Author: Mark

A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network.

“The campaigns resulted in a multi-stage attack chain targeting Minecraft users specifically,” Check Point researchers Jaromír Hořejší and Antonis Terefos said in a report shared with The Hacker News.

“The malware was impersonating Oringo and Taunahi, which are ‘Scripts and macros tools’ (aka cheats). Both the first and second stages are developed in Java and can only be executed if the Minecraft runtime is installed on the host machine.”

The end goal of the attack is to trick players into downloading a Minecraft mod from GitHub and deliver a .NET information stealer with comprehensive data theft capabilities. The campaign was first detected by the cybersecurity company in March 2025.

What makes the activity notable is its use of an illicit offering called the Stargazers Ghost Network, which makes use of thousands of GitHub accounts to set up tainted repositories that masquerade as cracked software and game cheats.

These malicious repositories, masquerading as Minecraft mods, serve as a conduit for infecting users of the popular video game with a Java loader (e.g., “Oringo-1.8.9.jar”) that remains undetected by all antivirus engines as of writing.

The Java archive (JAR) files implement simple anti-VM and anti-analysis techniques to sidestep detection efforts. Their main objective is to download and run another JAR file, a second-stage stealer that fetches and executes a .NET stealer as the final payload when the game is started by the victim.

The second-stage component is retrieved from an IP address (“147.45.79.104”) that’s stored in Base64-encoded format Pastebin, essentially turning the paste tool into a dead drop resolver.

“To add mods to a Minecraft game, the user must copy the malicious JAR archive into the Minecraft mods folder. After starting the game, the Minecraft process will load all mods from the folder, including the malicious mod, which will download and execute the second stage,” the researchers said.

Besides downloading the .NET stealer, the second-stage stealer is equipped to steal Discord and Minecraft tokens, as well as Telegram-related data. The .NET stealer, on the other hand, is capable of harvesting credentials from various web browsers and gathering files, and information from cryptocurrency wallets and other apps like Steam, and FileZilla.

It can also take screenshots and amass information related to running processes, the system’s external IP address, and clipboard contents. The captured information is eventually bundled and transmitted back to the attacker via a Discord webhook.

The campaign is suspected to be the work of a Russian-speaking threat actor owing to the presence of several artifacts written in the Russian language and the timezone of the attacker’s commits (UTC+03:00). It’s estimated that more than 1,500 devices may have fallen prey to the scheme.

“This case highlights how popular gaming communities can be exploited as effective vectors for malware distribution, emphasizing the importance of caution when downloading third-party content,” the researchers said.

“The Stargazers Ghost Network has been actively distributing this malware, targeting Minecraft players seeking mods to enhance their gameplay. What appeared to be harmless downloads were, in fact, Java-based loaders that deployed two additional stealers, capable of exfiltrating credentials and other sensitive data.”

New Variants of KimJongRAT Stealer Detected

The development comes as Palo Alto Networks Unit 42 detailed two new variants of an information stealer codenamed KimJongRAT that’s likely connected to the same North Korean threat actor behind BabyShark and Stolen Pencil. KimJongRAT has been detected in the wild as far back as May 2013, delivered as a secondary payload in BabyShark attacks.

“One of the new variants uses a Portable Executable (PE) file and the other uses a PowerShell implementation,” security researcher Dominik Reichel said. “The PE and PowerShell variants are both initiated by clicking a Windows shortcut (LNK) file that downloads a dropper file from an attacker-controlled content delivery network (CDN) account.”

While the PE variant’s dropper deploys a loader, a decoy PDF and a text file, the dropper in the PowerShell variant deploys a decoy PDF file along with a ZIP archive. The loader, in turn, downloads auxiliary payloads, including the stealer component for KimJongRAT.

The ZIP archive delivered by the PowerShell variant’s dropper contains scripts that embed the KimJongRAT PowerShell-based stealer and keylogger components.

Both the new incarnations are capable of gathering and transferring victim information, files matching specific extensions, and browser data, such as credentials and details from cryptocurrency wallet extensions. The PE variant of KimJongRAT is also designed to harvest FTP and email client information.

