Tag: Cyber Security

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group’s expansion to the country beyond Southeast Asia and South America.

The activity, which took place from January to May 2025, has been attributed by Broadcom-owned Symantec to a threat actor it tracks as Jewelbug, which it said overlaps with clusters known as CL-STA-0049 (Palo Alto Networks Unit 42), Earth Alux (Trend Micro), and REF7707 (Elastic Security Labs).

The findings suggest Russia is not off-limits for Chinese cyber espionage operations despite increased “military, economic, and diplomatic” relations between Moscow and Beijing over the years.

“Attackers had access to code repositories and software build systems that they could potentially leverage to carry out supply chain attacks targeting the company’s customers in Russia,” the Symantec Threat Hunter Team said in a report shared with The Hacker News. “Notably too, the attackers were exfiltrating data to Yandex Cloud.”

Earth Alux is assessed to be active since at least the second quarter of 2023, with attacks primarily targeting government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions to deliver malware like VARGEIT and COBEACON (aka Cobalt Strike Beacon).

The attacks mounted by CL-STA-0049/REF7707, on the other hand, have been observed distributing an advanced backdoor named FINALDRAFT (aka Squidoor) that’s capable of infecting both Windows and Linux systems. The findings from Symantec mark the first time these two activity clusters have been tied together.

In the attack aimed at the Russian IT service provider, Jewelbug is said to have leveraged a renamed version of Microsoft Console Debugger (“cdb.exe”), which can be used to run shellcode and bypass application allowlisting, as well as launch executables, run DLLs, and terminate security solutions.

The threat actor has also been observed dumping credentials, establishing persistence via scheduled tasks, and attempting to conceal traces of their activity by clearing Windows Event Logs.

The targeting of IT service providers is strategic as it opens the door to possible supply chain attacks, enabling threat actors to leverage the compromise to breach several downstream customers at once through malicious software updates.

Furthermore, Jewelbug has also been linked to an intrusion at a large South American government organization in July 2025, deploying a previously undocumented backdoor that’s said to be under development – underscoring the group’s evolving capabilities. The malware uses Microsoft Graph API and OneDrive for command-and-control (C2), and can collect system information, enumerate files from targeted machines, and upload the information to OneDrive.

The use of Microsoft Graph API allows the threat actor to blend in with normal network traffic and leaves minimal forensic artifacts, complicating post-incident analysis and prolonging dwell time for threat actors.

Other targets include an IT provider based in South Asia and a Taiwanese company in October and November 2024, with the attack on the latter leveraging DLL side-loading techniques to drop malicious payloads, including ShadowPad, a backdoor exclusively used by Chinese hacking groups.

The infection chain is also characterized by the deployment of the KillAV tool to disable security software and a publicly available tool named EchoDrv, which permits abuse of the kernel read/write vulnerability in the ECHOAC anti-cheat driver, as part of what appears to be a bring your own vulnerable driver (BYOVD) attack.

Also leveraged were LSASS and Mimikatz for dumping credentials, freely available tools like PrintNotifyPotato, Coerced Potato, and Sweet Potato for discovery and privilege escalation, and a SOCKS tunneling utility dubbed EarthWorm that has been used by Chinese hacking crews like Gelsemium and Lucky Mouse.

“Jewelbug’s preference for using cloud services and other legitimate tools in its operations indicates that remaining under the radar and establishing a stealthy and persistent presence on victim networks is of utmost importance to this group,” Symantec said.

The disclosure comes as Taiwan’s National Security Bureau warned of a rise in Chinese cyber attacks targeting its government departments, and called out Beijing’s “online troll army” for attempting to disseminate fabricated content across social networks and undermine people’s trust in the government and sow distrust in the U.S., Reuters reported.

Oct 15, 2025Ravie LakshmananVulnerability / Threat Intelligence

U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to undisclosed vulnerabilities in the product.

It attributed the activity to a “highly sophisticated nation-state threat actor,” adding the adversary maintained long-term, persistent access to its network. The company said it learned of the breach on August 9, 2025, per a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC).

“We have taken extensive actions to contain the threat actor,” it noted. “Since beginning these activities, we have not seen any new unauthorized activity, and we believe our containment efforts have been successful.”

