Author: Mark

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks.

The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below –

• CVE-2025-10643 (CVSS score: 9.1) – An authentication bypass vulnerability that exists within the permissions granted to a storage account token
• CVE-2025-10644 (CVSS score: 9.4) – An authentication bypass vulnerability that exists within the permissions granted to an SAS token

Successful exploitation of the two flaws can allow an attacker to circumvent authentication protection on the system and launch a supply chain attack, ultimately resulting in the execution of arbitrary code on customers’ endpoints.

Trend Micro researchers Alfredo Oliveira and David Fiser said the AI-powered data repair and photo editing application “contradicted its privacy policy by collecting, storing, and, due to weak Development, Security, and Operations (DevSecOps) practices, inadvertently leaking private user data.”

The poor development practices include embedding overly permissive cloud access tokens directly in the application’s code that enables read and write access to sensitive cloud storage. Furthermore, the data is said to have been stored without encryption, potentially opening the door to wider abuse of users’ uploaded images and videos.

To make matters worse, the exposed cloud storage contains not only user data but also AI models, software binaries for various products developed by Wondershare, container images, scripts, and company source code, enabling an attacker to tamper with AI models or the executables, paving the way for supply chain attacks targeting its downstream customers.

“Because the binary automatically retrieves and executes AI models from the unsecure cloud storage, attackers could modify these models or their configurations and infect users unknowingly,” the researchers said. “Such an attack could distribute malicious payloads to legitimate users through vendor-signed software updates or AI model downloads.”

Beyond customer data exposure and AI model manipulation, the issues can also pose grave consequences, ranging from intellectual property theft and regulatory penalties to erosion of consumer trust.

The cybersecurity company said it responsibly disclosed the two issues through its Zero Day Initiative (ZDI) in April 2025, but not that it has yet to receive a response from the vendor despite repeated attempts. In the absence of a fix, users are recommended to “restrict interaction with the product.”

“The need for constant innovations fuels an organization’s rush to get new features to market and maintain competitiveness, but they might not foresee the new, unknown ways these features could be used or how their functionality may change in the future,” Trend Micro said.

The development comes as Trend Micro previously warned against exposing Model Context Protocol (MCP) servers without authentication or storing sensitive credentials such as MCP configurations in plaintext, which threat actors can exploit to gain access to cloud resources, databases, or inject malicious code.

Each MCP server acts as an open door to its data source: databases, cloud services, internal APIs, or project management systems,” the researchers said. “Without authentication, sensitive data such as trade secrets and customer records becomes accessible to everyone.”

In December 2024, the company also found that exposed container registries could be abused to gain unauthorized access and pull target Docker images to extract the AI model within it, modify the model’s parameters to influence its predictions, and push the tampered image back to the exposed registry.

“The tampered model could behave normally under typical conditions, only displaying its malicious alterations when triggered by specific inputs,” Trend Micro said. “This makes the attack particularly dangerous, as it could bypass basic testing and security checks.”

The supply chain risk posed by MCP servers has also been highlighted by Kaspersky, which devised a proof-of-concept (PoC) exploit to highlight how MCP servers installed from untrusted sources can conceal reconnaissance and data exfiltration activities under the guise of an AI-powered productivity tool.

“Installing an MCP server basically gives it permission to run code on a user machine with the user’s privileges,” security researcher Mohamed Ghobashy said. “Unless it is sandboxed, third-party code can read the same files the user has access to and make outbound network calls – just like any other program.”

The findings show that the rapid adoption of MCP and AI tools in enterprise settings to enable agentic capabilities, particularly without clear policies or security guardrails, can open brand new attack vectors, including tool poisoning, rug pulls, shadowing, prompt injection, and unauthorized privilege escalation.

In a report published last week, Palo Alto Networks Unit 42 revealed that the context attachment feature used in AI code assistants to bridge an AI model’s knowledge gap can be susceptible to indirect prompt injection, where adversaries embed harmful prompts within external data sources to trigger unintended behavior in large language models (LLMs).

Indirect prompt injection hinges on the assistant’s inability to differentiate between instructions issued by the user and those surreptitiously embedded by the attacker in external data sources.

Thus, when a user inadvertently supplies to the coding assistant third-party data (e.g., a file, repository, or URL) that has already been tainted by an attacker, the hidden malicious prompt could be weaponized to trick the tool into executing a backdoor, injecting arbitrary code into an existing codebase, and even leaking sensitive information.

