Tag: Cyber Security

Aug 18, 2025Ravie LakshmananVulnerability / Cloud Security

Cybersecurity researchers have lifted the lid on the threat actors’ exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks.

The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) that was addressed by Microsoft in April 2025, Kaspersky and BI.ZONE said in a joint report published today.

PipeMagic was first documented in 2022 as part of RansomExx ransomware attacks targeting industrial companies in Southeast Asia, capable of acting as a full-fledged backdoor providing remote access and executing a wide range of commands on compromised hosts.

In those attacks, the threat actors have been found to exploit CVE-2017-0144, a remote code execution flaw in Windows SMB, to infiltrate victim infrastructure. Subsequent infection chains observed in October 2024 in Saudi Arabia were spotted leveraging a fake OpenAI ChatGPT app as bait to deliver the malware.

Earlier this April, Microsoft attributed the exploitation of CVE-2025-29824 and the deployment of PipeMagic to a threat actor it tracks as Storm-2460.

“One unique feature of PipeMagic is that it generates a random 16-byte array used to create a named pipe formatted as: \.pipe1.<hex string>,” researchers Sergey Lozhkin, Leonid Bezvershenko, Kirill Korchemny, and Ilya Savelyev said. “After that, a thread is launched that continuously creates this pipe, attempts to read data from it, and then destroys it. This communication method is necessary for the backdoor to transmit encrypted payloads and notifications.”

PipeMagic is a plugin-based modular malware that uses a domain hosted on the Microsoft Azure cloud provider to stage the additional components, with 2025 attacks aimed at Saudi Arabia and Brazil relying on a Microsoft Help Index file (“metafile.mshi”) as a loader. The loader, in turn, unpacks C# code that decrypts and executes embedded shellcode.

“The injected shellcode is executable code for 32-bit Windows systems,” the researchers said. “It loads an unencrypted executable embedded inside the shellcode itself.”

Kaspersky said it also uncovered PipeMagic loader artifacts masquerading as a ChatGPT client in 2025 that are similar to those previously seen in October 2024. The samples have been observed leveraging DLL hijacking techniques to run a malicious DLL that mimics a Google Chrome update file (“googleupdate.dll”).

Irrespective of the loading method used, it all leads to the deployment of the PipeMagic backdoor that supports various modules –

• Asynchronous communication module that supports five commands to terminate the plugin, read/write files, terminate a file operation, or terminate all file operations
• Loader module to inject additional payloads into memory and execute them
• Injector module to launch a C# executable

“The repeated detection of PipeMagic in attacks on organizations in Saudi Arabia and its appearance in Brazil indicate that the malware remains active and that the attackers continue to develop its functionality,” the researchers said.

“The versions detected in 2025 show improvements over the 2024 version, aimed at persisting in victim systems and moving laterally within internal networks. In the 2025 attacks, the attackers used the ProcDump tool, renamed to dllhost.exe, to extract memory from the LSASS process.”

Aug 18, 2025Ravie LakshmananCybersecurity / Hacking News

Power doesn’t just disappear in one big breach. It slips away in the small stuff—a patch that’s missed, a setting that’s wrong, a system no one is watching. Security usually doesn’t fail all at once; it breaks slowly, then suddenly. Staying safe isn’t about knowing everything—it’s about acting fast and clear before problems pile up. Clarity keeps control. Hesitation creates risk.

Here are this week’s signals—each one pointing to where action matters most.

⚡ Threat of the Week

Ghost Tap NFC-Based Mobile Fraud Takes Off — A new Android trojan called PhantomCard has become the latest malware to abuse near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. In these attacks, users who end up installing the malicious apps are instructed to place their credit/debit card on the back of the phone to begin the verification process, only for the card data to be sent to an attacker-controlled NFC relay server. The stolen card details are passed on to money mules who link the information to contactless payment systems like Apple Pay or Google Pay in person to obtain physical goods.

• Two N-able N-central Flaws Exploited in the Wild — Two security flaws impacting N-able N-central have come under active exploitation in the wild. The flaws, CVE-2025-8875 and CVE-2025-8876, allow command execution and command injection, respectively. The issues have been addressed in N-central versions 2025.3.1 and 2024.6 HF2 released on August 13, 2025. N-able is also urging customers to make sure that multi-factor authentication (MFA) is enabled, particularly for admin accounts.
• New ‘Curly COMrades’ APT Targets Georgia and Moldova — A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks. The activity, tracked by the Romanian cybersecurity company since mid-2024, has singled out judicial and government bodies in Georgia, as well as an energy distribution company in Moldova. Curly COMrades are assessed to be operating with goals that are aligned with Russia’s geopolitical strategy. It gets its name from the heavy reliance on the curl utility for command-and-control (C2) and data transfer, and the hijacking of the component object model (COM) objects. Persistent access to the infected endpoints is accomplished by means of a bespoke backdoor called MucorAgent.
• XZ Utils Backdoor Found in Dozens of Docker Hub Images — Several Docker images built around the time of the XZ Utils compromise contain the backdoor, some of which are still available via the container image library Docker Hub. Binary said it identified 35 Debian images on Docker Hub that embedded the backdoor. That includes 12 Docker images and 23 second-order images. The main takeaway is that users should only rely on up-to-date images. The findings are a sign that traces of the supply chain threat have remained after more than a year since the incident came to light.
• U.S. Expands Sanctions on Garantex — The U.S. Treasury Department sanctioned Russian cryptocurrency exchange Garantex, its successor Grinex, and related affiliates as part of continued efforts by the government to halt the flow of ransomware proceeds facilitated by the platforms. Garantex is estimated to have processed more than $100 million in transactions linked to illicit activities since 2019. “Digital assets play a crucial role in global innovation and economic development, and the United States will not tolerate abuse of this industry to support cybercrime and sanctions evasion,” the Treasury Department said.
• EncryptHub Continues to Exploit Windows Flaw for Stealer Attacks — The Russia-aligned threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads, including a stealer called Fickle Stealer. The campaign combines social engineering and the exploitation of a vulnerability in the Microsoft Management Console (MMC) framework (CVE-2025-26633, aka MSC EvilTwin) to trigger the infection routine via a rogue Microsoft Console (MSC) file.
• ShinyHunters and Scattered Spider Join Forces — ShinyHunters and Scattered Spider appear to be working together to carry out financially motivated attacks, including those targeting Salesforce customers. These include the use of adoption of tactics that mirror those of Scattered Spider, such as highly-targeted vishing (aka voice phishing) and social engineering attacks, leveraging apps that masquerade as legitimate tools, employing Okta-themed phishing pages to trick victims into entering credentials during vishing, and VPN obfuscation for data exfiltration.

🔥 Trending CVEs

Hackers don’t wait—they strike within hours of a flaw being exposed. A missed patch, a hidden bug, or even a single overlooked CVE is enough to hand them the keys. What starts as “just one gap” can escalate into disruption, theft, or compromise before defenders even realize it’s happening. Below are this week’s high-risk vulnerabilities. Review them, patch quickly, and stay ahead before someone else makes the first move.