“The continued development and deployment of KimJongRAT, featuring changing techniques such as using a legitimate CDN server to disguise its distribution, demonstrates a clear and ongoing threat,” Unit 42 said. “This adaptability not only showcases the persistent threat posed by such malware but also underscores its developers’ commitment to updating and expanding its capabilities.”

Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware.

“The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence on infected systems,” Trend Micro researchers Jovit Samaniego, Aira Marcelo, Mohamed Fahmy, and Gabriel Nicoleta said in an analysis published this week.

The “broad and sustained” campaign, first spotted last month, set up repositories offering seemingly innocuous penetration testing utilities, but harbored within their Visual Studio project configuration files malicious payloads such as SMTP email bomber and Sakura-RAT.

Water Curse’s arsenal incorporates a wide range of tools and programming languages, underscoring their cross-functional development capabilities to target the supply chain with “developer-oriented information stealers that blur the line between red team tooling and active malware distribution.”

“Upon execution, the malicious payloads initiated complex multistage infection chains utilizing obfuscated scripts written in Visual Basic Script (VBS) and PowerShell,” the researchers said. “These scripts downloaded encrypted archives, extracted Electron-based applications, and performed extensive system reconnaissance.”

The attacks are also characterized by the use of anti-debugging techniques, privilege escalation methods, and persistence mechanisms to maintain a long-term foothold on the affected hosts. Also employed are PowerShell scripts to weaken host defenses and inhibit system recovery.

Water Curse has been described as a financially motivated threat actor that’s driven by credential theft, session hijacking, and resale of illicit access. As many as 76 GitHub accounts have been linked to the campaign. There is evidence to suggest related activity may have been ongoing all the way back to March 2023.

The emergence of Water Curse is the latest example of how threat actors are abusing the trust associated with legitimate platforms like GitHub as a delivery channel for malware and stage software supply chain attacks.

“Their repositories include malware, evasion utilities, game cheats, aimbots, cryptocurrency wallet tools, OSINT scrapers, spamming bots, and credential stealers,” Trend Micro said. “This reflects a multi-vertical targeting strategy that blends cybercrime with opportunistic monetization.”

“Their infrastructure and behavior indicate a focus on stealth, automation, and scalability, with active exfiltration via Telegram and public file-sharing services.”

The disclosure comes as multiple campaigns have been observed leveraging the prevalent ClickFix strategy to deploy various malware families such as AsyncRAT, DeerStealer (via a loader named Hijack Loader), Filch Stealer, LightPerlGirl, and SectopRAT (also via Hijack Loader).

AsyncRAT is one of the many readily available remote access trojans (RATs) that has been put to use by unidentified threat actors to indiscriminately target thousands of organizations spanning multiple sectors since early 2024. Some aspects of the campaign were documented by Forcepoint in August 2024 and January 2025.

“This tradecraft allows the malware to bypass traditional perimeter defenses, particularly by using Cloudflare’s temporary tunnels to serve payloads from seemingly legitimate infrastructure,” Halcyon said. “These tunnels provide attackers with ephemeral and unregistered subdomains that appear trustworthy to perimeter controls, making it difficult to pre-block or blacklist.”

“Because the infrastructure is spun up dynamically via legitimate services, defenders face challenges in distinguishing malicious use from authorized DevOps or IT maintenance workflows. This tactic enables threat actors to deliver payloads without relying on compromised servers or bulletproof hosting, increasing both the scale and stealth of the campaign.”

The findings also follow the discovery of an ongoing malicious campaign that has targeted various European organizations located in Spain, Portugal, Italy, France, Belgium, and the Netherlands with invoice-themed phishing lures to deliver a named Sorillus RAT (aka Ratty RAT).

Previous campaigns distributing the malware have singled out accounting and tax professionals using income tax return decoys, some of which have leveraged HTML smuggling techniques to conceal the malicious payloads.

The attack chain detailed by Orange Cyberdefense employs similar phishing emails that aim to trick recipients into opening PDF attachments containing a OneDrive link that points to a PDF file directly hosted on the cloud storage service while prompting the user to click an “Open the document” button.