“Adding this context to prompts enables the code assistant to provide more accurate and specific output,” Unit 42 researcher Osher Jacob said. “However, this feature could also create an opportunity for indirect prompt injection attacks if users unintentionally provide context sources that threat actors have contaminated.”

AI coding agents have also been found vulnerable to what’s called an “lies-in-the-loop” (LitL) attack that aims to convince the LLM that the instructions it’s been fed are much safer than they really are, effectively overriding human-in-the-loop (HitL) defenses put in place when performing high-risk operations.

“LitL abuses the trust between a human and the agent,” Checkmarx researcher Ori Ron said. “After all, the human can only respond to what the agent prompts them with, and what the agent prompts the user is inferred from the context the agent is given. It’s easy to lie to the agent, causing it to provide fake, seemingly safe context via commanding and explicit language in something like a GitHub issue.”

“And the agent is happy to repeat the lie to the user, obscuring the malicious actions the prompt is meant to guard against, resulting in an attacker essentially making the agent an accomplice in getting the keys to the kingdom.”

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them.

Download the complete iframe security guide here.

TL;DR: iframe Security Exposed

Payment iframes are being actively exploited by attackers using malicious overlays to skim credit card data. These pixel-perfect fake forms bypass traditional security, as proven by a recent Stripe campaign that has already compromised dozens of merchants.

This article explores:

• Anatomy of the 2024 Stripe skimmer attack.
• Why old defenses like CSP and X-Frame-Options are failing.
• Modern attack vectors: overlays, postMessage spoofing, and CSS exfiltration.
• How third-party scripts in payment iframes create new risks.
• How the new PCI DSS 4.0.1 rules are forcing merchants to secure the entire page.
• A six-step defense strategy focusing on real-time monitoring and CSP.

Bottom line: An iframe is only as secure as its host page. Attackers aren’t breaking iframes anymore; they’re exploiting the blind spots around them. Active monitoring is now mandatory, not optional.

A Wake-up Call: The Stripe iframe Skimmer Campaign

Payment iframes are designed to be secure sandboxes, isolating credit card data from the merchant’s site. However, attackers are bypassing this protection by targeting the host page itself.

The Stripe iframe skimmer campaign (August 2024) is a prime example. It injects malicious JavaScript through vulnerable platforms like WordPress to hide the legitimate Stripe iframe and replace it with a pixel-perfect malicious overlay.

Having already compromised 49 merchants, this sophisticated attack uses a deprecated Stripe API to validate stolen cards in real time, making the theft invisible to the customer.

This isn’t an isolated threat. The attack surface is alarmingly wide, with 18% of websites running tools like Google Tag Manager directly within their payment iframes, creating massive security blind spots.

This means a simple frame-src ‘none’ directive just isn’t enough. Overall, CVE reports jumped 30% in the past year, according to Qualys research, and with XSS attacks comprising over 30% of web application attacks, many involving iframe exploitation, this corner of the attack surface has never been more volatile and vulnerable.

Why Current Defenses Fall Short

Most security guides still focus on decade-old X-Frame-Options headers. But these offer little protection when dealing with:

• CSP frame-src limitations: Even with frame-src ‘self’, attackers can compromise allowed domains or exploit postMessage vulnerabilities to exfiltrate data from within approved iframes.
• Sandbox bypass techniques: Overly permissive settings like allow-same-origin + allow-scripts negate protections
• Same-Origin Policy gaps: Bypassed through postMessage wildcards and CORS misconfigurations

The Framework Reality Check

Even modern frameworks don’t save you ou -o -the box. Consider this common React pattern:

This seemingly innocent React pattern has been exploited in over 200 documented attacks in 2024 alone:

Using dangerouslySetInnerHTML near a payment iframe creates opportunities for attackers to inject hidden iframes that harvest payment data through event listeners or manipulate communication between the payment iframe and parent window.

Modern Injection Techniques Unmasked

Event Handler iframe Injection: Attackers inject invisible iframes via onerror attributes on image tags. These iframes load scripts that attach listeners to payment fields on the parent page, exfiltrating data as users type.

PostMessage iframe Spoofing: Applications use postMessage for legitimate iframe communication. Attackers inject malicious iframes that send fraudulent “payment complete” messages, tricking applications into confirming orders without real payments being received.

CSS-Based Data Exfiltration: Even with strict CSP, attackers inject CSS that leaks data. Using attribute selectors on input fields, they make browsers request unique URLs for each character typed, effectively sending credit card numbers one digit at a time to attacker-controlled servers.

iframe Overlay Attacks: As demonstrated in the Stripe campaign, attackers hide legitimate payment iframes and overlay them with malicious replicas that perfectly mimic the original appearance while capturing all entered data.

