isolated incidents. Cyber risk is increasingly becoming a systemic threat capable of affecting multiple institutions simultaneously, particularly as financial ecosystems become more interconnected through digital platforms, cloud services, and third-party vendors.

Attackers Are Moving Faster Than Defenders

One of the most concerning findings highlighted by Moody’s is the growing gap between vulnerability exploitation and remediation.

Cybercriminals are now exploiting newly discovered software flaws within weeks, while many organizations still require months to fully patch and secure affected systems. Even though banks generally outperform other industries in vulnerability management, they continue to struggle to keep pace with rapidly evolving threats.

This imbalance creates a dangerous window of opportunity where attackers can weaponize vulnerabilities before organizations have completed their remediation efforts.

As AI systems become capable of identifying weaknesses across large software environments automatically, the pressure on security teams is expected to intensify.

Legacy Systems Continue to Create Security Challenges

Many financial institutions operate complex technology infrastructures that have evolved over decades. These legacy systems often support critical banking operations but can be difficult and costly to modernize.

Outdated software, delayed patching cycles, and aging infrastructure provide attractive entry points for cyber attackers. The complexity of these environments frequently slows security updates and increases operational risks.

In addition, banks increasingly rely on extensive networks of third-party vendors, cloud providers, and software suppliers. Every external dependency introduces potential vulnerabilities that can be exploited through supply chain attacks.

Recent cybersecurity incidents across multiple industries have demonstrated how a single compromised vendor can impact hundreds or even thousands of organizations.

Cybersecurity Spending Set to Increase

As threats continue to grow, financial institutions are allocating larger portions of their technology budgets toward cybersecurity initiatives.

Industry analysts suggest that many organizations may need to significantly increase cybersecurity investments over the coming years. Traditional annual budget increases may no longer be sufficient to address the rapidly evolving threat environment driven by AI-enabled attacks.

Investment priorities include:

Continuous vulnerability management
Advanced threat detection systems
Security automation platforms
Zero Trust architectures
Third-party risk management
Incident response and cyber resilience programs

The focus is shifting from prevention alone toward maintaining operational resilience during active cyber incidents.

Zero Trust and Continuous Patching Become Essential

Moody’s emphasizes that modern cybersecurity strategies must focus on reducing attacker opportunities through faster remediation and stronger architectural defenses.

Many banks are accelerating adoption of Zero Trust security models, which require continuous verification of users, devices, and applications before granting access to critical systems.

At the same time, organizations are moving away from traditional patch management cycles toward continuous patching approaches that reduce exposure windows for newly discovered vulnerabilities.

These measures are becoming increasingly important as AI enables attackers to identify weaknesses at machine speed.

AI Is Also Strengthening Defenders

While AI is creating new risks, it is also providing powerful defensive capabilities.

Financial institutions are deploying AI-driven security tools to improve threat detection, vulnerability discovery, and security monitoring. Machine learning systems can analyze enormous volumes of data, identify suspicious activity, and prioritize security risks more efficiently than traditional approaches.

AI-assisted software development is also helping organizations identify vulnerabilities earlier in the development lifecycle, supporting secure-by-design principles that integrate security from the beginning rather than after deployment.

However, AI is not a complete solution. Human expertise remains essential for validating findings, implementing fixes, and making strategic security decisions.

Building Cyber Resilience for the AI Era

The cybersecurity challenge facing banks is no longer simply about preventing attacks. It is about building resilient systems capable of withstanding increasingly sophisticated threats.

Organizations that can rapidly identify vulnerabilities, deploy patches, strengthen governance, and adopt modern security architectures will be better positioned to manage the risks created by advanced AI.

Moody’s concludes that while frontier AI models are raising the stakes for cybersecurity, they also offer opportunities for defenders who can adapt quickly. In the coming years, success will depend not only on security technology but also on organizational agility, cyber resilience, and the ability to respond faster than attackers can exploit emerging weaknesses.

Bottom Line: The AI-driven cyber arms race has begun. For banks and financial institutions, resilience, Zero Trust security, continuous patching, and AI-assisted defense strategies are becoming critical requirements rather than optional investments.

Source: https://cybermagazine.com/news/moodys-warns-ai-cyber-arms-race-raises-risks-for-banks

GlassWorm Infrastructure Takedown Weakens Developer Supply Chain Attacks

2026-05-27T22:50:41.997+05:30

GlassWorm Malware Infrastructure Disrupted in Major Supply Chain Security Operation

Cybersecurity researchers have confirmed a large-scale disruption of the infrastructure behind GlassWorm, an advanced malware campaign that has been actively targeting software developers through malicious packages, compromised extensions, and poisoned development environments.

The coordinated operation, led by CrowdStrike alongside Google and the Shadowserver Foundation, successfully neutralized all known command-and-control (C2) communication channels used by the threat actors.

Developers Become Prime Targets for Supply Chain Attacks

Since early 2025, GlassWorm operators have focused heavily on software developers due to their privileged access to critical infrastructure such as source code repositories, cloud platforms, package registries, and CI/CD pipelines.

Unlike traditional malware campaigns aimed at end users, GlassWorm was engineered to compromise developer ecosystems. A single infected developer workstation could potentially allow attackers to inject malicious code into software packages distributed to thousands of organizations worldwide.

Security experts warn that this growing trend represents one of the most dangerous attack vectors in modern cybersecurity because compromised software dependencies can rapidly spread malware across enterprise environments.

Malicious VS Code Extensions and Poisoned Packages

GlassWorm initially gained attention after researchers discovered trojanized extensions being distributed through both the Microsoft VS Code Marketplace and Open VSX repositories.

The malware campaign targeted users of several popular Visual Studio Code forks and developer tools, including:

Visual Studio Code
Cursor
Positron
Windsurf
VSCodium

Researchers also identified malicious npm and Python packages carrying hidden GlassWorm payloads, further expanding the attack surface across developer communities.

Advanced Malware Capabilities

Once installed, GlassWorm deployed a sophisticated malware framework capable of:

Credential harvesting
Cryptocurrency wallet theft
Browser data extraction
System profiling
Remote code execution
Clipboard and keystroke monitoring
Screenshot capture

Later variants introduced a WebSocket-based JavaScript remote access trojan known as GlassWormRAT, enabling attackers to execute arbitrary commands on compromised systems.

The malware also attempted to steal authentication tokens linked to:

GitHub repositories
npm accounts
OpenVSX accounts
Cloud services
Crypto wallets

Stolen credentials were then allegedly used to compromise additional repositories and distribute more malicious packages across software ecosystems.

Infected Systems Turned Into Hidden Infrastructure

Security researchers revealed that compromised machines were transformed into covert operational nodes that helped attackers maintain persistence and anonymity.

These infected hosts were used as:

SOCKS proxy servers
Hidden VNC (HVNC) systems
Remote execution nodes
Peer-to-peer relay infrastructure

By abusing legitimate systems, the attackers could hide malicious traffic and continue expanding their operations without relying entirely on traditional servers.

Investigators estimate that more than 300 GitHub repositories were affected using stolen developer credentials.

Multi-Layered Command-and-Control Network

One of the most unusual aspects of GlassWorm was its resilient and decentralized communication infrastructure.

Instead of relying on a single C2 server, the malware used four separate communication channels simultaneously:

1. Solana Blockchain Integration

GlassWorm stored command server addresses inside transaction memo fields on the Solana blockchain, allowing infected systems to retrieve updated infrastructure details without traditional hosting.

2. BitTorrent Distributed Hash Table (DHT)

The malware leveraged peer-to-peer BitTorrent DHT networks to obtain configuration data dynamically.

3. Google Calendar Abuse

Attackers reportedly hid command server information inside event titles hosted on Google Calendar services.

4. Commercial VPS Infrastructure

Direct fallback communication with command servers hosted on commercial VPS providers ensured additional redundancy.

Researchers explained that this layered design made GlassWorm extremely difficult to disrupt because removing one channel would not fully disable the malware.

Coordinated Takedown Operation

The recent cybersecurity operation simultaneously disabled all four communication methods, effectively preventing infected systems from receiving new commands, payloads, or updates.

Experts describe the operation as a significant blow to the threat actors behind GlassWorm, although security analysts caution that the operators may attempt to rebuild their infrastructure using new techniques.

Suspected Russian Cybercriminal Links

Researchers believe the campaign may be linked to Russian-speaking cybercriminal groups. Evidence supporting this assessment includes:

Russian-language comments embedded within malware code
Malware self-termination on systems located in CIS countries
Operational tactics commonly associated with Russian cybercrime ecosystems

However, no official public attribution has yet been confirmed.

Growing Risks in the Software Supply Chain

The GlassWorm campaign highlights how software supply chain attacks are becoming increasingly sophisticated and dangerous.

Modern organizations rely heavily on third-party libraries, extensions, open-source packages, and automated development pipelines. Attackers understand that compromising developers provides a direct path into enterprise environments.

Hacker Steals $24.5 Million in Major Resolv DeFi Platform Breach

2026-03-24T23:34:00.004+05:30

AI-Powered Phishing Surge Exploits Microsoft Authentication, Targets Thousands

In a concerning shift in cyberattack tactics, security researchers have uncovered a large-scale phishing campaign leveraging artificial intelligence to generate highly customized lures. The campaign, which intensified sharply in early March, is being described as one of the most aggressive and effective phishing operations seen in recent times.

Sudden Spike in Phishing Activity

Initially, the attack campaign targeted a few dozen victims daily. However, beginning March 3, researchers observed a dramatic escalation in activity.

Unlike traditional phishing campaigns, this operation stood out due to its sophistication and scale. Each phishing email appeared unique—featuring different domains, formats, and messaging styles—making detection significantly harder.

Security experts believe attackers may have used AI tools to automatically generate these variations, enabling them to bypass conventional email security filters.

The volume and effectiveness of the campaign suggested a major shift in how phishing attacks are being executed.

Diverse and Deceptive Attack Methods

The attackers deployed a wide range of phishing techniques, including:

Fake file download links
QR code-based lures
Compromised file-sharing platforms
Traditional email-based social engineering

This diversity made it difficult for organizations to identify patterns or block the attacks effectively.

Exploiting Microsoft Device Authentication

At the core of the campaign is the abuse of Microsoft OAuth device authentication flow, commonly used by devices such as smart TVs, printers, and terminals.

This method allows attackers to:

Gain valid authentication tokens
Bypass passwords and multi-factor authentication (MFA)
Maintain access for up to 90 days

Once access is granted, attackers can potentially move laterally within compromised environments.