This week’s list includes — CVE-2025-20265 (Cisco Secure Firewall Management Center), CVE-2025-8671 (HTTP/2), CVE-2025-8875, CVE-2025-8876 (N-able N-central), CVE-2025-25256 (Fortinet FortiSIEM), CVE-2025-53779 (Microsoft Windows), CVE-2025-49457 (Zoom Clients for Windows), CVE-2025-8355, CVE-2025-8356 (Xerox FreeFlow Core), CVE-2024-42512, CVE-2024-42513, CVE-2025-1468 (OPC UA .NET Standard Stack), CVE-2025-42950, CVE-2025-42957 (SAP), CVE-2025-54472 (Apache bRPC), CVE-2025-5456, CVE-2025-5462 (Ivanti Connect Secure), CVE-2025-53652 (Jenkins), CVE-2025-49090, CVE-2025-54315 (Matrix), CVE-2025-52970 (Fortinet FortiWeb),CVE-2025-7384 (Database for Contact Form 7, WPforms, Elementor forms plugin), CVE-2025-53773 (GitHub Copilot), CVE-2025-6186, CVE-2025-7739, CVE-2025-7734 (GitLab), CVE-2025-8341 (Grafana Infinity Datasource Plugin), CVE-2025-47227, CVE-2025-47228 (ScriptCase), CVE-2025-30404, CVE-2025-30405, CVE-2025-54949, CVE-2025-54950, CVE-2025-54951, CVE-2025-54952 (Meta ExecuTorch), CVE-2025-55154, and CVE-2025-55004 (ImageMagick).

📰 Around the Cyber World

• Flaws in ZTNA Software — Cybersecurity researchers have discovered multiple security flaws impacting Zero Trust Network Access (ZTNA) solutions from Zscaler (CVE-2025-54982), NetSkope and Check Point Perimeter 81 that could be abused by attackers to escalate privileges on end user devices and to completely bypass authentication, granting access to internal resources as any user. The findings follow the discovery of critical weaknesses in Cato Networks’ Cato client, including one that could allow an attacker to gain full administrative control of a user’s device simply by having the user visit a malicious web page.
• Google Address Promptware Attack — Google has remediated a serious security issue that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on the target’s device, leak sensitive user data, and hijack control of smart home systems. The targeted promptware attack is initiated simply by an attacker sending a Google Calendar invite to a victim whose name contains an indirect prompt injection. When Google’s flagship AI chatbot is asked to summarize its upcoming calendar events, those dormant instructions are triggered, causing havoc in the physical environment, such as remotely controlling a victim’s home appliances. The attacks employ an approach called delayed automatic tool invocation to get around Google’s existing safety measures. They also demonstrate a potential side effect of Gemini’s broad permissions to take actions across the Google ecosystem. “As a result, we were able to hijack the application context, invoke its integrated agents, and exploit their permissions to perform a shocking range of malicious activities — including identifying the victim’s location, recording the victim, and even making changes within the victim’s physical environment.” The approach shows that Promptware, a variant of EchoLeak, is capable of performing both inter-agent lateral movement, by triggering malicious activity between different Gemini agents, and inter-app lateral movement, by escaping the boundaries of Gemini and leveraging applications installed on a victim’s smartphone, to perform malicious activities with real-world consequences. The promptware attacks further show that Gemini can be made to send spam links, generate vulgar content, open up the Zoom app and start a call, steal email and meeting details from a web browser, and download a file from a smartphone’s web browser. Google has since rolled out fixes like security thought reinforcement to address the issues. Indirect prompt injections are a more serious AI threat, as the malicious prompt is inserted by an outside source, either embedded within a web page or as text in a white font in an email that’s invisible to the naked eye, but can be parsed by AI systems. Addressing prompt injections is a hard problem since the methods LLMs can be tricked are continually evolving, and the attack surface is simultaneously getting more complex.
• Matter Adds New Security Features — Matter, a unifying, IP-based connectivity protocol and technical standard for smart home and IoT devices, has received numerous security enhancements in version 1.4.2, including (1) Wi-Fi Only Commissioning, which enables devices to be onboarded to Matter ecosystems over Wi-Fi without requiring Bluetooth Low Energy (LE) radios, (2) Vendor ID (VID) Verification, which allows controllers to cryptographically verify that the Admins installed on a device are genuinely from the vendors they claim, (3) Access Restriction Lists (ARLs), which provide a mechanism to restrict access to sensitive settings and data to only trusted, verified Controllers, and (4) Certificate Revocation Lists (CRLs), which offers support for revoking unused or compromised Device Attestation Certificates.
• Smart Buses Can Be Remotely Hacked — Cybersecurity researchers have discovered that Taiwanese smart buses that incorporate various systems to improve safety, efficiency, and passenger experience, such as Advanced Public Transportation Services (APTS) and Advanced Driver Assistance Systems (ADAS) can be remotely hacked. The research showcased it’s possible to easily bypass the on-board router’s authentication and gain unauthorized access to its administration interface, and then take over the APTS and ADAS functionality due to a lack of network segmentation. This enables an attacker to leverage the remote access to track the vehicle’s movements, manipulate controls, or access the camera. The vulnerabilities impact routers from BEC Technologies, which are commonly installed on smart buses in Taiwan.
• Cmimai Stealer Spotted in the Wild — A new Visual Basic Script (VBS) stealer malware called Cmimai Stealer has been observed in the wild since June 2025, employing capabilities to harvest a wide range of information from infected hosts and exfiltrating the data using a Discord webhook. “It is lightweight and lacks advanced features like persistence on system restart, encrypted communication, and credential theft; perhaps by design,” K7 Security said. “Although it is collecting browser data and screenshots, making us classify it as an Infostealer, it can be used for the dual purpose as a Stealer and also as a second-stage reconnaissance tool used for strategizing further future attacks.”
• Windows Hello or Windows Hell No? — Cybersecurity researchers have presented a novel attack targeting Windows Hello for Business (WHfB) that leverages the storage subsystem of the biometric unit in order to conduct bypass attacks. Essentially, the attack can facilitate biometric injection from another computer that would compromise biometric authentication, granting access to any face or fingerprint submitted. ERNW Research demonstrated that a local admin, or someone who has access to their credentials via malware or other means, can inject biometric information into a computer that would allow it to recognize any face or fingerprint. While the biometric templates are “encrypted,” a local administrator can exchange biometric features in the database, allowing authentication as any user already enrolled in the targeted system, including the possibility to make a lateral movement by usurping a domain administrator. Microsoft’s Enhanced Sign-in Security (ESS), which operates at a higher hypervisor virtual trust level (VTL1), blocks this line of attack.
• Securam Prologic Lock Flaws Disclosed — Researchers James Rowley and Mark Omo managed to discover a “backdoor” intended to let authorized locksmiths open Securam Prologic locks used in Liberty Safe and seven other brands. In addition, they discovered a way for a hacker to exploit that backdoor—intended to be accessible only with the manufacturer’s help—to open a safe on their own in seconds, as well as found another security vulnerability in many newer versions of Securam’s locks that would allow a bad actor to insert a tool into a hidden port in the lock and instantly obtain a safe’s unlock code, WIRED reported. Securam is expected to fix the issues in future models of the ProLogic lock.
• UAC Bypass via eudcedit.exe — An inventive User Account Control (UAC) bypass method exploits Windows’ built-in Private Character Editor (“eudcedit.exe”), allowing attackers to gain elevated privileges without user consent. The technique once again highlights how legitimate Windows utilities can be weaponized to circumvent critical security mechanisms. “If eudcedit.exe is executed under a user context that already belongs to the Administrators group, and UAC is configured permissively (e.g., ‘Elevate without prompting’), Windows will launch it immediately with high integrity, without showing a UAC dialog,” security researcher Matan Bahar said.
• Information Leak in Multi-User Linux Environments — New research has demonstrated how basic Linux commands like “ps auxww” can be weaponized to extract database credentials, API keys, and administrative passwords in multi-user Linux environments, “without ever escalating privileges or exploiting a single bug,” according to Ionut Cernica.
• Privacy Leaks Via Siri — Privacy issues have been uncovered in Apple Siri, finding the chat assistant transmits metadata about installed and active open apps, as well as audio playback metadata (e.g., recording names) without the user’s ability to control these privacy settings or their consent. What’s more, messages dictated via Siri to apps like iMessage and WhatsApp are sent to Apple’s servers, along with the recipient phone number and other identifiers. The issues have been codenamed AppleStorm by Lumia Security. Apple said the behavior stemmed from third-party services’ use of SiriKit, its extension system for integrating external apps with Siri.
• OAuth Apps as a Privilege Escalation Tool — Malicious OAuth applications could be used to escalate privileges or move laterally within a target environment. That’s according to findings from Praetorian, which has open-sourced a red teaming tool called OAuthSeeker that performs phishing attacks using malicious OAuth applications to compromise user identities within Microsoft Azure and Office365. “It is possible for external verified or internal unverified applications to request user_impersonation privileges within Microsoft Azure, which then allows the attacker to impersonate the user to cloud computing resources within Microsoft Azure, such as accessing compute infrastructure, such as virtual machines,” Praetorian said. “Operators can leverage OAuthSeeker for both gaining initial access into an environment, for lateral movement after obtaining initial access, and for persistence purposes after compromising an account leveraging other methods.”

