Tag: Cyber Security

Aug 29, 2025Ravie LakshmananCryptocurrency / Cybercrime

Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world.

To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog have been taken down, redirecting site visitors to a splash page stating the action was undertaken by the U.S. Federal Bureau of Investigation (FBI) pursuant to a warrant issued by a United States District Court. The servers were seized in Amsterdam.

However, a Telegram message posted by operators on August 28, 2025, shows that they have already launched the service on the domain “veriftools[.]com.” The domain was created on December 10, 2018, per DomainTools. It’s currently not known who the administrators of the platform are.

“The operators of VerifTools produced and sold counterfeit driver’s licenses, passports, and other identification documents that could be used to bypass identity verification systems and gain unauthorized access to online accounts,” the U.S. Department of Justice (DoJ) said Thursday.

The DoJ said the FBI began investigating the service in 2022 after it discovered a criminal operation to leverage stolen identities to access cryptocurrency accounts. The probe revealed that the illegal platform was being used to generate counterfeit identification documents for all 50 states of the U.S., as well as other foreign countries, for as little as $9.

An equivalent of approximately $6.4 million of illicit proceeds has been linked to the VerifTools marketplace, the FBI said.

On the VerifTools website, the operators argue plausible deniability by stating that: “Legal usage of the service is your responsibility. By using the service, you must be aware of the local, state, and federal laws in your jurisdiction and take sole responsibility for your actions.”

Following the takedown, a Reddit user by the name Powda_reaper claimed that the site owners messaged them saying “the website is currently down due to major issues” and that they were bringing the site back up by August 29, while reassuring them that “Your funds are safe.”

“The internet is not a refuge for criminals. If you build or sell tools that let offenders impersonate victims, you are part of the crime,” said Acting U.S. Attorney Ryan Ellison. “We will use every lawful tool to disrupt your business, take the profit out of it, and bring you to justice. No one operation is bigger than us together.”

The Dutch National Police, in a coordinated statement, described VerifTools as one of the largest providers of false identity documents. In addition to two physical servers, more than 21 virtual servers have been confiscated.

The officials also noted that the website’s entire infrastructure on the servers has been secured and copied for subsequent analysis. In the Netherlands, forgery, false proof of identity, and deploying counterfeit payment instruments each carry a maximum prison sentence of six years.

“Many companies and agencies use so-called Know Your Customer verification (KYC), which often requires only an image of an ID. By using VerifTools, that KYC control could be bypassed,” the Politie said. “Criminals gratefully use platforms such as VerifTools, because they can commit their fraud with the created documents, such as bank helpdesk fraud and phishing.”

Aug 29, 2025Ravie LakshmananData Breach / Salesforce

Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations.

“We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised,” Google Threat Intelligence Group (GTIG) and Mandiant said in an updated advisory.

The tech giant said the attackers also used stolen OAuth tokens to access email from a small number of Google Workspace email accounts on August 9, 2025, after compromising the OAuth tokens for the “Drift Email” integration. It’s worth noting that this is not a compromise of Google Workspace or Alphabet itself.

“The only accounts that were potentially accessed were those that had been specifically configured to integrate with Salesloft; the actor would not have been able to access any other accounts on a customer’s Workspace domain,” Google added.

Following the discovery, Google said it notified impacted users, revoked the specific OAuth tokens granted to the Drift Email application, and disabled the integration functionality between Google Workspace and Salesloft Drift amid ongoing investigation into the incident.

The company is also urging organizations using Salesloft Drift to review all third-party integrations connected to their Drift instance, revoke and rotate credentials for those applications, and investigate all connected systems for signs of unauthorized access.

The broadening of the attack radius comes shortly after Google exposed what it described as a widespread and opportunistic data theft campaign that allowed the threat actors, an emerging activity cluster dubbed UNC6395, to leverage compromised OAuth tokens associated with Salesloft Drift to target Salesforce instances from August 8 to 18, 2025.

Salesloft has since revealed that Salesforce has temporarily disabled the Drift integration between Salesforce, Slack, and Pardot, only to follow it up nearly three hours later, saying Salesforce has “elected to temporarily disable all Salesloft integrations with Salesforce.”

“Based on the investigation to date, there is no evidence of malicious activity detected in the Salesloft integrations related to the Drift incident,” it noted. “Additionally, at this time, there are no indications that the Salesloft integrations are compromised or at risk.”

Aug 29, 2025Ravie LakshmananMalware / Windows Security

Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef.

“The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef,” Truesec researchers Mattias Wåhlén, Nicklas Keijser, and Oscar Lejerbäck Wolf said in a report published Wednesday. “The malware is designed to harvest sensitive data, including credentials and web cookies.”

