Category: Cybersecurity

Aug 27, 2025The Hacker NewsEnterprise Security / Data Protection

Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of control and safeguards in place.

For CISOs and security leaders like you, the challenge is clear: you don’t want to slow AI adoption down, but you must make it safe. A policy sent company-wide will not cut it. What’s needed are practical principles and technological capabilities that create an innovative environment without an open door for a breach.

Here are the five rules you cannot afford to ignore.

Rule #1: AI Visibility and Discovery

The oldest security truth still applies: you cannot protect what you cannot see. Shadow IT was a headache on its own, but shadow AI is even slipperier. It is not just ChatGPT, it’s also the embedded AI features that exist in many SaaS apps and any new AI agents that your employees might be creating.

The golden rule: turn on the lights.

You need real-time visibility into AI usage, both stand-alone and embedded. AI discovery should be continuous and not a one-time event.

Rule #2: Contextual Risk Assessment

Not all AI usage carries the same level of risk. An AI grammar checker used inside a text editor doesn’t carry the same risk as an AI tool that connects directly to your CRM. Wing enriches each discovery with meaningful context so you can get contextual awareness, including:

• Who the vendor is and their reputation in the market
• If your data being used for AI training and if it’s configurable
• Whether the app or vendor has a history of breaches or security issues
• The app’s compliance adherence (SOC 2, GDPR, ISO, etc.)
• If the app connects to any other systems in your environment

The golden rule: context matters.

Prevent leaving gaps that are big enough for attackers to exploit. Your AI security platform should give you contextual awareness to make the right decisions about which tools are in use and if they are safe.

Rule #3: Data Protection

AI thrives on data, which makes it both powerful and risky. If employees feed sensitive information into applications with AI without controls, you risk exposure, compliance violations, and devastating consequences in the event of a breach. The question is not if your data will end up in AI, but how to ensure it is protected along the way.

The golden rule: data needs a seatbelt.

Put boundaries around what data can be shared with AI tools and how it is handled, both in policy and by utilizing your security technology to give you full visibility. Data protection is the backbone of safe AI adoption. Enabling clear boundaries now will prevent potential loss later.

Rule #4: Access Controls and Guardrails

Letting employees use AI without controls is like handing your car keys to a teenager and yelling, “Drive safe!” without driving lessons.

You need technology that enables access controls to determine which tools are being used and under what conditions. This is new for everyone, and your organization is relying on you to make the rules.

The golden rule: zero trust. Still!

Make sure your security tools enable you to define clear, customizable policies for AI use, like:

• Blocking AI vendors that don’t meet your security standards
• Restricting connections to certain types of AI apps
• Trigger a workflow to validate the need for a new AI tool

Rule #5: Continuous Oversight

Securing your AI is not a “set it and forget it” project. Applications evolve, permissions change, and employees find new ways to use the tools. Without ongoing oversight, what was safe yesterday can quietly become a risk today.

The golden rule: keep watching.

Continuous oversight means:

• Monitoring apps for new permissions, data flows, or behaviors
• Auditing AI outputs to ensure accuracy, fairness, and compliance
• Reviewing vendor updates that may change how AI features work
• Being ready to step in when AI is breached

This is not about micromanaging innovation. It is about making sure AI continues to serve your business safely as it evolves.

Harness AI wisely

AI is here, it is useful, and it is not going anywhere. The smart play for CISOs and security leaders is to adopt AI with intention. These five golden rules give you a blueprint for balancing innovation and protection. They will not stop your employees from experimenting, but they will stop that experimentation from turning into your next security headline.

Safe AI adoption is not about saying “no.” It is about saying: “yes, but here’s how.”

Want to see what’s really hiding in your stack? Wing’s got you covered.

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025.

These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government across local, municipal, and federal levels. The threat intelligence firm is tracking the activity under the name TAG-144.

