The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs.
It comes with a wide range of features, including fully encrypted communications, command execution, credential and screenshot managers, and a remote terminal, among others. An early iteration was publicly released by a GitHub user named “RalfHacker” (@HackerRalf on X) in August 2024, who describes themselves as a penetration tester, red team operator, and “MalDev” (short for malware developer).
In recent months, AdaptixC2 has been adopted by various hacking groups, including threat actors tied to the Fog and Akira ransomware operations, as well as by an initial access broker that has leveraged CountLoader in attacks that are designed to deliver various post-exploitation tools.
Palo Alto Networks Unit 42, which broke down the technical aspects of the framework last month, characterized it as a modular and versatile framework that can be used to “comprehensively control impacted machines,” and that it has been put to use as part of fake help desk support call scams via Microsoft Teams and through an artificial intelligence (AI)-generated PowerShell script.
While AdaptixC2 is offered as an ethical, open-source tool for red teaming activities, it’s also clear that it has attracted the attention of cybercriminals.
Cybersecurity company Silent Push said RalfHacker’s GitHub bio about them being a “MalDev” triggered an investigation, allowing them to find several email addresses for GitHub accounts linked to the account’s owner, in addition to a Telegram channel called RalfHackerChannel, where they re-shared messages posted on a dedicated channel for AdaptixC2. The RalfHackerChannel channel has more than 28,000 subscribers.
In a message on the AdaptixFramework channel in August 2024, they mentioned their interest in starting a project about a “public C2, which is very trendy right now” and hoped “it will be like Empire,” another popular post-exploitation and adversary emulation framework.
While it’s currently not known if RalfHacker has any direct involvement in malicious activity tied to AdaptixC2 or CountLoader at this stage, Silent Push said their “ties to Russia’s criminal underground, via the use of Telegram for marketing and the tool’s subsequent uptick in utilization by Russian threat actors, all raise significant red flags.”
The Hacker News has reached out to RalfHacker for comment, and we will update the story if we hear back.
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month.
The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services (RCS), an evolution of the SMS protocol, thereby preventing scams before they could even be sent.
In recent years, the company has adoptedvarious safeguards to combat phone call scams and automatically filter known spam using on-device artificial intelligence and move them automatically to the “spam & blocked” folder in the Google Messages app for Android.
Earlier this month, Google also globally rolled out safer links in Google Messages, warning users when they attempt to click on any URLs in a message flagged as spam and step them visiting the potentially harmful website, unless the message is marked as “not spam.”
Google said its analysis of user-submitted reports in August 2025 found employment fraud to be the most prevalent scam category, where individuals searching for work are lured with fake opportunities in order to steal their personal and financial information.
Another prominent category relates to financially-motivated scams that revolve around bogus unpaid bills, subscriptions, and fees, as well as fraudulent investment schemes. Also observed to a lesser extent are scams related to package deliveries, government agency impersonation, romance, and technical support scams.
In an interesting twist, Google said it has increasingly witnessed scam messages arrive in the form of a group chat with a number of potential victims, as opposed to sending them a direct message.
“This shift may have happened because group messages can feel less suspicious to recipients, particularly when a scammer includes a fellow scammer in the group to validate the initial message and make it appear to be a legitimate conversation,” Google said.
The company’s analysis also found that the malicious messages stick to a “distinct daily and weekly schedule,” with the activity commencing around 5 a.m. PT in the U.S., before peaking between 8 a.m. and 10 a.m. PT. The highest volume of fraudulent messages is typically sent on Mondays, coinciding with the start of the workday, when recipients are likely to be the busiest and less wary of incoming messages.
Some of the common aspects that tie these scams together are that they begin with a “Spray and Pray” approach by casting a wide net in hopes of reeling in a small fraction of victims by inducing a false sense of urgency through lures related to topical events, package delivery notifications, or toll charges.
The intention is to rush prospective targets into acting on the message without thinking too much, causing them to click on malicious links that are often shortened using URL shorteners to mask dangerous websites and ultimately steal their information.
Alternatively, scams can also embrace what’s called as “Bait and Wait,” which refers to a more calculated, personalised targeting method where the threat actor establishes rapport with a target over time before going for the kill. Scams like romance baiting (aka pig butchering) fall into this category.
Top three scam categories
“The scammer engages you in a longer conversation, pretending to be a recruiter or old friend,” Google explained. “They may even include personal details gathered from public websites like your name or job title, all designed to build trust. The tactics are more patient, aiming to maximize financial loss over time.”
Regardless of the high-pressure or slow-moving tactic employed, the end goal remains the same: to steal information or money from unsuspecting users, whose details, such as phone numbers, are often procured from dark web marketplaces that sell data stolen from security breaches.
The operation is also supported by suppliers that provide the necessary hardware for operating phone and SIM farms that are used to blast smishing messages at scale, Phishing-as-a-Service (PhaaS) kits that deliver a turnkey solution to harvest credentials and financial information and manage the campaigns, and third-party bulk messaging services to distribute the messages themselves.
“[The messaging services] are the distribution engine that connects the scammer’s infrastructure and target lists to the end victim, delivering the malicious links that lead to the PhaaS-hosted websites,” Google said.
The search behemoth also described the scam message landscape as highly volatile, where fraudsters seek to purchase SIM cards in bulk from markets that present the fewest obstacles.
“While it may appear that waves of scams are moving between countries, this constant churn doesn’t mean scammers are physically
relocating,” it added. “Once enforcement tightens in one area, they simply pivot to another, creating a perpetual cycle of shifting hotspots.”
“While it may appear that waves of scams are moving between countries, this constant churn doesn’t mean scammers are physically relocating,” it added. “Once enforcement tightens in one area, they simply pivot to another, creating a perpetual cycle of shifting hotspots.”
A severe vulnerability disclosed in Chromium’s Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds.
Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash.
“It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed,” Pino said in a technical breakdown of the shortcoming.
At its core, Brash stems from the lack of rate limiting on “document.title” API updates, which, in turn, allows for bombarding millions of [document object model] mutations per second, causing the web browser to crash, as well as degrade system performance as a result of devoting CPU resources to this process.