F5 did not say for how long the threat actors had access to its BIG-IP product development environment, but emphasized that it has not observed any indication that the vulnerabilities have been exploited in a malicious context. It also said that the attackers did not access its CRM, financial, support case management, or iHealth systems.

That said, the company acknowledged that some of the exfiltrated files from its knowledge management platform contained configuration or implementation information for a small percentage of customers. Impacted customers are expected to be directly notified following a review of the files.

Following the discovery of the incident, F5 has engaged the services of Google Mandiant and CrowdStrike, as well as rotated credentials and strengthened access controls, deployed tooling to better monitor threats, bolstered its product development environment with extra security controls, and implemented enhancements to its network security architecture.

Users are advised to apply the latest updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM clients as soon as possible for optimal protection.

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk.

“A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base,” Wiz security researcher Rami McCarthy said in a report shared with The Hacker News. “An attacker who discovered this issue would have been able to directly distribute malware to the cumulative 150,000 install base.”

The cloud security firm noted in many cases publishers failed to account for the fact that VS Code extensions, while distributed as .vsix files, can be unzipped and inspected, exposing hard-coded secrets embedded into them.

In all, Wiz said it found over 550 validated secrets, distributed across more than 500 extensions from hundreds of distinct publishers. The 550 secrets have been found to fall under 67 distinct types of secrets, including –

• AI provider secrets, such as those related to OpenAI, Gemini, Anthropic, XAI, DeepSeek, Hugging Face, and Perplexity
• Cloud service provider secrets, such as those related to Amazon Web Services (AWS), Google Cloud, GitHub, Stripe, and Auth0
• Database secrets, such as those related to MongoDB, PostgreSQL, and Supabase

Wiz also noted in its report that more than 100 extensions leaked VS Code Marketplace PATs, which accounted for over 85,000 installs. Another 30 extensions with a cumulative install base of no less than 100,000 have been found to Open VSX Access Tokens. A significant chunk of the flagged extensions are themes.

With Open VSX also integrated into artificial intelligence (AI)-powered VS Code forks like Cursor and Windsurf, extensions that leak access tokens can significantly expand the attack surface.

In one instance, the company said it identified a VS Code Marketplace PAT that could have allowed for pushing targeted malware to the workforce of a $30 billion market cap Chinese mega corporation, indicating that the problem also extends to internal or vendor-specific extensions used by organizations.

Following responsible disclosure to Microsoft in late March and April 2025, the Windows maker has revoked the leaked PATs and announced it’s adding secret scanning capabilities to block extensions with verified secrets and notify developers when secrets are detected.

VS Code users are advised to limit the number of installed extensions, scrutinize extensions prior to downloading them, and weigh the pros and cons of enabling auto-updates. Organizations are recommended to develop an extension inventory to better respond to reports of malicious extensions and consider a centralized allowlist for extensions.

“Operating under the identities ab-498, 498, and 498-00, Tiger-Jack has deployed a sophisticated arsenal: extensions that steal source code, mine cryptocurrency, and establish remote backdoors for complete system control,” security researcher Tuval Admoni said.

Two of the malicious extensions – C++ Playground and HTTP Format – attracted over 17,000 downloads prior to their takedown. However, they continue to be available on Open VSX, with the threat actor also republishing the same malicious code on September 17, 2025, under new names on the VS Code Marketplace after removal.

What’s notable about these extensions is that they deliver the promised functionality, which provides the perfect cover for their malicious activities to go unnoticed by unsuspecting developers who may have installed them.

Specifically, the C++ Playground extension has been found to capture keystrokes in almost real-time through a listener that’s triggered after a 500-millisecond delay. The end goal is to steal C++ source code files. On the other hand, the HTTP Format extension harbors nefarious code to run the CoinIMP miner and stealthily mine cryptocurrency by abusing the system resources.

Three other extensions published by TigerJack under the alias “498,” namely cppplayground, httpformat, and pythonformat, further escalate the risk by incorporating the ability to act as a backdoor by downloading and running arbitrary JavaScript from an external server (“ab498.pythonanywhere[.]com”) every 20 minutes.