“Although the clusters share similar tactics, techniques, and procedures (TTPs) such as leveraging open-source and cracked remote access trojans (RATs), dynamic domain providers, and legitimate internet services (LIS) for staging, they differ significantly in infrastructure, malware deployment, and other operational methods,” the Mastercard-owned company said.

Blind Eagle has a history of targeting organizations in South America since at least 2018, with the attacks reflecting both cyber espionage and financially driven motivations. This is evidenced in their recent campaigns, which have involved banking-related keylogging and browser monitoring as well as targeting government entities using various remote access trojans (RATs).

Targets of the group’s attacks include the judiciary and tax authorities, along with entities in the financial, petroleum, energy, education, healthcare, manufacturing, and professional services sectors. The operations predominantly span Colombia, Ecuador, Chile, and Panama, and, in some cases, Spanish-speaking users in North America.

Attack chains typically involve the use of spear-phishing lures impersonating local government agencies to entice recipients into opening malicious documents or clicking on links concealed using URL shorteners like cort[.]as, acortaurl[.]com, and gtly[.]to.

Blind Eagle makes use of compromised email accounts to send the messages and leverages geofencing tricks to redirect users to official government websites when attempting to navigate to attacker-controlled infrastructure outside of Colombia or Ecuador.

“TAG-144’s command-and-control (C2) infrastructure often incorporates IP addresses from Colombian ISPs alongside virtual private servers (VPS) such as Proton666 and VPN services like Powerhouse Management, FrootVPN, and TorGuard,” Recorded Future said. This setup is further enhanced by the use of dynamic DNS services, including duckdns[.]org, ip-ddns[.]com, and noip[.]com.”

The threat group has also taken advantage of legitimate internet services, such as Bitbucket, Discord, Dropbox, GitHub, Google Drive, the Internet Archive, lovestoblog.com, Paste.ee, Tagbox, and lesser-known Brazilian image-hosting websites, for staging payloads in order to obscure malicious content and evade detection.

Recent campaigns orchestrated by the threat actor have employed a Visual Basic Script file as a dropper to execute a dynamically generated PowerShell script at runtime, which, in turn, reaches out to an external server to download an injector module that’s responsible for loading Lime RAT, DCRat, AsyncRAT, or Remcos RAT.

The regional focus aside, the hacking group has consistently relied on the same techniques since its emergence, underscoring how “well-established methods” continue to yield high success rates in the region.

Recorded Future’s analysis of Blind Eagle’s campaigns have uncovered five clusters of activity –

• Cluster 1 (from February through July 2025), which has targeted Colombian government entities exclusively with DCRat, AsyncRAT, and Remcos RAT
• Cluster 2 (from September through December 2024), which has targeted Colombian government and entities in the education, defense, and retail sectors with AsyncRAT and XWorm
• Cluster 3 (from September 2024 through July 2025), which is characterized by the deployment of AsyncRAT and Remcos RAT
• Cluster 4 (from May 2024 through February 2025), which is associated with malware and phishing infrastructure attributed to TAG-144, with the phishing pages mimicking Banco Davivienda, Bancolombia, and BBVA
• Cluster 5 (from March through July 2025), which is associated with Lime RAT and a cracked AsyncRAT variant observed in Clusters 1 and 2

The digital missives used in these campaigns come with an SVG attachment, which then reaches out to Discord CDN to retrieve a JavaScript payload that, for its part, fetches a PowerShell script from Paste.ee. The PowerShell script is designed to decode and execute another PowerShell payload that obtains a JPG image hosted on the Internet Archive and extracts from it an embedded .NET assembly.

Interestingly, the cracked version of AsyncRAT used in the attacks has been previously observed in connection with intrusion activity mounted by threat actors Red Akodon and Shadow Vector, both of which have targeted Colombia over the past year.

Nearly 60% of the observed Blind Eagle activity during the analysis period has targeted the government sector, followed by education, healthcare, retail, transportation, defense, and oil verticals.