Download the complete iframe security implementation guide here.

Risk-Based Implementation Priority

Not all iframe threats are equal. Security teams should prioritize defenses based on this risk matrix:

Start with iframe monitoring and strict CSP; these two controls prevent the majority of documented iframe attacks while requiring minimal development effort.

While advanced monitoring requires more development effort than basic CSP policies, organizations should assess their technical readiness before implementation. Teams with limited JavaScript expertise should start with CSP policies and external monitoring tools, while organizations with dedicated security engineering resources can implement the full 10-hour monitoring solution that prevents attacks costing an average of $2M in breach remediation. Consider partnering with your payment processor’s security team during initial deployment to validate monitoring effectiveness against their test environments.

A Defense-in-Depth Approach for iframes

Effective iframe security requires layered defenses tailored for sensitive data contexts:

1. Strict CSP with iframe Focus

Content-Security-Policy:

frame-src https://payments.stripe.com https://checkout.paypal.com;

script-src 'nonce-abc123' 'strict-dynamic';

object-src 'none';

base-uri 'self';

frame-ancestors 'none';

2. Advanced iframe Monitoring

Use a MutationObserver to monitor the DOM for unexpected iframe creation in real-time. If an iframe from a non-whitelisted source appears, remove it and trigger security alerts.

Performance Impact: Event-driven monitoring adds <0.1ms per DOM change vs. 5-50ms for polling approaches.

False Positive Management: Legitimate iframes may occasionally trigger alerts during normal operations (browser extensions, A/B testing tools). Implement a whitelist review process where security teams can quickly approve known-good sources, and log all alerts with context (user session, timestamp, iframe source) to identify patterns and reduce noise over time.

3. Secure PostMessage Handling

Never trust iframe messages without verification. Always validate event origin and message structure:

4. Subresource Integrity for External Scripts

5. Context-Aware Encoding

Store raw data and apply encoding specifically for each context, HTML entities for content near iframes, JavaScript escaping for iframe communication scripts, and URL encoding when passed to iframe src parameters.

6. Real-time iframe Validation (Performance-Optimized)

Implement checks to ensure iframe sources match expected payment processors and haven’t been tampered with:

Performance Impact: Reduces validation overhead while maintaining security effectiveness by triggering only on user interaction with payment elements.

PCI DSS 4.0.1 Compliance Reality

The Payment Card Industry Data Security Standard now places greater emphasis on securing pages that host payment iframes. Key requirements include:

• Requirement 6.4.3: All scripts on payment pages hosting iframes must be managed and authorized
• Requirement 11.6.1: Change detection mechanisms must monitor payment pages for unauthorized iframe modifications

The shared responsibility model means merchants must secure the iframe hosting environment, closing gaps that iframe injection attacks exploit.

The Bottom Line

• The Paradigm Has Shifted: An iframe’s security is irrelevant if the host page is compromised. Attackers are no longer breaking the iframe; they are exploiting the blind spots around it.
• The Proof is in the Wild: The Stripe skimmer campaign uses pixel-perfect overlays to make theft invisible, proving that traditional, static security policies are now obsolete.
• Active Defense is Mandatory: A layered, zero-trust strategy is the only viable solution. This requires combining a strict CSP with proactive, real-time monitoring for unauthorized DOM changes.
• This is Not a Theoretical Threat: These vulnerabilities are being actively exploited now. In this environment, passive security is guaranteed to fail.

The critical question for any organization with a web presence: Will you implement these six defense strategies this quarter, or wait until you become another statistic in a data breach report? Start with iframe monitoring today—it can be implemented in under an hour and will immediately reveal your exposure.

The complete iframe security guide with six tested strategies is available here.

Sep 24, 2025Ravie LakshmananMalware / Windows Security

Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps with IcedID and Latrodectus.

“The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and IcedID during attacks,” Zscaler ThreatLabz said in a Tuesday report. “YiBackdoor is able to execute arbitrary commands, collect system information, capture screenshots, and deploy plugins that dynamically expand the malware’s functionality.”

The cybersecurity company said it first identified the malware in June 2025, adding it may be serving as a precursor to follow-on exploitation, such as facilitating initial access for ransomware attacks. Only limited deployments of YiBackdoor have been detected to date, indicating it’s currently either under development or being tested.

Given the similarities between YiBackdoor, IcedID, and Latrodectus, it’s being assessed with medium to high confidence that the new malware is the work of the same developers who are behind the other two loaders. It’s also worth noting that Latrodectus, in itself, is believed to be a successor of IcedID.