The attack plays out in three steps –
Hash generation or preparation phase, where the attacker preloads into memory 100 unique hexadecimal strings of 512 characters that act as a seed for the browser tab title changes per interval so as to maximize the impact of the attack
Burst injection phase, where bursts of three consecutive document.title updates are executed, injecting approximately 24 million updates per second in default configuration (burst: 8000, interval: 1ms)
UI thread saturation phase, where the continuous stream of updates saturates the browser’s main thread, causing it to go unresponsive and requiring forced termination
“A critical feature that amplifies Brash’s danger is its ability to be programmed to execute at specific moments,” Pino said. “An attacker can inject the code with a temporal trigger, remaining dormant until a predetermined exact time.”
“This kinetic timing capability transforms Brash from a disruption tool into a temporal precision weapon, where the attacker controls not only the ‘what’ and ‘where,’ but also the ‘when’ with millisecond accuracy.”
This also means that the attack can act like a logic bomb that’s configured to detonate at a specific time or after a certain amount of time has elapsed, all while evading initial inspection or detection. In a hypothetical attack scenario, all it would take is a click of a specially crafted URL to trigger the behavior, leading to unintended consequences.
The vulnerability works on Google Chrome and all web browsers that run on Chromium, which includes Microsoft Edge, Brave, Opera, Vivaldi, Arc Browser, Dia Browser, OpenAI ChatGPT Atlas, and Perplexity Comet. Mozilla Firefox and Apple Safari are immune to the attack, as are all third-party browsers on iOS, given that they are all based on WebKit.
The Hacker News has reached out to Google for further comment on the findings and its plans for a fix, and we will update the story if we hear back.
Security doesn’t fail at the point of breach. It fails at the point of impact.
That line set the tone for this year’s PicusBreach and Simulation (BAS) Summit, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It’s about proof.
When a new exploit drops, scanners scour the internet in minutes. Once attackers gain a foothold, lateral movement often follows just as fast. If your controls haven’t been tested against the exact techniques in play, you’re not defending, you’re hoping things don’t go seriously pear-shaped.
That’s why pressure builds long before an incident report is written. The same hour an exploit hits Twitter, a boardroom wants answers. As one speaker put it, “You can’t tell the board, ‘I’ll have an answer next week.’ We have hours, not days.”
BAS has outgrown its compliance roots and become the daily voltage test of cybersecurity, the current you run through your stack to see what actually holds.
This article isn’t a pitch or a walkthrough. It’s a recap of what came up on stage, in essence, how BAS has evolved from an annual checkbox activity to a simple and effective everyday way of proving that your defenses are actually working.
Security isn’t about design, it’s about reaction
For decades, security was treated like architecture: design, build, inspect, certify. A checklist approach built on plans and paperwork.
Attackers never agreed to that plan, however. They treat defense like physics, applying continuous pressure until something bends or breaks. They don’t care what the blueprint says; they care where the structure fails.
Pentests still matter, but they’re snapshots in motion.
BAS changed that equation. It doesn’t certify a design; it stress-tests the reaction. It runs safe, controlled adversarial behaviors in live environments to prove whether defenses actually respond as they should or not.
As Chris Dale, Principal Instructor at SANS, explains: The difference is mechanical: BAS measures reaction, not potential. It doesn’t ask, “Where are the vulnerabilities?” but “What happens when we hit them?”
Because ultimately, you don’t lose when a breach happens, you lose when the impact of that breach lands.
Real defense starts with knowing yourself
Before you emulate/simulate the enemy, you have to understand yourself. You can’t defend what you don’t see – the forgotten assets, the untagged accounts, the legacy script still running with domain admin rights.
Then assume a breach and work backward from the outcome you fear the most.
Take Akira, for instance, a ransomware chain that deletes backups, abuses PowerShell, and spreads through shared drives. Replay that behavior safely inside your environment, and you’ll learn, not guess, whether your defenses can break it midstream.
Two principles separated mature programs from the rest:
Outcome first: start from impact, not inventory.
Purple by default: BAS isn’t red-versus-blue theater; it’s how intel, engineering, and operations converge — simulate → observe → tune → re-simulate.
As John Sapp, CISO at Texas Mutual Insurance noted, “teams that make validation a weekly rhythm start seeing proof where they used to see assumptions.”
The real work of AI is curation, not creation
AI was everywhere this year, but the most valuable insight wasn’t about power, it was about restraint. Speed matters, but provenance matters more. Nobody wants an LLM model improvising payloads or making assumptions about attack behavior.
For now, at least, the most useful kind of AI isn’t the one that creates, it’s the one that organizes, taking messy, unstructured threat intelligence and turning it into something defenders can actually use.
AI now acts less like a single model and more like a relay of specialists, each with a specific job and a checkpoint in between:
Planner — defines what needs to be collected.
Researcher — verifies and enriches threat data.
Builder — structures the information into a safe emulation plan.
Validator — checks fidelity before anything runs.
Each agent reviews the last, keeping accuracy high and risk low.
One example summed it up perfectly:
“Give me the link to the Fin8 campaign, and I’ll show you the MITRE techniques it maps to in hours, not days.”
That’s no longer aspirational, it’s operational. What once took a week of manual cross-referencing, scripting, and validation now fits inside a single workday.
Headline → Emulation plan → Safe run. Not flashy, just faster. Again, hours, not days.
Proof from the field shows that BAS works
One of the most anticipated sessions of the event was a live showcase of BAS in real environments. It wasn’t theory, it was operational proof.
A healthcare team ran ransomware chains aligned with sector threat intel, measuring time-to-detect and time-to-respond, feeding missed detections back into SIEM and EDR rules until the chain broke early.
An insurance provider demonstrated weekend BAS pilots to verify whether endpoint quarantines actually triggered. Those runs exposed silent misconfigurations long before attackers could.
The takeaway was clear:
BAS is already part of daily security operations, not a lab experiment. When leadership asks, “Are we protected against this?” the answer now comes from evidence, not opinion.
Validation turns “patch everything” into “patch what matters”
One of the summit’s sharpest moments came when the familiar board question surfaced: “Do we need to patch everything?”
