Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized.
It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They don’t just spoof—they impersonate.
Modern attackers aren’t relying on chance. They’re running long-term, multi-channel campaigns across email, LinkedIn, SMS, and even support portals—targeting your employees, customers, and partners.
Whether it’s a fake recruiter reaching out on LinkedIn, a lookalike login page sent via text, or a cloned CFO demanding a wire transfer, the tactics are faster, more adaptive, and increasingly automated using AI.
The result? Even trained users are falling for sophisticated fakes—because they’re not just phishing links anymore. They’re operations.
This Webinar Shows You How to Fight Back
Join us for a deep dive into how Doppel’s real-time AI platform detects and disrupts social engineering threats before they escalate.
You’ll learn how AI can be used not just to spot suspicious signals, but to understand attacker behavior, track impersonation campaigns across platforms, and respond instantly—before reputational or financial damage occurs.
What You’ll Learn
The Modern Threat Landscape: How AI-powered social engineering campaigns are evolving—and what that means for your current defenses.
Real-Time Defense: How Doppel identifies impersonation attempts and shuts them down before users engage.
Shared Intelligence at Scale: How learning from attacks across thousands of brands helps make deception unprofitable.
Impersonation attacks are scaling faster than any human team can monitor manually. Security awareness training isn’t enough. Static detection rules fall short. You need a defense that thinks and adapts in real-time.
Doppel’s AI learns from every attack attempt—so your protection keeps getting smarter.
Who Should Attend: Security leaders responsible for brand trust and executive protection, SOC teams overwhelmed by phishing and impersonation alerts, and risk, fraud, or threat intelligence professionals seeking faster, smarter signal-to-action.
Don’t wait for an impersonation attack to make the first move. Learn how to fight back—before it happens. Save Your Spot. Register Now →
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.
The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play Store and its evil twin, which is distributed via third-party sources.
It’s worth pointing out that the decoy apps don’t have to be necessarily published by threat actors themselves and could be legitimate. The only caveat is that the malicious apps share the exact same package names as their real counterparts already available on the Play Store.
“The threat actors behind Konfety are highly adaptable, consistently altering their targeted ad networks and updating their methods to evade detection,” Zimperium zLabs researcher Fernando Ortega said. “This latest variant demonstrates their sophistication by specifically tampering with the APK’s ZIP structure.”
By using malformed APKs, the tactic allows threat actors to sidestep detection and challenge reverse engineering efforts. Besides dynamically loading the main DEX (Dalvik Executable) payload at runtime, the newly discovered versions enable the general-purpose bit flag by setting it to “Bit 0,” signaling to the system that the file is encrypted.
This behavior, in turn, triggers a false password prompt when attempting to inspect the Android package, thereby blocking access and complicating attempts to analyze its contents.
The second technique entails falsely declaring the use of BZIP compression method in the app’s manifest XML file (“AndroidManifest.xml”), causing analysis tools like APKTool and JADX to crash due to a parsing failure. A similar compression-based defense evasion technique was previously highlighted by Kaspersky in another Android malware called SoumniBot.
The use of dynamic code loading to execute the primary payload affords added stealth during initial scans or reverse engineering, Zimperium noted. During execution, the DEX payload is decrypted and loaded directly into memory without attracting any red flags.
“This multi-layered obfuscation approach, combining encrypted assets, runtime code injection, and deceptive manifest declarations, demonstrates the evolving sophistication of the Konfety operation and its continuous efforts to evade analysis and bypass detection mechanisms,” Ortega said.
Like the previous iteration reported by HUMAN last year, Konfety abuses the CaramelAds software development kit (SDK) to fetch ads, deliver payloads, and maintain communication with attacker-controlled servers.
It comes with capabilities to redirect users to malicious websites, prompt unwanted app installs, and trigger persistent spam-like browser notifications. Furthermore, the malware hides its app icon and uses geofencing to alter its functionality based on the victim’s region.
The development comes as ANY.RUN detailed a Chinese Android packer tool known as Ducex that’s mainly designed to conceal embedded payloads like Triada within fake Telegram apps.
“The packer employs serious obfuscation through function encryption using a modified RC4 algorithm with added shuffling,” ANY.RUN researcher Alina Markova said. “Ducex creates major roadblocks for debugging. It performs APK signature verification, failing if the app is re-signed. It also employs self-debugging using fork and ptrace to block external tracing.”
