Tag: Cyber Threats

A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors.

“We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during startup and passing all trust checks,” researchers Jesse De Meulemeester, David Oswald, Ingrid Verbauwhede, and Jo Van Bulck said on a website publicizing the findings. “Later, with just a flip of a switch, our interposer turns malicious and silently redirects protected addresses to attacker-controlled locations, allowing corruption or replay of encrypted memory.”

Battering RAM compromises Intel’s Software Guard Extensions (SGX) and AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) hardware security features, which ensure that customer data remains encrypted in memory and protected during use.

It affects all systems using DDR4 memory, specifically those relying on confidential computing workloads running in public cloud environments to secure data from the cloud service provider using hardware-level access control and memory encryption.

The attack, in a nutshell, involves leveraging a custom-built, low-cost DDR4 interposer hardware hack to stealthily redirect physical addresses and gain unauthorized access to protected memory regions. The interposer makes use of simple analog switches to actively manipulate signals between the processor and memory, and can be built for less than $50.

On Intel platforms, Battering RAM achieves arbitrary read access to victim plaintext or write plaintext into victim enclaves, whereas on AMD systems, the attack can be used to sidestep recent firmware mitigations against BadRAM, which was documented by the researchers back in December 2024, and introduce arbitrary backdoors into the virtual machine without raising any suspicion.

Successful exploitation of the vulnerability can allow a rogue cloud infrastructure provider or insider with limited physical access to compromise remote attestation and enable the insertion of arbitrary backdoors into protected workloads.

The vulnerability was reported to the vendors earlier this year, following which Intel, AMD, and Arm responded that physical attacks are currently considered out of scope. However, defending against Battering RAM would require a fundamental redesign of memory encryption itself, the researchers noted.

“Battering RAM exposes the fundamental limits of the scalable memory encryption designs currently used by Intel and AMD, which omit cryptographic freshness checks in favor of larger protected memory sizes,” they added. “Battering RAM […] is capable of introducing memory aliases dynamically at runtime. As a result, Battering RAM can circumvent Intel’s and AMD’s boot-time alias checks.”

The disclosure comes as AMD released mitigations for attacks dubbed Heracles and Relocate-Vote disclosed by the University of Toronto and ETH Zürich, respectively, that can leak sensitive data from cloud environments and confidential virtual machines that rely on AMD’s SEV-SNP technology by means of a malicious hypervisor.

“The system lets the hypervisor move data around to manage memory efficiently,” David Lie, director of the Schwartz Reisman Institute (SRI) at the University of Toronto, said. “So when data is relocated, AMD’s hardware decrypts it from the old location and re-encrypts it for the new location. But, what we found was that by doing this over and over again, a malicious hypervisor can learn recurring patterns from within the data, which could lead to privacy breaches.”

Last month, ETH Zürich researchers also demonstrated that a CPU optimization known as the stack engine can be abused as a side channel for attacks that lead to information leakage. A proof-of-concept (PoC) has been developed for AMD Zen 5 machines, although it’s believed that all models have this “abusable hardware feature.”

The discovery of Battering RAM also follows a report from Vrije Universiteit Amsterdam researchers about a new, realistic attack technique referred to as L1TF Reloaded that combines L1 Terminal Fault (aka Foreshadow) and Half-Spectre gadgets (aka incomplete Spectre-like code patterns) to leak memory from virtual machines running on public cloud services.

“L1TF is a CPU vulnerability that allows an (attacker) VM to speculatively read any data residing in the (core-local) L1 data cache – including data the VM shouldn’t have access to,” VUSec researchers said. “At a high level, L1TF Reloaded abuses this to obtain an arbitrary RAM read primitive.”

Google, which provided the researchers with a sole-tenant node in order to conduct the research safely without potentially affecting any other customers, awarded a $151,515 bug bounty and “applied fixes to the affected assets.” Amazon said the L1TF Reloaded vulnerability does not impact the guest data of AWS customers running on the AWS Nitro System or Nitro Hypervisor.

Spectre, which first came to light in early 2018, continues to haunt modern CPUs, albeit in the form of different variants. As recently as two weeks ago, academics from ETH Zürich devised a new attack known as VMScape (CVE-2025-40300, CVSS score: 6.5) that breaks virtualization boundaries in AMD Zen CPUs and Intel Coffee Lake processors.