“By checking for new instructions every 20 minutes and using eval() on remotely fetched code, TigerJack can dynamically push any malicious payload without updating the extension—stealing credentials and API keys, deploying ransomware, using compromised developer machines as entry points into corporate networks, injecting backdoors into your projects, or monitoring your activity in real-time,” Admoni noted.

Koi Security also pointed out that most of these extensions started off as completely benign tools before the malicious modifications were introduced, a classic case of a Trojan horse approach. This offers several advantages, as it allows the threat actor to establish legitimacy and gain traction among users.

What’s more, it can also deceive a developer who may have vetted the extension before installation, as the threat actor could push an update later on to compromise their environment.

In June 2025, Microsoft said it has a multi-step process in place to keep the VS Code marketplace free of malware. This includes an initial scan of all incoming packages for malicious run-time behavior in a sandbox environment, as well as rescanning and periodic marketplace-wide scans to “make sure everything stays safe.”

That said, these security protections only apply to VS Code Marketplace, and not others like the Open VSX registry, meaning even if the malicious extension gets removed from Microsoft’s platform, threat actors can easily migrate to less-secure alternatives.

“The fragmented security landscape across all marketplaces creates dangerous blind spots that sophisticated threat actors are already exploiting,” the company said. “When security operates in silos, threats simply migrate between platforms while developers remain unknowingly exposed.”

Oct 15, 2025Ravie LakshmananData Protection / Browser Security

TLDR

Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys.

• Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure.
• Adversary-in-the-middle (AiTM) kits can force authentication fallbacks that circumvent strong authentication all together
• Malicious or compromised browser extensions can hijack WebAuthn requests, manipulate passkey registration or sign-in, and drive autofill to leak credentials and one-time codes.
• Device-bound passkeys in hardware security keys offer higher assurance and better administrative control than synced passkeys, and should be mandatory for enterprise access use cases

Synced Passkey Risks

Synced passkey vulnerabilities

Passkeys are credentials stored in an authenticator. Some are device-bound, others are synced across devices through consumer cloud services like iCloud and Google Cloud. Sync improves usability and recovery in low-security, consumer-facing scenarios, but shifts the trust boundary to cloud accounts and recovery workflows. The FIDO Alliance and Yubico, have both issued important advisories for enterprises to evaluate this split and to prefer device-bound options for higher assurance.

Operationally, synced passkeys expand the attack surface in three ways:

1. Cloud account takeover or recovery abuse can authorize new devices, which then erodes the integrity of the credential.
2. If a user is logged in on their corporate device with their personal Apple iCloud account, then passkeys created could be synced to their personal accounts; this dramatically explodes the attack surface beyond enterprise security boundaries.
3. Help desk and account recovery become the real control points that attackers target because they can copy the same protected keychain onto a new, unknown, and untrusted device.

Authentication downgrade attacks

See the “captured” session. (Image source: Proofpoint)

Proofpoint researchers documented a practical downgrade against Microsoft Entra ID where a phishing proxy spoofs an unsupported browser, such as Safari on Windows, Entra disables passkeys, and the user is guided to select a weaker method, such as SMS or OTP. The proxy then captures credentials and the resulting session cookie and imports it to gain access.

This threat vector is reliant on webAuthnpasskey’s uneven operating system and browser support and the identity provider’s (IdP) acceptance of weak authentication methods in favor of a practical UX consideration. It is a classic adversary-in-the-middle (AitM) powered by policy steering. It does not break WebAuthn origin binding because the platform never reaches a WebAuthn ceremony when a compatibility branch disables it. Your weakest authentication method defines your real security.

Immediate mediation in WebAuthn is a feature that allows sites to offer an alternative authentication method when WebAuthn is not available. This is useful for UX but can also be abused by attackers to steer users toward non-webAuthn paths if policy allows them.

SquareX researchers showed that a compromised browser environment can hijack WebAuthn calls and manipulate passkey registration or sign-in. The technique does not break passkey cryptography. It injects or intercepts the browser-side process, for example, through a malicious extension or an XSS bug, to reinitiate registration, force a password fallback, or silently complete an assertion.