YiBackdoor features rudimentary anti-analysis techniques to evade virtualized and sandboxed environments, while incorporating capabilities to inject the core functionality into the “svchost.exe” process. Persistence on the host is achieved by using the Windows Run registry key.

“YiBackdoor first copies itself (the malware DLL) into a newly created directory under a random name,” the company said. “Next, YiBackdoor adds regsvr32.exe malicious_path in the registry value name (derived using a pseudo-random algorithm) and self-deletes to hinder forensic analysis.”

An embedded encrypted configuration within the malware is used to extract the command-and-control (C2) server, after which it establishes a connection to receive commands in HTTP responses –

• Systeminfo, to collect system metadata
• screen, to take a screenshot
• CMD, to execute a system shell command using cmd.exe
• PWS, to execute a system shell command using PowerShell
• plugin, to pass a command to an existing plugin and transmit the results back to the server
• task, to initialize and execute a new plugin that’s Base64-encoded and encrypted

Zscaler’s analysis of YiBackdoor has uncovered a number of code overlaps between YiBackdoor, IcedID, and Latrodectus, including the code injection method, the format and length of the configuration decryption key, and the decryption routines for the configuration blob and the plugins.

“YiBackdoor by default has somewhat limited functionality, however, threat actors can deploy additional plugins that expand the malware’s capabilities,” Zscaler said. “Given the limited deployment to date, it is likely that threat actors are still developing or testing YiBackdoor.”

New Versions of ZLoader Spotted

The development comes as the cybersecurity firm examined two new versions of ZLoader (aka DELoader, Terdot, or Silent Night) – 2.11.6.0 and 2.13.7.0 – that incorporate further improvements to its code obfuscation, network communications, anti-analysis techniques, and evasion capabilities.

Notable among the changes are LDAP-based network discovery commands that can be leveraged for network discovery and lateral movement, as well as an enhanced DNS-based network protocol that utilizes custom encryption with the option of using WebSockets.

Attacks distributing the malware loader are said to be more precise and targeted, being deployed only against a small number of entities rather than in an indiscriminate fashion.

“ZLoader 2.13.7.0 includes improvements and updates to the custom DNS tunnel protocol for command-and-control (C2) communications, along with added support for WebSockets,” Zscaler said. “ZLoader continues to evolve its anti-analysis strategies, leveraging innovative methods to evade detection.”

Most businesses don’t make it past their fifth birthday – studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of Old) celebrated more than a century and a half of operations, it had mastered the art of survival. For 158 years, KNP adapted and endured, building a transport business that operated 500 trucks across the UK. But in June 2025, one easily guessed password brought down the company in a matter of days.

The Northamptonshire-based firm fell victim to the Akira ransomware group after hackers gained access by guessing an employee’s weak password. Attackers didn’t need a sophisticated phishing campaign or a zero-day exploit – all they needed was a password so simple that cybercriminals could guess it correctly.

When basic security fails, everything falls

No matter what advanced security mechanisms your organization has in place, everything falls if basic security measures fail. In the KNP attack, Akira targeted the company’s internet-facing systems, found an employee credential without multi-factor authentication, and guessed the password. Once inside, they deployed their ransomware payload across the company’s entire digital infrastructure.

But the hackers didn’t stop at encrypting critical business data. They also destroyed KNP’s backups and disaster recovery systems, ensuring that the company had no path to recovery without paying their ransom. The criminals demanded an estimated £5 million – money the transport company didn’t have.

KNP had industry-standard IT compliance and cyber-attack insurance, but none of these protections were enough to keep the organization going. Operations came to a standstill. Every truck was sidelined. All business data remained locked away. The cyber crisis team brought in by insurers described it as “the worst-case scenario” for any organization. Within weeks, KNP entered administration, and 700 employees lost their jobs.

The password problem persists

KNP’s story illustrates a weakness that continues to plague organizations across the globe. Research from Kaspersky analyzing 193 million compromised passwords found that 45% could be cracked by hackers within a minute. And when attackers can simply guess or quickly crack credentials, even the most established businesses become vulnerable. Individual security lapses can have organization-wide consequences that extend far beyond the person who chose “Password123” or left their birthday as their login credential.

Interested to know how many weak passwords are currently being used in your Active Directory? Run a free, read-only scan with Specops Password Auditor: Download here.

KNP joins an estimated 19,000 UK businesses that suffered ransomware attacks last year, according to government surveys. High-profile victims have included major retailers like M&S, Co-op, and Harrods, demonstrating that no organization is too large or established to be targeted.