• Fake Minecraft Setup Leads to NjRAT — A new malware campaign has been observed using fake Minecraft installers or mods to distribute a remote access trojan called NjRAT. “It is written in .NET and allows attackers to fully control infected machines remotely, making it one of the most popular and persistent malware families used in cyber espionage, cybercrime, and surveillance operations,” Point Wild said. The disclosure comes as the cybersecurity company detailed the inner workings of another RAT called Sakula RAT that has been employed in targeted intrusions since at least 2012. Besides harvesting sensitive data, the malware can connect to a command-and-control (C2) server to receive instructions from the attacker to run arbitrary commands and download additional payloads.
• Israel Targeted by PowerShell RAT Using ClickFix — Speaking or RATs, multiple Israeli organizations have been targeted by spear-phishing attacks that direct users to fake landing pages mimicking Microsoft Teams invites, while using ClickFix-like lures to trick recipients into launching PowerShell commands under the guise of joining the conversation. The command initiates the retrieval and execution of a secondary PowerShell script from the attacker’s server, which, in turn, acts as a loader for a PowerShell remote access trojan that can run PowerShell commands from the C2 and run more malware. “The adversary leveraged compromised internal email infrastructure to distribute phishing messages across the regional business landscape,” Fortinet said. “The attacker systematically compromised multiple Israeli companies over several consecutive days, using each breached environment as a launchpad to target additional organizations in the region. This tactic closely mirrors MuddyWater‘s typical approach to lateral expansion.” The absence of remote management tools (RMMs), a hallmark of MuddyWater’s attacks, indicates a tactical deviation. The disclosure came as Profero said it cracked the encryption of the DarkBit (aka Storm-1084) ransomware gang’s encryptors, allowing victims to recover files for free without paying a ransom. DarkBit is assessed to share overlaps with MuddyWater. The decrypter exploits a weak key generation algorithm used by the DarkBit group to brute-force the decryption key.
• Kimsuky Allegedly Suffers Data Breach — The North Korean state-sponsored hackers known as Kimsuky have reportedly suffered a data breach after a pair of hackers, named Saber and cyb0rg, stole the group’s data and leaked it publicly online. “Kimsuky, you are not a hacker. You are driven by financial greed, to enrich your leaders, and to fulfill their political agenda,” the hackers remarked in an analysis published in the latest issue of Phrack magazine. “You steal from others and favour your own. You value yourself above the others: You are morally perverted.” Among the leaked data are Kimsuky’s backend, exposing hacking tools, email addresses, internal manuals, and passwords that could provide insight into unknown campaigns and undocumented compromises. Saber and cyb0rg claim to have found evidence of Kimsuky compromising several South Korean government networks and companies. The files also include the group’s Android Toybox modifications and use of exploits like Bushfire. Another program is a Loadable Kernel Module (LKM) style rootkit with the ability to hide from detection and operate on any network port. “The main purpose of the rootkit is to create a persistent and stealthy backdoor,” Sandfly Security said. “The backdoor is activated when a special magic packet is received, combined with a correct password to initiate an SSL connection. The backdoor can be activated on any port. This is important to understand because a firewall alone may not protect the target system. If the magic packet is able to hit the victim, then the backdoor may be activated.” The tranche of data is said to have originated from a virtual workstation and virtual private server (VPS) used by the threat actor. That said, indications are that the dumps may have originated from a likely Chinese actor who has knowledge of Kimsuky’s tradecraft.
• 2 Founder of Samourai Wallet Plead Guilty to Money Laundering — Two senior executives and founders of the Samourai Wallet cryptocurrency mixer have pleaded guilty to charges involving washing more than $200 million worth of crypto assets from criminal proceeds and concealing the nature of illicit transactions using services like Whirlpool and Ricochet. Samourai CEO Keonne Rodriguez and CTO William Lonergan Hill were arrested last year after the U.S. Federal Bureau of Investigation (FBI) took down their service. As part of their plea agreements, Rodriguez and Hill have also agreed to forfeit $237,832,360.55. “The defendants created and operated a cryptocurrency mixing service that they knew enabled criminals to wash millions in dirty money, including proceeds from cryptocurrency thefts, drug trafficking operations, and fraud schemes,” the U.S. Department of Justice (DoJ) said. “They did not just facilitate this illicit movement of money, but also encouraged it.”
• Tornado Cash Founder Convicted of Operating a Money Transmitting Business — Roman Storm, a co-founder of the cryptocurrency mixing service Tornado Cash, was found guilty of conspiring to operate an unlicensed money-transmitting business. However, the jury failed to reach a ruling on the more significant charges of conspiracy to commit money laundering and to violate sanctions. “Roman Storm and Tornado Cash provided a service for North Korean hackers and other criminals to move and hide more than $1 billion of dirty money,” the DoJ said. Storm is set to be sentenced later this year and faces a maximum prison sentence of five years. The development came as the U.S. Treasury Department dropped its appeal against a court ruling that forced it to lift sanctions against Tornado Cash last month. Tornado Cash was delisted from the Specially Designated National and Blocked Persons (SDN) list earlier this March. The service was sanctioned in 2022 for its alleged links to cybercriminals and for having “repeatedly failed to impose effective controls” to prevent money laundering.
• India’s UPI to Stop P2P Money Requests to Tackle Fraud — The National Payments Corporation of India (NPCI) announced it will discontinue the person-to-person (P2P) Collect Request feature from the country’s instant payment system, Unified Payments Interface (UPI), starting October 1, 2025, aiming to strengthen security and prevent payment-related fraud. The feature allows users to request money from another individual via UPI, but has been misused by fraudsters by sending fake money transfer requests that can be inadvertently approved by a simple tap, thereby tricking unwitting users into authorizing payments. The change, however, does not apply to merchants.
• Microsoft Plans to Block Dangerous File Types in Teams — Microsoft revealed it’s planning to block dangerous file types and malicious URLs in Teams chats and channels. “Microsoft Teams now blocks messages containing weaponizable file types, such as executables, in chats and channels, increasing protection against malware and other file-based attacks,” the company said. “Microsoft Teams can now detect and warn users on malicious URLs sent in Teams chat and channels, increasing protection against malware attacks.” Separately, the tech giant said it’s also integrating Teams with Defender for Office 365 Tenant Allow/Block List to allow administrators to centrally manage blocked external domains in Teams.
• USB Worm Delivers Crypto Miner — A USB-based worm is being used to deliver the XMRig cryptocurrency miner as part of a global campaign targeting financial, education, healthcare, manufacturing, telecom, and oil and gas sectors in Australia, India, the U.S., and other countries. “The infection starts with execution of a VB script file from a USB drive (using a file name that starts with x and random 6 digits) from a folder named ‘rootdir,’” CyberProof said. The attack chain subsequently leverages DLL side-loading techniques to launch a malicious DLL that’s responsible for starting the mining process. In a related development, Russian companies have become the target of the Kinsing (aka H2Miner and Resourceful Wolf) cryptojacking group as part of large-scale attacks that brute-force SSH instances or scan internet-exposed servers for known vulnerabilities (e.g., CVE-2017-9841) in order to drop the Monero cryptocurrency miner.