“Although TAG-144 has targeted other sectors and has occasionally been linked to intrusions in additional South American countries such as Ecuador, as well as Spanish-speaking victims in the US, its primary focus has consistently remained on Colombia, particularly on government entities,” Recorded Future said.

“This persistent targeting raises questions about the threat group’s true motivations, such as whether it operates solely as a financially driven threat actor leveraging established tools, techniques, and monetization strategies, or whether elements of state-sponsored espionage are also at play.”

Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.

The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked by Google Threat Intelligence Group and Mandiant, tracked as UNC6395.

“Beginning as early as August 8, 2025, through at least August 18, 2025, the actor targeted Salesforce customer instances through compromised OAuth tokens associated with the Salesloft Drift third-party application,” researchers Austin Larsen, Matt Lin, Tyler McLellan, and Omar ElAhdan said.

In these attacks, the threat actors have been observed exporting large volumes of data from numerous corporate Salesforce instances, with the likely aim of harvesting credentials that could be then used to compromise victim environments. These include Amazon Web Services (AWS) access keys (AKIA), passwords, and Snowflake-related access tokens.

UNC6395 has also demonstrated operational security awareness by deleting query jobs, although Google is urging organizations to review relevant logs for evidence of data exposure, alongside revoking API keys, rotating credentials, and performing further investigation to determine the extent of compromise.

Salesloft, in an advisory issued August 20, 2025, said it identified a security issue in the Drift application and that it has proactively revoked connections between Drift and Salesforce. The incident does not affect customers who do not integrate with Salesforce.

“A threat actor used OAuth credentials to exfiltrate data from our customers’ Salesforce instances,” Salesloft said. “The threat actor executed queries to retrieve information associated with various Salesforce objects, including Cases, Accounts, Users, and Opportunities.”

The company is also recommending that administrators re-authenticate their Salesforce connection to re-enable the integration. The exact scale of the activity is not known. However, Salesloft said it has notified all affected parties.

In a statement Tuesday, Salesforce said a “small number of customers” were impacted, stating the issue stems from a “compromise of the app’s connection.”

“Upon detecting the activity, Salesloft, in collaboration with Salesforce, invalidated active Access and Refresh Tokens, and removed Drift from AppExchange. We then notified affected customers,” Salesforce added.

The development comes as Salesforce instances have become an active target for financially motivated threat groups like UNC6040 and UNC6240 (aka ShinyHunters), the latter of which has since joined hands with Scattered Spider (aka UNC3944) to secure initial access.

“What’s most noteworthy about the UNC6395 attacks is both the scale and the discipline,” Cory Michal, CSO of AppOmni, said. “This wasn’t a one-off compromise; hundreds of Salesforce tenants of specific organizations of interest were targeted using stolen OAuth tokens, and the attacker methodically queried and exported data across many environments.”

“They demonstrated a high level of operational discipline, running structured queries, searching specifically for credentials, and even attempting to cover their tracks by deleting jobs. The combination of scale, focus, and tradecraft makes this campaign stand out.”

Michal also pointed out that many of the targeted and compromised organizations were themselves security and technology companies, indicating that the campaign may be an “opening move” as part of a broader supply chain attack strategy.

“By first infiltrating vendors and service providers, the attackers put themselves in position to pivot into downstream customers and partners,” Michal added. “That makes this not just an isolated SaaS compromise, but potentially the foundation for a much larger campaign aimed at exploiting the trust relationships that exist across the technology supply chain.”

Aug 26, 2025Ravie LakshmananVulnerability / Mobile Security

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB).

The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software toolkit named Sni5Gect (short for “Sniffing 5G Inject”) that’s designed to sniff unencrypted messages sent between the base station and the user equipment (UE, i.e., a phone) and inject messages to the target UE over-the-air.

The framework can be used to carry out attacks such as crashing the UE modem, downgrading to earlier generations of networks, fingerprinting, or authentication bypass, according to Shijie Luo, Matheus Garbelini, Sudipta Chattopadhyay, and Jianying Zhou.