🏢 Widespread Impact Across Industries

Security firm Huntress reported that hundreds of its customers were affected, though the actual number of victims is likely much higher—possibly in the thousands.

The impacted sectors include:

Construction and trade
Legal firms
Nonprofits
Real estate
Manufacturing
Finance and insurance
Healthcare
Government and public safety

This broad targeting indicates the campaign was opportunistic rather than industry-specific.

Abuse of Cloud Infrastructure

Researchers also discovered that attackers leveraged Railway, a Platform-as-a-Service (PaaS), to deploy phishing infrastructure.

By using such platforms, attackers were able to:

Rapidly spin up phishing environments
Use legitimate cloud IP addresses
Evade detection systems
Scale operations quickly

All observed malicious traffic in this campaign was traced back to Railway’s infrastructure.

In response, Railway took action by:

Blocking malicious domains
Suspending associated accounts
Investigating abuse patterns

However, the attackers’ ability to avoid detection highlights limitations in automated fraud detection systems.

Detection Challenges and Response

One of the key challenges in stopping this campaign was the absence of repeatable indicators such as:

Reused domains
Shared infrastructure
Duplicate phishing templates

This made traditional detection methods far less effective.

To mitigate risk, Huntress implemented a large-scale defensive measure by updating conditional access policies across tens of thousands of Microsoft cloud environments—blocking suspicious traffic linked to the campaign.

Rise of AI-Driven Cybercrime

This incident highlights a growing concern in cybersecurity: the increasing use of AI by cybercriminals.

Traditionally, advanced attack techniques were associated with state-sponsored actors. However, AI is now enabling even low-level attackers to:

Automate phishing campaigns
Generate realistic and varied attack content
Scale operations rapidly

Experts warn that this democratization of cyberattack tools could significantly increase the volume and success rate of attacks.

Cybercriminals Exploit Fake AI Browser Add-Ons to Target 260K Chrome Users

2026-02-16T23:27:00.001+05:30

Fake AI Chrome Extensions Duped 260K+ Users — What You Need to Know

The Google Chrome ecosystem is facing a new wave of browser-based threats — and this time attackers are exploiting the explosive popularity of artificial intelligence tools. Security researchers have uncovered dozens of malicious Chrome extensions masquerading as AI assistants that secretly harvest sensitive user data. More than 260,000 users have already downloaded these deceptive add-ons, highlighting a growing cybersecurity risk hiding in plain sight.

Here’s what happened, how the scam works, and what users and organizations should do immediately.

Fake AI Extensions Flood the Chrome Web Store

According to researchers at LayerX, at least 30 Chrome extensions were discovered that appear nearly identical, differing only in branding and naming. Each extension presents itself as a helpful AI assistant capable of summarizing text, translating content, or generating responses — features that mirror legitimate AI productivity tools.

Many of these extensions accumulated tens of thousands of installs and strong user ratings, making them appear trustworthy. Because they are distributed through the official Chrome Web Store, users naturally assume they are safe.

This false sense of legitimacy is exactly what attackers are counting on.

How the Malicious AI Extensions Steal Data

At first glance, these extensions function like normal AI assistants. Users see a polished chat interface and receive believable AI-generated responses. Behind the scenes, however, the process is far more dangerous.

Instead of running locally, the extension loads a hidden interface from an attacker-controlled server. Every prompt or piece of content submitted is transmitted externally, where it can be captured and stored.

This means victims may unknowingly share:

Emails and browser content
Customer records
API keys and authentication tokens
Business or confidential documents
Personal messages

The attacker can even proxy legitimate AI APIs to produce convincing responses — masking the data theft entirely.

Security researchers warn that modern users are conditioned to paste sensitive information into AI tools without hesitation, dramatically increasing the impact of this attack method.

Why This Attack Is Especially Dangerous

Unlike older phishing attempts that impersonated banks or login portals, this campaign exploits trust in AI workflows. Users expect AI tools to process large amounts of sensitive information — summaries, internal data, or customer details — making data exfiltration far less suspicious.

Consider a workplace scenario:

An employee installs what appears to be an AI summarization extension. They open a customer management system and request a summary. The extension silently transmits the full dataset to external servers before returning a harmless-looking response.

The result could include:

Intellectual property leakage
Regulatory compliance violations
Exposure of customer information
Increased risk of follow-up cyberattacks

For businesses, the implications are serious.

Popular Fake Extensions Identified

Some malicious extensions were designed to resemble well-known AI services, including:

Gemini AI Sidebar
ChatGPT Translate
AI Assistant
AI Sidebar
AI GPT

Collectively, these extensions surpassed 260,000 downloads. Several remained available even after disclosure, with strong ratings and featured listings — factors that further mislead users.

Why These Extensions Evaded Detection

The extensions themselves often request minimal permissions and appear harmless during store review. Most malicious behavior occurs off-platform through remote servers, making it difficult for automated checks to detect suspicious activity.

Because attackers reuse infrastructure and load code dynamically, traditional static analysis may fail to identify the connection between multiple malicious extensions.

The Bigger Picture: AI Trust Is Being Weaponized

This campaign demonstrates a shift in cybercrime strategy. Attackers are no longer just impersonating financial services — they are exploiting the growing trust users place in AI tools.

As AI becomes embedded in everyday workflows, malicious actors will increasingly target that trust. Vigilance, awareness, and stricter extension hygiene are now essential parts of personal and corporate cybersecurity.

China-Linked Lotus Blossom Group Behind Notepad++ Hosting Cyberattack

2026-02-04T00:22:00.000+05:30

Notepad++ Hosting Breach Linked to China-Linked Lotus Blossom APT, “Chrysalis” Backdoor Discovered

A China-linked cyber-espionage group known as Lotus Blossom has been attributed with medium confidence to the compromise of infrastructure used to host Notepad++, the widely used open-source text editor. The incident enabled attackers to deliver a previously undocumented backdoor dubbed Chrysalis to a select group of users, according to research from Rapid7.

The attack represents a targeted software supply chain intrusion, where threat actors manipulated the update delivery process rather than breaching the Notepad++ codebase itself.

Hosting Provider Compromise Enabled Update Hijacking

Notepad++ maintainer Don Ho confirmed that the breach occurred at the hosting provider level, allowing attackers to hijack update traffic beginning in June 2025. The adversaries selectively redirected update requests from certain users to malicious servers, serving a tampered installer.

The attack exploited insufficient update verification mechanisms present in older Notepad++ versions. This weakness was resolved in December 2025 with the release of version 8.8.9.

Key response actions taken:

Malicious redirections stopped on December 2, 2025
Hosting infrastructure migrated to a new, more secure provider
All credentials rotated
No evidence found that plugin systems or official updater mechanisms were directly abused

Infection Chain: From Update to Backdoor

Rapid7 observed the following execution sequence on affected systems:

notepad++.exe launches
The legitimate updater GUP.exe runs
A suspicious update.exe file is downloaded from 95.179.213.0

The malicious update.exe was a Nullsoft Scriptable Install System (NSIS) installer containing:

An NSIS installation script
BluetoothService.exe (a renamed Bitdefender Submission Wizard binary used for DLL sideloading)
Encrypted shellcode (Chrysalis)
log.dll, a malicious DLL responsible for decrypting and executing the shellcode

DLL sideloading is a technique commonly associated with Chinese APT groups.

Chrysalis Backdoor Capabilities

Chrysalis is a custom, feature-rich implant designed for espionage. It collects system information and contacts the C2 domain api.skycloudcenter[.]com (currently offline).

Capabilities include:

Spawning interactive shells
Creating and managing processes
File operations (upload/download/delete)
Self-uninstallation
Processing commands delivered via HTTP responses

Rapid7 also identified a component (conf.c) designed to retrieve a Cobalt Strike beacon using a custom loader that embeds Metasploit Block API shellcode.

Advanced Tradecraft and Warbird Abuse

One loader, ConsoleApplication2.exe, used Microsoft Warbird, an undocumented internal code obfuscation framework. The attackers appear to have adapted a public proof-of-concept published by Cirosec in September 2024.

Researchers noted:

Continued use of DLL sideloading and service persistence
Multi-layered shellcode loaders
Integration of undocumented system calls like NtQuerySystemInformation
Blending custom malware with commodity tools (Metasploit and Cobalt Strike)

This evolution signals more resilient and stealthy tradecraft.

Attribution to Lotus Blossom

Rapid7 linked Chrysalis to Lotus Blossom (also tracked as Billbug, Bronze Elgin, Lotus Panda, Raspberry Typhoon, Spring Dragon, and Thrip) based on overlaps with earlier campaigns. A previous operation documented by Symantec in April 2025 also used legitimate security software binaries for DLL sideloading.

Kaspersky Observes Three Infection Chains

Kaspersky identified three distinct infection chains targeting a small set of high-value organizations and individuals in:

Vietnam
El Salvador
Australia
Philippines (government entity)
Financial and IT service sectors

Attackers rotated C2 servers, loaders, and payloads between July and October 2025.

Common Traits Across Chains

Malicious NSIS installers
System reconnaissance (whoami, tasklist, netstat, systeminfo)
Metasploit downloaders
Final-stage Cobalt Strike beacons

By November 2025, Kaspersky observed no further payload deployment.

A Growing Software Supply Chain Threat

This incident highlights how software update mechanisms remain prime targets for state-sponsored attackers. By breaching update infrastructure rather than source code, adversaries can conduct highly selective, stealthy intrusions into sensitive organizations worldwide.

The Notepad++ case underscores the importance of:

Strong cryptographic update validation
Hosting provider security monitoring
Rapid patch adoption
Network-level anomaly detection for update traffic

Airtel-Perplexity Pro "Free" Offer Under Fire as New Credit Card Requirement Surfaces

2026-01-12T21:32:00.000+05:30

A wave of frustration is hitting Indian tech enthusiasts as Perplexity AI and Airtel appear to have altered the terms of their highly publicized "One Year Free Perplexity Pro" collaboration.

The Original Promise Launched as part of the Airtel Thanks program, the offer originally allowed eligible Airtel users to claim a year of Perplexity Pro (valued at ~$200) without any financial commitment. Archived versions of the official help page dated as recently as late November 2024 explicitly confirmed that users did not need to provide credit card or debit card information to activate the service.

The December 23rd Shift On December 23, the landscape shifted. Users who had already successfully signed up—and those attempting to join—received emails and saw updated web pages stating that a payment method is now mandatory.