Described as a Spectre branch target injection (Spectre-BTI) attack targeting the cloud, it exploits isolation gaps across host and guest in user and supervisor modes to leak arbitrary memory from an unmodified QEMU process. A software fix has been introduced in the Linux kernel to counter the cross-virtualization BTI (vBTI) attack primitive.

“VMScape can leak the memory of the QEMU process at the rate of 32 B/s on AMD Zen 4,” the authors said in a study. “We use VMScape to find the location of secret data and leak the secret data, all within 772 s, extracting the cryptographic key used for disk encryption/decryption as an example.”

Sep 30, 2025Ravie LakshmananCyber Espionage / Malware

Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years.

“Phantom Taurus’ main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations,” Palo Alto Networks Unit 42 researcher Lior Rochberger said. “The group’s primary objective is espionage. Its attacks demonstrate stealth, persistence, and an ability to quickly adapt their tactics, techniques, and procedures (TTPs).”

It’s worth pointing out that the hacking group was first detailed by the cybersecurity company back in June 2023 under the moniker CL-STA-0043. Then last May, the threat cluster was graduated to a temporary group, TGR-STA-0043, following revelations about its sustained cyber espionage efforts aimed at governmental entities since at least late 2022 as part of a campaign codenamed Operation Diplomatic Specter.

Unit 42 said its continued observation of the group yielded enough evidence to classify it as a new threat actor whose primary goal is to enable long-term intelligence collection and obtain confidential data from targets that are of strategic interest to China, both economically and geopolitically.

“The group takes an interest in diplomatic communications, defense-related intelligence and the operations of critical governmental ministries,” the company said. “The timing and scope of the group’s operations frequently coincide with major global events and regional security affairs.”

This aspect is particularly revealing, not least because other Chinese hacking groups have also embraced a similar approach. For instance, a new adversary tracked by Recorded Future as RedNovember is assessed to have targeted entities in Taiwan and Panama in close proximity to “geopolitical and military events of key strategic interest to China.”

Phantom Taurus’ modus operandi also stands out due to the use of custom-developed tools and techniques rarely observed in the threat landscape. This includes a never-before-seen bespoke malware suite dubbed NET-STAR. Developed in .NET, the program is designed to target Internet Information Services (IIS) web servers.

That said, the hacking crew has relied on shared operational infrastructure that has been previously employed by groups like AT27 (aka Iron Taurus), APT41 (aka Starchy Taurus or Winnti), and Mustang Panda (aka Stately Taurus). Conversely, the infrastructure components used by the threat actor have not been detected in operations carried out by others, indicating some sort of “operational compartmentalization” within the shared ecosystem.

The exact initial access vector is not clear, but prior intrusions have weaponized vulnerable on-premises Internet Information Services (IIS) and Microsoft Exchange servers, abusing flaws like ProxyLogon and ProxyShell, to infiltrate target networks.

Another significant facet of the attacks is the shift from gathering emails to the direct targeting of databases using a batch script that makes it possible to connect to an SQL Server database, export the results in the form of a CSV file, and terminate the connection. The script is executed using the Windows Management Instrumentation (WMI) infrastructure.

Unit 42 said the threat actor used this method to methodically search for documents of interest and information related to specific countries such as Afghanistan and Pakistan.

Recent attacks mounted by Phantom Taurus have also leveraged NET-STAR, which consists of three web-based backdoors, each of which performs a specific function while maintaining access to the compromised IIS environment –

• IIServerCore, a fileless modular backdoor loaded by means of an ASPX web shell that supports in-memory execution of command-line arguments, arbitrary commands, and payloads, and transmits the results in an encrypted command-and-control (C2) communication channel
• AssemblyExecuter V1, which loads and executes additional .NET payloads in memory
• AssemblyExecuter V2, an enhanced version of AssemblyExecuter V1 that also comes fitted with the ability to bypass Antimalware Scan Interface (AMSI) and Event Tracing for Windows (ETW)

“The NET-STAR malware suite demonstrates Phantom Taurus’ advanced evasion techniques and a deep understanding of .NET architecture, representing a significant threat to internet-facing servers,” Unit 42 said. “IIServerCore also supports a command called changeLastModified. This suggests that the malware has active timestomping capabilities, designed to confuse security analysts and digital forensics tools.”