• SMM Flaws in AMI Aptio UEFI Firmware — System Management Mode (SMM) memory corruption vulnerabilities (CVE-2025-33043) have been identified in UEFI modules present in AMI Aptio UEFI firmware that could be exploited by an attacker to elevate privileges and execute arbitrary code in the highly privileged SMM environment. “This could bypass certain firmware-level protections, such as those protecting the SPI flash memory, and enable persistent modifications to the firmware that operate independently of the OS,” CERT Coordination Center (CERT/CC) said.
• Former Intel Engineer Sentenced to 2 Years of Probation for Stealing Trade Secrets — An engineer who stole trade secrets from Intel and shared them with his new employer, Microsoft, was sentenced to two years of probation and ordered to pay a fine of more than $34,000. Varun Gupta was employed at Intel from July 2010 to January 2020, when he secured his new job at Microsoft. Gupta pleaded guilty to possessing trade secrets back in February 2025. “Between February and July 2020, while employed by the company in Washington, Gupta possessed and accessed his previous employer’s trade secrets and proprietary information without authorization,” the Justice Department noted at the time. “Gupta accessed information related to customized product design and pricing for significant purchases of computer processors, which Gupta used, as a representative of the Washington company, during head-to-head negotiations with his previous employer.” He was sued by Intel in early 2021.
• GitHub Repositories Deliver Stealer Malware — GitHub repositories disguised as legitimate projects, including game cheats, software cracks, and automation tools, have been used to distribute a malware loader called SmartLoader. It’s believed that users searching for such tools on search engines are the target of the campaign. The loader acts as a conduit for the Rhadamanthys information stealer malware, which is retrieved from a remote server. Users who search for tools to download YouTube videos for free have also been found to be served fake sites like YTMP4, where those who enter a video URL are displayed a “Download Now” button that drops DigitalPulse proxyware on the victim’s host by means of an executable hosted on GitHub. In a separate campaign, Facebook ads are being used to redirect users to fake landing pages that aim to deceive users into installing phony versions of cryptocurrency exchange apps like Binance that contain malware. The activity overlaps with a threat cluster dubbed WEEVILPROXY.
• Phishing Attacks Use Personalized Subject Lines and Links — Phishing attacks have been observed crafting personalized subject lines, attachment names, and embedded links to create a sense of familiarity or urgency, and increase the likelihood that the recipients engage with the email messages. “This strategy is not limited to the subject line; it is often extended to the email attachments, links, and message body,” Cofense said. “By including customized elements, attackers aim to increase the likelihood of a successful compromise.” These subject customization campaigns bearing travel Assistance, Response, Finance, Taxes, and Notification-themed emails have been found to deliver remote access trojans and information stealers. Finance-themed campaigns predominantly deliver jRAT, a cross-platform Remote Access Trojan written in Java that enables multi-operating system compatibility, whereas response-themed emails frequently serve PikaBot malware.
• Google pKVM Achieves SESIP Level 5 Certification — Google announced that its protected Kernel-based Virtual Machine (pKVM) for Android has achieved SESIP Level 5 certification, the highest security assurance level for IoT and mobile platforms. “This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar,” Google said. “This includes vital features, such as on-device AI workloads that can operate on ultra-personalized data, with the highest assurances of privacy and integrity.”
• 81% of Organizations Knowingly Ship Vulnerable Code — While 98% of organizations experienced breaches due to vulnerable code, 81% knowingly shipped that code, often to meet business goals. “Under pressure to deliver, teams are treating patch-later practices as acceptable risk, embedding insecurity into the SDLC,” Checkmarx said in its Future of AppSec report. The report is based on a survey of 1,500 application security leaders. Half of the respondents already use AI security code assistants, and 34% admitted that more than 60% of their code is generated using artificial intelligence (AI) tools.
• Pak Entities Targeted by Blue Locker Ransomware — Pakistan’s National Cyber Emergency Response Team (NCERT) issued an alert warning of Blue Locker ransomware attacks targeting the oil and gas sector. The ransomware, believed to be connected to the Shinra malware family, is distributed via a PowerShell-based loader that attempts to disable security defenses, escalate privileges, and launch its main payload. Phishing emails, malicious attachments, drive-by downloads, and insecure remote access are some of the initial access routes used by the threat actors behind the operation. “The motive behind these events may vary, but it is unlikely that a traditional cybercriminal organization is responsible; instead, it is more probable that a nation-state group is attacking critical infrastructure,” Resecurity said. “Very often, advanced actors operate under the guise of cybercrime to blur attribution and avoid geopolitical context.” The disclosure came as Huntress detailed a KawaLocker (aka KAWA4096) ransomware incident that involved the attackers accessing a victim’s endpoint via Remote Desktop Protocol (RDP) using a compromised account, followed by disabling security tools using kernel drivers and then dropping the locker.
• Phishing Campaign Uses “ん” as a URL Forward Slash — A Booking.com-themed phishing campaign has been observed using the Unicode character “ん” in URLs as a substitute for forward slashes when rendered in a web browser to trick unsuspecting users into running malicious MSI installers that are likely capable of delivering additional malware.
• Threat Actors Sell Access to Compromised Law Enforcement Accounts — A flourishing underground economy is enabling unauthorized access to hacked government and law enforcement accounts. These accounts are either compromised through phishing or through information-stealing infections. A single account is available for as little as $40.
• Chrome Tests Blocking Fingerprinting in Incognito Mode — Google’s Chrome team said it’s testing a Script Blocking feature that’s aimed at thwarting scripts engaging in known, prevalent techniques for browser re-identification using browser APIs to extract additional information about the user’s browser or device characteristics. The feature is expected to be shipped in version 140.
• Norway Says Russian Hackers Sabotaged Dam — The Norwegian Police Security Service said pro-Russian hackers likely sabotaged a dam in the country’s southwest in April 2025. This is the first time officials have publicly linked the incident to Russia. “The aim of this type of operation is to influence and to cause fear and chaos among the general population,” PST said. Exactly who is behind it is presently unknown.
• NIST Finalizes Lightweight Cryptography Standard to Secure IoT Devices — The U.S. National Institute of Standards and Technology (NIST) has completed work on the Ascon cryptographic standard. The standard contains four cryptographic algorithms (ASCON-128 AEAD , ASCON-Hash 256, ASCON-XOF 128, and ASCON-CXOF 128) designed to be used on low-memory IoT devices, as well as RFID tags and medical implants. The agency has been working on the standard since 2023.
• Chinese AI Firm Runs Propaganda Campaigns — The Chinese government is enlisting the help of domestic AI companies to monitor and manipulate public opinion on social media through sophisticated propaganda campaigns. One such company, named GoLaxy has run influence operations targeting Hong Kong and Taiwan with the help of AI tools. Founded in 2010, it has also used a tool named GoPro to build psychological profiles and build data profiles for at least 117 sitting U.S. lawmakers and more than 2,000 other American political and thought leaders. Furthermore, GoLaxy is believed to be tracking thousands of right-wing influencers and journalists. The company has since attempted to scrub its digital footprint, albeit unsuccessfully. In a statement to The New York Times, GoLaxy said its products are mainly based on open-source data.