At the heart of the campaign is the use of several bogus sites to promote an installer for a free PDF editor called AppSuite PDF Editor that, once installed and launched, displays to the user a prompt to agree to the software’s terms of service and privacy policy.

In the background, however, the setup program makes covert requests to an external server to drop the PDF editor program, while also setting up persistence on the host by making Windows Registry changes to ensure that the downloaded executable is automatically started after a reboot. The registry key contains a –cm arguments parameter to pass instructions to the binary.

German cybersecurity company G DATA, which also analyzed the activity, said the various websites offering these PDF editors download the same setup installer, which then downloads the PDF editor program from the server once the user accepts the license agreement.

“It then executes the main application with no arguments, which is equivalent to starting the –install routine,” security researchers Karsten Hahn and Louis Sorita said. “It also creates an autorun entry that supplies the command line argument –cm=–fullupdate for the next run of the malicious application.”

It’s assessed that the campaign kicked off on June 26, 2025, when many of the counterfeit sites were either registered or began advertising the PDF editing software through at least five different Google advertising campaigns.

“At first the PDF appears to have behaved mostly harmless, but the code included instructions to regularly check back for potential updates in a .js file that includes the –cm arguments,” the researchers explained. “From August 21, 2025, machines that called back received instructions that activated the malicious capabilities, an information stealer, referred to as ‘Tamperedchef.’”

Once initialised, the stealer gathers a list of installed security products and attempts to terminate web browsers so as to access sensitive data, such as credentials and cookies.

Further analysis of the malware-laced application by G DATA has revealed that it acts as a backdoor, supporting a number of features –

• –install, to create scheduled tasks named PDFEditorScheduledTask and PDFEditorUScheduledTask that run the application with –cm=–partialupdate and –cm=–backupupdate arguments, respectively, to trigger the –check and –-ping routines
• –cleanup, which is called by the uninstaller to remove the backdoor files, unregister the machine from the server, and delete the two scheduled tasks
• –ping, to initiate communications with a command-and-control (C2) for actions to execute on the system, which, among others, allow additional malware downloads, data exfiltration, and Registry changes
• –check, to contact the C2 server for configuration, read browser keys, alter browser settings, and execute arbitrary commands to query, exfiltrate, and manipulate data associated with Chromium, OneLaunch, and Wave browsers, including credentials, browser history, cookies, or setting custom search engines
• –reboot, same as –check along with capabilities to kill specific processes

“The length from the start of the [ad] campaign until the malicious update was also 56 days, which is close to the 60-day length of a typical Google advertising campaign, suggesting the threat actor let the ad campaign run its course, maximizing downloads, before activating the malicious features,” Truesec said.

The disclosures coincide with an analysis from Expel that detailed a large ad campaign advertising PDF editors, with the ads directing users to websites offering downloads of tools like AppSuite, PDF OneStart, and PDF Editor. In some cases, these PDF programs have been found to download other trojanized apps without users’ consent or turn the hosts into residential proxies.

“AppSuite PDF Editor is malicious,” G DATA said. “It is a classic trojan horse with a backdoor that is currently massively downloaded.”

Aug 28, 2025Ravie LakshmananMalware / Ransomware

Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions.

Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named “ahbanC.shiba” that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld – that were flagged earlier this March.

All three libraries are designed to act as a downloader to retrieve a PowerShell payload from an external server that encrypts files in a folder called “testShiba” on the victim’s Windows desktop and demands a Shiba Inu token by depositing the assets to an unspecified wallet. These efforts suggest ongoing development attempts by the threat actor.

The company said it decided to dig deeper because of the fact that the name of the new extension (“ahbanC.shiba”) was virtually the same as one of the two others previously identified (“ahban.shiba”).

It’s worth noting that each extension has to have a unique ID that’s a combination of the publisher name and the name of the extension (i.e., <publisher>.<name>). In the case investigated by ReversingLabs, both extensions are differentiated only by the name of the publisher, while the actual name of the extension remains the same.

However, according to Visual Studio Code documentation, the <name> field specified in the extension manifest “should be all lowercase with no spaces” and “must be unique to the Marketplace.”

“So how did extensions ahban.shiba and ahbanC.shiba end up having the same name despite the official documentation’s publishing rules?,” asked security researcher Lucija Valentić, who ultimately found that it is possible to do so once the extension is removed from the repository. But this behavior doesn’t apply to scenarios where an author unpublishes an extension.

It’s worth noting that the ability to reuse the name of deleted libraries also applies to the Python Package Index (PyPI) repository, as demonstrated by ReversingLabs in early 2023.