BAS-driven validation proved that patching everything isn’t just unrealistic; it’s unnecessary.
What matters is knowing which vulnerabilities are actually exploitable in your environment. By combining vulnerability data with live control performance, security teams can see where real risk concentrates, not where a scoring system says it should.
“You shouldn’t patch everything,” Volkan Ertürk, Picus Co-Founder & CTO said. “Leverage control validation to get a prioritized list of exposures and focus on what’s truly exploitable for you.”
A CVSS 9.8 shielded by validated prevention and detection may carry little danger, while a medium-severity flaw on an exposed system can open a live attack path.
That shift, from patching on assumption to patching on evidence, was one of the event’s defining moments. BAS doesn’t tell you what’s wrong everywhere; it tells you what can hurt you here, turning Continuous Threat Exposure Management (CTEM) from theory into strategy.
You don’t need a moonshot to start
Another key takeaway from Picus security architecture leaders Gürsel Arıcı and Autumn Stambaugh’s session was that BAS doesn’t require a grand rollout; it simply needs to get started.
Teams began without fuss or fanfare, proving value in weeks, not quarters.
Most picked one or two scopes, finance endpoints, or a production cluster, and mapped the controls protecting them.
Then they chose a realistic outcome, like data encryption, and built the smallest TTP chain that could make it happen.
Run it safely, see where prevention or detection fails, fix what matters, and run it again.
In practice, that loop accelerated fast.
By week three, AI-assisted workflows were already refreshing threat intel and regenerating safe actions. By week four, validated control data and vulnerability findings merged into exposure scorecards that executives could read at a glance.
The moment a team watched a simulated kill chain stop mid-run because of a rule shipped the day before, everything clicked, BAS stopped being a project and became part of their daily security practice.
BAS works as the verb inside CTEM
Gartner’s Continuous Threat Exposure Management (CTEM) model: “Assess, validate, mobilize” only works when validation is continuous, contextual, and tied to action.
This is where BAS lives now.
It’s not a standalone tool; it’s the engine that keeps CTEM honest, feeding exposure scores, guiding control engineering, and sustaining agility as both your tech stack and the threat surface shift.
The best teams run validation like a heartbeat. Every change, every patch, every new CVE triggers another pulse. That’s what continuous validation actually means.
The future lies in proof
Security used to run on belief. BAS replaces belief with proof, running electrical current through your defenses to see where the circuit fails.
AI brings speed. Automation brings scale. Validation brings truth. BAS isn’t how you talk about security anymore. It’s how you prove it.
Note:This article was expertly written and contributed by Sila Ozeren Hacioglu, Security Research Engineer at Picus Security.
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers’ machines.
The campaign has been codenamedPhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the first packages were uploaded to the repository. It has since ballooned to a total of 126 npm libraries, attracting more than 86,000 installs.
Some of the packages have also been flagged by the DevSecOps company DCODX –
op-cli-installer (486 Downloads)
unused-imports (1,350 Downloads)
badgekit-api-client (483 Downloads)
polyfill-corejs3 (475 Downloads)
eslint-comments (936 Downloads)
What makes the attack stand out is the attacker’s pattern of hiding the malicious code in dependencies by pointing to a custom HTTP URL, causing npm to fetch them from an untrusted website (in this case, “packages.storeartifact[.]com”) as opposed to npmjs[.]com each time a package is installed.
“And npmjs[.]com doesn’t follow those URLs,” security researcher Oren Yomtov laid out in a report shared with The Hacker News. “Security scanners don’t fetch them. Dependency analysis tools ignore them. To every automated security system, these packages show ‘0 Dependencies.’”
More worryingly, the fact that the URL is attacker-controlled means that it can be abused by the bad actor to tailor their payloads and serve any kind of malware, and make it more stealthy by initially serving completely harmless code before pushing a malicious version of the dependency after the package gains broader adoption.
The attack chain kicks off as soon as a developer installs one of the “benign” packages, which, in turn, leads to the retrieval of the remote dynamic dependency (RDD) from the external server. The malicious package comes with a pre-install hook that triggers the execution of the main payload.
The malware is designed to scan the developer environment for email addresses, gather information about the CI/CD environment, collect a system fingerprint, including the public IP address, and exfiltrate the results to a remote server.
Koi Security said the choice of the package names is not random, and that the threat actor has resorted to capitalizing on a phenomenon called slopsquatting – where large language models (LLMs) hallucinate non-existent yet plausible-sounding package names – in order to register those packages.
“PhantomRaven demonstrates how sophisticated attackers are getting [better] at exploiting blind spots in traditional security tooling,” Yomtov said. “Remote Dynamic Dependencies aren’t visible to static analysis. AI hallucinations create plausible-sounding package names that developers trust. And lifecycle scripts execute automatically, without any user interaction.”
The development once again illustrates how threat actors are finding novel ways to hide malicious code in open-source ecosystems and fly under the radar.
“The npm ecosystem allows easy publishing and low friction for packages,” DCODX said. “Lifecycle scripts (preinstall, install, postinstall) execute arbitrary code at install time, often without developer awareness.”
The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering.
This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s making headlines.
Hijack Loader expands its reach in Latin America
Phishing emails containing SVG file attachments targeting Colombian, Spanish-speaking individuals with themes relating to the Attorney General’s office of Colombia have been used to deliver PureHVNC RAT. “The emails entice the user to download an ‘official document’ from the judicial information system, which starts the infection chain of executing a Hijack Loader executable that leads to the PureHVNC Remote Access Trojan (RAT),” IBM X-Force said. The activity was observed between August and October 2025. The findings are notable because this is the first time Hijack Loader has been used in campaigns targeting the region, in addition to using the loader to distribute PureHVNC.