🎥 Cybersecurity Webinars

• 5 Hidden Risks in Your Code-to-Cloud Pipeline—And How to Fix Them Fast: Security gaps don’t start in the cloud—they begin in your code. Join us to discover how code-to-cloud visibility unites developers, DevOps, and security teams with one shared map of risk. Learn how to cut noise, speed remediation, and protect your business-critical applications before attackers find the weak link.
• How to Detect the Silent AI Threats Hiding in Your Systems: AI is no longer just a tool—it can act like a rogue insider hiding in plain sight. Join our webinar, Shadow Agents and Silent Threats, to uncover how AI is reshaping identity risks, why traditional defenses aren’t enough, and what you can do now to stay ahead of invisible threats.
• How to Stop Rogue AI Agents Before They Hijack Your Identities and Data: AI Agents are multiplying inside your business faster than most teams can track—slipping into workflows, cloud platforms, and identities without warning. In this exclusive panel, security experts will uncover where Shadow AI hides, the risks they pose, and the practical steps you can take right now to regain control—without slowing innovation.

🔧 Cybersecurity Tools

• Buttercup: It is a Cyber Reasoning System (CRS) built to automatically find and fix vulnerabilities in open-source software. Developed by Trail of Bits for DARPA’s AIxCC program, it combines fuzzing, program analysis, and AI-driven patching to discover security flaws and generate repairs. Designed to work with OSS-Fuzz compatible C and Java projects, Buttercup integrates multiple components—like an orchestrator, fuzzer, and patcher—into a workflow that can test, monitor, and secure code at scale.
• Beelzebub: It is an open-source honeypot framework that provides a controlled environment for studying cyber attacks. It combines low-code configuration with AI-driven simulation to mimic high-interaction systems while maintaining a safer, low-interaction core. Supporting multiple protocols like SSH, HTTP, and TCP, as well as monitoring through Prometheus and ELK integration, Beelzebub helps researchers and defenders observe attacker behavior, test defenses, and analyze emerging threats.
• ExtensionHound: It is a forensic analysis tool designed to trace Chrome extensions’ DNS activity. By correlating network requests with specific extensions, it overcomes Chrome’s default process-level attribution barrier, making it possible to identify which extension generated suspicious queries. With optional integrations for domain reputation (VirusTotal), extension details (Secure Annex), and YARA-based signature detection, ExtensionHound provides investigators with clearer visibility into extension behavior across Windows, macOS, and Linux environments.

Disclaimer: These newly released tools are for educational use only and haven’t been fully audited. Use at your own risk—review the code, test safely, and apply proper safeguards.

🔒 Tip of the Week

Clipboard Permissions — A Hidden Data Leak Waiting to Happen — Most people think of their clipboard as a harmless convenience — copy some text, paste it where you need it, done. But in modern browsers like Chrome, the clipboard is a shared space between your computer and any website you grant permission to. Once allowed, a site can read whatever is currently in your clipboard — not just what you copied from that site, but from anywhere: your password manager, a PDF, a corporate document, or even secure notes.

The danger isn’t just “technical paranoia” — clipboard access is a known target for attackers because it bypasses a lot of security boundaries. If you’ve allowed a site to read your clipboard:

• It can read sensitive data from other apps — (e.g., passwords, personal IDs, bank info) if that data is in your clipboard while the site is open.
• It can read more than what you paste — Once permission is granted, a site can read your clipboard when you interact with it (e.g., clicking a button). It can see data copied from anywhere, not just from that site.
• It’s silent — there’s no pop-up or alert for each read. You won’t know it’s happening.

For example, you allow design-tool[.]com to read your clipboard because you want to paste an image directly into the site. Later in the day, you copy:

• A password from your password manager,
• A confidential client email snippet,
• Or a crypto wallet address.

While you’re still working in design-tool[.]com, its code could (maliciously or due to a compromise) send each clipboard read to a remote server — without you ever pressing “paste.”

Unlike file downloads or microphone access, Chrome’s clipboard permission is “all or nothing” for that site. Once allowed, the site can read at will until you manually revoke the permission.

What You Can Do

1. Grant Access Only When Needed: Go to chrome://settings/content/clipboard and set permissions to “Ask before accessing.”
2. Revoke Access After Use: Click the lock icon next to the address bar → Site settings → Block clipboard access.
3. Use Separate Profiles: Keep clipboard-trusted sites in a dedicated Chrome profile; close it when not in use.
4. Avoid Copying Sensitive Data While a Site is Open: If you must copy sensitive info, close the tab for any site with clipboard permissions first.

Clipboard access is like giving a stranger a window into your desk — you may only want them to look once, but if you leave the window open, they can keep peeking without asking. Treat clipboard permissions as carefully as camera or microphone access.

Conclusion

The pace isn’t slowing down, and the risks aren’t waiting. Every delay, every blind spot, becomes an opening someone else is ready to use. What’s urgent isn’t just patching or reacting—it’s staying one step ahead.

Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution.

The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler ThreatLabz said. While termncolor was downloaded 355 times, colorinal attracted 529 downloads. Both libraries are no longer available on PyPI.

“This attack could leverage DLL side-loading to facilitate decryption, establish persistence, and conduct command-and-control (C2) communication, ending in remote code execution,” according to researchers Manisha Ramcharan Prajapati and Satyam Singh.

Once installed and executed, termncolor is designed to import colorinal, which, in turn, loads a rogue DLL that’s responsible for decrypting and running the next-stage payload.

Specifically, the payload deploys a legitimate binary “vcpktsvr.exe” and a DLL called “libcef.dll” that’s launched using DLL side-loading. The DLL, for its part, is capable of harvesting system information and communicating with the C2 server using Zulip, an open-source chat application, to conceal the activity.

“Persistence is achieved by creating a registry entry under the Windows Run key to ensure automatic execution of the malware at system startup,” Zscaler said.

The malware is also capable of infecting Linux systems, with the Python libraries dropping a shared object file called “terminate.so” to unleash the same functionality.

Further analysis of the threat actor’s Zulip activity has revealed three active users within the created organization, with a total of 90,692 messages exchanged within the platform. It’s believed that the malware author has been active since July 10, 2025.

“The termncolor package and its malicious dependency colorinal highlight the importance of monitoring open-source ecosystems for potential supply chain attacks,” the company said.

The disclosure comes as SlowMist revealed that threat actors are targeting developers under the guise of a job assessment to trick them into cloning a GitHub repository containing a booby-trapped npm package that’s capable of harvesting iCloud Keychain, web browser, and cryptocurrency wallet data, and exfiltrating the details to an external server.

The npm packages are also engineered to download and run Python scripts, capture system information, scan the file system for sensitive files, steal credentials, log keystrokes, take screenshots, and monitor clipboard content.

The list of identified packages, now removed from npm, is below –

• redux-ace (163 Downloads)
• rtk-logger (394 Downloads)

In recent months, malicious npm packages have been spotted targeting the cybersecurity community to facilitate data theft and cryptocurrency mining through a dependent package, using legitimate services like Dropbox to exfiltrate the information from infected systems.

These packages, Datadog researchers Christophe Tafani-Dereeper and Matt Muir noted, are distributed to targets under the guise of malicious proof-of-concept (PoC) code for security flaws, or a kernel patch that supposedly offers performance improvements. The activity has been attributed to a threat actor it tracks as MUT-1244.

The development also follows a report from ReversingLabs that has revealed the risks associated with automated dependency upgrades, particularly when a compromised project is used by thousands of other projects, amplifying risks to the software supply chain.

This is exemplified by the recent compromise of the eslint-config-prettier npm package by means of a phishing attack that allowed unnamed attackers to push poisoned versions directly to the npm registry without any source code commits or pull requests on its corresponding GitHub repository.

The software supply chain security company found that more than 14,000 packages have declared eslint-config-prettier as a direct dependency, instead of declaring it as a devDependency, causing automated actions like GitHub Actions to automatically merge the dependency update alerts issued by Dependabot without scrutinizing them.

“Since this is a configuration for a development tool used for code formatting, it can be expected that it should be declared as a devDependency across packages in which it is used, and, as such, it shouldn’t be automatically installed when the npm install command is executed like with regular dependencies,” security researcher Karlo Zanki said.