It’s only getting easier. Criminal gangs have lowered the barrier to entry by offering ransomware-as-a-service platforms and social engineering tactics that don’t require advanced technical skills. Attackers now routinely call IT helpdesks to trick their way into corporate systems, exploiting human psychology rather than software vulnerabilities.

Industry research suggests the typical UK ransom demand reaches approximately £4 million, with about one-third of companies choosing to pay rather than risk total business loss. But payment doesn’t guarantee data recovery or prevent future attacks – it simply funds criminal operations that target other organizations.

Building resilient defenses

The KNP incident highlights that security controls are your organization’s most critical defense against ransomware. When a single weak credential can destroy decades (or centuries) of business operations, you can’t afford to treat password security as an afterthought. To build resilient defenses, you should:

Implement strong password policies: Your first defense is strong password policies, backed by breached password detection. You can significantly reduce the risk of successful credential attacks by blocking weak and commonly compromised passwords while enforcing the creation of long, complex passphrases.

For the greatest level of protection, consider implementing an automated solution like Specops Password Policy. It continuously scans Active Directory credentials against billions of known breached passwords, helping your organization enforce strong password policies while preventing easily guessable credentials like the one that brought down KNP.

Enable multi-factor authentication: Even when passwords are compromised, additional authentication factors can prevent unauthorized access to critical systems. KNP’s lack of MFA on internet-facing systems allowed attackers to walk through an open door once they guessed the initial credentials.

To increase your security, add a second layer of protection to your systems using a multi-factor authentication solution like Specops Secure Access. Not only does Secure Access help better protect your organization against password attacks, but it can also help you fulfill compliance and cybersecurity insurance requirements.

Implement zero-trust architecture and least privilege access controls: Beyond password and authentication protections, you need to limit what attackers can do if they get inside your network. Zero-trust architectures assume compromise and verify every access request, regardless of the user’s location or previous authentication status. Least privilege access controls work hand-in-hand with this approach, limiting lateral movement within networks and ensuring that a single breached account cannot unlock every organizational resource.

Perform regular backup testing and recovery: Your organization must ensure its backup systems remain isolated from primary networks and regularly test restoration procedures. When ransomware strikes, functional backups often determine whether a company survives or follows KNP into administration.

If the destruction of a 158-year-old company by a single guessed password gives you an awful feeling in the pit of your stomach, it should: cybersecurity failures have real-world consequences. Investing in security controls today costs far less than rebuilding a business from scratch – if rebuilding is an option.

Ready to strengthen your password security? Learn more about Specops Password Policy and Specops Secure Access to protect your organization from credential-based attacks. Book a live demo today.

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS).

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that allows attackers to compromise a target system by injecting a specially crafted HTML iframe element.

The EC2 IMDS is a crucial component of the AWS cloud environment, offering information about running instances, as well as temporary, short-lived credentials if an identity and access management (IAM) role is associated with the instance. The instance metadata is accessible to any application running on an EC2 instance via a link-local address (169.254.169[.]254).

These credentials can then be used to securely interact with other AWS services like S3, RDS, or DynamoDB, permitting applications to authenticate without the need for storing credentials on the machine, thereby reducing the risk of accidental exposure.

One of the common methods that attackers can use to steal IAM credentials from IMDS is via SSRF flaws in web applications. This essentially involves tricking the app running on an EC2 instance to send a request seeking IAM credentials from the IMDS service on its behalf.

“If the application can reach the IMDS endpoint and is susceptible to SSRF, the attacker can harvest temporary credentials without needing any direct host access (such as RCE or path traversal),” Wiz researchers Hila Ramati and Gili Tikochinski said.

An adversary looking to target AWS infrastructure can therefore search for SSRF vulnerabilities in web applications running on EC2 instances and, when found, access the instance metadata and steal IAM credentials. This is not a theoretical threat.

As far back as early 2022, Google-owned Mandiant found that a threat actor it tracks as UNC2903 had attacked AWS environments by abusing credentials obtained using IMDS since July 2021, exploiting an SSRF flaw (CVE-2021-21311, CVSS score: 7.2) in Adminer, an open-source database management tool, to facilitate data theft.

The issue, at its core, stems from the fact that IMDS, or more specifically IMDSv1, is a request and response protocol, making it an attractive target for bad actors who target exploitable web applications that also run IMDSv1.