“As opposed to using a rogue base station, which limits the practicality of many 5G attacks, SNI5GECT acts as a third-party in the communication, silently sniffs messages, and tracks the protocol state by decoding the sniffed messages during the UE attach procedure,” the researchers said. “The state information is then used to inject a targeted attack payload in downlink communication.”

The findings build upon a prior study from ASSET in late 2023 that led to the discovery of 14 flaws in the firmware implementation of 5G mobile network modems from MediaTek and Qualcomm, collectively dubbed 5Ghoul, that could be exploited to launch attacks to drop connections, freeze the connection that involves manual reboot, or downgrade the 5G connectivity to 4G.

The Sni5Gect attacks are designed to passively sniff messages during the initial connection process, decode the message content in real-time, and then leverage the decoded message content to inject targeted attack payloads.

Specifically, the attacks are designed to take advantage of the phase before the authentication procedure, at which point the messages exchanged between the gNB and the UE are not encrypted. As a result, the threat model does not require knowledge of the UE’s credentials to sniff uplink/downlink traffic or inject messages.

“To the best of our knowledge, SNI5GECT is the first framework that empowers researchers with both over-the-air sniffing and stateful injection capabilities, without requiring a rogue gNB,” the researchers said.

“For example, an attacker can exploit the short UE communication window that spans from the RACH process until the NAS security context is established. Such an attacker actively listens for any RAR message from the gNB, which provides the RNTI to decode further UE messages.”

This enables the threat actor to crash the modem on the victim’s device, fingerprint the targeted device, and even downgrade the connection to 4G, which has known vulnerabilities that can be exploited by the attacker to track the UE location over time.

In tests against five smartphones, including OnePlus Nord CE 2, Samsung Galaxy S22, Google Pixel 7, and Huawei P40 Pro, the study achieved 80% accuracy in uplink and downlink sniffing, and managed to inject messages with a success rate of 70-90% from a distance of up to 20 meters (65 feet).

The Global System for Mobile Communications Association (GSMA), a non-profit trade association that represents mobile network operators worldwide and develops new technologies, has acknowledged the multi-stage, downgrade attack, and assigned it the identifier CVD-2024-0096.

“We argue that SNI5GECT is a fundamental tool in 5G security research that enables not only over-the-air 5G exploitation but advancing future research on packet-level 5G intrusion detection and mitigation, security enhancements to 5G physical layer security and beyond,” the researchers concluded.

Aug 26, 2025Ravie LakshmananVulnerability / Remote Code Execution

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild.

The vulnerabilities in question are listed below –

• CVE-2025-7775 (CVSS score: 9.2) – Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service
• CVE-2025-7776 (CVSS score: 8.8) – Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial-of-Service
• CVE-2025-8424 (CVSS score: 8.7) – Improper access control on the NetScaler Management Interface

The company acknowledged that “exploits of CVE-2025-7775 on unmitigated appliances have been observed,” but stopped short of sharing additional details.

However, for the flaws to be exploited, there are a number of prerequisites –

• CVE-2025-7775 – NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server; NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers; NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers; or CR virtual server with type HDX
• CVE-2025-7776 – NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
• CVE-2025-8424 – Access to NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access

The issues have been resolved in the following versions, with no available workarounds –

• NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
• NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
• NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
• NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP

Citrix credited Jimi Sebree of Horizon3.ai, Jonathan Hetzer of Schramm & Partnerfor and François Hämmerli for discovering and reporting the vulnerabilities.

CVE-2025-7775 is the latest NetScaler ADC and Gateway vulnerability to be weaponized in real-world attacks in a short span of time, after CVE-2025-5777 (aka Citrix Bleed 2) and CVE-2025-6543.

The disclosure also comes a day after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting Citrix Session Recording (CVE-2024-8068 and CVE-2024-8069) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell.

The activity has been codenamed ZipLine by Check Point Research.

“Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking employees into starting the conversation,” the company said in a statement shared with The Hacker News. “What follows are weeks of professional, credible exchanges, often sealed with fake NDAs, before delivering a weaponized ZIP file carrying MixShell, a stealthy in-memory malware.”

The attacks have cast a wide net, spanning multiple organizations across sectors and geographic locations, but with an emphasis on U.S.-based entities. Primary targets include companies in industrial manufacturing, such as machinery, metalwork, component production, and engineered systems, as well as those related to hardware and semiconductors, consumer goods, biotechnology, and pharmaceuticals.

This diverse, yet focused, targeting has raised the possibility that the threat actors behind the campaign are honing in on industry verticals critical to the supply chain. Other countries targeted by ZipLine include Singapore, Japan, and Switzerland.

The campaign’s provenance and motives are presently unclear, but Check Point said it identified overlapping digital certificates between an IP address used in the attacks and infrastructure previously identified by Zscaler and Proofpoint as employed in TransferLoader attacks undertaken by a threat cluster referred to as UNK_GreenSec.

ZipLine is another instance of how threat actors are increasingly banking on legitimate business workflows, such as approaching targets via a company’s Contact Us form on their website, thereby weaponizing trust in the process to sidestep any potential concerns.

While the approach of using website contact forms as a malware distribution vector is not wholly new, where ZipLine stands apart is in its avoidance of scare tactics and urgent language to trick recipients into taking unintended actions.

This patient, social engineering technique involves drawing victims into multi-week conversations, in some cases even instructing them to sign non-disclosure agreements (NDAs), before sending booby-trapped ZIP files. Recent social engineering waves have also capitalized on the artificial intelligence (AI) transformation trend, with the attackers “offering” to help the target entities implement new AI-centric initiatives to reduce costs and improve efficiency.

The attack chain is characterized by multi-stage payloads, in-memory execution, and DNS-based command-and-control (C2) channels, allowing the threat actor to stay under the radar.

Specifically, the ZIP archives come fitted with a Windows shortcut (LNK) that triggers a PowerShell loader, which then paves the way for the custom in-memory MixShell implant that uses DNS tunneling and HTTP as a fallback C2 mechanism to support remote command execution, file operations, reverse proxying, stealth persistence, and deeper network infiltration.

MixShell also comes in a PowerShell variant that incorporates advanced anti-debugging and sandbox evasion techniques, uses scheduled tasks for persistence, and drops the reverse proxy shell and file download capabilities.

The malicious ZIP files are hosted on a sub-domain of herokuapp[.]com, a legitimate Platform-as-a-Service (PaaS) providing compute and storage infrastructure for hosting web applications — once again illustrating the threat actor’s abuse of legitimate services to blend in with normal enterprise network activity.

The LNK file responsible for initiating the execution chain also displays a lure document present in the ZIP file so as not to arouse the victim’s suspicion. That said, Check Point noted that not all ZIP files served from the Heroku domain are malicious, suggesting customized delivery of malware in real-time based on certain criteria.

“In many cases, the attacker uses domains that match the names of LLCs registered U.S.-based companies, and in some cases, may have previously belonged to legitimate businesses,” Check Point said. “The attacker maintains similar template websites to all those companies, which hint at a well-planned and streamlined campaign on a large scale.”

The campaign poses severe risks to companies, as it can lead to theft of intellectual property and ransomware attacks, business email compromise, and account takeovers resulting in financial fraud, and potential supply chain disruptions with cascading impacts.

“The ZipLine campaign is a wake-up call for every business that believes phishing is just about suspicious links in emails,” Sergey Shykevich, threat intelligence group manager at Check Point Research, said.

“Attackers are innovating faster than ever – blending human psychology, trusted communication channels, and timely AI-themed lures. To stay safe, organizations must adopt prevention-first, AI-driven defenses and build a culture of vigilance that treats every inbound interaction as a potential threat.”

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners.

The large-scale cybercrime campaign, first detected in August 2025, has been codenamed ShadowCaptcha by the Israel National Digital Agency.