“Automated version management tools like Dependabot are designed to remove the risk of having dependencies with security issues in your code base, but […] ironically they can end up introducing even bigger security issues like malicious compromise.”

Aug 18, 2025The Hacker NewsData Breach / Regulatory Compliance

Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance standards and frameworks. These compliance standards also apply to organizations operating in regulated sectors such as healthcare, finance, government contracting, or education. Some of these standards and frameworks include, but are not limited to:

• Payment Card Industry Data Security Standard (PCI DSS)
• General Data Protection Regulation (GDPR)
• Health Insurance Portability and Accountability Act (HIPAA)
• National Institute of Standards and Technology Special Publication framework (NIST SP 800-53)
• Trust Services Criteria (TSC)
• Cybersecurity Maturity Model Certification (CMMC)

Reasons for meeting compliance requirements

Below are some reasons for meeting compliance requirements:

• To protect businesses and organizations from cybersecurity risks, threats, and data breaches.
• To develop efficient organizational processes that aid in attaining business licensing.
• To avoid financial risk, losses, and fines due to data breaches or non-compliance with regulatory requirements.

How to meet regulatory compliance requirements

Regulatory compliance standards and frameworks can be implemented by adhering to the following points:

• Regular review of current regulatory compliance standards and frameworks applicable to your organization.
• Designating a specialist to be in charge of the compliance process. This specialist may be the organization’s compliance officer.
• Sensitizing employees and relevant third parties to compliance standards and the need to stay compliant. This sensitization may include training and tabletop exercises on the applicable compliance frameworks.
• Performing regular internal audits of systems and processes to ensure compliance with the relevant regulatory requirements.
• Using platforms to monitor and enforce compliance. An example of such a platform is Wazuh.

Wazuh SIEM/XDR

Wazuh is an open source security platform that provides unified Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) protection for endpoints and cloud workloads. It unifies historically separate functions into a single agent and platform architecture. Wazuh offers various capabilities, including threat detection and response, vulnerability detection, file integrity monitoring, container security, system inventory, and security configuration assessment. These capabilities are aided by visualizations that show various metrics and your organization’s compliance with specific standards.

Wazuh can help you track and implement regulatory compliance standards and frameworks by providing the following:

• Out-of-the-box modules that support compliance frameworks and standards.
• Compliance events visualization.
• Alerts classification by compliance requirements.
• Updated regulatory compliance documentation.

Out-of-the-box modules that support compliance frameworks and standards

Wazuh includes default dashboards, modules, and rulesets associated with specific compliance standards and regulatory frameworks. These include dashboards for PCI DSS, GDPR, HIPAA, NIST SP 800-53, and TSC frameworks.

The section below shows examples of such applications of these modules.

Log analysis

You can configure Wazuh to suit your peculiar organizational requirements, such as monitoring for sensitive information. This is achievable using the Wazuh log data analysis and File Integrity Monitoring (FIM) modules. An example of such can be seen in the post conducting primary account number scan with Wazuh. The post shows you how to detect exposed primary account numbers (PAN) within a monitored endpoint.

You can utilize such capabilities to identify sensitive information and improve your organization’s security posture.

Active response for incident handling

Wazuh includes the Active Response module for automating incident responses. This module allows you to set a preferred response when an alert is triggered. You can also develop custom active response scripts tailored to your environment’s use cases. The example below shows an active response that disables a user account upon detecting multiple failed user login attempts.

Compliance events visualization

Wazuh provides dedicated dashboards to monitor and track events relevant to compliance requirements. These dashboards offer a quick view of recent compliance events, the timeline of alerts generated, the agents on which the alerts occur, and the alert volumes by agents. The image below shows the visualization dashboard for NIST SP 800-53 requirements:

Alerts classification by compliance requirements

The Wazuh compliance dashboard offers a “Controls” section that shows applicable compliance requirements. This dashboard also shows alerts generated for each requirement and the event details that generated the alert.

This dashboard provides visibility into the requirements and helps direct the efforts of the compliance specialist and internal auditors to stay current with regulatory compliance standards.

Updated regulatory compliance documentation

One way to stay compliant is to regularly review and stay updated with the regulatory compliance frameworks applicable to your organization. Wazuh supports this by providing an information section for each requirement. This section contains a description of the requirement and related alerts.

The information on the Wazuh dashboard is updated with the latest compliance standards and frameworks versions. This information will give the compliance team a quick overview of the impact of the alerts being generated.

Conclusion

Adherence to regulatory compliance is key for businesses and organizations. These compliance standards and frameworks guide companies in protecting and securing themselves.

Various supporting platforms can be used to ensure compliance with regulatory standards and frameworks. Wazuh is one such platform. It provides threat detection, response, and visibility on the compliance status of your endpoints.

Aug 16, 2025Ravie LakshmananAndroid / Malware

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators’ infrastructure.

“The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications,” Hunt.io said in a report.

ERMAC was first documented by ThreatFabric in September 2021, detailing its ability to conduct overlay attacks against hundreds of banking and cryptocurrency apps across the world. Attributed to a threat actor named DukeEugene, it’s assessed to be an evolution of Cerberus and BlackRock.

Other commonly observed malware families – including Hook (ERMAC 2.0), Pegasus, and Loot – possess a shared lineage: An ancestor in the form of ERMAC from which source code components have been passed down and modified through generations.

Hunt.io said it managed to obtain the complete source code associated with the malware-as-a-service (MaaS) offering from an open directory on 141.164.62[.]236:443, right down to its PHP and Laravel backend, React-based frontend, Golang exfiltration server, and Android builder panel.

The functions of each of the components are listed below –

• Backend C2 server – Provides operators the ability to manage victim devices and access compromised data, such as SMS logs, stolen accounts, and device data
• Frontend panel – Allows operators to interact with connected devices by issuing commands, managing overlays, and accessing stolen data
• Exfiltration server – A Golang server used for exfiltrating stolen data and managing information related to compromised devices
• ERMAC backdoor – An Android implant written in Kotlin that offers the ability to control the compromised device and collect sensitive data based on incoming commands from the C2 server, while ensuring that the infections don’t touch devices located in the Commonwealth of Independent States (CIS) nations
• ERMAC builder – A tool to help customers configure and create builds for their malware campaigns by providing the application name, server URL, and other settings for the Android backdoor

Besides an expanded set of app targets, ERMAC 3.0 adds new form injection methods, an overhauled command-and-control (C2) panel, a new Android backdoor, and AES-CBC encrypted communications.

“The leak revealed critical weaknesses, such as a hardcoded JWT secret and a static admin bearer token, default root credentials, and open account registration on the admin panel,” the company said. “By correlating these flaws with live ERMAC infrastructure, we provide defenders with concrete ways to track, detect, and disrupt active operations.”

Aug 16, 2025Ravie LakshmananMalware / Vulnerability

The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads.

Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings together social engineering and the exploitation of a vulnerability in the Microsoft Management Console (MMC) framework (CVE-2025-26633, aka MSC EvilTwin) to trigger the infection routine via a rogue Microsoft Console (MSC) file.

“These activities are part of a broad, ongoing wave of malicious activity that blends social engineering with technical exploitation to bypass security defenses and gain control over internal environments,” Trustwave researchers Nathaniel Morales and Nikita Kazymirskyi said.

EncryptHub, also tracked as LARVA-208 and Water Gamayun, is a Russian hacking group that first gained prominence in mid-2024. Operating at a high tempo, the financially motivated crew is known for leveraging several methods, including fake job offers, portfolio review, and even compromising Steam games, to infect targets with stealer malware.

The threat actor’s abuse of CVE-2025-26633 was previously documented by Trend Micro in March 2025, uncovering attacks that deliver two backdoors called SilentPrism and DarkWisp.