Doing so redirects the victim to a malicious web server that acts as a traffic distribution system (TDS) to evaluate the incoming request and determine whether they need to proceed further to the next stage of the infection. If the victim’s machine meets the necessary criteria, they are displayed a benign PDF while a JAR file is stealthily downloaded to drop and execute Sorillus RAT.

A Java-based RAT that first surfaced in 2019, Sorillus is a cross-platform malware that can harvest sensitive information, download/upload files, take screenshots, record audio, log keystrokes, run arbitrary commands, and even uninstall itself. It also doesn’t help that numerous racked versions of the trojan are available online.

The attacks are assessed to be part of a broader campaign that has been observed delivering SambaSpy to users in Italy. SambaSpy, per Orange Cyberdefense, belongs to the Sorillus malware family.

“The operation showcases a strategic blend of legitimate services – such as OneDrive, MediaFire, and tunneling platforms like Ngrok and LocaltoNet – to evade detection,” the cybersecurity company said. “The repeated use of Brazilian Portuguese in payloads supports a likely attribution to Brazilian-speaking threat actors.”

Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware.

“The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence on infected systems,” Trend Micro researchers Jovit Samaniego, Aira Marcelo, Mohamed Fahmy, and Gabriel Nicoleta said in an analysis published this week.

The “broad and sustained” campaign, first spotted last month, set up repositories offering seemingly innocuous penetration testing utilities, but harbored within their Visual Studio project configuration files malicious payloads such as SMTP email bomber and Sakura-RAT.

Water Curse’s arsenal incorporates a wide range of tools and programming languages, underscoring their cross-functional development capabilities to target the supply chain with “developer-oriented information stealers that blur the line between red team tooling and active malware distribution.”

“Upon execution, the malicious payloads initiated complex multistage infection chains utilizing obfuscated scripts written in Visual Basic Script (VBS) and PowerShell,” the researchers said. “These scripts downloaded encrypted archives, extracted Electron-based applications, and performed extensive system reconnaissance.”

The attacks are also characterized by the use of anti-debugging techniques, privilege escalation methods, and persistence mechanisms to maintain a long-term foothold on the affected hosts. Also employed are PowerShell scripts to weaken host defenses and inhibit system recovery.

Water Curse has been described as a financially motivated threat actor that’s driven by credential theft, session hijacking, and resale of illicit access. As many as 76 GitHub accounts have been linked to the campaign. There is evidence to suggest related activity may have been ongoing all the way back to March 2023.

The emergence of Water Curse is the latest example of how threat actors are abusing the trust associated with legitimate platforms like GitHub as a delivery channel for malware and stage software supply chain attacks.

“Their repositories include malware, evasion utilities, game cheats, aimbots, cryptocurrency wallet tools, OSINT scrapers, spamming bots, and credential stealers,” Trend Micro said. “This reflects a multi-vertical targeting strategy that blends cybercrime with opportunistic monetization.”

“Their infrastructure and behavior indicate a focus on stealth, automation, and scalability, with active exfiltration via Telegram and public file-sharing services.”

The disclosure comes as multiple campaigns have been observed leveraging the prevalent ClickFix strategy to deploy various malware families such as AsyncRAT, DeerStealer (via a loader named Hijack Loader), Filch Stealer, LightPerlGirl, and SectopRAT (also via Hijack Loader).

AsyncRAT is one of the many readily available remote access trojans (RATs) that has been put to use by unidentified threat actors to indiscriminately target thousands of organizations spanning multiple sectors since early 2024. Some aspects of the campaign were documented by Forcepoint in August 2024 and January 2025.

“This tradecraft allows the malware to bypass traditional perimeter defenses, particularly by using Cloudflare’s temporary tunnels to serve payloads from seemingly legitimate infrastructure,” Halcyon said. “These tunnels provide attackers with ephemeral and unregistered subdomains that appear trustworthy to perimeter controls, making it difficult to pre-block or blacklist.”