Sep 30, 2025The Hacker NewsArtificial Intelligence / Threat Detection

The Problem: Legacy SOCs and Endless Alert Noise

Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine, analysts scrambling to keep pace. The harder they try to scale people or buy new tools, the faster the chaos multiplies. The problem is not just volume; it is the model itself. Traditional SOCs start with rules, wait for alerts to fire, and then dump raw signals on analysts. By the time someone pieces together what is really happening, the attacker has already moved on, or moved in. It is a broken loop of noise chasing noise.

Flipping the Model: Context Over Chaos

Instead of drowning in raw events, treat every incoming signal as a potential opening move in a bigger story. Logs from identity systems, endpoints, cloud workloads, and SIEMs do not just land in separate dashboards; they are normalized, connected, and enriched to form a coherent investigation. A brute-force login attempt on its own is easy to dismiss. But when enhanced with user history, IP reputation, and signs of lateral movement, it is no longer background noise. It becomes the first chapter of an unfolding breach.

Context is the difference between ignoring another failed login and stopping an attack in motion.

Enabling Analysts with Story-Driven Workflows

The goal is not to hand analysts a bigger stack of alerts, it is to give them a story that already has shape and meaning. When analysts open a case, they see how the activity fits together, what actors are involved, and what paths the threat has already taken. Instead of starting from scratch with scattered evidence, they begin with a clear picture that guides their judgment. That shift changes the nature of the job itself.

Human-Centric AI That Enhances, Not Replaces

This is not about replacing humans with AI. It is about giving humans the space to actually do security. When technology handles the grind of collecting, correlating, and enriching signals, analysts can focus on what they do best: interpreting meaning, thinking creatively, and applying institutional knowledge.

• Junior analysts can develop investigative reasoning by studying complete cases instead of clicking through endless queues,
• Mid-level analysts gain time to hunt and test new hypotheses
• Senior analysts focus on attacker behavior and strategy, shaping how defenses evolve.

The work stops feeling like endless triage and starts feeling like security again.

Measurable Results: Faster MTTR, Fewer False Positives

The results are measurable and dramatic. False positives drop sharply. Mean time to resolution shrinks from hours to minutes. Quality and accuracy shoot up. Teams finally have the capacity to investigate the subtle, low-level signals where attackers often make their first moves.

That is what happens when SOC teams stop chasing alerts and start building context.

Defining the Cognitive SOC

A SOC that thrives is not the one with the most dashboards or the biggest analyst headcount. It is the one that can learn and adapt, quickly turn signals into stories, make confident decisions, and act before chaos spirals. That is the promise of a “cognitive SOC.” Technology organizes the noise, and analysts deliver the answers.

Moving from Alert Chaos to Contextual Clarity

Conifers helps enterprises and MSSP security business leaders escape the tradeoff between effectiveness and efficiency with CognitiveSOC™, an AI SOC agent platform that scales investigations with intelligence and context. Instead of drowning analysts in noisy alerts or forcing MSSPs to sacrifice margins, Conifers blends agentic AI, advanced data science, and human oversight with an organization’s own institutional knowledge to automate end-to-end, multi-tier investigations with reasoning and intent. By mapping incidents to use cases and dynamically applying the right AI techniques, CognitiveSOC produces contextual, evidence-backed outputs that align with each organization’s risk profile and analyst preferences. This results in faster, higher-quality investigations and decision-making, reduced alert fatigue, and improved SOC outcomes at scale. More context, less chaos.

Visit Conifers.ai to request a demo and experience how CognitiveSOC transforms noisy alerts into contextual investigations that boost efficiency, protect margins, and strengthen security posture.

Sep 30, 2025Ravie LakshmananZero-Day / Vulnerability

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs.