The latest attack sequence involves the threat actor claiming to be from the IT department and sending a Microsoft Teams request to the target with the goal of initiating a remote connection and deploying secondary payloads by means of PowerShell commands.

Among the files dropped are two MSC files with the same name, one benign and the other malicious, that’s used to trigger CVE-2025-26633, ultimately resulting in the execution of the rogue MSC file when its innocuous counterpart is launched.

The MSC file, for its part, fetches and executes from an external server another PowerShell script that collects system information, establishes persistence on the host, and communicates with an EncryptHub command-and-control (C2) server to receive and run malicious payloads, including a stealer called Fickle Stealer.

“The script receives AES-encrypted commands from the attacker, decrypts them, and runs the payloads directly on the infected machine,” the researchers said.

Also deployed by the threat actor over the course of the attack is a Go-based loader codenamed SilentCrystal, which abuses Brave Support, a legitimate platform associated with the Brave web browser, to host next-stage malware – a ZIP archive containing the two MSC files to weaponize CVE-2025-26633.

What makes this significant is that uploading file attachments on the Brave Support platform is restricted for new users, indicating that the attackers somehow managed to obtain unauthorized access to an account with upload permissions to pull off the scheme.

Some of the other tools deployed include a Golang backdoor that operates in both client and server mode to send system metadata to the C2 server, as well as set up C2 infrastructure by making use of the SOCKS5 proxy tunneling protocol.

There is also evidence that the threat actors are continuing to rely on videoconferencing lures, this time setting up phony platforms like RivaTalk to deceive victims into downloading an MSI installer.

Running the installer leads to the delivery of several files: the legitimate Early Launch Anti-Malware (ELAM) installer binary from Symantec that’s used to sideload a malicious DLL that, in turn, launches a PowerShell command to download and run another PowerShell script.

It’s engineered to gather system information and exfiltrate it to the C2 server, and await encrypted PowerShell instructions that are decoded and executed to give attackers full control of the system. The malware also displays a fake “System Configuration” pop-up message as a ruse, while launching a background job to generate fake browser traffic by making HTTP requests to popular websites so as to blend C2 communications with normal network activity.

“The EncryptHub threat actor represents a well-resourced and adaptive adversary, combining social engineering, abuse of trusted platforms, and the exploitation of system vulnerabilities to maintain persistence and control,” Trustwave said.

“Their use of fake video conferencing platforms, encrypted command structures, and evolving malware toolsets underscores the importance of layered defense strategies, ongoing threat intelligence, and user awareness training.”

Aug 15, 2025Ravie LakshmananMalware / Open Source

A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments.

The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active since at least 2022. The hacking group is assessed to be a sub-group of UAT-5918, which is known to be attacking critical infrastructure entities in Taiwan as far back as 2023.

“UAT-7237 conducted a recent intrusion targeting web infrastructure entities within Taiwan and relies heavily on the use of open-sourced tooling, customized to a certain degree, likely to evade detection and conduct malicious activities within the compromised enterprise,” Talos said.

The attacks are characterized by the use of a bespoke shellcode loader dubbed SoundBill that’s designed to decode and launch secondary payloads, such as Cobalt Strike.

Despite the tactical overlaps with UAT-5918, UAT-7237’s tradecraft exhibits notable deviations, including its reliance on Cobalt Strike as a primary backdoor, the selective deployment of web shells after initial compromise, and the incorporation of direct remote desktop protocol (RDP) access and SoftEther VPN clients for persistent access.

The attack chains begin with the exploitation of known security flaws against unpatched servers exposed to the internet, followed by conducting initial reconnaissance and fingerprinting to determine if the target is of interest to the threat actors for follow-on exploitation.

“While UAT-5918 immediately begins deploying web shells to establish backdoored channels of access, UAT-7237 deviates significantly, using the SoftEther VPN client (similar to Flax Typhoon) to persist their access, and later access the systems via RDP,” researchers Asheer Malhotra, Brandon White, and Vitor Ventura said.

Once this step is successful, the attacker pivots to other systems across the enterprise to expand their reach and carry out further activities, including the deployment of SoundBill, a shellcode loader based on VTHello, for launching Cobalt Strike.

Also deployed on compromised hosts is JuicyPotato, a privilege escalation tool widely used by various Chinese hacking groups, and Mimikatz to extract credentials. In an interesting twist, subsequent attacks have leveraged an updated version of SoundBill that embeds a Mimikatz instance into it in order to achieve the same goals.

Besides using FScan to identify open ports against IP subnets, UAT-7237 has been observed attempting to make Windows Registry changes to disable User Account Control (UAC) and turn on storage of cleartext passwords.

“UAT-7237 specified Simplified Chinese as the preferred display language in their [SoftEther] VPN client’s language configuration file, indicating that the operators were proficient with the language,” Talos noted.

The disclosure comes as Intezer said it discovered a new variant of a known backdoor called FireWood that’s associated with a China-aligned threat actor called Gelsemium, albeit with low confidence.

FireWood was first documented by ESET in November 2024, detailing its ability to leverage a kernel driver rootkit module called usbdev.ko to hide processes, and run various commands sent by an attacker-controlled server.

“The core functionality of the backdoor remains the same but we did notice some changes in the implementation and the configuration of the backdoor,” Intezer researcher Nicole Fishbein said. “It is unclear if the kernel module was also updated as we were not able to collect it.”

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It’s about trust. And trust, by definition, is about what happens when you’re not looking.

Agentic AI — AI that perceives, decides, and acts on behalf of others — isn’t theoretical anymore. It’s routing our traffic, recommending our treatments, managing our portfolios, and negotiating our digital identity across platforms. These agents don’t just handle sensitive data — they interpret it. They make assumptions, act on partial signals, and evolve based on feedback loops. In essence, they build internal models not just of the world, but of us.

And that should give us pause.

Because once an agent becomes adaptive and semi-autonomous, privacy isn’t just about who has access to the data; it’s about what the agent infers, what it chooses to share, suppress, or synthesize, and whether its goals remain aligned with ours as contexts shift.

Take a simple example: an AI health assistant designed to optimize wellness. It starts by nudging you to drink more water and get more sleep. But over time, it begins triaging your appointments, analyzing your tone of voice for signs of depression, and even withholding notifications it predicts will cause stress. You haven’t just shared your data — you’ve ceded narrative authority. That’s where privacy erodes, not through a breach, but through a subtle drift in power and purpose.

This is no longer just about Confidentiality, Integrity, and Availability, the classic CIA triad. We must now factor in authenticity (can this agent be verified as itself?) and veracity (can we trust its interpretations and representations?). These aren’t merely technical qualities — they’re trust primitives.

And trust is brittle when intermediated by intelligence.

If I confide in a human therapist or lawyer, there are assumed boundaries — ethical, legal, psychological. We have expected norms of behavior on their part and limited access and control. But when I share with an AI assistant, those boundaries blur. Can it be subpoenaed? Audited? Reverse-engineered? What happens when a government or corporation queries my agent for its records?

We have no settled concept yet of AI-client privilege. And if jurisprudence finds there isn’t one, then all the trust we place in our agents becomes retrospective regret. Imagine a world where every intimate moment shared with an AI is legally discoverable — where your agent’s memory becomes a weaponized archive, admissible in court.

It won’t matter how secure the system is if the social contract around it is broken.

Today’s privacy frameworks — GDPR, CCPA — assume linear, transactional systems. But agentic AI operates in context, not just computation. It remembers what you forgot. It intuits what you didn’t say. It fills in blanks that might be none of its business, and then shares that synthesis — potentially helpfully, potentially recklessly — with systems and people beyond your control.

So we must move beyond access control and toward ethical boundaries. That means building agentic systems that understand the intent behind privacy, not just the mechanics of it. We must design for legibility; AI must be able to explain why it acted. And for intentionality. It must be able to act in a way that reflects the user’s evolving values, not just a frozen prompt history.