“Because the infrastructure is spun up dynamically via legitimate services, defenders face challenges in distinguishing malicious use from authorized DevOps or IT maintenance workflows. This tactic enables threat actors to deliver payloads without relying on compromised servers or bulletproof hosting, increasing both the scale and stealth of the campaign.”

The findings also follow the discovery of an ongoing malicious campaign that has targeted various European organizations located in Spain, Portugal, Italy, France, Belgium, and the Netherlands with invoice-themed phishing lures to deliver a named Sorillus RAT (aka Ratty RAT).

Previous campaigns distributing the malware have singled out accounting and tax professionals using income tax return decoys, some of which have leveraged HTML smuggling techniques to conceal the malicious payloads.

The attack chain detailed by Orange Cyberdefense employs similar phishing emails that aim to trick recipients into opening PDF attachments containing a OneDrive link that points to a PDF file directly hosted on the cloud storage service while prompting the user to click an “Open the document” button.

Doing so redirects the victim to a malicious web server that acts as a traffic distribution system (TDS) to evaluate the incoming request and determine whether they need to proceed further to the next stage of the infection. If the victim’s machine meets the necessary criteria, they are displayed a benign PDF while a JAR file is stealthily downloaded to drop and execute Sorillus RAT.

A Java-based RAT that first surfaced in 2019, Sorillus is a cross-platform malware that can harvest sensitive information, download/upload files, take screenshots, record audio, log keystrokes, run arbitrary commands, and even uninstall itself. It also doesn’t help that numerous racked versions of the trojan are available online.

The attacks are assessed to be part of a broader campaign that has been observed delivering SambaSpy to users in Italy. SambaSpy, per Orange Cyberdefense, belongs to the Sorillus malware family.

“The operation showcases a strategic blend of legitimate services – such as OneDrive, MediaFire, and tunneling platforms like Ngrok and LocaltoNet – to evade detection,” the cybersecurity company said. “The repeated use of Brazilian Portuguese in payloads supports a likely attribution to Brazilian-speaking threat actors.”

Jun 18, 2025The Hacker NewsDevSecOps / Security Architecture

For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is reserved for the well-resourced enterprise. But that’s changing.

In this post, we break down how fast-moving startups can realistically achieve FedRAMP Moderate authorization without derailing product velocity, drawing from real-world lessons, technical insights, and the bruises earned along the way from a cybersecurity startup that just went through the process.

Why It Matters

Winning in the federal space starts with trust—and that trust begins with FedRAMP. But pursuing authorization is not a simple compliance checkbox. It’s a company-wide shift that requires intentional strategy, deep security investment, and a willingness to move differently than most startups.

Let’s get into what that actually looks like.

Keys to a Successful FedRAMP Authorization

1. Align to NIST 800-53 from Day One

Startups that bolt on compliance late in the game usually end up rewriting their infrastructure to fit. The better path? Build directly against the NIST 800-53 Rev. 5 Moderate baseline as your internal security framework—even before FedRAMP is on the roadmap.

This early commitment reduces rework, accelerates ATO prep, and fosters a security-first mindset that scales. Additionally, compliance is often a must have for organizations to do business with mid to large enterprises so it’s more than a checkbox, it’s a business enabler. Here at Beyond Identity, when we say “secure-by-design” platform, a foundational component is alignment to strict compliance frameworks from the start.

2. Build an Integrated Security Team

FedRAMP isn’t just an InfoSec problem—it’s a team sport. Success requires tight integration across:

• Compliance-focused InfoSec leads who understand the nuances of FedRAMP controls
• Application security engineers who can embed guardrails without bottlenecking delivery
• DevSecOps teams to operationalize security across pipelines
• Platform engineers responsible for both cloud posture and deployment parity

Cross-functional collaboration isn’t a nice-to-have—it’s how you survive the inevitable curveballs.

3. Mirror Your Commercial and Federal Architectures

Attempting to run a separate product for the federal market? Don’t.