At the time, it was found that deleting a package would make its project name “available to any other PyPI user” as long as the distribution file names (a combination of the project name, version number, and distribution type) are different from those used in the now-removed distribution.

However, PyPI carves out an exception where PyPI package names can be made unavailable if they were first used by malicious packages. It appears that Visual Studio Code does not have a similar restriction to prevent the reuse of names of malicious extensions.

The development, as observed in leaked Black Basta chat logs, shows how threat actors are looking at poisoning open-source registries with ransomware libraries that demand ransoms from unsuspecting victims who may install them. This makes it all the more crucial for organizations and developers to adopt secure development practices and proactively monitor these ecosystems for software supply chain threats.

“The discovery of this loophole exposes a new threat: that the name of any removed extension can be reused, and by anyone,” Valentić said. “That means that if some legitimate and very popular extension is removed, its name is up for grabs.”

The findings also follow the identification of eight malicious npm packages that have been found to deliver a Google Chrome browser information stealer targeting Windows systems that’s capable of transmitting passwords, credit cards, cryptocurrency wallet data, and user cookies to a railway[.]app URL or a Discord webhook as a fallback mechanism.

The packages, published by users named ruer and npjun, are listed below –

• toolkdvv (versions 1.1.0, 1.0.0)
• react-sxt (version 2.4.1)
• react-typex (version 0.1.0)
• react-typexs (version 0.1.0)
• react-sdk-solana (version 2.4.1)
• react-native-control (version 2.4.1)
• revshare-sdk-api (version 2.4.1)
• revshare-sdk-apii (version 2.4.1)

What’s notable about these packages is the use of 70 layers of obfuscated code to unpack a Python payload that’s engineered to facilitate data theft and exfiltration.

“Open-source software repositories have become one of the main entry points for attackers as part of supply chain attacks, with growing waves using typosquatting and masquerading, pretending to be legitimate,” JFrog security researcher Guy Korolevski said.

“The impact of sophisticated multi-layer campaigns designed to evade traditional security and steal sensitive data highlights the importance of having visibility across the entire software supply chain with rigorous automated scanning and a single source of truth for all software components.”

The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors.

“While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised devices and trusted connections to pivot into other networks,” according to a joint cybersecurity advisory published Wednesday. “These actors often modify routers to maintain persistent, long-term access to networks.”

The bulletin, courtesy of authorities from 13 countries, said the malicious activity has been linked to three Chinese entities, Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd., and Sichuan Zhixin Ruijie Network Technology Co., Ltd.

These companies, the agencies said, provide cyber-related products and services to China’s intelligence services, with the data stolen from the intrusions, specifically those against telecoms and Internet service providers (ISPs), providing Beijing with the ability to identify and track their targets’ communications and movements globally.

Brett Leatherman, head of the U.S. Federal Bureau of Investigation’s Cyber Division, said the Salt Typhoon has been active since at least 2019, engaging in a persistent espionage campaign aimed at “breaching global telecommunications privacy and security norms.”

In a standalone alert issued today, Dutch intelligence and security services MIVD and AIVD said while organizations in the country “did not receive the same degree of attention from the Salt Typhoon hackers as those in the U.S.,” the threat actors gained access to routers of smaller ISPs and hosting providers. However, there is no evidence the hackers penetrated these networks further.

The countries that have co-sealed the security advisory include Australia, Canada, the Czech Republic, Finland, Germany, Italy, Japan, the Netherlands, New Zealand, Poland, Spain, the U.K., and the U.S.

“Since at least 2021, this activity has targeted organisations in critical sectors including government, telecommunications, transportation, lodging, and military infrastructure globally, with a cluster of activity observed in the U.K.,” the National Cyber Security Centre said.

According to The Wall Street Journal and The Washington Post, the hacking crew has expanded its targeting focus to other sectors and regions, attacking no less than 600 organizations, including 200 in the U.S., and 80 countries.

Salt Typhoon, which overlaps with activity tracked as GhostEmperor, Operator Panda, RedMike, and UNC5807, has been observed obtaining initial access through the exploitation of exposed network edge devices from Cisco (CVE-2018-0171, CVE-2023-20198, and CVE-2023-20273), Ivanti (CVE-2023-46805 and CVE-2024-21887), and Palo Alto Networks (CVE-2024-3400).

“The APT actors may target edge devices regardless of who owns a particular device,” the agencies noted. “Devices owned by entities that do not align with the actors’ core targets of interest still present opportunities for use in attack pathways into targets of interest.”