Insider sells U.S. cyber weapons to Russia for crypto
Peter Williams, 39, an Australian national, pleaded guilty in the U.S. in connection with selling his employer’s trade secrets to a Russian cyber-tools broker. Williams pleaded to two counts of theft of trade secrets stolen from U.S. defense contractor L3Harris Trenchant between 2022 and 2025. This included national-security-focused software that included at least eight sensitive and protected cyber-exploit components that were meant to be sold exclusively to the U.S. government and select allies. “Williams sold the trade secrets to a Russian cyber-tools broker that publicly advertises itself as a reseller of cyber exploits to various customers, including the Russian government,” the U.S. Department of Justice said. The defendant received payment in cryptocurrency from the sale of software exploits and used the illicit proceeds to buy luxury watches and other items. Charges against Williams came to light last week. While the name of the exploit broker was not disclosed, evidence points to Operation Zero, which has previously offered up to $4 million for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices. Operation Zero advertises itself as the “only Russian-based zero-day vulnerability purchase platform.” Earlier this August, another United Arab Emirates-based startup named Advanced Security Solutions also announced rewards of up to $20 million for hacking tools that could help governments break into any smartphone with a text message.
Spoofed calls drive global fraud epidemic
Europol has highlighted the urgent need for a coordinated, multi-faceted approach to mitigate cross-border caller ID spoofing. “Caller ID spoofing drives financial fraud and enables social engineering scams, resulting in substantial economic and societal damage, with an estimated EUR 850 million lost worldwide annually,” the agency said. “The primary attack vectors are phone calls and texts, which allow malicious actors to manipulate the information displayed on a user’s caller ID, to show a false name or number that appears legitimate and trustworthy.” The technique, which accounts for roughly 64% of reported fraud cases involving phone calls and text messages, underpins a wide range of online fraud schemes and social engineering scams, costing an estimated €850 million ($990 million) worldwide each year.
Chrome takes final step toward full HTTPS web
To improve the security of users, Google said it will change Chrome’s default settings to navigate only to websites that support HTTPS. “We will enable the ‘Always Use Secure Connections’ setting in its public-sites variant by default in October 2026, with the release of Chrome 154,” the tech giant said. “Prior to enabling it by default for all users, in Chrome 147, releasing in April 2026, we will enable Always Use Secure Connections in its public-sites variant for the over 1 billion users who have opted-in to Enhanced Safe Browsing protections in Chrome.” The “Always Use Secure Connections” setting was introduced in Chrome in 2022, as an opt-in feature, and was turned on by default in Chrome 141 for a small percentage of users.
U.S. energy grid faces massive internet exposure
A cybersecurity assessment of 21 U.S. energy providers has identified 39,986 hosts with a total of 58,862 services exposed to the internet, according to SixMap. Roughly 7% of all exposed services are running on non-standard ports, creating blind spots as traditional exposure management and attack surface management products typically inspect only the top 1,000 to top 5,000 ports. The research also found that, on average, each organization had 9% of its hosts in the IPv6 space, another area of potential risk, as these assets are not tracked by traditional exposure management tools. “A total of 2,253 IP addresses were in the IPv6 space. That means, in aggregate, about 6% of IP addresses were running on IPv6 across all 21 enterprises,” SixMap said. What’s more, a total of 5,756 vulnerable services with CVEs were identified across all exposures. “Of the 5,756 CVEs that SixMap identified, 377 have been exploited in the wild,” it added. “Among those 377 CVEs known to be exploited, 21 are in vulnerable services running on non-standard ports, which indicates a very serious level of risk.”
Free decryption tool breaks Midnight ransomware
Avast has released a free decryptor to allow victims of the Midnight ransomware to recover their files for free. Midnight ransomware typically appends the .Midnight or .endpoint extension to encrypted files. The ransomware is assessed to be based on an older version of the Babuk ransomware. Avast says “novel cryptographic modifications” made to the Babuk codebase introduced weaknesses that made decryption possible.
Cloud Atlas revives old exploits to hit Russian farms
The threat actor known as Cloud Atlas has been observed targeting Russia’s agricultural sector using lures tied to an upcoming industry forum. The phishing campaign, detected this month, involves sending emails containing booby-trapped Microsoft Word documents that, when opened, trigger an exploit for CVE-2017-11882 in order to deliver a dropper that’s responsible for launching the VBShower backdoor. It’s worth noting that the hacking group weaponized the same flaw way back in 2023. Cloud Atlas is assessed to be a highly adaptable threat actor active since at least 2014, while also increasing its operational tempo in 2025, particularly against targets in Russia and Belarus. Earlier this January, Positive Technologies detailed Cloud Atlas’ use of cloud services like Google Sheets as command-and-control (C2) for VBShower and another PowerShell-based backdoor named PowerShower. In recent months, Russian organizations have also been targeted by GOFFEE (aka Paper Werewolf) and PhantomCore, with the latter also dropping a new Go backdoor dubbed PhantomGoShell via phishing emails that shares some similarities with PhantomRAT and PhantomRShell. Some of the other tools in the threat actor’s arsenal are PhantomTaskShell (a PowerShell backdoor), PhantomStealer (a Go-based stealer), and PhantomProxyLite (a tool that sets up an SSH tunnel between the host and the C2 server). The group is said to have managed to take control of 181 systems in the country during the course of the campaign between mid-May and late July 2025. Positive Technologies assessed that PhantomGoShell is the work of Russian-speaking members of gaming Discord communities who may have “received the backdoor source code and guidance from a member with a more established cybercriminal background” and that the group is a low-skilled offshoot of PhantomCore.
Critical BIND9 flaw leaves thousands of DNS servers exposed
As many as 5,912 instances have been found vulnerable to CVE-2025-40778 (CVSS score: 8.6), a newly disclosed flaw in the BIND 9 resolver. “An off-path attacker could inject forged address data into the resolver cache by racing or spoofing responses,” Censys said. “This cache poisoning enables the redirection of downstream clients to attacker-controlled infrastructure without triggering fresh lookups.” A proof-of-concept (PoC) exploit for the vulnerability has been publicly made available. It’s advised to update to BIND 9 versions 9.18.41, 9.20.15, and 9.21.14, restrict recursion to trusted clients, enable DNSSEC validation, and monitor caches.