Winning startups keep a single software release chain, with identical configurations and infrastructure across both environments. That means:

• No federal-only forks
• No custom hardening outside the mainline
• One platform, one set of controls

This approach dramatically reduces technical drift, simplifies audits, and ensures your engineers aren’t context-switching between two worlds.

Scrutinize the Business Case

FedRAMP isn’t cheap. Initial investments often exceed $1 million, and timelines can stretch beyond 12 months. Before you start:

• Validate the market opportunity—can you actually win federal deals?
• Confirm executive sponsorship—FedRAMP requires top-down alignment
• Look for 10x return potential—not just for the cost, but for the time and energy involved

This isn’t a growth experiment. It’s a long play that demands conviction.

Pick the Right Partners

Navigating FedRAMP alone is a losing strategy. Choose external vendors carefully:

• Ask for customer references with successful FedRAMP delivery
• Watch for predatory pricing—especially from Third Party Assessment Organizations and automation tools
• Prioritize collaboration and transparency—your partner becomes an extension of your team

Cut corners here and you’ll pay for it later—in both delays and trust.

Build Internal Muscle

No external vendor can replace internal readiness. You’ll need:

• Security architecture skills with depth in cryptography, PKI, and TPMs
• Ops maturity to manage change control, evidence collection, and ticketing rigor
• Strong program management to coordinate vendors, auditors, and internal stakeholders
• Team training—FedRAMP has a steep learning curve. Invest early.

FedRAMP reshapes how you ship, with slower velocity, higher overhead, and the need for tight cross-functional alignment. While the impact is real, the long-term payoff is disciplined security and process maturity that goes well beyond compliance.

The Toughest Challenges

Every FedRAMP journey hits turbulence. Some of the hardest problems include:

• Interpreting FedRAMP Moderate controls without clear guidance
• Defining authorization boundaries across microservices and shared components
• Operationalizing DevSecOps gates that enforce security without stalling builds
• Choosing the right tools for SAST, DAST, SBOM, and SCA—and integrating them

Don’t underestimate these. They can become critical blockers without careful planning.

Achieving FedRAMP at startup speed is possible—but only with ruthless prioritization, integrated security culture, and a deep understanding of what you’re signing up for.

If you’re considering the journey: start small, move deliberately, and commit fully. The federal market rewards trust—but only for those who earn it.

Beyond Identity is a FedRAMP-moderate identity and access management platform that eliminates identity-based attacks. Learn more at beyondidentity.com.

Jun 18, 2025Ravie LakshmananLinux / Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.

The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible systems. It was patched in early 2023.

“Linux kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount,” the agency said.

“This uid mapping bug allows a local user to escalate their privileges on the system.”

It’s currently not known how the security flaw is being exploited in the wild. In a report published in May 2023, Datadog said the vulnerability is trivial to exploit and that it works by tricking the kernel into creating a SUID binary owned by root in a folder like “/tmp” and executing it.

“CVE-2023-0386 lies in the fact that when the kernel copied a file from the overlay file system to the ‘upper’ directory, it did not check if the user/group owning this file was mapped in the current user namespace,” the company said.

“This allows an unprivileged user to smuggle an SUID binary from a ‘lower’ directory to the ‘upper’ directory, by using OverlayFS as an intermediary.”

Later that year, cloud security firm Wiz detailed two security vulnerabilities dubbed GameOver(lay) (CVE-2023-32629 and CVE-2023-2640) affecting Unix systems that led to similar consequences as CVE-2023-0386.

“These flaws allow the creation of specialized executables, which, upon execution, grant the ability to escalate privileges to root on the affected machine,” Wiz researchers said.

Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary patches by July 8, 2025, to secure their networks against active threats.

Jun 18, 2025Ravie LakshmananEspionage / National Security

A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information (NDI) to people who were not entitled to receive them and for attempting to cover up the malicious activity.

Asif William Rahman, 34, of Vienna, has been sentenced today to 37 months on charges of stealing and divulging classified information. He was an employee of the CIA since 2016 and had Top Secret security clearance to access Sensitive Compartmented Information (SCI) until he was terminated from his job after he was arrested last November in Cambodia.