On top of that, Ducex is designed to detect the presence of popular analysis tools such as Frida, Xposed, and Substrate, and if present, terminate itself.
The findings also follow a new study published by a team of researchers from TU Wien and the University of Bayreuth about a novel technique dubbed TapTrap that can be weaponized by a malicious app to covertly bypass Android’s permission system and gain access to sensitive data or execute destructive actions.
The attack, in a nutshell, hijacks user interactions on Android devices by overlaying animations or games on a user’s screen, while surreptitiously launching user interface elements underneath that trick users into performing undesirable actions, such as installing malware or granting the app intrusive permissions.
“Normally, Android shows an animation when the screen changes, such as the new screen sliding or fading in,” researchers Philipp Beer, Marco Squarcina, Sebastian Roth, and Martina Lindorfer said. “However, the app can tell the system that a custom animation should be used instead that is long-running and makes the new screen fully transparent, keeping it hidden from you.”
“Any taps you make during this animation go to the hidden screen, not the visible app. The app can then use this to lure you into tapping on specific areas of the screen that correspond to sensitive actions on the hidden screen, allowing it to perform actions without your knowledge.”
In a hypothetical attack scenario, a threat actor-released game installed by the victim can secretly open a web browser session and dupe them into granting camera permissions to a malicious website.
That said, TapTrap’s impact extends beyond the Android ecosystem, opening the door to tapjacking and web clickjacking attacks. The issue has been addressed in GrapheneOS, Chrome 135 (CVE-2025-3067), and Firefox 136 (CVE-2025-1939). Android 16 continues to remain susceptible to the attack.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild.
The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser’s ANGLE and GPU components.
“Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page,” according to the description of the flaw from the NIST’s National Vulnerability Database (NVD).
ANGLE, short for “Almost Native Graphics Layer Engine,” acts as a translation layer between Chrome’s rendering engine and device-specific graphics drivers. Vulnerabilities in the module can let attackers escape Chrome’s sandbox by abusing low-level GPU operations that browsers usually keep isolated, making this a rare but powerful path to deeper system access.
For most users, a sandbox escape like this means that visiting a malicious site is sufficient to potentially break out of the browser’s security bubble and interact with the underlying system. This is especially critical in targeted attacks where just opening a webpage could trigger a silent compromise without requiring any download or click.
Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group (TAG) have been credited with discovering and reporting the zero-day vulnerability on June 23, 2025.
The exact nature of the attacks weaponizing the flaw has not been disclosed, but Google acknowledged that an “exploit for CVE-2025-6558 exists in the wild.” That said, the discovery by TAG alludes to the possibility of nation-state involvement.
The development comes about two weeks after Google addressed another actively exploited Chrome zero-day (CVE-2025-6554, CVSS score: 8.1), which was also reported by Lecigne on June 25, 2025.
Google has resolved a total of five zero-day vulnerabilities in Chrome that have been either actively exploited or demonstrated as a proof-of-concept (PoC) since the start of the year. This includes: CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, and CVE-2025-6554.
To safeguard against potential threats, it’s advised to update their Chrome browser to versions 138.0.7204.157/.158 for Windows and Apple macOS, and 138.0.7204.157 for Linux. To make sure the latest updates are installed, users can navigate to More > Help > About Google Chrome, and select Relaunch.
Users of other Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.
Issues like this often fall under broader categories like GPU sandbox escapes, shader-related bugs, or WebGL vulnerabilities. While not always headline-grabbing, they tend to resurface in chained exploits or targeted attacks. If you follow Chrome security updates, it’s worth keeping an eye out for graphics driver flaws, privilege boundary bypasses, and memory corruption in rendering paths, as they often point to the next round of patch-worthy bugs.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild.
The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an artificial intelligence (AI) agent that was launched by Google last year as part of a collaboration between DeepMind and Google Project Zero.
“An attacker who can inject arbitrary SQL statements into an application might be able to cause an integer overflow resulting in read off the end of an array,” SQLite project maintainers said in an advisory.
The tech giant described CVE-2025-6965 as a critical security issue that was “known only to threat actors and was at risk of being exploited.” Google did not reveal who the threat actors were.
“Through the combination of threat intelligence and Big Sleep, Google was able to actually predict that a vulnerability was imminently going to be used and we were able to cut it off beforehand,” Kent Walker, President of Global Affairs at Google and Alphabet, said.