“The campaign […] blends social engineering, living-off-the-land binaries (LOLBins), and multi-stage payload delivery to gain and maintain a foothold in targeted systems,” researchers Shimi Cohen, Adi Pick, Idan Beit Yosef, Hila David, and Yaniv Goldman said.

“The ultimate objectives of ShadowCaptcha are collecting sensitive information through credential harvesting and browser data exfiltration, deploying cryptocurrency miners to generate illicit profits, and even causing ransomware outbreaks.”

The attacks begin with unsuspecting users visiting a compromised WordPress website that has been injected with malicious JavaScript code that’s responsible for initiating a redirection chain that takes them to a fake Cloudflare or Google CAPTCHA page.

From there, the attack chain forks into two, depending on the ClickFix instructions displayed on the web page: One that utilizes the Windows Run dialog and another that guides the victim to save a page as an HTML Application (HTA) and then run it using mshta.exe.

The execution flow triggered via the Windows Run dialog culminates in the deployment of Lumma and Rhadamanthys stealers via MSI installers launched using msiexec.exe or through remotely-hosted HTA files run using mshta.exe, whereas the execution of the saved HTA payload results in the installation of Epsilon Red ransomware.

It’s worth pointing out that the use of ClickFix lures to trick users into downloading malicious HTA files for spreading Epsilon Red ransomware was documented last month by CloudSEK.

“The compromised ClickFix page automatically executes obfuscated JavaScript that uses ‘navigator.clipboard.writeText’ to copy a malicious command to the user’s clipboard without any interaction, relying on users to paste and run it unknowingly,” the researchers said.

The attacks are characterized by the use of anti-debugger techniques to prevent inspection of web pages using browser developer tools, while also relying on DLL side-loading to execute malicious code under the guise of legitimate processes.

Select ShadowCaptcha campaigns have observed delivering an XMRig-based cryptocurrency miner, with some variants fetching the mining configuration from a Pastebin URL rather than hard-coding it in the malware, thus allowing them to adjust the parameters on the fly.

In cases where the miner payloads are deployed, the attackers have also been observed dropping a vulnerable driver (“WinRing0x64.sys”) to achieve kernel-level access and interact with CPU registers with an aim to improve mining efficiency.

Of the infected WordPress sites, a majority of them are located in Australia, Brazil, Italy, Canada, Colombia, and Israel, spanning technology, hospitality, legal/finance, healthcare, and real estate sectors.

To mitigate the risks posed by ShadowCaptcha, it’s essential to train users to watch out for ClickFix campaigns, segment networks to prevent lateral movement, and ensure WordPress sites are kept up-to-date and secured using multi-factor authentication (MFA) protections.

“ShadowCaptcha shows how social-engineering attacks have evolved into full-spectrum cyber operations,” the researchers said. “By tricking users into running built-in Windows tools and layering obfuscated scripts and vulnerable drivers, operators gain stealthy persistence and can pivot between data theft, crypto mining, or ransomware.”

The disclosure comes as GoDaddy detailed the evolution of Help TDS, a traffic distribution (or direction) system that has been active since 2017 and has been linked to malicious schemes like VexTrio Viper. Help TDS provides partners and affiliates with PHP code templates that are injected into WordPress sites, ultimately directing users to malicious destinations based on the targeting criteria.

“The operation specializes in tech support scams utilizing full-screen browser manipulation and exit prevention techniques to trap victims on fraudulent Microsoft Windows security alert pages, with fallback monetization through dating, cryptocurrency, and sweepstakes scams,” security researcher Denis Sinegubko said.

Some of the notable malware campaigns that have leveraged Help TDS in recent years include DollyWay, Balada Injector, and DNS TXT redirects. The scam pages, for their part, use JavaScript to force browsers to enter full-screen mode and display the fraudulent alert and even feature counterfeit CAPTCHA challenges before rendering them in a bid to sidestep automated security scanners.