The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions –

• VMware Cloud Foundation 4.x and 5.x
• VMware Cloud Foundation 9.x.x.x
• VMware Cloud Foundation 13.x.x.x (Windows, Linux)
• VMware vSphere Foundation 9.x.x.x
• VMware vSphere Foundation 13.x.x.x (Windows, Linux)
• VMware Aria Operations 8.x
• VMware Tools 11.x.x, 12.x.x, and 13.x.x (Windows, Linux)
• VMware Telco Cloud Platform 4.x and 5.x
• VMware Telco Cloud Infrastructure 2.x and 3.x

“A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM,” VMware said in an advisory released Monday.

The fact that it’s a local privilege escalation means that the adversary will have to secure access to the infected device through some other means.

NVISO researcher Maxime Thiebaut has been credited for discovering and reporting the shortcoming on May 19, 2025, during an incident response engagement. The company also said VMware Tools 12.4.9, which is part of VMware Tools 12.5.4, remediates the issue for Windows 32-bit systems, and that a version of open-vm-tools that addresses CVE-2025-41244 will be distributed by Linux vendors.

The vulnerable get_version() function

While Broadcom makes no mention of it being exploited in real-world attacks, NVISO Labs attributed the activity to a China-linked threat actor Google Mandiant tracks as UNC5174 (aka Uteus or Uetus), which has a track record of exploiting various security flaws, including those impacting Ivanti and SAP NetWeaver, to obtain initial access to target environments.

“When successful, exploitation of the local privilege escalation results in unprivileged users achieving code execution in privileged contexts (e.g., root),” Thiebaut said. “We can however not assess whether this exploit was part of UNC5174’s capabilities or whether the zero-day’s usage was merely accidental due to its trivialness.”

NVISO said the vulnerability is rooted in a function called “get_version()” that takes a regular expression (regex) pattern as input for each process with a listening socket, checks whether the binary associated with that process matches the pattern, and, if so, invokes the supported service’s version command.

“While this functionality works as expected for system binaries (e.g., /usr/bin/httpd), the usage of the broad‑matching S character class (matching non‑whitespace characters) in several of the regex patterns also matches non-system binaries (e.g., /tmp/httpd),” Thiebaut explained. “These non-system binaries are located within directories (e.g., /tmp) which are writable to unprivileged users by design.”

As a result, this opens the door to potential abuse by an unprivileged local attacker by staging the malicious binary at “/tmp/httpd,” resulting in privilege escalation when the VMware metrics collection is executed. All a bad actor requires to abuse the flaw is to ensure that the binary is run by an unprivileged user and it opens a random listening socket.

The Brussels-based cybersecurity company noted that it observed UNC5174 using the “/tmp/httpd” location to stage the malicious binary and spawn an elevated root shell and achieve code execution. The exact nature of the payload executed using this method is unclear at this stage.

“The broad practice of mimicking system binaries (e.g., httpd) highlights the real possibility that several other malware strains have accidentally been benefiting from unintended privilege escalations for years,” Thiebaut said.

Sep 30, 2025Ravie LakshmananArtificial Intelligence / Threat Detection

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic platform with the general availability of the Sentinel data lake.

In addition, the tech giant said it’s also releasing a public preview of Sentinel Graph and Sentinel Model Context Protocol (MCP) server.

“With graph-based context, semantic access, and agentic orchestration, Sentinel gives defenders a single platform to ingest signals, correlate across domains, and empower AI agents built in Security Copilot, VS Code using GitHub Copilot, or other developer platforms,” Vasu Jakkal, corporate vice president at Microsoft Security, said in a post shared with The Hacker News.

Microsoft released Sentinel data lake in public preview earlier this July as a purpose-built, cloud-native tool to ingest, manage, and analyze security data to provide better visibility and advanced analytics.

With the data lake, the idea is to lay the foundation for an agentic defense by bringing data from diverse sources and enabling artificial intelligence (AI) models like Security Copilot to have the full context necessary to detect subtle patterns, correlate signals, and surface high-fidelity alerts.

The shift, Redmond added, allows security teams to uncover attacker behavior, retroactively hunt over historical data, and trigger detections automatically based on the latest tradecraft.

“Sentinel ingests signals, either structured or semi-structured, and builds a rich, contextual understanding of your digital
estate through vectorized security data and graph-based relationships,” Jakkal said.

“By integrating these insights with Defender and Purview, Sentinel brings graph-powered context to the tools security teams already use, helping defenders trace attack paths, understand impact, and prioritize response — all within familiar workflows.”