“We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild.”
In October 2024, Big Sleep was behind the discovery of another flaw in SQLite, a stack buffer underflow vulnerability that could have been exploited to result in a crash or arbitrary code execution.
Coinciding with the development, Google has also published a white paper to build secure AI agents such that they have well-defined human controllers, their capabilities are carefully limited to avoid potential rogue actions and sensitive data disclosure, and their actions are observable and transparent.
“Traditional systems security approaches (such as restrictions on agent actions implemented through classical software) lack the contextual awareness needed for versatile agents and can overly restrict utility,” Google’s Santiago (Sal) Díaz, Christoph Kern, and Kara Olive said.
“Conversely, purely reasoning-based security (relying solely on the AI model’s judgment) is insufficient because current LLMs remain susceptible to manipulations like prompt injection and cannot yet offer sufficiently robust guarantees.”
To mitigate the key risks associated with agent security, the company said it has adopted a hybrid defense-in-depth approach that combines the strengths of both traditional, deterministic controls and dynamic, reasoning-based defenses.
The idea is to create robust boundaries around the agent’s operational environment so that the risk of harmful outcomes is significantly mitigated, specifically malicious actions carried out as a result of prompt injection.
“This defense-in-depth approach relies on enforced boundaries around the AI agent’s operational environment to prevent potential worst-case scenarios, acting as guardrails even if the agent’s internal reasoning process becomes compromised or misaligned by sophisticated attacks or unexpected inputs,” Google said.
“This multi-layered approach recognizes that neither purely rule-based systems nor purely AI-based judgment are sufficient on their own.”
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter.
“Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed,” Omer Yoachimik and Jorge Pacheco said. “Cloudflare blocked over 6,500 hyper-volumetric DDoS attacks, an average of 71 per day.”
In Q1 2025, the company said an 18-day sustained campaign against its own and other critical infrastructure protected by Cloudflare was responsible for 13.5 million of the attacks observed during the time period. Cumulatively, Cloudflare has blocked nearly 28 million DDoS attacks, surpassing the number of attacks it mitigated in all of 2024.
The notable of the attacks in Q2 2025 is a staggering DDoS attack that peaked at 7.3 terabits per second (Tbps) and 4.8 billion packets per second (Bpps) within a span of 45 seconds.
Big traffic spikes like these make headlines—but what often gets missed is how attackers are now combining them with smaller, targeted probes. Instead of just overwhelming systems with brute force, they’re mixing large-scale floods with quiet scans to find weak spots and slip past defenses built to block only the obvious.
Layer 3/Layer 4 (L3/4) DDoS attacks declined 81% quarter-over-quarter to 3.2 million, while HTTP DDoS attacks rose 9% to 4.1 million. More than 70% of the HTTP DDoS attacks emanated from known botnets. The most common L3/4 attack vectors were flood attacks conducted over DNS, TCP SYN, and UDP protocols.
Telecommunication service providers and carriers were among the most targeted, followed by the Internet, IT services, gaming, and gambling sectors.
China, Brazil, Germany, India, South Korea, Turkey, Hong Kong, Vietnam, Russia, and Azerbaijan emerged as the most attacked locations based on the billing country of the Cloudflare customers. Indonesia, Singapore, Hong Kong, Argentina, and Ukraine were the top five sources of DDoS attacks.
The web infrastructure and security company also revealed that the number of hyper-volumetric DDoS attacks exceeding 100 million packets per second (pps) increased by 592% compared to the previous quarter.
Another significant aspect is the 68% increase in ransom DDoS attack, which occurs when malicious actors attempt to extort money from an organization by threatening them with a DDoS attack. It also involves scenarios where the attacks are carried out and a ransom is demanded to stop it from happening again.
“While the majority of DDoS attacks are small, hyper-volumetric DDoS attacks are increasing in size and frequency,” Cloudflare said. “Six out of every 100 HTTP DDoS attacks exceed 1M rps, and 5 out of every 10,000 L3/4 DDoS attacks exceed 1 Tbps — a 1,150% QoQ increase.”
The company further has called attention to a botnet variant dubbed DemonBot that infects Linux-based systems, predominantly unsecured IoT devices, via open ports or weak credentials to enlist them into a DDoS botnet that can carry out UDP, TCP, and application-layer floods.