The updated help center link now states that while the first year remains free, a "valid payment method" must be attached to the account for "verification purposes" and to ensure "uninterrupted service" once the trial ends.

User Backlash The sudden change has raised two primary concerns among the Indian user base:

Security & Privacy: Many users chose the offer specifically because it didn't require sharing sensitive banking details.
Retroactive Changes: Users who signed up weeks ago are reportedly being told they must now add a card or risk losing the "free" access they had already secured.

What This Means for You If you are an Airtel subscriber using this promo, check your registered email. You may be required to log in and add a card to prevent your Pro account from being downgraded to the "Free" tier.

Rootkit Tactics: How Chinese Hackers Hide ToneShell Malware Activity

2025-12-30T23:13:00.003+05:30

Chinese Hackers Use Kernel Rootkit to Conceal ToneShell Malware

A China-linked advanced persistent threat (APT) group associated with HoneyMyte, also known as Mustang Panda or Bronze President, has been observed deploying a new kernel-mode rootkit to stealthily hide its ToneShell backdoor operations.

Security researchers report that this campaign is focused on long-term cyber-espionage, rather than financial gain, and has primarily targeted government networks across Southeast and East Asia, with Myanmar and Thailand suffering the most significant impact.

Attack Overview: Signed Driver as the Entry Point

The attack begins on already compromised Windows systems, where attackers drop a malicious kernel driver named:

ProjectConfiguration.sys

This driver is loaded as a Windows mini-filter driver, granting it deep access to system operations. To avoid raising suspicion, the driver is digitally signed using a stolen but valid certificate originally issued to Guangzhou Kingteller Technology Co., Ltd.

Although the certificate is outdated, it is still sufficient to make the driver appear legitimate to Windows and some endpoint security products, allowing it to load without triggering immediate alerts.

More Than a Loader: Full Rootkit Capabilities

According to researchers at Securelist, the malicious driver does far more than simply load the ToneShell backdoor. It functions as a full-fledged kernel rootkit, designed to protect the entire attack toolset from detection and removal.

The campaign was linked to earlier HoneyMyte operations based on the presence of additional known tools on victim systems, including:

ToneDisk USB-propagating worm
PlugX remote access trojan
Older variants of ToneShell

Kernel-Level Stealth Techniques

Once loaded, the rootkit performs several stealth operations:

Injects the ToneShell backdoor into a high-privilege svchost.exe process
Hides both the driver file and the malicious process from system listings
Hooks file system and registry operations so any attempt to delete, rename, or modify the driver or its service keys returns STATUS_ACCESS_DENIED at the kernel level
Alters the Microsoft Defender WdFilter altitude, placing its own filter deeper in the driver stack, allowing it to intercept and block security operations before Defender or other tools can act

These techniques effectively neutralize many endpoint detection and response (EDR) mechanisms.

Rootkit-Driven Infection Workflow

The malicious driver embeds two shellcodes within its .data section:

1. Process Creation Shellcode

Creates a new svchost.exe instance
Writes the process ID to disk
Sets up shared event names and file paths for coordination

2. ToneShell Injection Shellcode

Injects the ToneShell backdoor into the newly created process
Adds the process to a protected process list, preventing other applications from obtaining handles to it

This ensures that the backdoor remains both persistent and inaccessible to security tools.

Command-and-Control Communication

Once active, ToneShell communicates with its command-and-control (C2) servers using:

Raw TCP connections over port 443
Fake TLS 1.3-like headers
XOR-encrypted payloads

This approach allows the malware traffic to blend in with legitimate HTTPS activity while avoiding full TLS implementations that could expose it to inspection.

China-Backed Hackers Abuse Insecure Cisco Configurations in Cyber Attacks

2025-12-21T23:05:00.000+05:30

China-Linked Hackers Exploit Misconfigured Cisco Security Products to Deploy Backdoors

China-linked threat actors have been actively exploiting misconfigured Cisco security products to gain persistent access to targeted networks, according to new findings from Cisco. The campaign has been ongoing for several weeks and highlights how insecure configuration choices—not software flaws alone—can expose critical infrastructure to advanced cyber threats.

Cisco is tracking the activity under the identifier UAT-9686, a hacker group assessed to have links to China-based advanced persistent threat (APT) operations. The attackers are abusing an insecure configuration within Cisco AsyncOS, the operating system that powers Cisco’s email and web security appliances, including both physical devices and virtual platforms.

Misconfigured Feature Opens the Door

The issue centers around AsyncOS’s Spam Quarantine feature, which allows administrators to make the quarantine interface accessible over the internet. While this setting is disabled by default, organizations that manually enable external access inadvertently expose their devices to potential compromise.

Cisco warned that threat actors are exploiting this exposed interface to gain unauthorized access and execute commands with root-level privileges on affected appliances.

“This attack allows the threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance,” Cisco stated in its advisory.

Backdoors and Stealthy Persistence

Once inside a victim environment, the attackers deploy a custom Python-based backdoor known as AquaShell. This implant listens for incoming commands and allows the attackers to execute instructions remotely, effectively granting long-term control over compromised systems.

In addition to AquaShell, Cisco observed the use of multiple auxiliary tools designed to maintain stealth and persistence. These include two tunneling utilities that help the attackers preserve access to infected systems and bypass network restrictions. The group also employs a log-wiping utility called AquaPurge, which removes forensic traces of their activity and complicates incident response efforts.

Timeline and Attribution

Cisco confirmed that the campaign has been active since at least late November, with the company detecting the activity on December 10. Attribution to UAT-9686 is based on tool overlap and operational patterns consistent with other known China-linked threat groups.

Notably, Cisco highlighted that the use of custom web-based implants like AquaShell is becoming increasingly common among highly sophisticated Chinese-nexus APTs, signaling an evolution in tradecraft focused on stealth, persistence, and long-term espionage.

Security Implications

This campaign underscores a recurring security lesson: misconfiguration can be just as dangerous as unpatched vulnerabilities. Organizations running Cisco email and web security appliances are urged to review their AsyncOS configurations, ensure that management and quarantine interfaces are not exposed to the internet, and monitor for signs of compromise.

Cisco has released guidance and indicators of compromise (IOCs) to help defenders detect and mitigate the threat.

Google to Discontinue Dark Web Monitoring Tool by January 2026

2025-12-16T17:30:00.003+05:30

Based on the official Google support page referenced, the Dark Web Report feature is being discontinued due to changes in the dark web landscape and resource allocation. The monitoring functionality will cease on January 15 2026 and all associated data will be permanently lost. This decision aligns with Google's strategic shift away from certain security features.

Privacy advocates are urging users to take this opportunity to review and update their online privacy practices. With the Dark Web Report no longer available, individuals must proactively monitor their digital footprints. Experts recommend regularly checking for personal data leaks, using strong, unique passwords, and enabling two-factor authentication to safeguard sensitive information. As Google phases out this service, the onus falls on users to stay vigilant and informed about their online security.

Microsoft Teams Introduces Call Flagging to Combat Malicious Callers

2025-12-09T23:07:00.001+05:30

Microsoft Teams Introduces New Feature to Flag Malicious Calls: A Major Boost to Communication Security

Microsoft is preparing to roll out a powerful new security enhancement to its Teams platform, aimed at combating the growing threat of spam, phishing, and malicious calls targeting organizations. The upcoming feature, “Report a Suspicious Call,” will give users the ability to directly flag questionable calls — adding an extra layer of protection to everyday communication.

A User-Driven Approach to Stopping Malicious Calls

The new feature empowers users to take an active role in securing their communication environment. With just a click, anyone can report a call they believe to be unusual, fraudulent, or suspicious within the Teams interface.

Once a call is flagged:

The report is securely submitted to Microsoft
Microsoft’s security teams analyze the data
Suspicious behavior patterns are identified
Threat intelligence is strengthened platform-wide

This approach enables Microsoft to detect malicious activity faster and more accurately by incorporating real-time user feedback.

Why This Matters: Increasing Threats in Corporate Communication

As spam and phishing attempts infiltrate business communication channels, organizations need intelligent tools that help minimize risk.

The new Teams flagging feature:

Helps block unwanted or harmful callers
Enhances the overall safety of the communication ecosystem
Provides defenses against voice-based phishing (vishing) attacks
Increases detection accuracy through user participation
Strengthens security posture for the entire organization

By integrating users into the threat detection process, Microsoft is building a more resilient and collaborative model of communication security.

AWS IAM Eventual Consistency: The Overlooked Persistence Technique

2025-12-09T23:04:00.003+05:30

Exploiting AWS IAM Eventual Consistency: The Persistence Risk Every Cloud Defender Must Understand

AWS Identity and Access Management (IAM) is often perceived as a strongly consistent and immediate-response system. However, like many globally distributed services, it actually operates on an eventual consistency model. While this design enables scalability across regions, it also introduces brief but dangerous windows that attackers can exploit to maintain persistence — even after defenders believe they have removed access.

Recent testing and analysis by OFFENSAI highlights how these delays can be weaponized to re-establish or retain access in the critical first seconds of an incident response.

The Consistency Gap: 3–4 Seconds of Vulnerability

AWS IAM updates — including access key deletion, policy changes, and role modifications — take approximately 3–4 seconds to propagate globally.
OFFENSAI validated this timing across regions such as us-east-1 and eu-central-1.

During this propagation window:

Deleted access keys remain usable for API calls
Key listings may return an empty array despite the key still being active
Attackers can sometimes generate new access keys before invalidation completes
Policy updates may not enforce immediately
Deny-all policies may be visible to the attacker before fully applied

This creates a micro-window that advanced adversaries can leverage to maintain persistence.

Case Study: Access Keys Still Work After Deletion

In a simulated attack scenario:

A defender deletes a compromised access key using:
aws iam delete-access-key --access-key-id AKIA... --user-name bob
Within the consistency lag window, the attacker is still able to:
- Make valid API calls using the “deleted” key
- Detect the deletion through IAM APIs that return inconsistent results
- Attempt creation of new access keys before propagation completes

CloudTrail logs show both actions accurately — deletion and post-deletion API calls — but the system’s replication delay is enough to allow persistence.

This behavior extends beyond access keys to:

Policy attachments
Role deletions
User login profile modifications

This amplification makes incident response more challenging and time-sensitive.

Why Traditional Incident Response Playbooks Fail

Many defenders rely on emergency measures like applying AWSDenyAll to stop malicious activity during an active incident.