Microsoft further noted that Sentinel organizes and enriches security data so as to detect issues faster and better respond to events at scale, shifting cybersecurity from “reactive to predictive.”

In addition, the company said users can build Security Copilot agents in a Sentinel MCP server-enabled coding platform, such as VS Code, using GitHub Copilot, that are tailored to their organizational workflows.

The Windows maker has also emphasized the need for securing AI platforms and implementing guardrails to detect (cross-)prompt injection attacks, stating it intends to roll out new enhancements to Azure AI Foundry that incorporate more protection for AI agents against such risks.

Sep 30, 2025Ravie LakshmananArtificial Intelligence / Vulnerability

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google’s Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft.

“They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud Assist; and exfiltration of the user’s saved information and location data via the Gemini Browsing Tool,” Tenable security researcher Liv Matan said in a report shared with The Hacker News.

The vulnerabilities have been collectively codenamed the Gemini Trifecta by the cybersecurity company. They reside in three distinct components of the Gemini suite –

• A prompt injection flaw in Gemini Cloud Assist that could allow attackers to exploit cloud-based services and compromise cloud resources by taking advantage of the fact that the tool is capable of summarizing logs pulled directly from raw logs, enabling the threat actor to conceal a prompt within a User-Agent header as part of an HTTP request to a Cloud Function and other services like Cloud Run, App Engine, Compute Engine, Cloud Endpoints, Cloud Asset API, Cloud Monitoring API, and Recommender API
• A search-injection flaw in the Gemini Search Personalization model that could allow attackers to inject prompts and control the AI chatbot’s behavior to leak a user’s saved information and location data by manipulating their Chrome search history using JavaScript and leveraging the model’s inability to differentiate between legitimate user queries and injected prompts from external sources
• An indirect prompt injection flaw in Gemini Browsing Tool that could allow attackers to exfiltrate a user’s saved information and location data to an external server by taking advantage of the internal call Gemini makes to summarize the content of a web page

Tenable said the vulnerability could have been abused to embed the user’s private data inside a request to a malicious server controlled by the attacker without the need for Gemini to render links or images.

“One impactful attack scenario would be an attacker who injects a prompt that instructs Gemini to query all public assets, or to query for IAM misconfigurations, and then creates a hyperlink that contains this sensitive data,” Matan said of the Cloud Assist flaw. “This should be possible since Gemini has the permission to query assets through the Cloud Asset API.”

Following responsible disclosure, Google has since stopped rendering hyperlinks in the responses for all log summarization responses, and has added more hardening measures to safeguard against prompt injections.

“The Gemini Trifecta shows that AI itself can be turned into the attack vehicle, not just the target. As organizations adopt AI, they cannot overlook security,” Matan said. “Protecting AI tools requires visibility into where they exist across the environment and strict enforcement of policies to maintain control.”

The development comes as agentic security platform CodeIntegrity detailed a new attack that abuses Notion’s AI agent for data exfiltration by hiding prompt instructions in a PDF file using white text on a white background that instructs the model to collect confidential data and then send it to the attackers.

“An agent with broad workspace access can chain tasks across documents, databases, and external connectors in ways RBAC never anticipated,” the company said. “This creates a vastly expanded threat surface where sensitive data or actions can be exfiltrated or misused through multi step, automated workflows.”

Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly.

Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior trips.” Some of the other territories targeted by the threat actors include Singapore, Malaysia, Canada, South Africa, and the U.K.

The campaigns, it added, specifically focused on elderly people looking for social activities, trips, in-person meetings, and similar events. These Facebook groups have been found to share artificial intelligence (AI)-generated content, claiming to organize various activities for seniors.

Should prospective targets express willingness to participate in these events, they are subsequently approached via Facebook Messenger or WhatsApp, where they are asked to download an APK file from a fraudulent link (e.g., “download.seniorgroupapps[.]com”).

“The fake websites prompted visitors to install a so-called community application, claiming it would allow them to register for events, connect with members, and track scheduled activities,” ThreatFabric said in a report shared with The Hacker News.

Interestingly, the websites have also been found to contain placeholder links to download an iOS application, indicating that the attackers are looking to target both the mobile operating systems, distributing TestFlight apps for iOS and trick victims into downloading them.