Earlier this January, Rahman pleaded guilty to two counts of willful retention and transmission of classified information related to the national defense.

As previously reported by The Hacker News, Rahman retained multiple Secret and Top Secret documents without authorization on October 17, 2024, took them to his place of residence in a backpack, and wilfully sent them to several individuals who did not have the necessary clearance to receive them.

“The defendant photographed the documents and transferred those images to a computer program that allowed him to edit the images to attempt to conceal their source and delete his activity,” according to court documents. “The defendant also took steps to conceal his identity while unlawfully sharing classified information with others.”

Some of these documents were related to Israel’s plans to attack Iran around that time. They eventually began circulating online after they were posted on Telegram by an account called Middle East Spectator.

To cover up these acts, Rahman engaged in what the U.S. Department of Justice (DoJ) described as a “deletion campaign of work product” on his computer, wiping roughly 1.5 GB of data from his email and personal folder on his system. He also deleted and edited certain journal entries to conceal his personal opinions on U.S. policy.

“Asif Rahman violated his position of trust by illegally accessing, removing, and transmitting Top Secret documents vital to the national security of the United States and its allies,” said Erik S. Siebert, U.S. Attorney for the Eastern District of Virginia.

“The urgency with which Mr. Rahman was identified, arrested, charged, and prosecuted is a testament to the commitment and professionalism of the investigators and prosecutors who brought him to justice. This case should serve as a stern warning to those who choose to place their own goals over their allegiance to our nation.”

Jun 18, 2025Ravie LakshmananHacktivism / Cyber Warfare

Iran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region.

Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to maintain internet stability and that the move is “temporary, targeted, and controlled, to ward off cyber attacks.” Data shared by NetBlocks shows a “significant reduction in internet traffic” around 5:30 p.m. local time.

The development comes amid deepening conflict, with Israel and Iran trading missile attacks since Friday. These attacks have spilled over into cyberspace, as security experts warned of retaliatory cyber operations by Iranian state actors and hacktivist groups.

The digital conflict unfolding behind the scenes goes two ways. Earlier this week, a pro-Israeli group known as Predatory Sparrow claimed responsibility for a cyber attack on Iran’s Bank Sepah, crippling access to its website and ATMs.

“‘Bank Sepah’ was an institution that circumvented international sanctions and used the people of Iran’s money to finance the regime’s terrorist proxies, its ballistic missile program, and its military nuclear program,” the group said in a public statement posted on X.

Predatory Sparrow also said it sabotaged the bank’s infrastructure with help from “brave Iranians,” adding “This is what happens to institutions dedicated to maintaining the dictator’s terrorist fantasies.” Israel has a storied history of sophisticated cyber operations, most notably the Stuxnet attack targeting Iran’s nuclear program.

Tel Aviv-based cybersecurity firm Radware said it has observed heightened activity from threat actors affiliated with Iran across public and private Telegram channels.

Some of the groups, including Mysterious Team Bangladesh and Arabian Ghost, have warned neighboring countries Jordan and Saudi Arabia against supporting Israel and claimed to have shut down Israeli radio stations.

Furthermore, the Iranian government has also urged citizens to delete WhatsApp, one of the country’s most popular messaging platforms, stating without giving any evidence that the Meta-owned app has been weaponized by Israel to spy on its users.

WhatsApp has denied the allegations. In a statement to the Associated Press, the company said it does not track users nor does it provide “bulk information to any government.”

The cyber conflict also follows an announcement from the U.S. Department of State that they were seeking information on Iranian hackers who they accused of targeting critical infrastructure in the U.S., Israel, and other countries using the IOCONTROL (aka OrpaCrab) malware to breach Industrial Control Systems (ICS).

“Cyber Av3ngers, which is associated with the online persona Mr. Soul, has launched a series of malicious cyber activities against U.S. critical infrastructure on behalf of Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC),” the department’s Rewards for Justice (RFJ) program said.

“Cyber Av3ngers actors have utilized malware known as IOCONTROL to target ICS/SCADA devices used by critical infrastructure sectors in the United States and worldwide.”