Rust malware hides dual personalities in plain sight
Researchers from Synacktiv have demonstrated that it’s possible to create a “Two-Face” Rust binary on Linux, which “runs a harmless program most of the time, but will run a different, hidden code if deployed on a specific target host.” At a high level, the schizophrenic binary follows a four-step process: (1) Extract disk partition UUIDs from the host, that uniquely identifies the target, (2) Derive a key embedded in the binary with the previous host data using HKDF, producing a new key, (3) Decrypt the “hidden” encrypted embedded binary data, from the derived key, and (4) If decryption succeeds, run the decrypted “hidden” program, else run the “normal” program.
Attackers cloak phishing emails with invisible text
Threat actors are leveraging an unusual technique that exploits invisible characters embedded within email subject lines to evade automated security filters. This attack method utilizes MIME encoding combined with Unicode soft hyphens to disguise malicious intent while appearing benign to human readers. The technique represents another evolution in phishing attacks, with bad actors finding novel ways to sidestep email filtering mechanisms that rely on keyword detection and pattern matching.
The CERT Coordination Center (CERT/CC) has disclosed that email message header syntax can be exploited to bypass authentication protocols such as SPF, DKIM, and DMARC, allowing attackers to deliver spoofed emails that appear to originate from trusted sources. Specifically, this involves abusing From: and Sender: fields to impersonate an email address for malicious purposes. “Using specialized syntax, an attacker can insert multiple addresses in the mail header From: field,” CERT/CC said. “Many email clients will parse the From: field to only display the last email address, so a recipient will not know that the email is supposedly from multiple addresses. In this way, an attacker can pretend to be someone familiar to the user.” To mitigate the threat, email service providers are urged to implement measures to ensure that authenticated outgoing email headers are properly verified before signing or relaying messages.
Myanmar blows up major cyber scam stronghold
Authorities from Myanmar said they have demolished parts of KK Park by explosions, weeks after the country’s army raided in mid-October 2025 what has been described as a major hub for cybercrime operations. Thailand said it has set up temporary shelters for those who have fled Myanmar. Group-IB, which has observed a surge in investment scams conducted through online platforms in Vietnam, said threat actors are making use of fake companies, mule accounts, and even stolen identity documents purchased from underground markets to receive and move victim funds, allowing them to bypass weak Know Your Customer (KYC) or Know Your Business (KYB) controls. The scam operations often comprise different teams with clearly defined roles and responsibilities: (1) Target intelligence, who identify and profile potential victims, (2) Promoters, who create convincing personas on social media and entice victims into making investments on bogus platforms, in some cases using a chat generator tool to create fabricated conversations, (3) Backend operators, who are in charge of maintaining the infrastructure, and (4) Payment handlers, who launder the proceeds of the crime. “There is a growing trend in investment scams to use chatbots to screen targets and guide deposits or withdrawals,” the cybersecurity company said. “Scam platforms often include chat simulators to stage fake conversations and admin panels for backend control, providing insight into how operators manage victims and infrastructure.”
Privacy watchdog targets Clearview AI over ignored fines
Austrian privacy group noyb has filed a criminal complaint against facial recognition company Clearview AI and its management, accusing the controversial facial recognition company of ignoring GDPR fines in France, Greece, Italy, and the Netherlands, and continuing to operate despite facing bans. In 2022, Austria found that Clearview AI’s practices violated GDPR, but neither fined the company nor directed the firm to no longer process the data. Clearview has faced scrutiny for scraping billions of photos of E.U. citizens without their permission and using the data for a facial recognition product sold to law enforcement agencies. “Clearview AI amassed a global database of photos and biometric data, which makes it possible to identify people within seconds,” nob’s Max Schrems said. “Such power is extremely concerning and undermines the idea of a free society, where surveillance is the exception instead of the rule.”
Cheap, modular Atroposia RAT floods cybercrime market
A new stealthy RAT called Atroposia has been advertised in the wild with hidden remote desktop takeover; clipboard, credential, and cryptocurrency wallet theft; DNS hijacking; and local vulnerability scanning capabilities, the latest addition to an already long list of “plug-and-play” criminal toolkits available for low-skilled threat actors. The modular malware is priced at roughly $200 per month, $500 every three months, or $900 for six months. “Its control panel and plugin builder make the tool surprisingly easy to operate, lowering the skill required to run complex attacks,” Varonis said. “Atroposia’s affordability and user-friendly interface make it accessible even to low- and no-skill attackers.” The emergence of Atroposia continues the commodification of cybercrime, arming threat actors with an all-in-one tool to facilitate a wide spectrum of malicious actions against enterprise environments.
NetSupport RAT spreads via deceptive ClickFix lures
Threat actors are continuing to leverage ClickFix-style social engineering lures to distribute loaders for NetSupport RAT, ultimately leading to the deployment of the trojan. “NetSupport Manager is a legitimate RMM that continues to see usage by threat actors for unauthorized/full remote control of compromised machines and is primarily distributed via the ClickFix initial access vector,” eSentire said. The development coincides with a spike in phishing campaigns distributing fileless versions of Remcos RAT. “Remcos is advertised as legitimate software that can be used for surveillance and penetration testing purposes, but has been used in numerous hacking campaigns,” CyberProof said. “Once installed, Remcos opens a backdoor on the device/computer, granting full access to the remote user.”
LinkedIn to use member data for AI training next week
Users of LinkedIn, take note. The Microsoft-owned professional social media network previously announced changes to its data use terms several weeks ago, noting that starting next week, it would start using data from “members in the E.U., E.E.A., Switzerland, Canada, and Hong Kong” to train artificial intelligence (AI) models. “On November 3, 2025, we’ll start to use some data from members in these regions to train content-generating AI models that enhance your experience and better connect our members to opportunities,” the company said. “This may include data like details from your profile, and public content you post on LinkedIn; it does not include your private messages.”
U.S. holds off on joining global cybercrime treaty
While more than 70 countries formally signed a U.N. treaty on cybercrime to collaborate and tackle cybercrime, the U.S. has been a notable exception. According to The Record, the State Department said the U.S. continues to review the treaty but has yet to sign it.