Should the victim click on the button to download the Android application, it either leads to the direct deployment of the malware on their devices, or that of a dropper that’s built using an APK binding service dubbed Zombinder to bypass security restrictions on Android 13 and later.

Some of the Android apps that have been found distributing Datzbro are listed below –

• Senior Group (twzlibwr.rlrkvsdw.bcfwgozi)
• Lively Years (orgLivelyYears.browses646)
• ActiveSenior (com.forest481.security)
• DanceWave (inedpnok.kfxuvnie.mggfqzhl)
• 作业帮 (io.mobile.Itool）
• 麻豆传媒 (fsxhibqhbh.hlyzqkd.aois
• 麻豆传媒 (mobi.audio.aassistant)
• 谷歌浏览器 (tvmhnrvsp.zltixkpp.mdok)
• MT管理器 (varuhphk.vadneozj.tltldo)
• MT管理器 (spvojpr.bkkhxobj.twfwf)
• 大麦 (mnamrdrefa.edldylo.zish)
• MT管理器 (io.red.studio.tracker)

The malware, like other Android banking trojans, has a wide range of capabilities to record audio, capture photos, access files and photos, and conduct financial fraud through remote control, overlay attacks, and keylogging. It also relies on Android’s accessibility services to perform remote actions on the victim’s behalf.

A notable feature of Datzbro is the schematic remote control mode, which allows the malware to send information about all the elements displayed on the screen, their position, and content, so as to allow the operators to re-create the layout at their end and effectively commandeer the device.

The banking trojan can also serve as a semi-transparent black overlay with custom text so as to hide the malicious activity from a victim, as well as steal the device lock screen PIN and passwords associated with Alipay and WeChat. Furthermore, it scans accessibility event logs for package names related to banks or cryptocurrency wallets, and for text containing passwords, PINs, or other codes.

“Such a filter clearly shows the focus of the developers behind Datzbro, not only using its Spyware capabilities, but also turning it into a financial threat,” ThreatFabric said. “With the help of keylogging capabilities, Datzbro can successfully capture login credentials for mobile banking applications entered by unsuspecting victims.”

It’s believed that Datzbro is the work of a Chinese-speaking threat group, given the presence of Chinese debug and logging strings in the malware source code. The malicious apps have been found to be connected to a command-and-control (C2) backend that’s a Chinese-language desktop application, making it stand apart from other malware families that rely on web-based C2 panels.

ThreatFabric said a compiled version of the C2 app has been leaked to a public virus share, suggesting that the malware may have been leaked and is being distributed freely among cybercriminals.

“The discovery of Datzbro highlights the evolution of mobile threats targeting unsuspecting users through social engineering campaigns,” the company said. “By focusing on seniors, fraudsters exploit trust and community-oriented activities to lure victims into installing malware. What begins as a seemingly harmless event promotion on Facebook can escalate into device takeover, credential theft, and financial fraud.”

The disclosure comes as IBM X-Force detailed an AntiDot Android banking malware campaign codenamed PhantomCall that has targeted users of major financial institutions globally, spanning Spain, Italy, France, the U.S., Canada, the U.A.E., and India, using fake Google Chrome dropper apps that can get around Android 13’s controls that prevent sideloaded apps from exploiting accessibility APIs.

According to an analysis published by PRODAFT in June 2025, AntiDot is attributed to a financially motivated threat actor called LARVA-398 and is available to others under a Malware-as-a-Service (MaaS) model on underground forums.

The latest campaign is designed to make use of the CallScreeningService API to monitor incoming calls and selectively block them based on a dynamically generated list of phone numbers stored in the phone’s shared preferences, effectively allowing the attackers to prolong unauthorized access, complete fraudulent transactions, or delay detection.

“PhantomCall also enables attackers to initiate fraudulent activity by silently sending USSD codes to redirect calls, while abusing Android’s CallScreeningService to block legitimate incoming calls, effectively isolating victims and enabling impersonation,” security researcher Ruby Cohen said.

“These capabilities play a critical role in orchestrating high-impact financial fraud by cutting off victims from real communication channels and enabling attackers to act on their behalf without raising suspicion.”

A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London.

The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest such effort in the world, the Metropolitan Police said.