Chrome documents an extension API named “webAuthenticationProxy” that can intercept navigator.credentials.create() and navigator.credentials.get() methods once attached, then supply its own responses. This capability exists for remote desktop use cases, but it demonstrates that an extension with the right permission can sit in the WebAuthn path.

Extensions also run content scripts inside the page context, where they can read and modify the DOM and drive user interface flows, which include invoking credential APIs from the page.

Independent research presented at DEF CON described DOM-based extension clickjacking that targets the UI elements injected by password manager extensions. A single user click on a crafted page can trigger autofill and exfiltration of stored data such as logins, credit cards, and one-time codes. The researcher reports that in some scenarios, passkey authentication can also be exploited and lists vulnerable versions across multiple vendors.

Device-bound credentials are the only effective enterprise solution

Device-bound passkeys are tied to a specific device, typically with private key generation and usage conducted in secure hardware components. In enterprise, hardware security keys provide consistent device signals, attestation, and a lifecycle you can inventory and revoke.

Guidance for an enterprise-grade passkey program

Policy

• Require phishing-resistant authentication for all users, and especially those in privileged roles. Accept only device-bound authenticators that generate non-exportable credentials at registration and never leave the device. Credentials should be rooted in secure hardware and verifiably tied to the physical device attempting the login.
• Eliminate all fallback methods such as SMS, voice calls, TOTP apps, email links, and push approvals. These exist to be exploited during social engineering and downgrade attacks. If a fallback exists, an attacker will force it. Make the strong path the only path.
• Ensure universal operating system and browser support for phishing-resistant, device-bound credentials. Don’t offer alternatives – yes this is possible, we’re happy to show you a demo with Beyond Identity’s identity defense platform. Universal coverage is necessary for complete defense because you’re only as protected as your weakest link.

Browser and Extension Posture

• Enforce extension allowlists in managed browsers. Disallow any extension that requests webAuthenticationProxy, activeTab, or broad content script permissions.
• Continuously monitor extension installs and usage trends for suspicious mass removals or unexplained permission escalations. Extension-level compromise is increasingly indistinguishable from a legitimate user. Lock down browser behavior as tightly as you would an endpoint.

Enrollment and Recovery

• Use high-assurance authenticators as the root of recovery. No help desk, email inbox, or call center should be able to bypass phishing-resistant controls. Recovery is often the attacker’s entry point. Eliminate social engineering vectors and force policy-compliant reproofing.
• Only allow for enrollment of device-bound credentials.
• Capture attestation metadata at registration, including device model and assurance level. Reject unrecognized or unverifiable authenticators. Trust begins at registration. If you don’t know what created the credential, you don’t control access.

Device Hygiene & Runtime Defense

• Bind sessions to trusted device context. A session cookie should never be a portable artifact. Runtime session enforcement should tie identity to continuous device posture, not just an initial authentication.
• Enforce continuous authentication. If device posture, location, or security status changes, require reauthentication or deny access. A login is not a hall pass. Risk is dynamic, authentication must be too.
• Assume authentication attempts with weak factors should be blocked by default. See how Beyond Identity customers instantly block identity attacks based on the simple fact that it is not a strong credential attempting access.

What This Looks Like in Practice

The architecture of an identity security system that offers uncompromising defense against identity, browser, and device-based attacks can be defined by these three traits:

1. Device-bound credentials: Credentials never leave the device. They are non-exportable, hardware-backed, and cannot be synced or replayed elsewhere.
2. Continuous trust: Authentication never stops at login. It continues throughout the session, tied to posture signals from the device.
3. Universal endpoint hygiene enforcement: All endpoints are in scope. Even unmanaged devices must be evaluated in real time for risk posture and session integrity.

The bottom line

Synced passkeys are not a force field that is appropriate for defense. They improve usability for consumer use cases at the cost of enterprise access security.

See more in-action in an upcoming webinar, How Attackers Bypass FIDO: Why Synced Passkeys Fail and What To Do Instead where Beyond Identity will review how synced passkey failures happen and how leading security teams, including Snowflake and Cornell University, close these paths.

Even if you can’t join, register and you’ll get the recording!