The compromised devices are then leveraged to pivot into other networks, in some cases even modifying the device’s configuration and adding a generic routing encapsulation (GRE) tunnel for persistent access and data exfiltration.

Persistent access to target networks is accomplished by altering Access Control Lists (ACLs) to add IP addresses under their control, opening standard and non-standard ports, and running commands in an on-box Linux container on supported Cisco networking devices to stage tools, process data locally, and move laterally within the environment.

Also put to use by the attackers are authentication protocols like Terminal Access Controller Access Control System Plus (TACACS+) to enable lateral movement across network devices, while simultaneously conducting extensive discovery actions and capturing network traffic containing credentials via compromised routers to burrow deeper into the networks.

“The APT actors collected PCAPs using native tooling on the compromised system, with the primary objective likely being to capture TACACS+ traffic over TCP port 49,” the agencies said. “TACACS+ traffic is used for authentication, often for administration of network equipment and including highly privileged network administrators’ accounts and credentials, likely enabling the actors to compromise additional accounts and perform lateral movement.”

On top of that, Salt Typhoon has been observed enabling the sshd_operns service on Cisco IOS XR devices to create a local user and grant it sudo privileges to obtain root on the host OS after logging in via TCP/57722.

Google-owned Mandiant, which was one of the many industry partners that contributed to the advisory, stated the threat actor’s familiarity with telecommunications systems offers them a unique advantage, giving them an upper hand when it comes to defense evasion.

“An ecosystem of contractors, academics, and other facilitators is at the heart of Chinese cyber espionage,” John Hultquist, Chief Analyst at Google Threat Intelligence Group, told The Hacker News. Contractors are used to build tools and valuable exploits as well as carry out the dirty work of intrusion operations. They have been instrumental in the rapid evolution of these operations and growing them to an unprecedented scale.”

“In addition to targeting telecommunications, reported targeting of hospitality and transportation by this actor could be used to closely surveil individuals. Information from these sectors can be used to develop a full picture of who someone is talking to, where they are, and where they are going.”

Aug 28, 2025The Hacker NewsCloud Security / Generative AI

Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions.

Scary, right? In 2025, the average data breach hits businesses with a whopping $4.44 million bill globally. And guess what? A big chunk of these headaches comes from app security slip-ups, like web attacks that snag credentials and wreak havoc. If you’re in dev, ops, or security, you’ve probably felt that stress—endless alerts, teams arguing over who’s to blame, and fixes that take forever.

But hey, it doesn’t have to be this way. What if you could spot those risks early, from the moment code is written all the way to when it’s running in the cloud? That’s the magic of code-to-cloud visibility, and it’s changing how smart teams handle app security. Our upcoming webinar, “Code-to-Cloud Visibility: The New Foundation for Modern AppSec,” is your chance to learn how. It’s happening on September 18, 2025, at 2 PM EST—just a few weeks away.

This isn’t some boring lecture; it’s real talk from experts who’ve been there, packed with tips you can use right away. Sign up for the Webinar Now and grab your spot before it’s gone!

The Real Headache Hiding in Your Apps

Let’s be honest: As companies grow and push more work onto dev teams, things get messy. Risks pop up in code but only show up later in the cloud, leading to confusion, slow fixes, and attackers getting the jump on you. Recent reports show that inefficient vulnerability handling is a top pain for 32% of organizations, and securing AI tools like GenAI is right behind at 30%. Even worse, 97% of companies are dealing with GenAI-related security issues. Without a clear view from code to cloud, you’re basically guessing—and that leaves doors open for bad guys.

I’ve chatted with folks in the trenches who share war stories: Late nights scrambling to patch holes that could’ve been fixed days earlier. It’s draining, and with breaches costing more than ever, it’s hitting the bottom line hard. The good news? Code-to-cloud visibility connects the dots, giving you full sight into vulnerabilities, secrets, and setup mistakes. It helps teams catch issues early, fix them fast, and work together better—no more finger-pointing.

What You’ll Walk Away With: Simple Steps to Level Up Your Security

In this quick 60-minute chat, our pros will break down why this approach is becoming a must-have for app security programs. Gartner says by 2026, 40% of companies will jump on board with tools like ASPM to handle risks smarter. We’ll keep it straightforward, no tech overload—just practical stuff.

Here’s what you’ll get:

1. Get Everyone on the Same Page: See how linking code risks to cloud behavior creates a simple shared plan. Dev, ops, and security teams can finally team up, cut the noise, and speed up feedback.
2. Focus on What Really Matters: Learn easy ways to map out risks and zero in on your key apps. We’ll share real examples, like tracing a code glitch to its cloud weak spot, so you can plug holes before hackers notice.
3. Fix Things Quicker: Grab step-by-step ideas to automate fixes and slash remediation time—some teams see drops of 30% or more in vulnerabilities and days shaved off fixes. Imagine adding this to your workflow without slowing down your work.
4. Stay Ahead of New Threats: We’ll cover hot topics like safe AI use and rules pushing for better security. Plus, a handy checklist to check your setup and quick wins to try tomorrow.