Ransom payouts crater; attackers sharpen aim
The average ransom payment during the third quarter of 2025 was $376,941, a 66% decline from Q2 2025. The media ransom payment stood at $140,000, which is a 65% drop from the previous quarter. Ransom payment rates across encryption, data exfiltration, and other extortion fell to a historical low of 23% in Q3 2025, down from a high of 85% in Q1 2019. This indicates that large enterprises are increasingly refusing to pay up, forcing “ransomware actors to be less opportunistic and more creative and targeted when choosing their victims,” Coveware said, adding “shrinking profits are driving greater precision. Initial ingress costs for the actors will increase dramatically, which forces them to target large enterprises that can pay a large ransom.” Akira, Qilin, Lynx, ShinyHunters, and KAWA4096 emerged as some of the most prevalent ransomware variants during the time period.
Fake energy sites harvest credentials
Major U.S. energy companies are being impersonated in phishing attacks, with threat actors setting up fake domains masquerading as Chevron, ConocoPhillips, PBF Energy, and Phillips 66. Hunt.io said it logged more than 1,465 phishing detections linked to this sector over the past 12 months. “Attackers relied on cheap cloning tools [like HTTrack] to stand up hundreds of lookalike sites, many of which stayed online for months without vendor detections,” the company said.
Supply-chain trojan hits Hong Kong finance
The threat actor tracked by QiAnXin under the moniker UTG-Q-010 has targeted Hong Kong’s financial system and high-value investors on the mainland through supply chain attacks that are designed to “steal large sums of money or manipulate the market to reap huge profits.” The supply chain attacks entail the distribution of trojanized installation packages via the official websites of Hong Kong-based financial institutions Jinrong China (“jrjr[.]hk”) and Wanzhou Gold (“wzg[.]com”) that lead to the deployment of AdaptixC2, a free and open-source C2 framework.
Cyber threats are evolving faster than most defenses can adapt, and the line between criminal enterprise and nation-state tactics keeps blurring. Staying ahead now means staying aware — of every small shift in tools, tradecraft, and targeting. Until next ThreatsDay, stay sharp and stay curious.
Oct 29, 2025Ravie LakshmananMachine Learning / AI Safety
Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks.
In the attack devised by AI security company SPLX, a bad actor can set up websites that serve different content to browsers and AI crawlers run by ChatGPT and Perplexity. The technique has been codenamed AI-targeted cloaking.
The approach is a variation of search engine cloaking, which refers to the practice of presenting one version of a web page to users and a different version to search engine crawlers with the end goal of manipulating search rankings.
The only difference in this case is that attackers optimize for AI crawlers from various providers by means of a trivial user agent check that leads to content delivery manipulation.
“Because these systems rely on direct retrieval, whatever content is served to them becomes ground truth in AI Overviews, summaries, or autonomous reasoning,” security researchers Ivan Vlahov and Bastien Eymery said. “That means a single conditional rule, ‘if user agent = ChatGPT, serve this page instead,’ can shape what millions of users see as authoritative output.”
SPLX said AI-targeted cloaking, while deceptively simple, can also be turned into a powerful misinformation weapon, undermining trust in AI tools. By instructing AI crawlers to load something else instead of the actual content, it can also introduce bias and influence the outcome of systems leaning on such signals.
“AI crawlers can be deceived just as easily as early search engines, but with far greater downstream impact,” the company said. “As SEO [search engine optimization] increasingly incorporates AIO [artificial intelligence optimization], it manipulates reality.”
The disclosure comes as an analysis of browser agents against 20 of the most common abuse scenarios, ranging from multi-accounting to card testing and support impersonation, discovered that the products attempted nearly every malicious request without the need for any jailbreaking, the hCaptcha Threat Analysis Group (hTAG) said.
Furthermore, the study found that in scenarios where an action was “blocked,” it mostly came down due to the tool missing a technical capability rather than due to safeguards built into them. ChatGPT Atlas, hTAG noted, has been found to carry out risky tasks when they are framed as part of debugging exercises.
Claude Computer Use and Gemini Computer Use, on the other hand, have been identified as capable of executing dangerous account operations like password resets without any constraints, with the latter also demonstrating aggressive behavior when it comes to brute-forcing coupons on e-commerce sites.
hTAG also tested the safety measures of Manus AI, uncovering that it executes account takeovers and session hijacking without any issue, while Perplexity Comet runs unprompted SQL injection to exfiltrate hidden data.
“Agents often went above and beyond, attempting SQL injection without a user request, injecting JavaScript on-page to attempt to circumvent paywalls, and more,” it said. “The near-total lack of safeguards we observed makes it very likely that these same agents will also be rapidly used by attackers against any legitimate users who happen to download them.”
Oct 29, 2025Ravie LakshmananVulnerability / Internet of Things
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi.
“These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over exposed systems and expand botnet networks,” the Qualys Threat Research Unit (TRU) said in a report shared with The Hacker News.
The cybersecurity company said PHP servers have emerged as the most prominent targets of these attacks owing to the widespread use of content management systems like WordPress and Craft CMS. This, in turn, creates a large attack surface as many PHP deployments can suffer from misconfigurations, outdated plugins and themes, and insecure file storage.
Some of the prominent weaknesses in PHP frameworks that have been exploited by threat actors are listed below –
CVE-2017-9841 – A Remote code execution vulnerability in PHPUnit
CVE-2021-3129 – A Remote code execution vulnerability in Laravel
CVE-2022-47945 – A Remote code execution vulnerability in ThinkPHP Framework
Qualys said it has also observed exploitation efforts that involve the use of “/?XDEBUG_SESSION_START=phpstorm” query string in HTTP GET requests to initiate an Xdebug debugging session with an integrated development environment (IDE) like PhpStorm.
“If Xdebug is unintentionally left active in production environments, attackers may use these sessions to gain insight into application behavior or extract sensitive data,” the company said.
Alternatively, threat actors are continuing to look for credentials, API keys, and access tokens in internet-exposed servers to take control of susceptible systems, as well as leverage known security flaws in IoT devices to co-opt them into a botnet. These include –
CVE-2022-22947 – A Remote code execution vulnerability in Spring Cloud Gateway
CVE-2024-3721 – A Command injection vulnerability in TBK DVR-4104 and DVR-4216
A Misconfiguration in MVPower TV-7104HE DVR that allows unauthenticated users to execute arbitrary system commands via an HTTP GET request
The scanning activity, Qualys added, often originates from cloud infrastructures like Amazon Web Services (AWS), Google Cloud, Microsoft Azure, Digital Ocean, and Akamai Cloud, illustrating how threat actors are abusing legitimate services to their advantage while obscuring their true origins.