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program.

Of the 183 vulnerabilities, eight of them are non-Microsoft issued CVEs. As many as 165 flaws have been rated as Important in severity, followed by 17 as Critical and one as Moderate. The vast majority of them relate to elevation of privilege vulnerabilities (84), with remote code execution (33), information disclosure (28), spoofing (14), denial-of-service (11), and security feature bypass (11) issues accounting for the rest of them.

The updates are in addition to the 25 vulnerabilities Microsoft addressed in its Chromium-based Edge browser since the release of September 2025’s Patch Tuesday update.

The two Windows zero-days that have come under active exploitation are as follows –

• CVE-2025-24990 (CVSS score: 7.8) – Windows Agere Modem Driver (“ltmdm64.sys”) Elevation of Privilege Vulnerability
• CVE-2025-59230 (CVSS score: 7.8) – Windows Remote Access Connection Manager (RasMan) Elevation of Privilege Vulnerability

Microsoft said both issues could allow attackers to execute code with elevated privileges, although there are currently no indications on how they are being exploited and how widespread these efforts may be. In the case of CVE-2025-24990, the company said it’s planning to remove the driver entirely, rather than issue a patch for a legacy third-party component.

The security defect has been described as “dangerous” by Alex Vovk, CEO and co-founder of Action1, as it’s rooted within legacy code installed by default on all Windows systems, irrespective of whether the associated hardware is present or in use.

“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”

The third vulnerability that has been exploited in real-world attacks concerns a case of Secure Boot bypass in IGEL OS before 11 (CVE-2025-47827, CVSS score: 4.6). Details about the flaw were first publicly disclosed by security researcher Zack Didcott in June 2025.

“The impacts of a Secure Boot bypass can be significant, as threat actors can deploy a kernel-level rootkit, gaining access to the IGEL OS itself and, by extension, then tamper with the Virtual Desktops, including capturing credentials,” Kev Breen, senior director of threat research at Immersive, said.

“It should be noted that this is not a remote attack, and physical access is typically required to exploit this type of vulnerability, meaning that ‘evil-maid’ style attacks are the most likely vector affecting employees who travel frequently.”

All three issues have since been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the patches by November 4, 2025.

Some other critical vulnerabilities of note include a remote code execution (RCE) bug (CVE-2025-59287, CVSS score: 9.8) in Windows Server Update Service (WSUS), an out-of-bounds read vulnerability in the Trusted Computing Group (TCG) TPM2.0 reference implementation’s CryptHmacSign helper function (CVE-2025-2884, CVSS score: 5.3), and an RCE in Windows URL Parsing (CVE-2025-59295, 8.8).

“An attacker can leverage this by carefully constructing a malicious URL,” Ben McCarthy, lead cybersecurity engineer at Immersive, said. “The overflowed data can be designed to overwrite critical program data, such as a function pointer or an object’s virtual function table (vtable) pointer.”

“When the application later attempts to use this corrupted pointer, instead of calling a legitimate function, it redirects the program’s execution flow to a memory address controlled by the attacker. This allows the attacker to execute arbitrary code (shellcode) on the target system.”

Two vulnerabilities with the highest CVSS score in this month’s update relate to a privilege escalation flaw in Microsoft Graphics Component (CVE-2025-49708, CVSS score: 9.9) and a security feature bypass in ASP.NET (CVE-2025-55315, CVSS score: 9.9).

While exploiting CVE-2025-55315 requires an attacker to be first authenticated, it can be abused to covertly get around security controls and carry out malicious actions by smuggling a second, malicious HTTP request within the body of their initial authenticated request.

“An organization must prioritize patching this vulnerability because it invalidates the core security promise of virtualization,” McCarthy explained regarding CVE-2025-49708, characterizing it as a high-impact flaw that leads to a full virtual machine (VM) escape.

“A successful exploit means an attacker who gains even low-privilege access to a single, non-critical guest VM can break out and execute code with SYSTEM privileges directly on the underlying host server. This failure of isolation means the attacker can then access, manipulate, or destroy data on every other VM running on that same host, including mission-critical domain controllers, databases, or production applications.