“Attacks are typically command-and-control (C2) driven and can generate significant volumetric traffic, often targeting gaming, hosting, or enterprise services,” it added. “To avoid infection, leverage antivirus software and domain filtering.”
Infection vectors like those exploited by DemonBot highlight broader challenges with unsecured IoT exposure, weak SSH credentials, and outdated firmware—common themes across DDoS botnet proliferation. Related attack strategies, such as TCP reflection, DNS amplification, and burst-layer evasion, are increasingly discussed in Cloudflare’s application-layer threat reports and API security breakdowns.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025.
GLOBAL GROUP was “promoted on the Ramp4u forum by the threat actor known as ‘$$$,’” EclecticIQ researcher Arda Büyükkaya said. “The same actor controls the BlackLock RaaS and previously managed Mamona ransomware operations.”
It’s believed that GLOBAL GROUP is a rebranding of BlackLock after the latter’s data leak site was defaced by the DragonForce ransomware cartel back in March. It’s worth mentioning that BlackLock in itself is a rebrand of another RaaS scheme known as Eldorado.
The financially motivated group has been found to lean heavily on initial access brokers (IABs) to deploy the ransomware by weaponizing access to vulnerable edge appliances from Cisco, Fortinet, and Palo Alto Networks. Also put to use are brute-force utilities for Microsoft Outlook and RDWeb portals.
$$$ has acquired Remote Desktop Protocol (RDP) or web shell access to corporate networks, such as those related to law firms, as a way to deploy post-exploitation tools, conduct lateral movement, siphon data, and deploy the ransomware.
Outsourcing the infiltration phase to other threat actors, who supply pre-compromised entry points into enterprise networks, allows affiliates to expend their efforts on payload delivery, extortion, and negotiation rather than network penetration.
The RaaS platform comes with a negotiation portal and an affiliate panel, the latter of which allows cybercriminals to manage victims, build ransomware payloads for VMware ESXi, NAS, BSD, and Windows, and monitor operations. In a bid to entice more affiliates, the threat actors promise a revenue-sharing model of 85%.
“GLOBAL GROUP’s ransom negotiation panel features an automated system powered by AI-driven chatbots,” the Dutch security company said. “This enables non-English-speaking affiliates to engage victims more effectively.”
As of July 14, 2025, the RaaS group has claimed 17 victims in Australia, Brazil, Europe, and the United States, spanning healthcare, oil-and-gas equipment fabrication, industrial machinery and precision engineering, automotive repair, accident-recovery services, and large-scale business process outsourcing (BPO).
The links to BlackLock and Mamona stem from the use of the same Russian VPS provider IpServer and source code similarities with Mamona. Specifically, GLOBAL GROUP is said to be an evolution of Mamona with added features to enable domain-wide ransomware installation. What’s more, the malware is also written in Go, just like BlackLock.
“The creation of GLOBAL GROUP by BlackLock’s administrator is a deliberate strategy to modernize operations, expand revenue streams, and stay competitive in the ransomware market,” Büyükkaya said. “This new brand integrates AI-powered negotiation, mobile-friendly panels, and customizable payload builders, appealing to a broader pool of affiliates.”
The disclosure comes as the Qilin ransomware group emerged as the most active RaaS operation in June 2025, accounting for 81 victims. Other major players include Akira (34), Play (30), SafePay (27), and DragonForce (25).
“SafePay saw the steepest decline at 62.5%, suggesting a major pullback,” cybersecurity company CYFIRMA said. “DragonForce emerged rapidly, with attacks spiking by 212.5%.”
In all, the total number of ransomware victims has dropped from 545 in May to 463 in June 2025, a 15% decline. February tops this year’s list with 956 victims.
“Despite the decline in numbers, geopolitical tensions and high-profile cyber attacks highlight growing instability, potentially heightening the risk of cyber threats,” NCC Group noted late last month.
According to data gathered by Optiv’s Global Threat Intelligence Center (gTIC), 314 ransomware victims were listed on 74 unique data leak sites in Q1 2025, representing a 213% increase in the number of victims. A total of 56 variants were observed in Q1 2024.
“Ransomware operators continued to use tried-and-true methods to gain initial access to victims – social engineering/phishing, exploitation of software vulnerabilities, compromising exposed and insecure software, supply-chain attacks and leveraging the initial access broker (IAB) community,” Optiv researcher Emily Lee said.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants.
“AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants,” ESET researcher Nikola Knežević said in a report shared with The Hacker News.
“While its capabilities are not that impressive on their own, it is the open-source nature of AsyncRAT that has truly amplified its impact. Its plug-in-based architecture and ease of modification have sparked the proliferation of many forks, pushing the boundaries even further”
While AsyncRAT’s evolution highlights its technical adaptability, its real-world impact stems from how it’s deployed in opportunistic phishing campaigns and bundled with loaders like GuLoader or SmokeLoader. These delivery methods enable rapid distribution through cracked software, malicious ads, or fake updates—targeting users in both corporate and consumer environments. Without early detection, AsyncRAT often acts as a staging tool for follow-on payloads like ransomware or credential stealers.
First published on GitHub by NYAN CAT, the C#-based malware is equipped to capture screenshots, log keystrokes, steal credentials, and allow attackers to commandeer infected systems stealthily, exfiltrate data, and execute malicious instructions.
The modular tool’s simplicity and open-source nature, coupled with its modular architecture and enhanced stealth features, has not only made it very adaptable and harder to detect, but also an attractive option for threat actors, as evidenced by the myriadcampaignsdistributing the threatover the years.
The Slovak cybersecurity company said the “groundwork” for AsyncRAT was laid earlier by another open-source RAT known as Quasar RAT (aka CinaRAT or Yggdrasil) that has been available on GitHub since 2015. Although both the malware strains are coded in C#, the wide-ranging differences between them suggest that AsyncRAT was much more than a fork: It was a major rewrite.
The two pieces of malware are united by the use of the same custom cryptography classes used to decrypt the malware configuration settings. Since the release of AsyncRAT, the malware has spawned diverse variants, including DCRat (aka DarkCrystal RAT) and Venom RAT.
DCRat marks a significant improvement over AsyncRAT, packing in evasion techniques to fly under the radar and augmenting its capabilities to gather webcam data, microphone recordings, and Discord tokens, alongside even a module to encrypt files.
“DCRat also implements evasion techniques like AMSI and ETW patching, which work by disabling security features that detect and log malicious behavior,” ESET said. “Addi5onally, it features an anti-process system whereby processes whose names match those in a denylist are terminated.”
Venom RAT, on the other hand, is said to have been inspired by DCRat, while also packing in enough unique features of its own.
“While they indeed belong to the Quasar RAT family, they are still different RATs,” Rapid7 researcher Anna Širokova noted in an analysis of AsyncRAT and Venom RAT in November 2024. “Venom RAT presents more advanced evasion techniques, making it a more sophisticated threat.”
ESET said it also identified lesser-known variants of AsyncRAT, such as NonEuclid RAT, which incorporates plugins to brute-force SSH and FTP credentials, collect geolocation, act as a clipper by substituting clipboard data with the attacker’s cryptocurrency wallet addresses, and even spread the malware by compromising portable executable files with an arbitrary payload.
JasonRAT, for its part, introduces bespoke changes of its own, such as the ability to target systems based on country. Likewise, XieBroRAT features a browser credential stealer and a plugin to interact with Cobalt Strike servers via a reverse connection. It’s also adapted for the Chinese market.
“AsyncRAT’s rise and its subsequent forks highlight the inherent risks of open-source malware frameworks,” ESET said. “All of these forks not only extend AsyncRAT’s technical capabilities but also demonstrate how quickly and creatively threat actors can adapt and repurpose open-source code.”
“The widespread availability of such frameworks significantly lowers the barrier to entry for aspiring cybercriminals, enabling even novices to deploy sophisticated malware with minimal effort. This democratization of malware development – especially considering the rising popularity of LLMs and potential to misuse their capabilities – further accelerates the creation and customization of malicious tools, contributing to a rapidly expanding and increasingly complex threat landscape.”
This shift has also fueled the rise of malware-as-a-service (MaaS), where preconfigured AsyncRAT builders and plug-and-play modules are sold openly on Telegram and dark web forums. The growing overlap between open-source malware, penetration testing tools, and commercial remote access frameworks complicates attribution and defense.
For security teams, this means greater focus on behavioral detection, command-and-control (C2) analysis, and understanding how fileless persistence, clipboard hijacking, and credential theft converge in modern malware campaigns.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can’t easily see. These “invisible” non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers.