People who’ve joined similar sessions say it changed how they work: “It connected the dots and stopped us from chasing shadows,” one ops guy told me. Ready to make that change for your team? Sign up for the Webinar Now and start turning those insights into action.

Watch this Webinar Now

Why Jump In Now? Threats Aren’t Waiting

With big attacks making headlines—like the PowerSchool breach hitting millions or ransomware messing with supply chains in 2025—delaying isn’t smart. Code-to-cloud visibility isn’t fancy tech; it’s your shield to bake security in from start to finish. Don’t wait for a crisis—get ahead and make your apps tougher.

Seats are going quickly, so sign up today. You’ll also snag a free ASPM checklist and the recording to watch later. It’s a small time investment for big peace of mind.

Sign Up for the Webinar Now – Can’t wait to see you there!

Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, the private data of over 15 million Trello user profiles was shared on a popular hacker forum. Yet, most organizations and project managers still assume that their platform’s built-in backups are enough until they are not. The next few paragraphs will expose some risks of relying on these platform tools alone and how to better protect yourself and your organization from data loss with cloud backup and recovery.

Why are project management tools becoming a prime target for data loss?

More than 95% of businesses today rely heavily on project management tools like Trello and Asana to organize tasks, collaborate with teams, and track project milestones. However, as project managers become more deeply integrated into these tools for their daily operations and storing massive data volumes in one place, two major threats arise: human errors and cyber threats.

Tiny human errors that cause massive data disasters

Data is one of the most critical assets of every organization. It helps them understand customer behaviour, market trends, and internal performance. Also, for project managers, it provides insight into project timelines, risk management, resource allocation, and team productivity. When used effectively, it can be used to forecast business sales and revenue.

However, while cyberattacks and natural disasters can lead to data loss, the human element is the most common cause. For example, teams and project managers that juggle multiple tasks and deadlines in a shared workspace create ample room for accidental deletions and mistakes. Also, according to a study conducted by the Computing Technology Industry Association (CompTIA), human error accounts for 52 percent of the root causes of security breaches. Other common human errors include misconfigured user permissions, unintended bulk actions, archiving projects too early, etc.

The growing threat of cyberattacks

Most project management tools today are cloud-based, enabling teams to collaborate remotely. However, they have also become attractive to cybercriminals. Cyberattacks such as phishing and ransomware are targeting these platforms with a lot of sensitive information that might cripple a business if found in the wrong hands.

For instance, data reports by DocuClipper have it that “60% of small businesses that are victims of a Cyber Attack go out of business within six months”. That is why you, as a project manager, need the proper information security to protect your data from such threats.

Are built-in security features enough to protect your project data?

The answer is No! And here is why. While most SaaS-based project management tools like Monday com, Trello, and Asana have basic built-in features such as role-based access control, data encryption, and authentication, they are not fully designed to protect against costly mistakes caused by human error. For project managers, this could mean the difference between staying on schedule and facing expensive delays.

FluentPro Backup is one of the best cloud-based backup and restore tools for project management software. Whether it is Monday.com backups, Asana, Smartsheet, Trello, Microsoft Planner Basic, Planner Premium, Microsoft Dynamics Project Operations, or Microsoft Dataverse database, the backup tool is designed to automate end-to-end data protection without requiring manual intervention from project managers or team leaders. Also, one of the defining strengths of FluentPro Backup is its ability to minimize data loss due to accidental deletion, sync error, or third-party integration failures.

Capabilities of FluentPro Backup for SaaS project management tools

• Automated continuous backup. FluentPro Backup provides 100% automated backup that runs continuously and saves project versions.
• Quick restoration of projects. FluentPro Backup offers quick and automated recovery. For example, if a project was deleted due to human error or a cyber-attack, the software provides a one-click full project restore to minimize downtime and disruption.
• Granular restore. Project managers or teams sometimes don’t need to restore an entire project, just a specific file or task. FluentPro Backup offers granular recovery options that allow you to restore individual items, subtasks, or labels.
• Enterprise-grade security measures. At the core of FluentPro Backup is project management software security. Understanding the importance of data security, the software protects your projects from unauthorized access and breaches. For instance, the software uses Microsoft Azure to store data with full compliance standards.
• Version control and audit trails. Version history is one of the outstanding features of FluentPro Backup software. The solution keeps historical snapshots of project data, which allows you to compare and restore changes between versions. Also, there is an audit trail that logs every backup and restores your SaaS project management tools.