Help TDS operators are said to have developed a malicious WordPress plugin known as “woocommerce_inputs” between late 2024 and August 2025 to enable the redirection functionality, alongside steadily adding credential harvesting, geographic filtering, and advanced evasion techniques. The plugin is estimated to be installed on over 10,000 sites worldwide.

The malicious plugin masquerades as WooCommerce to evade detection by site owners. It’s exclusively installed by attackers after compromising WordPress sites through stolen administrator credentials.

“This plugin serves as both a traffic monetization tool and credential harvesting mechanism, demonstrating continuous evolution from simple redirect functionality to a sophisticated malware-as-a-service offering,” GoDaddy said.

“By providing ready-made solutions including C2 infrastructure, standardized PHP injection templates, and fully-featured malicious WordPress plugins, Help TDS has lowered the barrier to entry for cybercriminals seeking to monetize infiltrated websites.”

Aug 26, 2025Ravie Lakshmanan

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages.

“A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment,” Zimperium zLabs researcher Vishnu Pratapagiri said. “This overlay presents an alarming ‘*WARNING*’ message, alongside a wallet address and amount, both of which are dynamically retrieved from the command-and-control server.”

The mobile security company said the overlay is remotely initiated when the command “ransome” is issued by the C2 server. The overlay can be dismissed by the attacker by sending the “delete_ransome” command.

HOOK is assessed to be an offshoot of the ERMAC banking trojan, which, coincidentally, had its source code leaked on a publicly accessible directory over the internet.

Like other banking malware targeting Android, it’s capable of displaying a fake overlay screen on top of financial apps to steal users’ credentials and abuse Android accessibility services to automate fraud and commandeer devices remotely.

Other notable features include the ability to send SMS messages to specified phone numbers, stream the victim’s screen, capture photos using the front-facing camera, and steal cookies and recovery phrases associated with cryptocurrency wallets.

The latest version, per Zimperium, signals a major step forward, supporting 107 remote commands, with 38 newly added ones. This includes serving transparent overlays to capture user gestures, fake NFC overlays to trick victims into sharing sensitive data, and deceptive prompts to gather lockscreen PIN or pattern.

The list of newly added commands is as follows –

• takenfc, to display a fake NFC scanning screen using a fullscreen WebView overlay and read card data
• unlock_pin, to display a fake device unlock screen to collect unlock pattern or PIN code and gain unauthorized access to the device
• takencard, to display a fake overlay to collect credit card information by mimicking a Google Pay interface
• start_record_gesture, to record user gestures by displaying a transparent full screen overlay

HOOK is believed to be distributed on a large scale, using phishing websites and bogus GitHub repositories to host and disseminate malicious APK files. Some of the other Android malware families distributed via GitHub include ERMAC and Brokewell, indicating a broader adoption among threat actors.

“The evolution of HOOK illustrates how banking trojans are rapidly converging with spyware and ransomware tactics, blurring threat categories,” Zimperium noted. “With continuous feature expansion and broad distribution, these families pose a growing risk to financial institutions, enterprises, and end users alike.”

Anatsa Continues to Evolve

The disclosure comes as Zscaler’s ThreatLabs detailed an updated version of the Anatsa banking trojan that has now expanded its focus to target over 831 banking and cryptocurrency services worldwide, including those in Germany and South Korea, up from 650 reported previously.

One of the apps in question has been found to mimic a file manager app (package name: “com.synexa.fileops.fileedge_organizerviewer”), which acts as a dropper to deliver Anatsa. Besides replacing dynamic code loading of remote Dalvik Executable (DEX) payloads with direct installation of the trojan, the malware uses corrupted archives to hide the DEX payload that’s deployed during runtime.

Anatsa also requests permissions for Android’s accessibility services, which it subsequently abuses to grant itself additional permissions that allow it to send and receive SMS messages, as well as draw content on top of other applications to display overlay windows.