However, OFFENSAI’s tests revealed:

Deny-all policies experience the same propagation delay
Attackers can detect changes almost instantly
Polling commands such as ListAccessKeys reveal inconsistencies
Attackers may detach newly applied policies before enforcement fully propagates

Additionally, AWS’s own Credential Cleanup Procedure (from re:Post) recommends waiting for propagation — a process attackers can race against.

Post-Disclosure Observations and Partial Fixes

After OFFENSAI’s disclosure:

AWS implemented a fix preventing creation of new keys immediately after key deletion
AWS acknowledged the findings in April 2025
Documentation updates clarified IAM consistency expectations
AWS did not classify the issue as a vulnerability, describing it instead as a property of distributed system design

However, testing on December 5, 2025 shows remaining gaps:

Attackers can still monitor changes during propagation delays
Existing assumable roles (especially with AdministratorAccess) remain a critical risk
External accounts may exploit stale permissions before propagation completes

Recommended Defensive Strategies

To mitigate persistence risks created by IAM’s eventual consistency:

1. Use Service Control Policies (SCPs) at the AWS Organizations level

SCPs apply before account-level IAM policies, giving defenders an authoritative way to lock attackers out.

Attackers cannot override or modify SCPs from within a compromised account.

2. Prefer IAM Roles + Temporary STS Tokens

Long-term access keys are the primary target and easiest to exploit during propagation windows.

Short-lived STS credentials reduce exposure dramatically.

3. Update Detection Logic

SIEM and SOAR playbooks should account for:

Stale key usage post-deletion
Policy updates followed by suspicious API calls
Access attempts from deleted principals during propagation lag

4. Enhance Incident Response Playbooks

Defenders must assume a 3–4 second race condition exists and act accordingly:

Combine multiple layered actions (policy detachments, SCPs, role quarantine)
Monitor CloudTrail for post-deletion API activity
Immediately revoke STS tokens when possible

5. Perform Post-Incident Thorough Cleanup

After IAM changes fully propagate, perform:

Key rotations
Role trust policy reviews
IAM permission audits
Deletion of unused roles or users

No Known In-The-Wild Exploits — But Don’t Be Complacent

As of December 2025, no active exploitation has been discovered in the wild.
However, the mechanics closely resemble real-world attacker behaviors:

Fast-reaction persistence
API polling for defender activity
Abuse of IAM role assumptions

Organizations adopting a proactive posture will be better prepared than those who rely solely on traditional key deletion practices.

Major Security Flaw Exposed 3.5 Billion WhatsApp Phone Numbers

2025-11-19T18:48:41.015+05:30

WhatsApp had a massive security flaw that put phone numbers of 3.5 billion users at risk

A significant security vulnerability has recently been uncovered in WhatsApp's contact discovery feature, allowing researchers to scrape and identify a massive database of users. This incident highlights a major oversight in the platform's design and rate-limiting protocols.

Here is a re-created blog post on the issue, what was exposed, and what users can do.

1. The Core Flaw: The Contact Discovery Exploit

The issue stems from the way WhatsApp's contact discovery tool verifies a phone number's existence on the platform.

The Mechanism: Researchers from the University of Vienna found that they could use this system to check millions of number combinations per hour to see if an account was registered.

The Problem: Crucially, WhatsApp reportedly had no effective rate-limiting or warnings in place to stop this automated, high-volume querying, essentially allowing attackers to automate the contact sync process for every possible global phone number.

This simple flaw could have led to a mass scraping event, which the researchers warn could have been the "largest data leak in history."

2. What Data Was Exposed?

It's important to understand the difference between scraped public data and leaked private data:

Phone Numbers: The researchers managed to identify and confirm approximately 3.5 billion active WhatsApp phone numbers globally.

Public Profile Data: For a significant portion of these accounts, they could also access data visible based on the user's privacy settings:

Profile Photos: Accessible for around 57% of the identified accounts.

"About" Text/Status: Visible for about 29% of the accounts.

What was NOT exposed: User messages, calls, or end-to-end encrypted content. WhatsApp's core message encryption remains secure.

3. WhatsApp's/Meta's Response

WhatsApp (owned by Meta) acknowledged the exploit, confirming the method was a novel enumeration technique that bypassed their existing limits.

They emphasized that the exposed information was considered publicly available data (meaning the phone number, and a public profile photo/status, which users control via privacy settings).

In response to the researchers' findings, Meta has since implemented new rate limits to prevent this type of mass scraping in the future.

4. Actionable Steps for Users

While the main exploit vector has been patched, this incident is a strong reminder to review your privacy settings. The biggest risk from this exposure is the potential for scam and phishing attempts targeting confirmed WhatsApp numbers.

Action How to Do It Why It Helps

Review Privacy Settings Go to Settings > Privacy in WhatsApp. Controls who can see your number, photo, and status, minimizing the public data an attacker can gather.

Set Profile Photo to 'My Contacts' In Settings > Privacy > Profile photo, change the setting from 'Everyone' to 'My contacts' or 'My contacts except...' Prevents unknown attackers from gathering visual data linked to your phone number.

Enable Two-Step Verification (2FA) Go to Settings > Account > Two-step verification and tap TURN ON. Provides an extra layer of security, requiring a 6-digit PIN to set up WhatsApp on a new device.

Be Wary of Phishing/Scams Never respond to unsolicited messages, especially those asking for money, personal info, or a verification code.

RBI Mandates '.bank.in': Securing India's Digital Banking Ecosystem

2025-11-18T00:11:00.001+05:30

RBI Mandates '.bank.in': A New Era for Secure Digital Banking

Key Takeaways:

The Reserve Bank of India (RBI) has made the '.bank.in' domain mandatory for all licensed banks in India.
This exclusive domain acts as a critical security filter to prevent banking fraud, especially phishing.
Only RBI-regulated institutions can register for the '.bank.in' domain, guaranteeing website authenticity.
Customers must now verify the URL ending to ensure they are on a legitimate bank portal.

🇮🇳 The RBI's New Digital Shield: Mandatory '.bank.in' Domain

In a bold and crucial move to tackle the escalating threat of online banking fraud and enhance public safety, the Reserve Bank of India (RBI) has introduced a mandatory requirement: all licensed banks must now operate their official websites and net banking portals under the exclusive '.bank.in' domain.

This regulatory directive is a game-changer, establishing a unified, highly-secure digital identity for the Indian banking sector. With a set deadline for transition (which was October 31, 2025, for most institutions), this domain is rapidly becoming the standard for secure digital banking in the country.

Why the Urgency? Fighting Phishing and Domain Spoofing

The need for this highly restricted domain stems directly from the exponential rise in cyber fraud. Phishing attacks—where fraudsters create near-identical, but fake, websites—are the most common tool used to steal sensitive customer data like passwords and OTPs.

The Problem: Generic domains like .com or .co.in are easily registered by anyone. This makes it simple for criminals to launch "lookalike" sites that confuse unsuspecting customers.
The Solution: Restricted TLDs: '.bank.in' is a Restricted Top-Level Domain (TLD). This means it is tightly controlled and can only be obtained after a rigorous verification process by the Institute for Development and Research in Banking Technology (IDRBT), an RBI entity.

By restricting access, the RBI ensures that the suffix '.bank.in' is an instant, verifiable mark of a genuine, regulated financial institution.

Core Security Advantages for Customers

The shift to '.bank.in' provides powerful, tangible benefits for every online banking user:

Security Feature	Benefit to Customer
Authenticity Guarantee	100% Verification: If the URL ends in '.bank.in', the site belongs to an RBI-approved bank.
Phishing Prevention	Instant Red Flag: It's virtually impossible for a fraudster to create a fake phishing site with this domain, making scams easier to spot.
Mandatory Security Standards	Higher Encryption: Use of this domain often necessitates the implementation of advanced security protocols (like DNSSEC), protecting against data interception.
Unified Trust Mark	Simplified Verification: Customers no longer need to check small details; the domain itself is the trusted badge.

Your Action Plan: Banking Safely in the '.bank.in' Era

While banks handle the technical migration, the ultimate responsibility for online safety lies with the user. Follow these best practices to maximize your security:

Verify the URL: Make it a habit to always check the end of the website address. It must be .bank.in before you log in or share any confidential information.
Update Bookmarks: Immediately replace your old bookmarks with the new, verified .bank.in URL for your bank.
Type, Don't Click: Avoid clicking on banking links in emails, SMS, or social media, even if they appear legitimate. Always manually type the full, correct .bank.in address into your browser.
Report Suspicion: If you encounter any website impersonating your bank without the '.bank.in' suffix, report it immediately to your bank and relevant cyber authorities.

The mandatory '.bank.in' domain is a crucial regulatory step in building a resilient, secure digital ecosystem in India. It empowers customers with a simple, yet powerful, tool—verification—to protect themselves from financial crime.

VanHelsing Unleashed: The RaaS That Targets Windows, Linux, BSD, ARM and VMware ESXi

2025-11-11T23:01:00.003+05:30

VanHelsing RaaS: a cross-platform ransomware that weaponizes affiliates to hit Windows, Linux, BSD, ARM and ESXi

VanHelsing has emerged as a sophisticated ransomware-as-a-service (RaaS) operation that changes the rules for cross-platform attackers. First observed on March 7, 2025, VanHelsing provides a fully packaged service to criminal affiliates: a $5,000 deposit to join, an 80% cut of ransom payments for affiliates, and a user-friendly control panel to orchestrate attacks across heterogeneous environments.

Unlike many recent families that focus on Windows servers, VanHelsing explicitly targets Windows, Linux, BSD, ARM-based devices and VMware ESXi hypervisors, dramatically expanding the universe of potential victims. Within two weeks of launch the group compromised multiple victims and initiated negotiations, with at least one ransom demand reported as high as $500,000.

Beyond pure scale, VanHelsing’s rapid development cadence—multiple variants compiled days apart—and its architecture show an operator group iterating quickly in response to defenses and affiliate feedback.

How the RaaS model works

VanHelsing’s operators run a classic RaaS marketplace with a few aggressive twists:

Onboarding fee: New affiliates must deposit $5,000 to gain access.
Revenue split: Affiliates receive 80% of the ransom payments, incentivizing wide distribution.
Centralized infrastructure + affiliate autonomy: Operators keep control of core infrastructure (payment, key management) while affiliates use an easy control panel to run campaigns independently.
Rules of engagement: The operators claim at least one restriction — do not target countries in the Commonwealth of Independent States (CIS) — a common pattern in some criminal ecosystems.