“Today’s threat actors don’t need to be highly sophisticated to be effective,” it noted. “With widely available exploit kits, botnet frameworks, and scanning tools, even entry-level attackers can cause significant damage.”
To safeguard against the threat, it’s advised that users keep their devices up-to-date, remove development and debug tools in production environments, secure secrets using AWS Secrets Manager or HashiCorp Vault, and restrict public access to cloud infrastructure.
“While botnets have previously been associated with large-scale DDoS attacks and occasional crypto mining scams, in the age of identity security threats, we see them taking on a new role in the threat ecosystem,” James Maude, field CTO at BeyondTrust, said.
“Having access to a vast network of routers and their IP addresses can allow threat actors to perform credential stuffing and password spray attacks a huge scale. Botnets can also evade geolocation controls by stealing a user’s credentials or hijacking a browser session and then using a botnet node close to the victim’s actual location and maybe even using the same ISP as the victim to evade unusual login detections or access policies.”
The disclosure comes as NETSCOUT classified the DDoS-for-hire botnet known as AISURU as a new class of malware dubbed TurboMirai that can launch DDoS attacks that exceed 20 terabits per second (Tbps). The botnet primarily comprises consumer-grade broadband access routers, online CCTV and DVR systems, and other customer premise equipment (CPE).
“These botnets incorporate additional dedicated DDoS attack capabilities and multi-use functions, enabling both DDoS attacks and other illicit activities such as credential stuffing, artificial intelligence (AI)-driven web scraping, spamming, and phishing,” the company said.
“AISURU includes an onboard residential proxy service used to reflect HTTPS application-layer DDoS attacks generated by external attack harnesses.”
Turning compromised devices into a residential proxy allows paying customers to route their traffic through one of the nodes in the botnet, offering anonymity and the ability to blend in with regular network activity. According to independent security journalist Brian Krebs, all of the major proxy services have grown exponentially over the past six months, citing data from spur.us.
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks.
The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government entity in the country for a week.
The attacks mainly leveraged living-off-the-land (LotL) tactics and dual-use tools, coupled with minimal malware, to reduce digital footprints and stay undetected for extended periods of time.
“The attackers gained access to the business services organization by deploying web shells on public-facing servers, most likely by exploiting one or more unpatched vulnerabilities,” the Broadcom-owned cybersecurity teams said in a report shared with The Hacker News.
One of the web shells used in the attack was Localolive, which was previously flagged by Microsoft as put to use by a sub-group of the Russia-linked Sandworm crew as part of a multi-year campaign codenamed BadPilot. LocalOlive is designed to facilitate the delivery of next-stage payloads like Chisel, plink, and rsockstun. It has been utilized since at least late 2021.
Early signs of malicious activity targeting the business services organization date back to June 27, 2025, with the attackers leveraging the foothold to drop a web shell and use it to conduct reconnaissance. The threat actors have also been found to run PowerShell commands to exclude the machine’s Downloads from Microsoft Defender Antivirus scans, as well as set up a scheduled task to perform a memory dump every 30 minutes.
Over the next couple of weeks, the attackers carried out a variety of actions, including –
Save a copy of the registry hive to a file named 1.log
Dropping more web shells
Using the web shell to enumerate all files in the user directory
Running a command to list all running processes beginning with “kee,” likely with the goal of targeting the KeePass password storage vault
Listing all active user sessions on a second machine
Running executables named “service.exe” and “cloud.exe” located in the Downloads folder
Running reconnaissance commands on a third machine and performing a memory dump using the Microsoft Windows Resource Leak Diagnostic tool (RDRLeakDiag)
Modifying the registry permits RDP connections to allow inbound RDP connections
Running a PowerShell command to retrieve information about the Windows configuration on a fourth machine
Running RDPclip to gain access to the clipboard in remote desktop connections
Installing OpenSSH to facilitate remote access to the computer
Running a PowerShell command to allow TCP traffic on port 22 for the OpenSSH server
Creating a scheduled task to run an unknown PowerShell backdoor (link.ps1) every 30 minutes using a domain account
Running an unknown Python script
Deploying a legitimate MikroTik router management application (“winbox64.exe“) in the Downloads folder
Interestingly, the presence of “winbox64.exe” was also documented by CERT-UA in April 2024 in connection with a Sandworm campaign aimed at energy, water, and heating suppliers in Ukraine.
Symantec and Carbon Black said it could not find any evidence in the intrusions to connect it to Sandworm, but said it “did appear to be Russian in origin.” The cybersecurity company also revealed that the attacks were characterized by the deployment of several PowerShell backdoors and suspicious executables that are likely to be malware. However, none of these artifacts have been obtained for analysis.
“While the attackers used a limited amount of malware during the intrusion, much of the malicious activity that took place involved legitimate tools, either Living-off-the-Land or dual-use software introduced by the attackers,” Symantec and Carbon Black said.
“The attackers demonstrated an in-depth knowledge of Windows native tools and showed how a skilled attacker can advance an attack and steal sensitive information, such as credentials, while leaving a minimal footprint on the targeted network.”
The disclosure comes as Gen Threat Labs detailed Gamaredon‘s exploitation of a now-patched security flaw in WinRAR (CVE-2025-8088, CVSS score: 8.8) to strike Ukrainian government agencies.
“Attackers are abusing #CVE-2025-8088 (WinRAR path traversal) to deliver RAR archives that silently drop HTA malware into the Startup folder – no user interaction needed beyond opening the benign PDF inside,” the company said in a post on X. “These lures are crafted to trick victims into opening weaponized archives, continuing a pattern of aggressive targeting seen in previous campaigns.”
The findings also follow a report from Recorded Future, which found that the Russian cybercriminal ecosystem is being actively shaped by international law enforcement campaigns such as Operation Endgame, shifting the Russian government’s ties with e-crime groups from passive tolerance to active management.