Astrix’s Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar:
“One dangerous habit we’ve had for a long time is trusting application logic to act as the guardrails. That doesn’t work when your AI agent is powered by LLMs that don’t stop and think when they’re about to do something wrong. They just do it.”
Why AI Agents Redefine Identity Risk
Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each additional action amplifies the blast radius.
LLMs behave unpredictably: Traditional code follows deterministic rules; large language models operate on probability. That means you cannot guarantee how or where an agent will use the access you grant it.
Existing IAM tools were built for humans: Most identity governance platforms focus on employees, not tokens. They lack the context to map which NHIs belong to which agents, who owns them, and what those identities can actually touch.
Treat AI Agents Like First-Class (Non-Human) Users
Automatically discover and map all AI agents, including external and homegrown agents, with context into their associated NHIs, permissions, owners, and accessed environments. Prioritize remediation efforts based on automated risk scoring based on agent exposure levels and configuration weaknesses.
Manage AI agents and the NHIs they rely on from provisioning to decommissioning through automated ownership, policy enforcement, and streamlined remediation processes, without the manual overhead.
Continuously monitor AI agent activity to detect deviations, out-of-scope actions, and abnormal behaviors, while automating remediation with real-time alerts, workflows, and investigation guides.
The Instant Impact: From Risk to ROI in 30 Days
Within the first month of deploying Astrix, our customers consistently report three transformative business wins within the first month of deployment:
Reduced risk, zero blind spots
Automated discovery and a single source of truth for every AI agent, NHI, and secret reveal unauthorized third-party connections, over-entitled tokens, and policy violations the moment they appear. Short-lived, least-privileged identities prevent credential sprawl before it starts.
“Astrix gave us full visibility into high-risk NHIs and helped us take action without slowing down the business.” – Albert Attias, Senior Director at Workday. Read Workday’s success story here.
Audit-ready compliance, on demand
Meet compliance requirements with scoped permissions, time-boxed access, and per-agent audit trails. Events are stamped at creation, giving security teams instant proof of ownership for regulatory frameworks such as NIST, PCI, and SOX, turning board-ready reports into a click-through exercise.
“With Astrix, we gained visibility into over 900 non-human identities and automated ownership tracking, making audit prep a non-issue” – Brandon Wagner, Head of Information Security at Mercury. Read Mercury’s success story here.
Productivity increased, not undermined
Automated remediation enables engineers to integrate new AI workflows without waiting on manual reviews, while security gains real-time alerts for any deviation from policy. The result: faster releases, fewer fire drills, and a measurable boost to innovation velocity.
“The time to value was much faster than other tools. What could have taken hours or days was compressed significantly with Astrix” – Carl Siva, CISO at Boomi. Read Boomi’s success story here.
The Bottom Line
AI agents unlock historic productivity, yet they also magnify the identity problem security teams have wrestled with for years. By treating every agent as an NHI, applying least privilege from day one, and leaning on automation for continuous enforcement, you can help your business embrace AI safely, instead of cleaning up the breach after attackers exploit a forgotten API key.
Ready to see your invisible identities? Visit astrix.security and schedule a live demo to map every AI agent and NHI in minutes.
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.
Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon.
The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where “CL” stands for “cluster” and “STA” refers to “state-backed motivation.”
“The threat actors behind this cluster of activity have been collecting sensitive information from government agencies, including information about recent tariffs and trade disputes,” security researcher Lior Rochberger said in a Monday analysis.
Southeast Asia has increasingly become a focal point for cyber espionage due to its role in sensitive trade negotiations, military modernization, and strategic alignment in the U.S.–China power dynamic. Targeting government agencies in this region can provide valuable intelligence on foreign policy direction, infrastructure planning, and internal regulatory shifts that influence regional and global markets.
The exact initial access vector used to deliver the malware is currently not known, although evidence shows the use of DLL side-loading techniques to deploy it on compromised hosts. Specifically, it involves planting a malicious version of a DLL called “mscorsvc.dll” along with the legitimate Windows executable, “mscorsvw.exe.”
Once the binary is launched, the DLL proceeds to establish communication with an attacker-controlled URL that allows it to execute arbitrary commands and download additional payloads. Persistence is achieved by means of a service that ensures the DLL is launched even after a reboot of the system.