In a report published last month, Resecurity warned that when SSRF is exploited against cloud infrastructure like AWS, it can have “severe and far-reaching” consequences, resulting in cloud credential theft, network reconnaissance, and unauthorized access to internal services.

“Since SSRF originates from within the server, it can reach endpoints protected by perimeter firewalls. This effectively turns the vulnerable application into a proxy, allowing the attacker to: Bypass IP whitelists [and] reach otherwise unreachable internal assets,” it said.

The latest findings from Wiz demonstrate that attacks targeting the IMDS service are continuing to take place, with adversaries leveraging SSRF vulnerabilities in little-known applications like Pandoc to enable them.

“The vulnerability, tracked as CVE-2025-51591, stems from Pandoc rendering <iframe> tags in HTML documents,” Wiz researchers said. “This would allow an attacker to craft an <iframe> that points to the IMDS server, or other private resources.”

“The attacker submitted crafted HTML documents containing <iframe> elements whose src attributes targeted the AWS IMDS endpoint at 169.254.169[.]254. The objective was to render and exfiltrate the content of sensitive paths, specifically /latest/meta-data/iam/info and /latest/meta-data/iam.”

Wiz said the attack was ultimately unsuccessful because of the enforcement of IMDSv2, which is session-oriented and mitigates the SSRF attack by first requiring a user to get a token and use that token in all requests to the IMDS via a special header (X-aws-ec2-metadata-token).

The company told The Hacker News that it observed in-the-wild exploitation attempts “dating back to August and continuing for a few weeks,” adding it also found continued efforts on the part of unknown threat actors to abuse another SSRF flaw in ClickHouse to unsuccessfully breach a target’s Google Cloud Platform.

To mitigate the risk posed by CVE-2025-51591 in cloud environments, it’s advised to use the “-f html+raw_html” option or the “–sandbox” option to prevent Pandoc from including the contents of iframe elements through the src attribute.

“[Pandoc maintainers] decided that rendering iframes is the intended behavior and that the user is responsible to either sanitize the input or use the sandbox flags when handling user inputs,” Wiz said.

“Although Amazon recommends implementing the IMDSv2 with GuardDuty enhancements, EC2 instances created by Amazon customers that instead use IMDSv1 may be at risk when combined with also running unpatched vulnerable third party software,” Mandiant researchers warned at the time.

Organizations are recommended to enforce IMDSv2 across all EC2 instances and ensure that instances are assigned roles that follow the principle of least privilege (PoLP) to contain the blast radius in the event of an IMDS compromise.

Sep 24, 2025Ravie LakshmananVulnerability / Email Security

Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors.

The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity.

“Libraesva ESG is affected by a command injection flaw that can be triggered by a malicious email containing a specially crafted compressed attachment, allowing potential execution of arbitrary commands as a non-privileged user,” Libraesva said in an advisory.

“This occurs due to an improper sanitization during the removal of active code from files contained in some compressed archive formats.”

In a hypothetical attack scenario, an attacker could exploit the flaw by sending an email containing a specially crafted compressed archive, allowing a threat actor to leverage the application’s improper sanitization logic to ultimately execute arbitrary shell commands.

The shortcoming affects Libraesva ESG versions 4.5 through 5.5.x before 5.5.7, with fixes released in 5.0.31, 5.1.20, 5.2.31, 5.3.16, 5.4.8, and 5.5.7. Libraesva noted in the alert that versions below 5.0 have reached end-of-support and must be manually upgraded to a supported release.

The Italian email security company also acknowledged that it has identified one confirmed incident of abuse, and that the threat actor is “believed to be a foreign hostile state entity.” It did not share any further details on the nature of the activity, or who may be behind it.

“The single‑appliance focus underscores the precision of the threat actor (believed to be a foreign hostile state) and highlights the importance of rapid, comprehensive patch deployment,” Libraesva said, adding it deployed a fix within 17 hours of flagging the abuse.

In light of active exploitation, it’s essential that users of the ESG software update their instances to the latest version as soon as possible to mitigate potential threats.

Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image.

The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are listed below –

• CVE-2025-7937 (CVSS score: 6.6) – A crafted firmware image can bypass the Supermicro BMC firmware verification logic of Root of Trust (RoT) 1.0 to update the system firmware by redirecting the program to a fake “fwmap” table in the unsigned region
• CVE-2025-6198 (CVSS score: 6.4) – A crafted firmware image can bypass the Supermicro BMC firmware verification logic of the Signing Table to update the system firmware by redirecting the program to a fake signing table (“sig_table”) in the unsigned region

The image validation process carried out during a firmware update takes place over three steps: Retrieve the public key from the BMC SPI flash chip, process the “fwmap” or “sig_table” table embedded in the uploaded image, and compute a cryptographic hash digest of all “signed” firmware regions, and verify the signature value against the calculated hash digest.