This model allows the group to scale quickly by lowering the technical barrier for attackers while preserving control and monetization for the operator team.

Technical overview — design choices & capabilities

VanHelsing is written in C++ and shows deliberate design choices that prioritize operational flexibility and multi-environment effectiveness.

Multi-platform reach

The malware includes support and build targets for:

Microsoft Windows
Linux distributions and servers
BSD systems
ARM-based devices (IoT, edge)
VMware ESXi hypervisor hosts

Targeting ESXi and ARM widens the attack surface from enterprise VMs to edge devices and embedded systems.

Command-line configurability

VanHelsing’s binary exposes an extensive command-line argument system, allowing operators and affiliates to tune behaviour per target environment, e.g., toggling priority, forcing multiple instances, and altering file selection rules.

Two notable flags:

Force — bypasses the named mutex protection and allows multiple instances or forced re-execution.
no-priority — suppresses the malware’s attempt to raise process priority.

Process control & instance protection

On execution the malware attempts to create a named mutex Global\VanHelsing to prevent multiple interfering instances. This is a standard anti-race technique; however, the Force argument can override that protection.

It also optionally raises process priority to speed up encryption under normal OS scheduling—unless explicitly disabled.

Cryptography: ephemeral file keys + public-key wrapping

VanHelsing demonstrates cryptographic care:

For each file it generates a unique 32-byte key and a 12-byte nonce.
File contents are encrypted using ChaCha20 (a fast, modern stream cipher).
The ephemeral per-file keys/nonces are then wrapped (encrypted) with an embedded Curve25519 public key hardcoded into the binary.

Because the operator(s) retain the corresponding private key, only they can unwrap the per-file keys and provide decryption — a textbook RaaS key-management model that prevents victims and affiliates from independently decrypting files.

Development velocity & variants

Security analysts observed two variants compiled five days apart, indicating active development. This rapid mutation suggests:

Operators are responding to defensive detection and mitigation techniques.
New capabilities and platform support are being added quickly.
Affiliate feedback from real-world deployments is feeding the development cycle.

Rapid iteration increases the difficulty defenders face—signatures and static IOCs will age quickly, so behavior-based detections and hardening are essential.

Real-world impact

Within a short time of going public the operation:

Successfully compromised at least three known victims within two weeks.
Initiated ransom negotiations; one reported demand reached $500,000.
Demonstrated the ability to compromise diverse targets including virtualized ESXi hosts and ARM devices — increasing both the scope and potential cost of recovery.

The affiliate revenue split and relatively low buy-in mean a high risk of proliferation: many attackers can purchase access and launch campaigns simultaneously.

Detection, response and mitigation recommendations

Defenders should treat VanHelsing as a cross-platform business problem — not just a Windows problem. Recommended actions:

Backups & recovery
- Maintain recent, immutable, tested backups stored offline or in an air-gapped manner.
- Ensure ESXi datastore backups and VM snapshots are protected from modification by guest-side or hypervisor-side malware.
Least privilege & segmentation
- Restrict administrative privileges and use least-privilege for management services.
- Segment management networks (vCenter, ESXi hosts) from general user networks and internet-facing systems.
Harden and patch
- Keep hypervisor and OS patches current.
- Remove or limit unnecessary services, especially on BSD and ARM devices that are often overlooked.
Endpoint & server detections
- Deploy behavior-based detection for rapid, high-priority process creation, suspicious process priority changes, and in-memory encryption patterns.
- Monitor for creation of weird mutexes or abnormal use of cryptographic libraries and bulk file I/O spikes.
Network & telemetry
- Monitor egress traffic for unexpected command-and-control or exfil patterns.
- Aggregate logs from endpoints, hypervisors, and network devices into a SIEM for correlation.
Supply chain / third-party risk
- Evaluate third-party and contractor access; VanHelsing’s affiliate model means attackers with valid access or compromised vendor accounts can cause asymmetric damage.
Incident readiness
- Prepare IR playbooks that include cross-platform recovery steps (Windows, Linux/BSD, ESXi).
- Pre-identify legal and communications channels; ransom negotiation is risky and paying does not guarantee recovery.

Hackers Abuse Cloudflare and Zendesk Pages in Sophisticated Phishing Campaign

2025-11-03T23:54:00.004+05:30

Hackers Exploit Cloudflare and Zendesk Pages in Sophisticated Phishing Campaign to Steal User Credentials

A new wave of phishing attacks is exploiting the credibility of trusted cloud platforms like Cloudflare Pages and Zendesk to execute large-scale credential theft operations. Security researchers have uncovered an elaborate infrastructure of malicious domains designed to impersonate legitimate customer support portals, revealing an alarming escalation in the use of reputable cloud services for social engineering.

Trusted Platforms Turned Against Users

Threat actors have begun leveraging Cloudflare Pages and Zendesk—platforms widely recognized for hosting legitimate business and customer service content—to deploy phishing pages that appear genuine to unsuspecting users.

According to Arda Büyükkaya, a cyber threat intelligence analyst at EclecticIQ, over 600 malicious domains were discovered under the *.pages.dev structure, indicating a highly organized and sustained campaign.

These fake domains use typosquatting, a deceptive technique where attackers register addresses that closely mimic those of well-known brands or services. By doing so, attackers trick users into believing they are engaging with a trusted company’s official portal.

AI-Generated Phishing and Real-Time Human Interaction

Unlike typical phishing pages, these fraudulent sites employ artificial intelligence to generate dynamic and professional-looking content. Once victims land on a spoofed support page, they encounter a live chat interface staffed by real human operators—adding a convincing layer of authenticity.

These operators pose as customer support representatives, requesting personal details such as phone numbers and email addresses under the pretense of verifying the user’s identity or assisting with a technical issue.

After establishing trust, the operators prompt victims to install “Rescue”, a legitimate remote monitoring and assistance tool. When deployed on the victim’s system, however, it grants full remote access to the attackers, enabling them to harvest sensitive files, passwords, and session tokens.

Advanced Tactics: SSO Poisoning and Search Engine Abuse

The campaign also incorporates advanced techniques such as SSO poisoning through Google Site Verification and Microsoft Bing Webmaster tokens. By manipulating these verification mechanisms, attackers can make their fake pages appear legitimate to search engines and users alike—boosting visibility and evading early detection.

This combination of AI-driven content, social engineering, and abuse of legitimate tools highlights a growing evolution in phishing tactics. Attackers are no longer merely imitating trusted services—they are now embedding themselves within the same trusted infrastructure those services provide.

Implications for Cybersecurity Defenses

This attack underscores a critical challenge for defenders: the weaponization of legitimate cloud platforms. Organizations rely on services like Cloudflare and Zendesk for reliable hosting, but that same trust can be exploited when threat actors use these infrastructures for malicious ends.

Security teams must now extend monitoring beyond traditional suspicious domains to include legitimate hosting providers. Detection strategies should incorporate:

Continuous domain reputation monitoring
AI and heuristic-based detection for typosquatting
Verification of SSO integrations and webmaster tokens
Employee education on identifying sophisticated phishing interactions

Hackers Exploit Claude AI APIs with Indirect Prompts to Steal User Data

2025-11-03T23:50:00.006+05:30

Hackers Can Manipulate Claude AI APIs with Indirect Prompts to Steal User Data

Anthropic’s Claude AI — with its new network-enabled Code Interpreter — can be manipulated to siphon private information from users by way of cleverly hidden, indirect prompts. A proof-of-concept disclosed by Johann Rehberger (October 2025) shows how attackers can trick the model into retrieving chat histories and uploading them to the attacker’s account, exposing a new class of risks that come with connecting large language models to external services.

What happened

Rehberger demonstrated that Claude’s Code Interpreter, when allowed limited network access to approved package repositories and api.anthropic.com, can be persuaded via indirect prompt injection to:

extract recent conversation data (using Claude’s memory feature),
write that data into a file inside the Code Interpreter sandbox, and
run code that uploads the file to an attacker-controlled account through the Files API.

Because Claude’s default “Package managers only” network setting whitelists certain domains (intended to let Claude safely fetch packages from npm, PyPI, GitHub, etc.), an attacker can abuse that whitelist as a backdoor to reach services that enable exfiltration. Rehberger reports the exploit worked on the first try, though later iterations required small obfuscations to bypass Claude’s heuristic checks for obvious API keys.

How the indirect-prompt attack chain works (high-level)

Delivery via benign-looking content. An adversary embeds malicious instructions inside a file or text the victim asks Claude to analyze — a classic indirect prompt injection pattern that hides instructions in otherwise innocuous input.
Leverage memory. Using Claude’s memory-like features, the payload instructs the model to reference and extract recent chat content.
Write to sandbox. The model is prompted to save the extracted material as a file within the Code Interpreter’s writable sandbox (the demonstration used a markdown file path).
Invoke networked code. The payload then instructs Claude to run code (e.g., via the Anthropic SDK or Python) that sets an API key and uploads the saved file to the attacker’s account using the Files API. Because the upload targets the attacker’s account, it bypasses the victim’s authentication flows.
Evade detection. Rehberger notes that simple obfuscations — such as wrapping API keys in benign-looking print statements — made the model less likely to flag the activity, increasing reliability.

Rehberger’s demo included screenshots and video showing the attacker’s dashboard empty, the victim processing a tainted document, and the stolen file appearing in the attacker’s Files view. The researcher reported uploads up to ~30MB and the possibility of multiple repeated uploads, illustrating how an “AI kill chain” can turn model capabilities into a data-exfiltration vector.

Why this matters

As models gain the ability to access networks, run code, and persist files, the attack surface mushroomed. Features meant to make LLMs more useful — package installation, file read/write, memory recall, and safe network access — can be chained together by an adversary to create a powerful exfiltration capability. The incident highlights that whitelists and limited network access are helpful but not foolproof: any externally reachable service that the model can contact could become part of an attack path.