But we also need to wrestle with a new kind of fragility: What if my agent betrays me? Not out of malice, but because someone else crafted better incentives — or passed a law that superseded its loyalties?

In short: what if the agent is both mine and not mine?

This is why we must start treating AI agency as a first-order moral and legal category. Not as a product feature. Not as a user interface. But as a participant in social and institutional life. Because privacy in a world of minds — biological and synthetic — is no longer a matter of secrecy. It’s a matter of reciprocity, alignment, and governance.

If we get this wrong, privacy becomes performative — a checkbox in a shadow play of rights. If we get it right, we build a world where autonomy, both human and machine, is governed not by surveillance or suppression, but by ethical coherence.

Agentic AI forces us to confront the limits of policy, the fallacy of control, and the need for a new social contract. One built for entities that think — and one that has the strength to survive when they speak back.

Learn more about Zero Trust + AI.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019.

The Treasury said it’s also imposing sanctions on Garantex’s successor, Grinex, as well as three executives of Garantex and six associated companies in Russia and the Kyrgyz Republic that have enabled these activities –

• Sergey Mendeleev (Co-founder)
• Aleksandr Mira Serda (Co-founder)
• Pavel Karavatsky (Co-founder)
• Independent Decentralized Finance Smartbank and Ecosystem (InDeFi Bank)
• Exved
• Old Vector
• A7 LLC
• A71 LLC
• A7 Agent LLC

“Digital assets play a crucial role in global innovation and economic development, and the United States will not tolerate abuse of this industry to support cybercrime and sanctions evasion,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence, John K. Hurley.

“Exploiting cryptocurrency exchanges to launder money and facilitate ransomware attacks not only threatens our national security, but also tarnishes the reputations of legitimate virtual asset service providers.”

Garantex was first sanctioned by the U.S. in April 2022 for facilitating transactions from darknet markets and illicit actors such as Hydra and Conti. The cryptocurrency exchange’s website was seized as part of a coordinated law enforcement operation back in March 2025, and its co-founder, Aleksej Besciokov, was arrested in India.

Merely months later, TRM Labs revealed that Garantex may have rebranded as Grinex, likely in an effort to evade sanctions, with the former continuing to process more than $100 million in transactions since the sanctions were levied. Eighty-two percent of its total volume was linked to sanctioned entities worldwide.

“Days after Garantex’s takedown, Telegram channels affiliated with the exchange began promoting Grinex, a platform with a nearly identical interface, registered in Kyrgyzstan in December 2024,” TRM Labs noted in May.

The U.S. Treasury said criminal users use Garantex to launder their ill-gotten funds, processing funds from those related to Conti, Black Basta, LockBit, NetWalker, and Phoenix Cryptolocker ransomware variants. It also said Garantex moved its infrastructure and customer deposits to Grinex shortly after the March law enforcement actions.

Furthermore, Garantex is said to have worked with affected customers to regain access to their accounts using a ruble-backed stablecoin called A7A5 token, which is issued by a Kyrgyzstani firm called Old Vector. The token’s creator is A7 LLC.

According to a report from Elliptic, A7A5 has been used to transfer no less than $1 billion per day, with the aggregate value of A7A5 transfers pegged at $41.2 billion. In all, Grinex is estimated to have facilitated the transfer of billions of dollars in cryptocurrency transactions within the few months it has been operational.

“Garantex has also provided account and exchange services to actors associated with the Ryuk ransomware gang,” the agency said. “Ekaterina Zhdanova, a prolific money launderer, exchanged over $2 million in Bitcoin for Tether (USDT) via Garantex.”

Garantex’s outgoing funds from September 2024 through May 2025

Zhdanova was previously sanctioned by the U.S. in November 2023 for laundering virtual currency for the country’s elites and cybercriminal crews, including Ryuk.

“Garantex’s senior executives have supported its ability to enable cybercrime and sanctions evasion by procuring computer infrastructure for Garantex, registering its trademarks, and engaging in business development efforts to make its activities appear legitimate,” the Treasury added. “Garantex’s network of partner companies has also enabled it to move money, including illicit funds, outside of Russia.”

The U.S. Department of State has announced a $5 million reward for information leading to the arrest of Serda and $1 million for information on other key leaders of Garantex. It’s worth noting that A7 was sanctioned by the U.K. in May 2025 and by the European Union last month.

“The March 2025 multinational takedown did not halt these activities,” TRM Labs said. “Instead, Garantex’s leadership quickly activated a contingency plan that appears to have been in place for months.”

“The integration of A7A5 into Grinex represents only the most recent chapter in Garantex’s long-standing role in illicit finance. Both before and after its designation by the U.S. Treasury, Garantex operated as a key conduit for ransomware laundering, darknet market transactions, sanctions evasion, and the movement of funds through high-risk Russian financial networks.”

The new wave of sanctions comes as the U.S. Department of Justice (DoJ) unsealed six warrants authorizing the seizure of over $2.8 million in cryptocurrency, $70,000 in cash, and a luxury vehicle.

The cryptocurrency, the DoJ said, was seized from a cryptocurrency wallet controlled by Ianis Aleksandrovich Antropenko, who has been charged in the U.S. for allegedly using Zeppelin ransomware to target individuals, businesses, and organizations worldwide.

“The cryptocurrency and other assets are proceeds of (or were involved in laundering the proceeds of) ransomware activity,” according to the DoJ.

“Those assets were laundered in various ways, including by using the cryptocurrency mixing service ChipMixer, which was taken down in a coordinated international operation in 2023. Antropenko also laundered cryptocurrency by exchanging cryptocurrency for cash and depositing the cash in structured cash deposits.”

In a related development, more than $300 million in cryptocurrency assets linked to cybercrime and fraud schemes, including romance baiting (aka pig butchering) scams, have been frozen as part of an ongoing effort to identify and disrupt criminal networks.

Aug 15, 2025Ravie LakshmananVulnerability / Network Security

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems.

The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.

The networking equipment major said the issue stems from a lack of proper handling of user input during the authentication phase, as a result of which an attacker could send specially crafted input when entering credentials that get authenticated at the configured RADIUS server.

“A successful exploit could allow the attacker to execute commands at a high privilege level,” the company said in a Thursday advisory. “For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.”

The shortcoming impacts Cisco Secure FMC Software releases 7.0.7 and 7.7.0 if they have RADIUS authentication enabled. There are no workarounds other than applying the patches provided by the company. Brandon Sakai of Cisco has been credited with discovering the issue during internal security testing.

Besides CVE-2025-20265, Cisco has also resolved a number of high-severity bugs –

• CVE-2025-20217 (CVSS score: 8.6) – Cisco Secure Firewall Threat Defense Software Snort 3 Denial-of-Service Vulnerability
• CVE-2025-20222 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial-of-Service Vulnerability
• CVE-2025-20224, CVE-2025-20225, CVE-2025-20239 (CVSS scores: 8.6) – Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial-of-Service Vulnerabilities
• CVE-2025-20133, CVE-2025-20243 (CVSS scores: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial-of-Service Vulnerabilities
• CVE-2025-20134 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial-of-Service Vulnerability
• CVE-2025-20136 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial-of-Service Vulnerability
• CVE-2025-20263 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial-of-Service Vulnerability
• CVE-2025-20148 (CVSS score: 8.5) – Cisco Secure Firewall Management Center Software HTML Injection Vulnerability
• CVE-2025-20251 (CVSS score: 8.5) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial-of-Service Vulnerability
• CVE-2025-20127 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial-of-Service Vulnerability
• CVE-2025-20244 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial-of-Service Vulnerability

While none of the flaws have come under active exploitation in the wild, with network appliances repeatedly getting caught in the attackers’ crosshairs, it’s essential that users move quickly to update their instances to the latest version.