Firmware security company Binarly, which has been credited with discovering and reporting the two shortcomings, said CVE-2025-7937 is a bypass for CVE-2024-10237, which was disclosed by Supermicro in January 2025. The vulnerability was originally discovered by NVIDIA, alongside CVE-2024-10238 and CVE-2024-10239.

CVE-2024-10237 is a “logical flaw in the validation process of the uploaded firmware, which could ultimately result in the BMC SPI chip being reflashed with a malicious image,” Binarly researcher Anton Ivanov said in a report shared with The Hacker News. “This security issue could allow potential attackers to gain complete and persistent control of both the BMC system and the main server OS.”

“This vulnerability demonstrated that the validation process could be manipulated by adding custom entries to the ‘fwmap’ table and relocating the original signed content of the image to unreserved firmware space, which ensures that the calculated digest still matches the signed value.”

On the other hand, CVE-2024-10238 and CVE-2024-10239 are two stack overflow flaws in the firmware’s image verification function, allowing an attacker to execute arbitrary code in the BMC context.

Binarly’s analysis found the fix for CVE-2024-10237 to be insufficient, identifying a potential attack pathway by which a custom “fwmap” table can be inserted before the original one, which is then used during the validation process. This essentially enables the threat actor to run custom code in the context of the BMC system.

Further investigation into the implementation of the firmware validation logic in the X13SEM-F motherboard determined a flaw within the “auth_bmc_sig” function that could permit an attacker to load a malicious image without modifying the hash digest value.

“Once again, as all the regions used for the digest calculation are defined in the uploaded image itself (in the ‘sig_table’), it is possible to modify it, along with some other parts of the image – for example, the kernel – and move the original data to unused space in the firmware,” Ivanov said. “This means that the signed data digest will still match the original value.”

Successful exploitation of CVE-2025-6198 can not only update the BMC system with a specially crafted image, but also get around the BMC RoT security feature.

“Previously, we reported the discovery of the test key on Supermicro devices, and their PSIRT doubled down that the hardware RoT (Root of Trust) authenticates the key and has no impact on this discovery,” Alex Matrosov, CEO and Head of REsearch at Binarly, told The Hacker News.

“However, new research shows that the previous statement from Supermicro is not accurate, and CVE-2025-6198 bypasses the BMC RoT. In this case, any leak of the signing key will impact the entire ecosystem. Reusing the signing key is not the best approach, and we recommend at least rotating the signing keys per product line. Based on previous incidents like PKfail and the Intel Boot Guard key leakage, the reuse of cryptographic signing keys could cause an industry-wide impact.”

Sep 23, 2025Ravie LakshmananFinancial Crime / Cryptocurrency

Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain.

According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in Italy, Romania and Bulgaria. Bank accounts and other financial assets associated with the cybercrime ring were frozen.

The main perpetrator behind the operation has been accused of large-scale fraud and money laundering by running an online investment platform for several years, tricking unsuspecting individuals into parting with their funds by promising them high returns on investments in various cryptocurrencies.

Once the deposits were made, the funds were transferred to bank accounts in Lithuania to launder them. Victims who attempted to withdraw their assets from the platform were asked to pay additional fees, after which the website used to conduct the scam vanished.

A number of judicial and law enforcement agencies from Bulgaria, Italy, Lithuania, Portugal, Romania, and Spain participated in the fraud scheme investigation.

“This fraud had been running since at least 2018, and covered 23 different countries, for instance, either as areas used to divert proceeds of the scam or as locations where victims were based,” Eurojust, which coordinated the effort along with support from Europol, said.

According to the U.S. Federal Trade Commission (FTC), Americans lost a record $12.5 billion to fraud in 2024, a 25% increase from the previous year, with investment scams resulting in the highest losses, touching $5.7 billion, up from $4.6 billion in 2023 and $3.8 billion in 2022.

“A majority (79%) of people who reported an investment-related scam lost money, with a median loss of over $9,000,” the FTC said. “People lost over $3 billion to scams that started online, compared to approximately $1.9 billion lost to more ‘traditional’ contact methods like calls, texts, or emails.”

The disclosure comes as Chainalysis revealed how a Venus Protocol user was targeted on September 2, 2025, in a social engineering attack, and how early detection and swift action enabled the recovery of stolen funds worth approximately $13 million.