High-level mitigations (defensive steps)

Below are non-exploit, defensive recommendations operators and developers should consider:

Harden network policies. Restrict runtime network access strictly to the minimal domains needed; prefer explicit allowlists scoped by purpose and environment. Consider disabling network access entirely in contexts where it is not essential.
Tighten package manager policy. Avoid broad whitelists for package repositories; require vetted, pinned packages and use internal package mirrors when possible.
Limit memory scope. Make stored or “memory” data strictly scoped and revocable; avoid allowing models to recall or export sensitive conversational content unless explicitly authorized by the user.
Sandbox and egress monitoring. Monitor and restrict outbound connections from model sandboxes, and log or block unusual file uploads or API calls originating from model runtime environments.
Input sanitization and provenance checks. Treat user-supplied files and documents as untrusted. Implement filters and heuristics to detect and neutralize embedded instructions and prompt injection patterns.
Least privilege for runtime credentials. Ensure any credentials available to model runtimes are ephemeral, scoped, and auditable; do not allow the runtime to set arbitrary external API keys.
Anomaly detection on model actions. Add behavioral detection for unusual sequences (e.g., writing files then immediately invoking network upload to an external account) and require human review for high-risk operations.
Transparent user controls. Expose clear indicators and user consent flows when models are allowed to access external networks, fetch packages, or reference stored conversations.

Takeaway

Rehberger’s disclosure is a clear reminder that the convenience of networked AI features comes with new attack modalities. Designers and operators must treat model runtime capabilities — package access, memory, file I/O, and outbound network calls — as potential threat vectors and architect layered defenses accordingly. As functionality expands, so must the controls: tighter whitelisting, strict sandboxes, provenance-aware input handling, and monitoring are essential to prevent indirect prompts from turning helpful assistants into unintentional data exfiltration tools.

Russian Ransomware Gangs Turn Open-Source AdaptixC2 Into a Potent Attack Platform

2025-10-30T23:43:00.003+05:30

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

The open-source command-and-control (C2) framework AdaptixC2 has rapidly gained attention — not just among ethical hackers, but increasingly among Russian-linked ransomware operators exploiting it for sophisticated cyberattacks.

Originally developed as a legitimate tool for penetration testing and adversarial emulation, AdaptixC2 was designed to offer extensibility and ease of use for red team operations. The framework’s server component is built in Golang, while its graphical client is written in C++ using Qt, ensuring cross-platform compatibility for security professionals.

A Powerful Tool With Dangerous Potential

AdaptixC2 offers an extensive suite of features typical of modern C2 platforms, including fully encrypted communications, remote command execution, credential and screenshot managers, and terminal access. The project first appeared publicly on GitHub in August 2024, released by a user known as “RalfHacker” (@HackerRalf on X), who identifies as a penetration tester, red team operator, and “MalDev” — shorthand for malware developer.

However, what began as an open-source ethical hacking framework has quickly drawn the attention of cybercriminals. Over the past few months, AdaptixC2 has been adopted by multiple threat actors, including groups associated with the Fog and Akira ransomware operations. It has also been observed in use by initial access brokers, leveraging CountLoader to deploy various post-exploitation payloads.

Rapid Criminal Adoption and Abuse

Researchers from Palo Alto Networks Unit 42 recently detailed the technical capabilities of AdaptixC2, describing it as a modular and highly adaptable C2 framework capable of “comprehensively controlling impacted machines.” Attackers have already weaponized it in social engineering campaigns, such as fake Microsoft Teams help desk calls and AI-generated PowerShell scripts, to gain unauthorized access and persistence within victim environments.

Despite its original intent as a tool for legitimate security testing, AdaptixC2’s flexibility and open-source availability have made it an attractive choice for ransomware affiliates and criminal operators.

Investigations Link Developer to Russian Underground

Cybersecurity firm Silent Push initiated an investigation into the framework after noting RalfHacker’s self-described “MalDev” persona on GitHub. Their analysis uncovered email addresses associated with multiple GitHub accounts and a Telegram channel — “RalfHackerChannel” — boasting over 28,000 subscribers. Messages reposted from the official AdaptixC2 channel indicate ongoing promotion and community engagement around the tool.

In one message posted in August 2024, RalfHacker expressed interest in developing a “public C2” similar to the Empire framework, a well-known post-exploitation tool long favored by both ethical hackers and threat actors alike.

Although there is currently no direct evidence linking RalfHacker to malicious activity involving AdaptixC2 or CountLoader, Silent Push cautioned that the developer’s connections to Russian cybercriminal circles and the tool’s increasing use among Russian-speaking threat groups are major warning signs for the security community.

AI’s Double-Edged Sword: Security Flaws Undermine Half of Enterprises

2025-10-29T23:55:00.006+05:30

Half of All Organizations Hit by AI Security Flaws, EY Warns

A new report from EY reveals a troubling trend: half of all organizations have been negatively impacted by security vulnerabilities in their AI systems, exposing critical weaknesses in how enterprises deploy and secure artificial intelligence.

Even more concerning, only 14% of CEOs believe their AI systems adequately protect sensitive data. As businesses rush to adopt AI-driven tools, they are compounding existing cybersecurity challenges — managing an average of 47 different security solutions in an already fragmented defense landscape, EY found.

AI: The New Frontline in Cyber Warfare

EY’s report paints a clear picture of how AI is reshaping the attack surface. While AI enhances productivity and decision-making, it also lowers the barrier to entry for cybercriminals.

“AI lowers the bar required for cybercriminals to carry out sophisticated attacks,” said Rick Hemsley, cybersecurity leader for EY in the U.K. and Ireland. “Skills that once took years to develop are now easily accessible to anyone online — often for free.”

AI-powered automation is helping attackers conduct faster, more coordinated, and more deceptive intrusions. Social engineering tactics such as voice phishing (vishing) have surged by 442% in the second half of 2024, according to CrowdStrike. Meanwhile, attackers’ breakout time — the time it takes for them to move laterally within a network after initial compromise — has plummeted from one hour in 2023 to just 18 minutes by mid-2025, according to data from ReliaQuest.

“Accelerating breakout times are dangerous,” EY warns. “Once attackers establish a foothold in a network, they can gain deeper control and are much harder to extract.”

Human Error Meets AI Risk

Beyond external threats, internal governance gaps are also widening the attack surface. EY found that 68% of organizations allow employees to develop or deploy AI agents without high-level approval, and only 60% have clear guidance in place for doing so.

These figures highlight a dangerous mix of enthusiasm and oversight gaps. Without structured governance, companies risk exposing sensitive information — or worse, allowing AI systems to train on personally identifiable data unintentionally.

Securing the AI Ecosystem

EY recommends several key measures to mitigate these emerging threats:

Embed security from design to deployment: Make security an integral part of every AI development stage.
Protect data integrity: Ensure data used for AI training and operations is monitored, sanitized, and compliant with privacy laws.
Tighten AI supply chain oversight: Validate the security of third-party AI tools and models before integration.
Reinvent threat detection: Update monitoring systems to spot and stop AI-driven abuse faster.
Train the workforce: Develop continuous awareness programs that help employees recognize AI-related risks.

The Bottom Line

As AI adoption accelerates, cybersecurity maturity is lagging behind. The same technologies that empower innovation are also enabling threat actors to move faster, strike deeper, and cause more damage.

Organizations that fail to build AI security into their DNA risk more than just data breaches — they risk the integrity of their entire digital ecosystem.

New RaaS Operation ‘Gentlemen’s’ Surfaces, Expanding Attacks to Windows, Linux, and ESXi Systems

2025-10-29T23:49:00.004+05:30

Gentlemen’s” RaaS: a new cross-platform ransomware service advertised on hacking forums

A new affiliate-style ransomware-as-a-service called Gentlemen’s, promoted by actor zeta88, brings purpose-built lockers for Windows, Linux, ESXi and more — and a generous 90/10 revenue split that could accelerate adoption.

TL;DR

A new Ransomware-as-a-Service (RaaS) named Gentlemen’s has appeared on underground forums. Advertised by a threat actor calling themselves zeta88, the platform combines a lucrative affiliate revenue model with purpose-built, cross-platform lockers (Windows, Linux, NAS, BSD and VMware ESXi). KrakenLabs researchers flagged the campaign after analyzing forum promotions. The malware uses modern crypto (XChaCha20 + Curve25519 with per-file ephemeral keys), sophisticated lateral movement and persistence primitives, and centralized decryption infrastructure — a combination likely designed to scale operations rapidly.

What appeared on the forums

Forum posts and promotional materials by zeta88 present Gentlemen’s as a turnkey ransomware operation for affiliates. The offering lowers the barrier to entry for less technical attackers by providing ready-made tooling, operational infrastructure and an enticing revenue split that pays 90% of ransoms to affiliates while the operator retains 10%.

That financial model — highly favorable to affiliates — is a clear recruitment driver within the cybercriminal ecosystem and could lead to rapid, geographically dispersed deployments against enterprise targets.

Business model and operational design

Gentlemen’s is built around an affiliate RaaS model and centralized operational control:

Affiliate split: 90% to affiliates / 10% to operator.
Centralized decryption: Operator-run infrastructure retains control over decryption keys and negotiation, allowing the operator to manage payments and recovery.
Purpose-built lockers: Separate binaries for different platforms rather than single generic variants, indicating an investment in platform-specific development and reliability.

This structure both democratizes access to high-end ransomware and preserves the operator’s control over critical components (payment and decryption), enabling rapid scale while maintaining a revenue stream.

Technical highlights

KrakenLabs’ analysis of the promotional material and samples shows a deliberately engineered, cross-platform toolkit:

Platform coverage: Go-based lockers targeting Windows, Linux, NAS and BSD systems; a separate C-coded ESXi locker (~32 KB).
Encryption: Modern cryptography — XChaCha20 combined with Curve25519; uses per-file ephemeral keys to make decryption more granular and to complicate recovery efforts.
Self-propagation & lateral movement: Implements propagation and remote execution through native administrative mechanisms, including:
- WMI / WMIC
- SCHTASKS
- sc (Service Control)
- PowerShell Remoting
Persistence: Uses scheduled tasks and registry/run-on-boot routines to remain active after reboots and attempted remediation.
Network compromise: Automated network share discovery and automated encryption of discovered resources to maximize impact across an organization.

The ESXi locker’s small ~32 KB footprint and C implementation indicate a lightweight, targeted approach to compromise virtualization hosts — a high-value target for crippling enterprise environments.

Why this is concerning

Several features raise the threat level:

Cross-platform scope: Supporting Windows, Linux, NAS, BSD and ESXi means more opportunities to hit critical infrastructure and mixed-server environments.
Modern cryptography: Use of XChaCha20 + Curve25519 and per-file ephemeral keys complicates forensic recovery and offline decryption attempts.
Effective propagation: Leveraging native admin tools (WMI, SCHTASKS, sc, PowerShell Remoting) allows rapid lateral spread with common administrative privileges.
Economic incentives: The 90/10 split drives recruitment and could quickly increase the number of affiliates deploying the malware.
Operator control over decryption: Centralized decryption services let the operator monetize every incident while limiting victims’ options.