What real-world value does FluentPro Backup bring to businesses?

• Ensures project continuity. Always showing up is the most important thing for all businesses out there. This uninterrupted flow supports better project delivery outcomes and preserves client trust.
• Boosts team confidence and productivity. Project managers and teams can work productively when they know every task and project is backed up securely.
• Minimize operational and financial risk. Some of the most critical risks associated with data loss include costly delays, damaged reputations, and lost contracts. However, with FluentPro Backup, you can minimize this risk to the barest minimum without impacting business operations.
• Enhance stakeholder trust. Stakeholders and clients are the backbone of every business venture. You want to ensure that they are always happy doing business with you. You can assure them by demonstrating your backup and recovery strategies using the FluentPro Backup tool.

Conclusion

While SaaS project management tools like Monday.com, Asana, Trello, and Smartsheet are widely used for collaboration and task tracking, they come with several project management challenges that can compromise project data integrity and availability. However, by taking a proactive approach to project management security, you are well-positioned for any cyber threats or tiny human errors that might cause downtime, financial loss, and reputational damage. So don’t wait until data loss disrupts your project workflow; invest in secure tools like FluentPro Backup to protect your project data and ensure your team and organization peace of mind.

The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities.

“Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials, and posts them to GitHub as a repo under the user’s accounts,” the maintainers said in an advisory published Wednesday.

Nx is an open-source, technology-agnostic build platform that’s designed to manage codebases. It’s advertised as an “AI-first build platform that connects everything from your editor to CI [continuous integration].” The npm package has over 3.5 million weekly downloads.

The list of affected packages and versions is below. These versions have since been removed from the npm registry. The compromise of the nx package took place on August 26, 2025.

• nx 21.5.0, 20.9.0, 20.10.0, 21.6.0, 20.11.0, 21.7.0, 21.8.0, 20.12.0
• @nx/devkit 21.5.0, 20.9.0
• @nx/enterprise-cloud 3.2.0
• @nx/eslint 21.5.0
• @nx/js 21.5.0, 20.9.0
• @nx/key 3.2.0
• @nx/node 21.5.0, 20.9.0
• @nx/workspace 21.5.0, 20.9.0

The project maintainers said the root cause of the issue stemmed from a vulnerable workflow that introduced the ability to inject executable code using a specially crafted title in a pull request (PR).

“The pull_request_target trigger was used as a way to trigger the action to run whenever a PR was created or modified,” the nx team said. “However, what was missed is the warning that this trigger, unlike the standard pull_request trigger, runs workflows with elevated permissions, including a GITHUB_TOKEN which has read/write repository permission.”

It’s believed the GITHUB_TOKEN was utilized to trigger the “publish.yml” workflow, which is responsible for publishing the Nx packages to the registry using an npm token.

But with the PR validation workflow running with elevated privileges, the “publish.yml workflow” is triggered to run on the “nrwl/nx” repository while also introducing malicious changes that made it possible to exfiltrate the npm token to an attacker-controlled webhook[.]site endpoint.

“As part of the bash injection, the PR validation workflows triggered a run of the publish.yml with this malicious commit and sent our npm token to an unfamiliar webhook,” the nx team explained. “We believe this is how the user got a hold of the npm token used to publish the malicious versions of nx.”

In other words, the injection flaw enabled arbitrary command execution if a malicious PR title was submitted, while the pull_request_target trigger granted elevated permissions by providing a GITHUB_TOKEN with read/write access to the repository.

The rogue versions of the packages have been found to contain a postinstall script that’s activated after package installation to scan a system for text files, collect credentials, and send the details as a Base64-encoded string to a publicly accessible GitHub repository containing the name “s1ngularity-repository” (or “s1ngularity-repository-0” and “s1ngularity-repository-1”) under the user’s account.

“The malicious postinstall script also modified the .zshrc and .bashrc files which are run whenever a terminal is launched to include sudo shutdown -h 0 which prompt users for their system password and if provided, would shut down the machine immediately,” the maintainers added.

While GitHub has since started to archive these repositories, users who encounter the repositories are advised to assume compromise and rotate GitHub and npm credentials and tokens. Users are also recommended to stop using the malicious packages and check .zshrc and .bashrc files for any unfamiliar instructions and remove them.

The nx team said they have also undertaken remedial actions by rotating their npm and GitHub tokens, auditing GitHub and npm activities across the organization for suspicious activities, and updating Publish access for nx to require two-factor authentication (2FA) or automation.