“The attack was rooted in social engineering: malicious actors used a compromised Zoom client to gain system access,” Chainalysis said.

Image Source: Chainalysis

“After infiltrating the victim’s machine, the attackers manipulated the user into submitting a blockchain transaction, which granted them delegate status over the account. This gave them direct control to borrow and redeem assets on behalf of the victim, effectively draining funds.”

The blockchain analytics company said Venus paused its protocol within 20 minutes of the malicious transaction taking place, effectively preventing the attacker from moving the funds further. Over the next 12 hours, Venus force-liquidated the attacker’s wallet, recovered the stolen funds, and resumed full service.

“Venus passed a governance proposal to freeze $3 million in assets still controlled by the attacker,” Chainalysis noted. “Not only did the attacker fail to profit; they actually lost $3 million as a result of the community’s decisive action.”

The Eurojust crackdown also coincides with a similar effort undertaken by the Seoul Metropolitan Police Agency (SMPA) earlier this month that disrupted a cybercrime operation, which is estimated to have stolen about $30 million from 258 high-profile victims, including corporate executives.

“The operation was sophisticated: after successfully hacking victims’ personal information and stealing funds, the criminals would impersonate agency employees and approach victims’ family members to gather even more personal data, preparing for additional thefts,” Chainalysis noted.

Sep 23, 2025Ravie LakshmananNational Security / Threat Intelligence

The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security.

“This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites,” the Secret Service said.

The devices were concentrated within a 35-mile (56 km) radius of the global meeting of the United Nations General Assembly in New York City. An investigation into the incident has been launched by the Secret Service’s Advanced Threat Interdiction Unit.

Aside from issuing anonymous telephonic threats, the sophisticated devices could be weaponized to conduct various attacks on the telecommunications infrastructure, including disabling cell phone towers, triggering a denial-of-service, and facilitating encrypted communication between potential threat actors and criminal enterprises.

The Secret Service also said early evidence points to cellular communications between nation-state threat actors and individuals that are known to federal law enforcement. It did not elaborate on who these actors are. The agency also did not identify the officials who were threatened, the nature of the threat, or the nations that may have been involved.

CNN and NBC News reported that the network anonymously conveyed assassination threats against senior U.S. officials and that the probe uncovered empty electronic safehouses rented around the area, including Armonk, New York; Greenwich, Connecticut; Queens, New York; and across the river in New Jersey.

“The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated,” said U.S. Secret Service Director Sean Curran.

“The U.S. Secret Service’s protective mission is all about prevention, and this investigation makes it clear to potential bad actors that imminent threats to our protectees will be immediately investigated, tracked down, and dismantled.”

Sep 23, 2025Ravie LakshmananVulnerability / Data Security

SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems.

The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of untrusted data that could result in code execution. It affects SolarWinds Web Help Desk 12.8.7 and all previous versions.

“SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine,” SolarWinds said in an advisory released on September 17, 2025.

An anonymous researcher working with the Trend Micro Zero Day Initiative (ZDI) has been credited with discovering and reporting the flaw.

SolarWinds said CVE-2025-26399 is a patch bypass for CVE-2024-28988 (CVSS score: 9.8), which, in turn, is a bypass for CVE-2024-28986 (CVSS score: 9.8) that was originally addressed by the company back in August 2024.

“This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not required to exploit this vulnerability,” according to a ZDI advisory for CVE-2024-28988.

“The specific flaw exists within the AjaxProxy. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.”

While there is no evidence of the vulnerability being exploited in the wild, users are advised to update their instances to SolarWinds Web Help Desk 12.8.7 HF1 for optimal protection.

That said, it’s worth emphasizing that the original bug CVE-2024-28986 was added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) shortly after public disclosure. There is currently no information publicly available on the nature of the attacks weaponizing the bug.

“SolarWinds is a name that needs no introduction in IT and cybersecurity circles. The infamous 2020 supply chain attack, attributed to Russia’s Foreign Intelligence Service (SVR), allowed months-long access into multiple Western government agencies and left a lasting mark on the industry,” Ryan Dewhurst, head of proactive threat intelligence at watchTowr, said in a statement.

“Fast forward to 2024: an unauthenticated remote deserialization vulnerability (CVE-2024-28986) was patched… then patched again (CVE-2024-28988). And now, here we are with yet another patch (CVE-2025-26399) addressing the very same flaw.

“Third time’s the charm? The original bug was actively exploited in the wild, and while we’re not yet aware of active exploitation of this latest patch bypass, history suggests it’s only a matter of time.”