In all, the company said it identified 77 malicious apps from various adware, maskware, and malware families, such as Anatsa, Joker, and Harly, in the Google Play Store, accounting for over 19 million installations. Maskware refers to a category of apps that present themselves as legitimate applications or games to app stores but incorporate obfuscation, dynamic code loading, or cloaking techniques to conceal malicious content.

Harly is a variant of Joker that was first flagged by Kaspersky in 2022. Earlier this March, Human Security said it uncovered 95 malicious applications containing Harly that were hosted in the Google Play Store.

“Anatsa continues to evolve and improve with anti-analysis techniques to better evade detection,” security researcher Himanshu Sharma said. “The malware has also added support for more than 150 new financial applications to target.”

Aug 26, 2025Ravie LakshmananVulnerability / Data Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The list of vulnerabilities is as follows –

• CVE-2024-8068 (CVSS score: 5.1) – An improper privilege management vulnerability in Citrix Session Recording that could allow for privilege escalation to NetworkService Account access when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
• CVE-2024-8069 (CVSS score: 5.1) – A deserialization of untrusted data vulnerability in Citrix Session Recording that allows limited remote code execution with the privileges of a NetworkService Account access when an attacker is an authenticated user on the same intranet as the session recording server
• CVE-2025-48384 (CVSS score: 8.1) – A link following vulnerability in Git that arises as a result of inconsistent handling of carriage return (CR) characters in configuration files, resulting in arbitrary code execution

Both the Citrix flaws were patched by the company in November 2024 following responsible disclosure by watchTowr Labs on July 14, 2024. CVE-2025-48384, on the other hand, was addressed by the Git project earlier this July. A proof-of-concept (PoC) exploit was released by Datadog following public disclosure.

“If a submodule path contains a trailing CR, the altered path can cause Git to initialize the submodule in an unintended location,” Arctic Wolf said about CVE-2025-48384. “When this is combined with a symlink pointing to the submodule hooks directory and an executable post-checkout hook, cloning a repository can result in unintended code execution.”

As is typically the case, CISA has provided no further technical details on the exploitation activity, or who may be behind them. Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary mitigations by September 15, 2025, to secure their networks against active threats.

Aug 26, 2025Ravie LakshmananMobile Security / Data Privacy

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store.

“Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices,” the company said. “This creates crucial accountability, making it much harder for malicious actors to quickly distribute another harmful app after we take the first one down.”

To that end, the tech giant said it intends to start sending out invitations gradually starting October 2025, before opening it up to all developers in March 2026. The new requirements are expected to go into effect starting a year from now, in September 2026, in Brazil, Indonesia, Singapore, and Thailand.

“At this point, any app installed on a certified Android device in these regions must be registered by a verified developer,” Suzanne Frey, vice president of Product, Trust and Growth for Android, added.

It’s worth noting that nothing much will change for developers who distribute apps through the Google Play Store, as they are likely to have already met these verification requirements through the existing Play Console process. A separate type of Android Developer Console account is in the works for student and hobbyist developers.

Google said the changes are designed to prevent malicious actors from impersonating developers and using their branding and reputation to create convincing fake apps. Compounding the problem is the presence of such malicious apps that are distributed via third-party app marketplaces from where users can sideload them.

The developer verification mandate adds to already existing security measures that block the sideloading of potentially dangerous apps in markets like Singapore, Thailand, Brazil, and India.

In July 2023, the company also began requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number assigned by Dun & Bradstreet before submitting apps in an effort to build user trust.

The “new layer of security,” Google pointed out, aims to protect users from repeat bad actors spreading malware and scams, as well as provide a “consistent, common sense baseline of developer accountability” across Android. It also said the system preserves user choice while enhancing security for everyone.

While the Android app distribution rules are aimed at tightening the security of the ecosystem, they also come at a time when Google is potentially staring at major reforms to the Play Store, including distributing competing app stores through Google Play and providing rivals with access to its full app catalog, after having a lost an antitrust lawsuit brought by Epic Games in 2020.