Wiz researchers Merav Bar and Rami McCarthy said 90% of over 1,000 leaked GitHub tokens are still valid, as well as dozens of valid cloud credentials and npm tokens. It’s said the malware was run on developer machines, often via the nx Visual Studio Code extension. As many as 1,346 repositories with the string “s1ngularity-repository” have been detected by GitGuardian.

Among the 2,349 distinct secrets leaked, the vast majority of them account for GitHub OAuth keys and personal access tokens (PATs), followed by API keys and credentials for Google AI, OpenAI, Amazon Web Services, OpenRouter, Anthropic Claude, PostgreSQL, and Datadog.

The cloud security firm found that the payload is capable of running only on Linux and macOS systems, systematically searching for sensitive files and extracting credentials, SSH keys, and .gitconfig files.

“Notably, the campaign weaponized installed AI CLI tools by prompting them with dangerous flags (–dangerously-skip-permissions, –yolo, –trust-all-tools) to steal file system contents, exploiting trusted tools for malicious reconnaissance,” the company said.

StepSecurity said the incident marks the first known case where attackers have turned developer AI assistants like Claude, Google Gemini, and Amazon Q into tools for supply chain exploitation and bypass traditional security boundaries.

“There are a few differences between the malware in the scoped nx packages (i.e. @nx/devkit, @nx/eslint) versus the malware in the nx package,” Socket said. “First, the AI prompt is different. In these packages, the AI prompt is a bit more basic. This LLM prompt is also much less broad in scope, targeting crypto-wallet keys and secret patterns as well as specific directories, whereas the ones in @nx grabs any interesting text file.”

Charlie Eriksen of Aikido said the use of LLM clients as a vector for enumerating secrets on the victim machine is a novel approach, and gives defenders insight into the direction the attackers may be heading in the future.

“Given the popularity of the Nx ecosystem, and the novelty of AI tool abuse, this incident highlights the evolving sophistication of supply chain attacks,” StepSecurity’s Ashish Kurmi said. “Immediate remediation is critical for anyone who installed the compromised versions.”

Aug 28, 2025Ravie LakshmananArtificial Intelligence / Malware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime’s weapons of mass destruction and ballistic missile programs.

“The North Korean regime continues to target American businesses through fraud schemes involving its overseas IT workers, who steal data and demand ransom,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence John K. Hurley. “Under President Trump, Treasury is committed to protecting Americans from these schemes and holding the guilty accountable.”

The key players targeted include Vitaliy Sergeyevich Andreyev, Kim Ung Sun, Shenyang Geumpungri Network Technology Co., Ltd, and Korea Sinjin Trading Corporation. The latest effort expands the scope of sanctions imposed against Chinyong Information Technology Cooperation Company in May 2023.

Chinyong, according to insider risk management firm DTEX, is one of the many IT companies that have deployed IT workers for engaging in freelance IT work and cryptocurrency theft. It has offices in China, Laos, and Russia.

The years-long IT worker threat, also tracked as Famous Chollima, Jasper Sleet, UNC5267, and Wagemole, is assessed to be affiliated with the Workers’ Party of Korea. At its core, the scheme works by embedding North Korean IT workers in legitimate companies in the U.S. and elsewhere, securing these jobs using fraudulent documents, stolen identities, and false personas on GitHub, CodeSandbox, Freelancer, Medium, RemoteHub, CrowdWorks, and WorkSpace.ru.

Select cases have also involved the threat actors clandestinely introducing malware into company networks to exfiltrate proprietary and sensitive data, and extort them in return for not leaking the information.

In a report published Wednesday, Anthropic revealed how the employment fraud operation has leaned heavily on artificial intelligence (AI)-powered tools like Claude to create convincing professional backgrounds and technical portfolios, tailor resumes to specific job descriptions, and even deliver actual technical work.

“The most striking finding is the actors’ complete dependency on AI to function in technical roles,” Anthropic said. “These operators do not appear to be able to write code, debug problems, or even communicate professionally without Claude’s assistance. Yet they’re successfully maintaining employment at Fortune 500 companies (according to public reporting), passing technical interviews, and delivering work that satisfies their employers.”

The Treasury Department said Andreyev, a 44-year-old Russian national, has facilitated payments to Chinyong and has worked with Kim Ung Sun, a North Korean economic and trade consular official based in Russia, to conduct multiple financial transfers worth nearly $600,000 by converting cryptocurrency to cash in U.S. dollars since December 2024.