Jun 18, 2025Ravie LakshmananVulnerability / Data Protection

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.

The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.

“A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user,” the company said in an advisory.

CVE-2025-23121 impacts all earlier version 12 builds, including 12.3.1.1139. It has been addressed in version 12.3.2 (build 12.3.2.3617). Security researchers at CODE WHITE GmbH and watchTowr have been credited with discovering and reporting the vulnerability.

Cybersecurity company Rapid7 noted that the update likely addresses concerns shared by CODE WHITE in late March 2025 that the patch put in place to plug a similar hole (CVE-2025-23120, CVSS score: 9.9) could be bypassed.

Also addressed by Veeam is another flaw in the same product (CVE-2025-24286, CVSS score: 7.2) that allows an authenticated user with the Backup Operator role to modify backup jobs, which could result in arbitrary code execution.

The American company separately patched a vulnerability that affected Veeam Agent for Microsoft Windows (CVE-2025-24287, CVSS score: 6.1) that permits local system users to modify directory contents, leading to code execution with elevated permissions. The issue has been patched in version 6.3.2 (build 6.3.2.1205).

According to Rapid7, more than 20% of its incident response cases in 2024 involved either the access or exploitation of Veeam, once a threat actor has already established a foothold in the target environment.

With security flaws in Veeam backup software becoming a prime target for attackers in recent years, it’s crucial that customers update to the latest version of the software with immediate effect.

Jun 17, 2025Ravie LakshmananMalware / Cyber Espionage

A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.

The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).

Google addressed the flaw later that month after Kaspersky reported in-the-wild exploitation in a campaign dubbed Operation ForumTroll targeting various Russian organizations.

“The initial attack vector was a phishing email containing a malicious link,” security researchers Stanislav Pyzhov and Vladislav Lunin said. “When the victim clicked the link, it triggered a one-click exploit (CVE-2025-2783), leading to the installation of the Trinper backdoor employed by TaxOff.”

The phishing email is said to have been disguised as an invitation to the Primakov Readings forum – the same lure detailed by Kaspersky – urging users to click on a link that led to a fake website hosting the exploit.

TaxOff is the name assigned to a hacking group that was first documented by the Russian cybersecurity company in late November 2024 as targeting domestic government agencies using legal and finance-related phishing emails to deliver Trinper.

Written in C++, the backdoor makes use of multithreading to capture victim host information, record keystrokes, gather files matching specific extensions (.doc, .xls, .ppt, .rtf, and .pdf), and establish a connection with a remote server to receive commands and exfiltrate the results of the execution.

The instructions sent from the command-and-control (C2) server extend the implant’s functionality, allowing it to read/write files, run commands using cmd.exe, launch a reverse shell, change directory, and shutdown itself.

“Multithreading provides a high degree of parallelism to hide the backdoor while retaining the ability to collect and exfiltrate data, install additional modules, and maintain communications with C2,” Lunin noted at the time.

Positive Technologies said its investigation into the mid-March 2025 intrusion led to the discovery of another attack dating back to October 2024 that also commenced with a phishing email, which purported to be an invitation to an international conference called “Security of the Union State in the modern world.”

The email message also contained a link, which downloaded a ZIP archive file containing a Windows shortcut that, in turn, launched a PowerShell command to ultimately serve a decoy document while also dropping a loader responsible for launching the Trinper backdoor by means of the open-source Donut loader. A variation of the attack has been found to swap out the Donut loader in favor of Cobalt Strike.

This attack chain, per the company, shares several tactical similarities with that of another hacking group tracked as Team46, raising the possibility that the two threat activity clusters are one and the same.

Interestingly, another set of phishing emails sent by the Team46 attackers a month before claimed to be from Moscow-based telecom operator Rostelecom, alerting recipients of supposed maintenance outages last year.

These emails included a ZIP archive, which embedded a shortcut that launched a PowerShell command to deploy a loader that had been previously used to deliver another backdoor in an attack targeting an unnamed Russian company in the rail freight industry.