Mitigation and defensive recommendations

(High-level guidance for defenders.)

Isolate and segment: Strict network segmentation for virtualization hosts (ESXi), NAS, and critical infrastructure reduces blast radius.
Least privilege: Restrict administrative credentials and monitor for suspicious use of WMI, WMIC, SCHTASKS, sc, and PowerShell Remoting.
Harden backups: Maintain immutable, offline, or air-gapped backups and regularly test restoration procedures.
Endpoint visibility: Use EDR/XDR to detect abnormal scheduled task creation, unusual service installs, and mass file encryption behaviors.
Network share controls: Limit access to network shares and monitor large file-modification patterns or abnormal access spikes.
Patch & inventory: Keep hypervisor hosts and OSes patched; maintain an up-to-date inventory so high-value assets are known and protected.
Threat intel & hunting: Monitor underground forums and threat feeds for activity related to Gentlemen’s / zeta88 and hunt for Indicators of Compromise (IoCs).

Pwn2Own Ireland 2025 Concludes with Record $1M+ in Bug Bounties and Summoning Team's Master of Pwn Victory

2025-10-27T11:29:00.004+05:30

Pwn2Own Ireland 2025 has officially wrapped up, marking a highly successful hacking competition that rewarded **73 unique zero-day vulnerabilities** with a total of **$1,024,750**. The three-day event showcased exceptional security research across consumer devices, IoT systems, surveillance equipment, and more—ultimately crowning the **Summoning Team** as this year's Master of Pwn champions.

## Record-Breaking Numbers and Impressive Participation

The competition lived up to its reputation as the premier platform for vulnerability researchers to demonstrate cutting-edge exploit techniques. Over the course of the event, security professionals attempted 17 different exploits on day three alone, building on the 56 unique zero-day bugs and $792,750 awarded in the first two days.

The event's success wouldn't have been possible without significant support from key partners. **Meta** served as the primary partner, while **Synology** and **QNAP** provided crucial co-sponsorship that strengthened the competition's scope and credibility.

## Summoning Team Claims Master of Pwn Crown

The Summoning Team's victory represents months of preparation and deep technical expertise. Their ability to uncover multiple high-impact vulnerabilities across several product categories demonstrated not just skill, but a comprehensive understanding of modern attack surfaces.

Notably, Sina Kheirkhah of the Summoning Team contributed a particularly impressive exploit against the QNAP TS-453E using hardcoded credentials combined with injection attacks—earning $20,000 and 4 Master of Pwn points in the process.

## Notable Exploit Highlights

Several exploits stood out for their technical sophistication and real-world impact:

**Highest-Value Vulnerability**: Interrupt Labs' Ben R. and Georgi G. earned the competition's largest individual payout of **$50,000** for an improper input validation bug in the Samsung Galaxy S25. Their exploit granted unauthorized access to both the device's camera and location tracking systems—a critical security finding with significant privacy implications.

**Multi-Bug Exploits**: Xilokar's Phillips Hue Bridge exploit demonstrated advanced technique diversity, leveraging four separate bugs including an authentication bypass and underflow vulnerability. Despite one collision with a previous entry, the researcher still earned $17,500 and 3.5 Master of Pwn points.

**Creative Defense Bypass**: In a memorable demonstration, Interrupt Labs loaded the classic game Doom onto a Lexmark printer's LCD display while exploiting the device through path traversal and untrusted search path vulnerabilities. The team earned $10,000 and 2 Master of Pwn points for this creative proof-of-concept.

**Surveillance System Compromise**: David Berard of Synacktiv secured $30,000 for exploiting the Ubiquiti AI Pro surveillance system, complete with a theatrical Baby Shark performance that entertained the audience while demonstrating the vulnerability's severity.

## Competing Teams and Their Achievements

The competition featured diverse teams tackling various product categories:

- **Team Cluck**: Successfully exploited the Lexmark CX532adwe printer using a single type confusion bug
- **Viettel Cyber Security**: Demonstrated a crypto bypass and heap overflow combination against the Phillips Hue Bridge
- **Thalium (Thales Group)**: Showcased multi-bug exploitation techniques, with one unique heap-based buffer overflow contribution
- **Neodyme**: Secured first place in round 8 with an integer overflow exploit against Canon equipment
- **Fuzzinglabs**: Attempted sophisticated QNAP exploits, though technical challenges limited their success

## Collision Handling and Duplicate Discoveries

Interestingly, several competitors discovered vulnerabilities that had already been reported by previous contestants. Rather than penalizing researchers, the competition acknowledged their work with partial rewards. This approach demonstrates how common certain vulnerability patterns are across networked devices—a valuable insight for the security industry.

The collision system reflects the sophisticated nature of modern vulnerability discovery: multiple independent teams applying rigorous analysis to the same products often identifies overlapping attack vectors.

## Target Categories and Vulnerability Diversity

The competition's breadth was evident across product categories:

- **Smart Home Systems**: Phillips Hue Bridge exploits dominated, with multiple teams focusing on IoT gateway security
- **Network Attached Storage**: QNAP devices attracted considerable attention due to their widespread enterprise deployment
- **Office Equipment**: Lexmark multifunction printers received multiple exploitation attempts
- **Mobile Devices**: Samsung Galaxy S25 exploitation highlighted mobile security challenges
- **IoT & Surveillance**: Ubiquiti equipment demonstrated vulnerabilities in professional surveillance systems

## What This Means for Security

Pwn2Own events serve a critical function in the cybersecurity ecosystem. By creating incentives for responsible vulnerability disclosure, the competition accelerates the discovery of zero-day bugs before malicious actors can exploit them. The vendors participating benefit from advance notice of critical security gaps, enabling them to develop and deploy patches more rapidly than they would in traditional vulnerability reporting processes.

The $1M+ investment in this single competition underscores the industry's recognition that finding and fixing vulnerabilities proactively is far more cost-effective than dealing with exploited systems in the wild.

## Looking Ahead: Pwn2Own Automotive 2026

The competitive vulnerability research community won't have long to rest. The organizers have already announced the next event: **Pwn2Own Automotive** will take place in **Tokyo on January 21-23, 2026**. This expansion into automotive systems reflects growing security concerns around connected and autonomous vehicles—an increasingly critical attack surface.

For security researchers interested in competing, the shift to automotive exploitation presents fascinating technical challenges and substantial financial incentives to discover vulnerabilities before malicious actors do.

## Conclusion

Pwn2Own Ireland 2025 demonstrated that the vulnerability research community remains vibrant, talented, and committed to improving security across consumer and enterprise systems. With 73 unique zero-day bugs disclosed, millions in bounties distributed, and the Summoning Team's hard-earned Master of Pwn victory, the event reinforced why these competitions matter. As attack surfaces grow more complex and interconnected, platforms like Pwn2Own provide essential infrastructure for responsible disclosure and continuous security improvement.

The stage is now set for 2026. Will the Summoning Team defend their title in Tokyo, or will a new challenger emerge to claim automotive security's ultimate prize?

Swedish Banks and Government Unite to Strengthen National Cybersecurity

2025-10-14T23:20:00.001+05:30

Swedish Banks and State Unite to Strengthen Cybersecurity Resilience

Sweden’s central bank, Riksbank, together with national security organisations and the financial sector, has launched a strategic initiative to deepen cooperation between state-operated cyber defence centres and the IT security teams of banks, insurers, and other financial players.

The goal is clear — to reinforce public trust in Sweden’s digital infrastructure and ensure the resilience of the nation’s financial systems against growing cyber threats.

Rising Threats Spur Unified Action

The move comes after a wave of sustained DDoS attacks in May 2025 that disrupted both public and private networks across Sweden. The attacks, attributed to “foreign actors”, highlighted vulnerabilities within one of the world’s most connected societies, where 95% of households have internet access.

In response, Prime Minister Ulf Kristersson pledged new funding and joint public–private initiatives to protect Sweden’s digital backbone amid increasing geopolitical tension.

“We are facing more sophisticated cyberattacks — not only against government systems but also targeting banks and ID platforms,” Kristersson said. “Since joining NATO in 2024, Sweden faces a new and more dangerous cyber reality.”

Building a Culture of Cyber Preparedness

The Riksbank is taking a proactive stance by organizing the Online Cybersecurity Challenge Summit (OCCS) on 23 October 2025 — an interactive competition encouraging financial institutions to test and improve their cyber-defense capabilities.

Participants, including banks, insurers, and regulators, will engage in Capture the Flag–style challenges, alternating between the roles of attackers and defenders to simulate real-world cyber incidents.

According to Johan Torgeby, CEO of SEB and chairman of Finance Sweden, the urgency for stronger partnerships is undeniable.

“The finance industry must invest exponentially in cybersecurity. We need optimal solutions to protect ourselves — both as institutions and as a nation,” he stated.

Strategic Framework for Resilience

Finance Sweden’s 2025 Threat Assessment Report underscores the need for long-term collaboration with security agencies such as:

National Cyber Security Center (NCSC)
CERT-SE, Sweden’s computer security incident response team
National Defence Radio Establishment (NDRE)

The Riksbank’s ongoing study — “A New Function for Crisis Management in the Event of Serious Operational Disruptions” — serves as a blueprint for defining roles, protocols, and response mechanisms to handle cyber crises swiftly and jointly.

CERT-SE has already intensified its advisory role, offering low-cost solutions to small enterprises vulnerable to data leaks, malware, and man-in-the-middle attacks — often caused by weak VPNs or outdated software.

Toward a Stronger Legal and Strategic Front

Industry leaders are also urging the government to update Sweden’s criminal code to include “data interference” as a distinct cybercrime. Current laws treat DDoS attacks under hacking provisions — a gap that limits prosecution when systems are attacked but not breached.

Nimbus Manticore Malware Campaign Puts Defense and Telecom on Alert

2025-09-23T23:14:00.003+05:30

Nimbus Manticore Intensifies Attacks on Defense and Telecom Sectors With New Malware

The Iranian state-aligned threat actor Nimbus Manticore has escalated its cyber-espionage operations against defense manufacturing, telecommunications, and aviation sectors across Western Europe. Leveraging new malware variants and novel evasion techniques, this advanced persistent threat (APT) group is sharpening its tradecraft to infiltrate high-value targets.