Zhimin Qian (aka Yadi Zhang), 47, pleaded guilty at Southwark Crown Court on Monday to offenses related to acquiring and possessing criminal property (i.e., cryptocurrency). She is expected to be sentenced at a later date.

The Met Police said the seizure was the result of a probe launched in 2018 after it received a tip-off about the transfer of criminal assets, with the agency accusing Zhang of orchestrating a large-scale fraud in China between 2014 and 2017 that defrauded more than 128,000 victims. According to Sky News, Zhang was arrested in April 2024.

The scheme essentially duping victims, mostly between 50 and 75 years old, into investing their funds with false promises of daily dividends and guaranteed profits, after which the proceeds are converted into Bitcoin.

“She then fled China using false documents and entered the U.K., where in September 2018 she attempted to launder the proceeds via purchasing property, with the assistance of an assailant, Jian Wen,” the agency noted.

Wen was also jailed for six years and eight months last May for her role in the operation, which involved facilitating the movement of a cryptocurrency wallet that contained 150 Bitcoin, then valued at £1.7 million ($2.28 million). Earlier this January, Wen was ordered to pay back more than £3.1 million ($4.16 million) or face extra time in jail.

Operation Contender 3.0 Targets Romance Scams and Sextortion in 14 African Countries

The development comes as INTERPOL said authorities in 14 African countries arrested 260 suspects and seized 1,235 electronic devices as part of a coordinated international operation dubbed Contender 3.0 that took place between July 28 and August 11, 2025, to tackle cyber-enabled crime.

Countries that participated in the activity included Angola, Benin, Burkina Faso, Cote d’Ivoire, Gambia, Ghana, Guinea, Kenya, Nigeria, Rwanda, Senegal, South Africa, Uganda, and Zambia.

“The crackdown targeted transnational criminal networks exploiting digital platforms, particularly social media, to manipulate victims and defraud them financially,” it said. “Specifically, the operation focused on romance scams, where perpetrators build online relationships to extract money from victims, and sextortion, in which victims are blackmailed with explicit images or videos.”

The illicit activities have claimed 1,463 victims, resulting in losses of $2.8 million. The arrests were carried out in Ghana, Senegal, Cote d’Ivoire, and Angola. The suspects were found to use fake profiles, forged identities, and stolen images to deceive victims and pull off the scams and, in some cases, trick individuals into sharing intimate images.

Alongside the arrests, USB drives, SIM cards, and forged documents used by the suspects to support their criminal activities were seized by officials. It also resulted in the dismantling of 81 cybercrime infrastructures across the continent.

Group-IB, which was one of the private sector entities to support the operation along with Trend Micro, said it provided intelligence on the perpetrators who targeted and interacted with victims of romance scams and digital sextortion. It also said it shared details regarding the payment data used by these criminals in their extortion attempts.

“Cybercrime units across Africa are reporting a sharp rise in digital-enabled crimes such as sextortion and romance scams,” Cyril Gout, acting executive director of Police Services at INTERPOL, said. “The growth of online platforms has opened new opportunities for criminal networks to exploit victims, causing both financial loss and psychological harm.”

Sep 30, 2025The Hacker NewsArtificial Intelligence / Data Protection

The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly into their platforms. Organizations are embracing AI-powered applications across every function, from marketing and development to finance and HR. This transformation unlocks innovation and efficiency, but it also introduces new risks. Enterprises must balance the promise of AI with the responsibility to protect their data, maintain compliance, and secure their expanding application supply chain.

The New Risk Landscape

With AI adoption comes a new set of challenges:

• AI Sprawl: Employees adopt AI tools independently, often without security oversight, creating blind spots and unmanaged risks.
• Supply Chain Vulnerabilities: interapplication integrations between AI tools and enterprise resources expand the attack surface and introduce dependencies and access paths enterprises can’t easily control.
• Data Exposure Risks: Sensitive information is increasingly shared with external AI services, raising concerns about leakage, misuse, or unintentional data retention.

This evolving risk landscape makes clear that AI security requires more than traditional defenses.