HazyBeacon is notable for the fact that it leverages Amazon Web Services (AWS) Lambda URLs for command-and-control (C2) purposes, demonstrating threat actors’ continued abuse of legitimate services to fly under the radar and escape detection.
“AWS Lambda URLs are a feature of AWS Lambda that allows users to invoke serverless functions directly over HTTPS,” Rochberger explained. “This technique uses legitimate cloud functionality to hide in plain sight, creating a reliable, scalable and difficult-to-detect communication channel.”
Defenders should pay attention to outbound traffic to rarely used cloud endpoints like *.lambda-url.*.amazonaws.com, especially when initiated by unusual binaries or system services. While AWS usage itself isn’t suspicious, context-aware baselining—such as correlating process origins, parent-child execution chains, and endpoint behavior—can help distinguish legitimate activity from malware leveraging cloud-native evasion.
Downloaded among the payloads is a file collector module that’s responsible for harvesting files matching a specific set of extensions (e.g., doc, docx, xls, xlsx, and pdf) and within a time range. This includes attempts to search for files related to the recent tariff measures imposed by the United States.
The threat actor has also been found to employ other services like Google Drive and Dropbox as exfiltration channels so as to blend in with normal network traffic and transmit the gathered data. In the incident analyzed by Unit 42, attempts to upload the files to the cloud storage services are said to have been blocked.
In the final stage, the attackers run cleanup commands to avoid leaving traces of their activity, deleting all the archives of staged files and other payloads downloaded during the attack.
“The threat actors used HazyBeacon as the main tool for maintaining a foothold and collecting sensitive information from the affected governmental entities,” Rochberger said. “This campaign highlights how attackers continue to find new ways to abuse legitimate, trusted cloud services.”
HazyBeacon reflects a broader trend of advanced persistent threats using trusted platforms as covert channels—a tactic often referred to as “living off trusted services” (LOTS). As part of this cloud-based malware cluster, similar techniques have been observed in threats using Google Workspace, Microsoft Teams, or Dropbox APIs to evade detection and facilitate persistent access.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Jul 15, 2025Ravie LakshmananMalware / Web Security
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks.
The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a malware loader codenamed XORIndex. The activity is an expansion of an attack wave spotted last month that involved the distribution of 35 npm packages that deployed another loader referred to as HexEval.
“The Contagious Interview operation continues to follow a whack-a-mole dynamic, where defenders detect and report malicious packages, and North Korean threat actors quickly respond by uploading new variants using the same, similar, or slightly evolved playbooks,” Socket researcher Kirill Boychenko said.
Contagious Interview is the name assigned to a long-running campaign that seeks to entice developers into downloading and executing an open-source project as part of a purported coding assignment. First publicly disclosed in late 2023, the threat cluster is also tracked as DeceptiveDevelopment, Famous Chollima, Gwisin Gang, Tenacious Pungsan, UNC5342, and Void Dokkaebi.
The activity is believed to be complementary to Pyongyang’s infamous remote information technology (IT) worker scheme, adopting the strategy of targeting developers already employed in companies of interest rather than applying for a job.
The attack chains using malicious npm packages are fairly straightforward in that they serve as a conduit for a known JavaScript loader and stealer called BeaverTail, which is subsequently used to extract data from web browsers and cryptocurrency wallets, as well as deploy a Python backdoor referred to as InvisibleFerret.
“The two campaigns now operate in parallel. XORIndex has accumulated over 9,000 downloads in a short window (June to July 2025), while HexEval continues at a steady pace, with more than 8,000 additional downloads across the newly discovered packages,” Boychenko said.
The XORIndex Loader, like HexEval, profiles the compromised machine and uses endpoints associated with hard-coded command-and-control (C2) infrastructure to obtain the external IP address of the host. The collected information is then beaconed to a remote server, after which BeaverTail is launched.
Further analysis of these packages has uncovered a steady evolution of the loader, progressing from a bare-bones prototype to a sophisticated, stealthier malware. Early iterations have been found to lack in obfuscation and reconnaissance capabilities, while keeping their core functionality intact, with second and third-generation versions introducing rudimentary system reconnaissance capabilities.
“Contagious Interview threat actors will continue to diversify their malware portfolio, rotating through new npm maintainer aliases, reusing loaders such as HexEval Loader and malware families like BeaverTail and InvisibleFerret, and actively deploying newly observed variants including XORIndex Loader,” Boychenko said.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