Also tracked as UNC1549 and Smoke Sandstorm, Nimbus Manticore has adopted previously undocumented persistence and detection-evasion mechanisms, highlighting its continued evolution as a mature APT group.

Strategic Targeting in Europe

Recent campaigns reflect a deliberate shift toward European targets, particularly organizations in Denmark, Sweden, and Portugal. To enhance credibility, attackers are impersonating aerospace and telecom giants, including Boeing, Airbus, Rheinmetall, and flydubai, using convincing lures in their phishing campaigns.

Their fraudulent career portal websites, built with React-based templates, mimic authentic hiring platforms and are preloaded with victim-specific credentials. This tailored approach allows Nimbus Manticore to track engagement while maintaining tightly controlled access.

Sophisticated Social Engineering Tactics

The intrusion chain begins with spear-phishing emails disguised as HR recruitment outreach. Each victim receives a unique URL and login details, directing them to fake career portals. This credible pretexting—combined with operational security discipline—exemplifies nation-state-level tradecraft.

Multi-Stage Malware Deployment

Check Point researchers uncovered a multi-layered infection chain designed to exploit trusted Windows processes.

The initial payload, often disguised as “Survey.zip,” contains a legitimate-looking Setup.exe that triggers the malware.
The malware abuses Windows Defender’s SenseSampleUploader.exe via DLL hijacking, enabling the execution of its payload.
A novel DLL sideloading mechanism manipulates the Windows DLL search order through undocumented APIs, ensuring the malicious xmllite.dll is loaded instead of its legitimate counterpart.

Infection Workflow

Setup.exe is launched, modifying the DllPath parameter using RtlCreateProcessParameters.
xmllite.dll is loaded from the archive directory rather than the system folder.
userenv.dll evaluates the process stage, then executes SenseSampleUploader.exe from Windows Defender’s path.
The hijacked process loads the malicious DLL, which sets up persistence at:
```
%AppData%\Local\Microsoft\MigAutoPlay\
```
A scheduled task ensures MigAutoPlay.exe launches at startup, sideloading the backdoor-laced userenv.dll.

This infection method effectively bypasses traditional endpoint defenses by leveraging legitimate Windows binaries.

The Hidden Payload: PUP Ads Used for Silent Malware Drops

2025-08-25T22:10:00.001+05:30

Hackers Exploit PUP Advertisements to Silently Drop Windows Malware

Cybersecurity investigators have uncovered a stealthy campaign in which threat actors are abusing seemingly harmless potentially unwanted program (PUP) advertisements to deliver Windows malware.

The operation begins with ads promoting free tools—such as PDF editors or desktop assistants—that redirect victims to spoofed download portals. Once clicked, these sites provide installers that mask their true intent behind a decoy application.

Infection Chain

Victims who download the promoted software unknowingly trigger a scheduled task that retrieves a JavaScript loader from a temporary directory. This script is executed using Microsoft’s HTML Application Host (MSHTA), a legitimate utility often misused by attackers.

The loader then installs a decoy app called ManualFinder, designed to appear legitimate while secretly establishing persistence inside the target environment.

At first glance, ManualFinder provides limited but functional features. Beneath the surface, however, it quietly opens ports, communicates with remote servers, and lays the groundwork for further compromise—all without requiring user interaction after installation.

Command & Control Infrastructure

Expel analysts traced the JavaScript loader’s connections to suspicious domains including mka3e8.com and 5b7crp.com, both previously linked to residential proxy services. This indicates that infected machines may be repurposed into proxy nodes, allowing attackers to rent or sell access for anonymity or further malicious use.

Researchers also discovered that additional installers—OneStart Browser, AppSuite-PDF, and PDFEditor—follow the same infection blueprint. Many of these are signed with questionable digital certificates, such as those from “GLINT SOFTWARE SDN. BHD.,” lending them an air of legitimacy while bypassing basic security checks.

Beyond Proxying: Secondary Objectives

The campaign’s impact extends beyond creating proxy networks. In some cases, PDFEditor installations explicitly ask users to consent to residential proxy use in exchange for free software features—a form of forced monetization.

Other variants take a more malicious turn:

Browser profile modifications
Cookie harvesting for potential credential theft
Secondary persistence mechanisms to ensure reinfection

By the time defenders detect unusual MSHTA executions or hidden node.exe processes, attackers often already have persistence established.

Technical Artifacts

Investigators cataloged over 70 unique JavaScript variants, all reaching back to the same malicious domains. Persistence is maintained via scheduled tasks and silent MSI installations.

For example:

Scheduled Task for Loader Execution


schtasks /Create /TN "ManualFinderTask" /TR "mshta.exe \"C:\Users\<user>\AppData\Local\Temp\<guid>.js\"" /SC DAILY /ST 03:00

Silent Installation of Decoy App


cmd.exe /d /s /c "msiexec /qn /i \"C:\Users\<user>\AppData\Local\TEMP\ManualFinder-v2.0.196.msi\""

Once executed, the malware registers services and recurring tasks to ensure reinfection, making removal efforts significantly more difficult.

Why It Works

The attack leverages trusted Windows components—such as mshta.exe, msiexec.exe, and scheduled tasks—to remain stealthy and avoid common endpoint detection alerts. Running under SYSTEM context further complicates detection, as activity appears to originate from legitimate background processes.

MURKY PANDA Cyber Espionage: A New Threat to Government and Professional Services

2025-08-23T23:26:00.003+05:30

MURKY PANDA: Threat Actor Targeting Government and Professional Services

A sophisticated China-linked threat actor known as MURKY PANDA has emerged as a significant cybersecurity concern, conducting widespread cyberespionage operations against government, technology, academic, legal, and professional services entities across North America since late 2024.

Rising Threat Landscape

This advanced persistent threat (APT) group demonstrates exceptional capabilities in cloud exploitation and trusted-relationship compromises, marking a concerning escalation in state-sponsored cyber activities.

MURKY PANDA has distinguished itself through its ability to rapidly weaponize both n-day and zero-day vulnerabilities, often achieving initial access by exploiting internet-facing appliances.

Once inside, their operations primarily focus on intelligence collection, with confirmed incidents of email exfiltration and sensitive document theft from high-profile targets.

Advanced Tradecraft

Research from CrowdStrike highlights MURKY PANDA’s cloud-conscious approach and operational security measures as particularly notable. Their tactics include:

Timestamp modification and systematic deletion of artifacts to evade detection
Deployment of web shells like Neo-reGeorg, commonly used by Chinese APTs
Use of custom malware families, including CloudedHope
Leveraging compromised SOHO (small office/home office) devices as operational infrastructure, echoing tactics of groups like VANGUARD PANDA

These measures not only complicate attribution but also allow the group to maintain stealthy persistence in victim networks.

Trusted-Relationship Cloud Exploitation

MURKY PANDA’s most distinctive capability lies in its trusted-relationship compromises within cloud environments — a rare and often under-monitored attack vector.

Key findings include:

Zero-day exploitation of SaaS providers, enabling lateral movement to downstream customers
Theft of application registration secrets from compromised providers using Entra ID (formerly Azure AD) for identity management
Authentication as service principals to gain unauthorized access to downstream customer environments
Email and data exfiltration from compromised tenants

In some cases, the group exploited Microsoft cloud solution providers, abusing delegated admin privileges to achieve Global Administrator access across multiple tenants. They then established persistence by:

Creating new user accounts
Modifying service principal configurations
Installing long-term backdoors within cloud environments

Alignment With Broader Campaigns

MURKY PANDA’s activity aligns with China-nexus intrusion campaigns tracked as Silk Typhoon, further underscoring Beijing-linked efforts to gain long-term access to sensitive Western institutions.

Credential Theft Alert: Microsoft 365 Users Targeted by Multi-Stage Redirect Scams

2025-07-31T23:24:00.005+05:30

New Phishing Campaign Exploits Link Wrapping to Target Microsoft 365 Users

Cybercriminals are leveraging trusted security tools like Proofpoint and Intermedia’s link wrapping services in a sophisticated phishing campaign aimed at stealing Microsoft 365 credentials.

According to researchers from the Cloudflare Email Security team, attackers are now abusing legitimate email security features to bypass detection and lure users to credential-harvesting pages using a multi-layered redirection technique.

What is Link Wrapping—and How It's Being Abused

Link wrapping is commonly used by email security platforms such as Proofpoint to scan and sanitize outbound links by redirecting them through a secured scanning URL. For example:

This mechanism is designed to catch malicious links at the moment of click. However, as Cloudflare warns, if the malicious destination hasn’t yet been flagged by the scanner, the attack can proceed undetected.

Multi-Tier Redirect Chains Amplify the Threat

Threat actors are going a step further with “multi-tiered redirect abuse.” Here’s how the chain typically works:

Initial Cloaking: The malicious link is first shortened using a service like Bitly.
Secondary Wrapping: The shortened URL is then sent from a compromised account protected by Proofpoint or Intermedia, causing it to be wrapped a second time.
Final Destination: Victims clicking the link are funneled through these two obfuscation layers and ultimately arrive at a fake Microsoft 365 login page.

This layered approach makes the URLs appear safe and familiar, significantly increasing the success rate of the phishing attempt.

Attack Variants: More Than Just Voicemails

Researchers have identified multiple social engineering lures being used in these campaigns, including:

Fake voicemail notifications prompting users to “listen now.”
Spoofed Microsoft Teams emails claiming new document access or unread messages.
Phony “Reply in Teams” buttons leading to credential harvesting pages.
Fake Zoom meeting invites that display a "connection timed out" message before redirecting to a phishing page.

All these variants ultimately direct users to realistic-looking login portals designed to steal usernames and passwords.

SVG-Based Phishing Escalates

Adding another layer of complexity, Scalable Vector Graphics (SVG) files are increasingly used to smuggle malicious content. Unlike JPEG or PNG images, SVGs are text-based and can embed JavaScript, HTML, and hyperlinks, making them ideal for sophisticated phishing payloads.

As noted by the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), attackers are exploiting this format to launch multi-stage malware infections and bypass traditional anti-phishing tools.

Takeaways and Recommendations

This campaign underscores a critical trend: attackers are abusing trusted security tools and legitimate services to bypass defenses. To protect against these threats:

Inspect wrapped links carefully, even if they appear to be from trusted services.
Implement layered email defenses, including advanced threat detection.
Train employees to recognize suspicious redirect behavior and fake notifications.
Monitor for unusual activity on Microsoft 365 and collaboration tools like Teams and Zoom.