Oct 15, 2025Ravie LakshmananVulnerability / Critical Infrastructure

Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges.

The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system.

“The vulnerabilities affect Red Lion SixTRAK and VersaTRAK RTUs, and allow an unauthenticated attacker to execute commands with root privileges,” Claroty Team 82 researchers said in a report published Tuesday.

Red Lion’s Sixnet RTUs provide advanced automation, control, and data acquisition capabilities in industrial automation and control systems, primarily across energy, water, and wastewater treatment, transportation, utilities, and manufacturing sectors.

These industrial devices are configured using a Windows utility called Sixnet IO Tool Kit, with a proprietary Sixnet “Universal” protocol used to interface and enable communication between the kit and the RTUs.

There also exists a user-permission system atop this mechanism to support file management, set/get station information, obtain Linux kernel and boot version, among others, over the UDP protocol.

The two vulnerabilities identified by Claroty are listed below –

• CVE-2023-42770 – An authentication bypass that arises as a result of the Sixnet RTU software listening to the same port (number 1594) in UDP and TCP that only prompts for an authentication challenge over UDP, while accepting the incoming message over TCP without prompting for any authentication

• CVE-2023-40151 – A remote code execution vulnerability that leverages Sixnet Universal Driver’s (UDR) built-in support for Linux shell command execution to run arbitrary code with root privileges

As a result, an attacker could chain both flaws to sidestep authentication protections to run commands and achieve remote code execution.

“Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A), any Sixnet UDR message received over TCP/IP, the RTU will accept the message with no authentication challenge,” Red Lion said in an advisory released back in June 2025. “When user authentication is not enabled, the shell can execute commands with the highest privileges.”

Users are advised to apply the patches for the two vulnerabilities as soon as possible. It’s also recommended to enable user authentication in the Red Lion RTU and block access over TCP to the affected RTUs.

According to an alert issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in November 2023, the flaws impact the following products –

• ST-IPm-8460: Firmware 6.0.202 and later
• ST-IPm-6350: Firmware version 4.9.114 and later
• VT-mIPm-135-D: Firmware version 4.9.114 and later
• VT-mIPm-245-D: Firmware version 4.9.114 and later
• VT-IPm2m-213-D: Firmware version 4.9.114 and later
• VT-IPm2m-113-D: Firmware version 4.9.114 and later

“Red Lion’s RTUs are prominent in many industrial automation settings, and an attacker with access to the devices and the ability to run commands at root presents significant possibilities for process disruption or damage,” Claroty noted.

Oct 15, 2025Ravie LakshmananVulnerability / Server Security

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild.

The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution due to the fact that the call center application unsafely passes session cookie data to shell processing.

This, in turn, allows an attacker to inject shell commands into a session cookie that can get executed in the vulnerable server. The security flaw affects ICTBroadcast versions 7.4 and below.

“Attackers are leveraging the unauthenticated command injection in ICTBroadcast via the BROADCAST cookie to gain remote code execution,” VulnCheck’s Jacob Baines said in a Tuesday alert. “Approximately 200 online instances are exposed.”

The cybersecurity firm said that it detected in-the-wild exploitation on October 11, with the attacks occurring in two phases, starting with a time-based exploit check followed by attempts to set up reverse shells.

To that end, unknown threat actors have been observed injecting a Base64-encoded command that translates to “sleep 3” in the BROADCAST cookie in specially crafted HTTP requests to confirm command execution and then create reverse shells.

“The attacker used a localto[.]net URL in the mkfifo + nc payload, and also made connections to 143.47.53[.]106 in other payloads,” Baines noted.

It’s worth noting that both the use of a localto.net link and the IP address were previously flagged by Fortinet in connection with an email campaign distributing a Java-based remote access trojan (RAT) named Ratty RAT targeting organizations in Spain, Italy, and Portugal.

These indicator overlaps suggest possible reuse or shared tooling, VulnCheck pointed out. There is currently no information available on the patch status of the flaw. The Hacker News has reached out to ICT Innovations for further comment, and we will update the story if we hear back.

Oct 15, 2025Ravie Lakshmanan Enterprise Software / Vulnerability

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.

The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.

“Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could exploit the system through the RMI-P4 module by submitting a malicious payload to an open port,” according to a description of the flag in CVE.org.

“The deserialization of such untrusted Java objects could lead to arbitrary OS command execution, posing a high impact to the application’s confidentiality, integrity, and availability.”

While the vulnerability was first addressed by SAP last month, security company Onapsis said the latest fix provides extra safeguards to secure against the risk posed by deserialization.

“The additional layer of protection is based on implementing a JVM-wide filter (jdk.serialFilter) that prevents dedicated classes from being deserialized,” it noted. “The list of recommended classes and packages to block was defined in collaboration with the ORL and is divided into a mandatory section and an optional section.”

Another critical vulnerability of note is CVE-2025-42937 (CVSS score: 9.8), a directory traversal flaw in SAP Print Service that arises as a result of insufficient path validation, allowing an unauthenticated attacker to reach the parent directory and overwrite system files.

The third critical flaw patched by SAP concerns an unrestricted file upload bug in SAP Supplier Relationship Management (CVE-2025-42910, CVSS score: 9.0) that could permit an attacker to upload arbitrary files, including malicious executables that could impact the confidentiality, integrity, and availability of the application.

While there is no evidence of these flaws being exploited in the wild, it’s essential that users apply the latest patches and mitigations as soon as possible to avoid potential threats.

“Deserialization remains the major risk,” Pathlock’s Jonathan Stross said. “The P4/RMI chain continues to drive critical exposure in AS Java, with SAP issuing both a direct fix and a hardened JVM configuration to reduce gadget‑class abuse.”

Oct 14, 2025Ravie LakshmananCyber Espionage / Network Security

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year.

The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett. According to the U.S. government, it’s assessed to be a publicly-traded, Beijing-based company known as Integrity Technology Group.

“The group cleverly modified a geo-mapping application’s Java server object extension (SOE) into a functioning web shell,” the cybersecurity company said in a report shared with The Hacker News. “By gating access with a hardcoded key for exclusive control and embedding it in system backups, they achieved deep, long-term persistence that could survive a full system recovery.”

Flax Typhoon is known for living up to the “stealth” in its tradecraft by extensively incorporating living-off-the-land (LotL) methods and hands-on keyboard activity, thereby turning software components into vehicles for malicious attacks, while simultaneously evading detection.

The attack demonstrates how attackers increasingly abuse trusted tools and services to bypass security measures and gain unauthorized access to victims’ systems, at the same time blending in with normal server traffic.

“This VPN bridge allows the attackers to extend the target’s local network to a remote location, making it appear as if the attacker is part of the internal network,” researchers Alexa Feminella and James Xiang explained. “This allowed them to bypass network-level monitoring, acting like a backdoor that allows them to conduct additional lateral movement and exfiltration.”

The threat actors are said to have specifically targeted two workstations belonging to IT personnel in order to obtain credentials and further burrow into the network. Further investigation has uncovered that the adversary had access to the administrative account and was able to reset the password.

“This attack highlights not just the creativity and sophistication of attackers but also the danger of trusted system functionality being weaponized to evade traditional detection,” the researchers noted. “It’s not just about spotting malicious activity; it’s about recognizing how legitimate tools and processes can be manipulated and turned against you.”

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your environment with greater speed and precision.

While the narrative often paints AI as running the show, we’re not seeing AI take over offensive operations end to end. AI is not autonomously writing exploits, chaining attacks, and breaching systems without the human in the loop. What it is doing is speeding up the early and middle stages of the attacker workflow: gathering information, enriching it, and generating plausible paths to execution.

Think of it like AI-generated writing; AI can produce a draft quickly given the right parameters, but someone still needs to review, refine, and tune it for the result to be useful. The same applies to offensive security. AI can build payloads and perform a lot of functions at a higher level than traditional algorithms could, but as of yet they still require direction and context to be effective. This shift matters because it expands what we consider exposure.

An outdated library used to be a liability only if it had a known CVE. Today, it can be a liability if it tells an attacker what framework you’re using and helps them narrow down a working attack path. That’s the difference. AI helps turn seemingly harmless details into actionable insight—not through brute force, but through better comprehension. So while AI isn’t changing how attackers get in, it’s changing how they decide where to look and what’s worth their time.