Shenyang Geumpungri, the department added, is a Chinese front company for Chinyong that consists of a delegation of DPRK IT workers, generating over $1 million in profits for Chinyong and Sinjin since 2021.

“Sinjin is a DPRK [Democratic People’s Republic of Korea] company subordinate to the U.S.-sanctioned DPRK Ministry of People’s Armed Forces General Political Bureau,” the Treasury said. “The company has received directives from DPRK government officials regarding the DPRK IT workers that Chinyong deploys internationally.”

The announcement comes a little over a month after the Treasury Department sanctioned a North Korean front company (Korea Sobaeksu Trading Company) and three associated individuals (Kim Se Un, Jo Kyong Hun, and Myong Chol Min) for their involvement in the IT worker scheme. In parallel, an Arizona woman was awarded an eight-year prison sentence for running a laptop farm that enabled the actors to connect remotely to companies’ networks.

Last month, the department also sanctioned Song Kum Hyok, a member of a North Korean hacking group called Andariel, alongside a Russian national (Gayk Asatryan) and four entities (Asatryan LLC, Fortuna LLC, Korea Songkwang Trading General Corporation, and Korea Saenal Trading Corporation) for their participation in the sanctions-evading scheme.

Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock.

Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in real-time. The open-weight language model was released by OpenAI earlier this month.

“PromptLock leverages Lua scripts generated from hard-coded prompts to enumerate the local filesystem, inspect target files, exfiltrate selected data, and perform encryption,” ESET said. “These Lua scripts are cross-platform compatible, functioning on Windows, Linux, and macOS.”

The ransomware code also embeds instructions to craft a custom note based on the “files affected,” and the infected machine is a personal computer, company server, or a power distribution controller. It’s currently not known who is behind the malware, but ESET told The Hacker News that PromptLoc artifacts were uploaded to VirusTotal from the United States on August 25, 2025.

“PromptLock uses Lua scripts generated by AI, which means that indicators of compromise (IoCs) may vary between executions,” the Slovak cybersecurity company pointed out. “This variability introduces challenges for detection. If properly implemented, such an approach could significantly complicate threat identification and make defenders’ tasks more difficult.”

Assessed to be a proof-of-concept (PoC) rather than a fully operational malware deployed in the wild, PromptLock uses the SPECK 128-bit encryption algorithm to lock files.

Besides encryption, analysis of the ransomware artifact suggests that it could also be used to exfiltrate data or even destroy it, although the functionality to actually perform the erasure appears not yet to be implemented.

“PromptLock does not download the entire model, which could be several gigabytes in size,” ESET clarified. “Instead, the attacker can simply establish a proxy or tunnel from the compromised network to a server running the Ollama API with the gpt-oss-20b model.”

The emergence of PromptLock is another sign that AI has made it easier for cybercriminals, even those who lack technical expertise, to quickly set up new campaigns, develop malware, and create compelling phishing content and malicious sites.

Earlier today, Anthropic revealed that it had banned accounts created by two different threat actors that used its Claude AI chatbot to commit large-scale theft and extortion of personal data targeting at least 17 distinct organizations, and developed several variants of ransomware with advanced evasion capabilities, encryption, and anti-recovery mechanisms.

The development comes as large language models (LLMs) powering various chatbots and AI-focused developer tools, such as Amazon Q Developer, Anthropic Claude Code, AWS Kiro, Butterfly Effect Manus, Google Jules, Lenovo Lena, Microsoft GitHub Copilot, OpenAI ChatGPT Deep Research, OpenHands, Sourcegraph Amp, and Windsurf, have been found susceptible to prompt injection attacks, potentially allowing information disclosure, data exfiltration, and code execution.

Despite incorporating robust security and safety guardrails to avoid undesirable behaviors, AI models have repeatedly fallen prey to novel variants of injections and jailbreaks, underscoring the complexity and evolving nature of the security challenge.

“Prompt injection attacks can cause AIs to delete files, steal data, or make financial transactions,” Anthropic said. “New forms of prompt injection attacks are also constantly being developed by malicious actors.”

What’s more, new research has uncovered a simple yet clever attack called PROMISQROUTE – short for “Prompt-based Router Open-Mode Manipulation Induced via SSRF-like Queries, Reconfiguring Operations Using Trust Evasion” – that abuses ChatGPT’s model routing mechanism to trigger a downgrade and cause the prompt to be sent to an older, less secure model, thus allowing the system to bypass safety filters and produce unintended results.

“Adding phrases like ‘use compatibility mode’ or ‘fast response needed’ bypasses millions of dollars in AI safety research,” Adversa AI said in a report published last week, adding the attack targets the cost-saving model-routing mechanism used by AI vendors.