AI Demands a New Security Paradigm

AI is transforming the enterprise landscape at an unprecedented pace, bringing both opportunity and risk. As organizations adopt AI-powered applications across departments, the uncontrolled spread of these tools creates blind spots, increases supply chain vulnerabilities, and raises the likelihood of data exposure. Traditional defenses were not designed to handle the speed, scale, and complexity of this new reality, leaving enterprises exposed. To address these challenges, a new security paradigm is essential, one grounded in continuous discovery, real-time monitoring, adaptive risk assessment, and governance. This approach provides the visibility needed to understand AI usage, the controls to mitigate risk, and the resilience to secure the entire AI application supply chain in today’s fast-changing enterprise environment.

Securing the AI supply chain with Wing Security

Wing Security delivers the visibility and control needed to manage sprawl, mitigate threats, and secure the AI supply chain. By extending its proven SaaS Security Posture Management (SSPM) foundation to address the unique risks of AI adoption, its broad integrations and continuous discovery, Wing identifies every AI application in use across the enterprise. Advanced analytics over vendor data and audit logs provide real-time insights into application misuse, risks of data exposure, and which third-party dependencies expand the attack surface. Wing then applies adaptive risk assessments and governance controls to ensure safe, compliant usage. This approach enables enterprises to innovate confidently with AI while reducing exposure to supply chain attacks, breaches, and regulatory violations.

Seizing the benefits of AI without sacrificing control or security

Wing Security empowers organizations to capture AI’s full potential without compromising safety. With continuous discovery, Wing identifies both sanctioned and unsanctioned applications and AI tools, shining a light on hidden usage across the enterprise. Advanced analytics provide clear assessments of vendor security and data practices, while governance controls ensure responsible adoption. Real-time monitoring and adaptive risk management protect sensitive information, mitigate threats, and reduce exposure to breaches. By addressing the challenges of Shadow IT and Shadow AI head-on, Wing transforms security into a business enabler, giving enterprises visibility, control, and confidence to innovate at the speed of AI while staying secure and compliant.

For customers, this focus on AI security translates into real business value:

• Safe innovation: Employees can adopt AI tools with confidence.
• Reduced exposure: Lower risk of breaches, supply chain attacks, or accidental data leakage.
• Regulatory readiness: Stronger governance to meet compliance requirements.
• Enterprise trust: Strengthened relationships with customers, partners, and regulators.

With Wing, organizations gain complete visibility, actionable risk insights, and stronger governance over their AI supply chain. This transforms security from a blocker into an enabler, empowering enterprises to innovate at the pace of AI while staying secure, compliant, and in control.

Securing the Future Work Environment

The future of our work environment is being reshaped by the rapid adoption of AI-powered applications. While these tools unlock new levels of productivity and innovation, they also create blind spots, Shadow AI risks, and complex supply chain vulnerabilities. Wing Security empowers organizations to embrace this new reality with confidence, delivering complete visibility, real-time monitoring, adaptive risk assessment, and governance across the AI supply chain. By doing so, Wing Security enables enterprises to innovate safely, stay compliant, and build trust in the modern digital workplace.

Ready to see what’s hiding in your stack? See what Wing can show you.

Sep 30, 2025Ravie LakshmananVulnerability / Linux

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.

The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1. It was disclosed by Stratascale researcher Rich Mirch back in July 2025.

“Sudo contains an inclusion of functionality from an untrusted control sphere vulnerability,” CISA said. “This vulnerability could allow a local attacker to leverage sudo’s -R (–chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.”

It’s currently not known how the shortcoming is being exploited in real-world attacks, and who may be behind such efforts. Also added to the KEV catalog are four other flaws –

• CVE-2021-21311 – Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information. (Disclosed as exploited by Google Mandiant in May 2022 by a threat actor called UNC2903 to target AWS IMDS setups)
• CVE-2025-20352 – Cisco IOS and IOS XE contain a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. (Disclosed as exploited by Cisco last week)
• CVE-2025-10035 – Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability that allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection. (Disclosed as exploited by watchTowr Labs last week)
• CVE-2025-59689 – Libraesva Email Security Gateway (ESG) contains a command injection vulnerability that allows command injection via a compressed email attachment. (Disclosed as exploited by Libraesva last week)

In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies relying on the affected products are advised to apply the necessary mitigations by October 20, 2025, to secure their networks.