AI’s Reconnaissance Superpowers

That decision-making process of identifying what is relevant, what is vulnerable, and what is worth pursuing is where AI is already proving its value.

Its strength lies in making sense of unstructured data at scale, which makes it well-suited to reconnaissance. AI can parse and organize large volumes of external-facing information: website content, headers, DNS records, page structures, login flows, SSL configurations, and more. It can align this data to known technologies, frameworks, and security tools, giving an attacker a clearer understanding of what’s running behind the scenes.

At first glance, it appears to contain hardcoded credentials. But in reality, it’s a harmless placeholder referencing the example.com domain. The traditional tool flagged it anyway. AI, by contrast, evaluates the surrounding context and recognizes that this is not a real secret. In testing, we’ve seen models label it “Sensitive: false” with “Confidence: high,” helping filter out false positives to reduce noise.

AI also improves how attackers explore an application’s behavior. In fuzzing workflows, it can propose new inputs based on observed outcomes and refine those inputs as the application responds. This helps uncover business logic flaws, broken access controls, or other subtle vulnerabilities that don’t always trigger alerts.

When it comes to execution, AI helps generate payloads based on real-time threat intelligence. This enables platforms to emulate newly observed techniques more quickly. These payloads are not blindly deployed. They are reviewed, adapted to the environment, and tested for accuracy and safety before being used. This shortens the gap between emerging threats and meaningful validation.

In more advanced scenarios, AI can incorporate exposed data into the attack itself. If the platform detects personally identifiable information such as names or email addresses during a test, it can automatically apply that data in the next phase. This includes actions like credential stuffing, impersonation, or lateral movement—reflecting how a real attacker might adapt in the moment.

Together, these capabilities make AI-driven attacks more efficient, more adaptive, and more convincing. The core techniques remain the same. The difference is in the speed, accuracy, and ability to apply context—something defenders can no longer afford to overlook.

Rethinking Exposure in the Age of AI

The impact of AI on reconnaissance workflows creates a shift in how defenders need to think about exposure. It’s no longer enough to assess only what’s reachable: IP ranges, open ports, externally exposed services. AI expands the definition to include what’s inferable based on context.

This includes metadata, naming conventions, JavaScript variable names, error messages, and even consistent patterns in how your infrastructure is deployed. AI doesn’t need root access to get value from your environment. It just needs a few observable behaviors and a large enough training set to make sense of them.

Exposure is a spectrum. You can be technically “secure” but still provide enough clues for an attacker to build a map of your architecture, your tech stack, or your authentication flow. That’s the kind of insight AI excels at extracting.

Security tools have traditionally prioritized direct indicators of risk: known vulnerabilities, misconfigurations, unpatched components, or suspicious activity. But AI introduces a different dimension. It can infer the presence of vulnerable components not by scanning them directly, but by recognizing behavioral patterns, architectural clues, or API responses that match known attack paths. That inference doesn’t trigger an alert on its own, but it can guide an attacker’s decision-making and narrow the search for an entry point.

In a world where AI can rapidly profile environments, the old model of “scan and patch” isn’t sufficient. Defenders need to reduce what can be learned and not just what can be exploited.

What this changes for defenders

As AI accelerates reconnaissance and decision-making, defenders need to respond with the same level of automation and intelligence. If attackers are using AI to study your environment, you need to use AI to understand what they’re likely to find. If they’re testing how your systems behave, you need to test them first.

This is the new definition of exposure. It’s not just what’s accessible. It’s what can be analyzed, interpreted, and turned into action. And if you’re not validating it continuously, you’re flying blind to what your environment is actually revealing.

Seeing your attack surface through the eyes of an attacker, and validating your defenses using the same techniques they use, is no longer a nice-to-have. It’s the only realistic way to keep up.

Get an inside look at Pentera Labs’ latest AI threat research. Register for the AI Threat Research vSummit and stay ahead of the next wave of attacks.

Note: This article was written and contributed by Alex Spivakovsky, VP of Research & Cybersecurity at Pentera.