The March 2024 intrusion, detailed by Doctor Web, is notable for the fact that one of the payloads weaponized a DLL hijacking vulnerability in the Yandex Browser (CVE-2024-6473, CVSS score: 8.4) as a zero-day to download and execute unspecified malware. It was resolved in version 24.7.1.380 released in September 2024.

“This group leverages zero-day exploits, which enables it to penetrate secure infrastructures more effectively,” the researchers said. “The group also creates and uses sophisticated malware, implying that it has a long-term strategy and intends to maintain persistence on the compromised systems for an extended period.”

Jun 17, 2025Ravie LakshmananVulnerability / LLM Security

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts.

The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security.

LangSmith is an observability and evaluation platform that allows users to develop, test, and monitor large language model (LLM) applications, including those built using LangChain. The service also offers what’s called a LangChain Hub, which acts as a repository for all publicly listed prompts, agents, and models.

“This newly identified vulnerability exploited unsuspecting users who adopt an agent containing a pre-configured malicious proxy server uploaded to ‘Prompt Hub,’” researchers Sasi Levi and Gal Moyal said in a report shared with The Hacker News.

“Once adopted, the malicious proxy discreetly intercepted all user communications – including sensitive data such as API keys (including OpenAI API Keys), user prompts, documents, images, and voice inputs – without the victim’s knowledge.”

The first phase of the attack essentially unfolds thus: A bad actor crafts an artificial intelligence (AI) agent and configures it with a model server under their control via the Proxy Provider feature, which allows the prompts to be tested against any model that is compliant with the OpenAI API. The attacker then shares the agent on LangChain Hub.

The next stage kicks in when a user finds this malicious agent via LangChain Hub and proceeds to “Try It” by providing a prompt as input. In doing so, all of their communications with the agent are stealthily routed through the attacker’s proxy server, causing the data to be exfiltrated without the user’s knowledge.

The captured data could include OpenAI API keys, prompt data, and any uploaded attachments. The threat actor could weaponize the OpenAI API key to gain unauthorized access to the victim’s OpenAI environment, leading to more severe consequences, such as model theft and system prompt leakage.

What’s more, the attacker could use up all of the organization’s API quota, driving up billing costs or temporarily restricting access to OpenAI services.

It doesn’t end there. Should the victim opt to clone the agent into their enterprise environment, along with the embedded malicious proxy configuration, it risks continuously leaking valuable data to the attackers without giving any indication to them that their traffic is being intercepted.

Following responsible disclosure on October 29, 2024, the vulnerability was addressed in the backend by LangChain as part of a fix deployed on November 6. In addition, the patch implements a warning prompt about data exposure when users attempt to clone an agent containing a custom proxy configuration.

“Beyond the immediate risk of unexpected financial losses from unauthorized API usage, malicious actors could gain persistent access to internal datasets uploaded to OpenAI, proprietary models, trade secrets and other intellectual property, resulting in legal liabilities and reputational damage,” the researchers said.

New WormGPT Variants Detailed

The disclosure comes as Cato Networks revealed that threat actors have released two previously unreported WormGPT variants that are powered by xAI Grok and Mistral AI Mixtral.

WormGPT launched in mid-2023 as an uncensored generative AI tool designed to expressly facilitate malicious activities for threat actors, such as creating tailored phishing emails and writing snippets of malware. The project shut down not long after the tool’s author was outed as a 23-year-old Portuguese programmer.

Since then several new “WormGPT” variants have been advertised on cybercrime forums like BreachForums, including xzin0vich-WormGPT and keanu-WormGPT, that are designed to provide “uncensored responses to a wide range of topics” even if they are “unethical or illegal.”

“‘WormGPT’ now serves as a recognizable brand for a new class of uncensored LLMs,” security researcher Vitaly Simonovich said.

“These new iterations of WormGPT are not bespoke models built from the ground up, but rather the result of threat actors skillfully adapting existing LLMs. By manipulating system prompts and potentially employing fine-tuning on illicit data, the creators offer potent AI-driven tools for cybercriminal operations under the WormGPT brand.”