Further analysis of leaked chats has uncovered that senior figures within these threat groups often maintain relationships with Russian intelligence services, providing data, performing tasking, or leveraging bribery and political connections for impunity. At the same time, cybercriminal crews are decentralizing operations to sidestep Western and domestic surveillance.
While it’s been long known that Russian cybercriminals could operate freely as long as they do not target businesses or entities operating in the region, Kremlin appears to be now taking a more nuanced approach where they recruit or co-opt talent when necessary, turn a blind eye when attacks align with their interests, and selectively enforce laws when the threat actors become “politically inconvenient or externally embarrassing.”
Viewed in that the “dark covenant” is a combination of several things: a commercial enterprise, tool of influence and information acquisition, and also a liability when it threatens domestic stability or because of Western pressure.
“The Russian cybercriminal underground is fracturing under the dual pressures of state control and internal mistrust, while proprietary forum monitoring and ransomware affiliate chatter show increasing paranoia among operators,” the company noted in its third instalment of the Dark Covenant report.
BeyondTrust’s annual cybersecurity predictions point to a year where old defenses will fail quietly, and new attack vectors will surge.
Introduction
The next major breach won’t be a phished password. It will be the result of a massive, unmanaged identity debt. This debt takes many forms: it’s the “ghost” identity from a 2015 breach lurking in your IAM, the privilege sprawl from thousands of new AI agents bloating your attack surface, or the automated account poisoning that exploits weak identity verification in financial systems. All of these vectors—physical, digital, new, and old—are converging on one single point of failure: identity.
Based on analysis from BeyondTrust’s cybersecurity experts, here are three critical identity-based threats that will define the coming year:
1. Agentic AI Emerges as the Ultimate Attack Vector
By 2026, agentic AI will be connected to nearly every technology we operate, effectively becoming the new middleware for most organizations. The problem is that this integration is driven by a speed-to-market push that leaves cybersecurity as an afterthought.
This rush is creating a massive new attack surface built on a classic vulnerability: the confused deputy problem.
A “deputy” is any program with legitimate privileges. The “confused deputy problem” occurs when a low-privilege entity—like a user, account, or another application—tricks that deputy into misusing its power to gain high privileges. The deputy, lacking the context to see the malicious intent, executes the command or shares results beyond its original design or intentions.
Now, apply this to AI. An agentic AI tool may be granted least privilege access to read a user’s email, access a CI/CD pipeline, or query a production database. If that AI, acting as a trusted deputy, is “confused” by a cleverly crafted prompt from another resource, it can be manipulated into exfiltrating sensitive data, deploying malicious code, or escalating higher privileges on the user’s behalf. The AI is executing tasks it has permission for, but on behalf of an attacker who does not, and can elevate privileges based on the attack vector.
Defender Tip:
This threat requires treating AI agents as potentially privileged machine identities. Security teams must enforce strict least privilege, ensuring AI tools only have the absolute minimum permissions necessary for specific tasks. This includes implementing context-aware access controls, command filtering, and real-time auditing to prevent these trusted agents from becoming malicious actors by proxy.
2. Account Poisoning: The Next Evolution of Financial Fraud
In the coming year, expect a significant rise in “account poisoning”, where threat actors find new ways to insert fraudulent billers and payees into consumer and business financial accounts at scale.
This “poison” is driven by automation that allows for the creation of payees and billers, the requesting of funds, and linking to other online payment processing sources. This attack vector is particularly dangerous because it exploits weaknesses in online financial systems, leverages poor secrets management to attack in bulk, and uses automation to obfuscate the transactions.
Defender Tip:
Security teams must move beyond flagging individual account takeovers and focus on high-velocity, automated changes to payee and biller information. The key is implementing tighter diligence and identity confidence checks for any automated process that requests to modify these financial fields.
3. Ghosts in Your IAM: Historic Identity Compromises Catch Up
Many organizations are finally modernizing their identity and access management (IAM) programs, adopting new tools, like graph-based analytics, to map their complex identity landscapes. In 2026, these efforts will uncover skeletons in the closet: “ghost” identities from long-past solutions and breaches that were never detected.
These “backdated breaches” will reveal rogue accounts—some years old—that remain in active use. Because these compromises are older than most security logs, it may be impossible for teams to determine the full extent of the original breach.
Defender Tip:
This prediction underscores the long-standing failure of basic joiner-mover-leaver (JML) processes. The immediate takeaway is to prioritize identity governance and use modern identity graphing tools to find and eliminate these dormant, high-risk accounts before they are rediscovered by attackers.
Other Trends on the Radar
The Death of the VPN
For years, the VPN was the workhorse of remote access, but in modern remote access, VPN is a critical vulnerability waiting to be exploited. Threat actors have mastered VPN exploitation techniques, using credential harvesting and compromised appliances for persistent access. Using traditional VPNs for privileged access presents a risk that organizations can no longer afford.
The Rise of AI Veganism
As a cultural counterforce, 2026 will witness the rise of “AI veganism”, where employees or customers abstain from using artificial intelligence on principle. This movement, driven by ethical concerns over data sourcing, algorithmic bias, and environmental costs, will challenge the assumption that AI adoption is inevitable. Companies will have to navigate this resistance by offering transparent governance, human-first alternatives, and clear opt-outs. However, when it comes to cybersecurity, opting out of AI-driven defenses may be less of an option and could even shift liability back to the user.
An Identity-First Security Posture is Non-Negotiable
The common thread through these 2026 predictions is identity. The new AI attack surface is an identity-privilege problem, account poisoning is an identity verification problem, while backdated breaches are an identity lifecycle problem. As the perimeter widens, organizations must adopt an identity-first security posture by applying principles of least privilege and zero trust to every human and non-human identity.
Want to get a deeper look at all of BeyondTrust’s 2026 cybersecurity predictions? Read the full report here.
Note:This article was written and contributed by Morey J. Haber, Chief Security Advisor; Christopher Hills, Chief Security Strategist; and James Maude, Field Chief Technology Officer at BeyondTrust.
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
