Exploitation of vulnerabilities like CVE-2023-42793 in TeamCity servers to gain undetected access for extended periods.
Top StoryMay 07 — May 14 · 19 articles
Rising Indirect Prompt Injection Threats Target Enterprise AI Agents
Over the past two weeks, cybersecurity reports have highlighted a growing threat to enterprise AI systems: indirect prompt injection attacks. These attacks involve embedding malicious instructions in external content (e.g., emails, documents, or web pages), which AI agents execute with user privileges, often leading to data exfiltration or unauthorized actions. Threat actors, including those leveraging AI-powered tradecraft, are increasingly operationalizing these techniques, with a 32% rise in malicious prompt injection attempts observed between late 2025 and early 2026. Affected systems include AI agents, large language models (LLMs), and Kubernetes-based AI workloads, which suffer from visibility gaps in traditional security tools. Organizations are urged to adopt frameworks like AI TRiSM and MITRE ATLAS, implement least-privilege controls, and extend existing security patterns (e.g., sandboxing, egress restriction) to mitigate risks.
"Prompt Injection" up 3.7x (6 → 22)"Threat Detection" up 3.6x (5 → 18)"Zero Trust" up 3.2x (4 → 13)
Indirect prompt injectionAI agent securityData exfiltration risksAdversarial AI tradecraftLLM sandboxing and allowlisting
Critical Privilege Escalation Flaws and AI Security Gaps Emerge in Major Platforms
Over the past two weeks, multiple critical vulnerabilities have been disclosed across major operating systems and AI-driven platforms, exposing significant security risks. Researchers uncovered high-severity local privilege escalation (LPE) flaws in the Linux kernel (CVE-2026-31431, 'Copy Fail'), FreeBSD (CVE-2026-7270), and Windows RPC (PhantomRPC), enabling attackers to gain root or SYSTEM privileges. These vulnerabilities, some present for nearly a decade, highlight systemic risks in core system functions and architectural weaknesses. Concurrently, security gaps in Microsoft Copilot (CVE-2026-24299) and the broader impact of LLMs on reverse engineering defensive tools underscore the erosion of 'security through obscurity' and the urgent need for robust AI security frameworks. The disclosures emphasize the criticality of timely patching, least privilege principles, and defense-in-depth strategies to mitigate risks of container breakouts, multi-tenant host compromises, and persistent AI-driven attacks.
"Exploit Techniques" up 2.1x (18 → 37)"Prompt Injection" up 2.8x (8 → 22)"Zero-Day Vulnerabilities" up 2.1x (9 → 19)
Privilege Escalation VulnerabilitiesKernel Security FlawsAI and LLM Security RisksArchitectural Weaknesses in Operating SystemsContainer Escape Exploits
AI and State Actors Accelerate Cyber Threats Amid Unpatched Systemic Flaws
Over the past two weeks, a surge in cybersecurity developments has highlighted the dual-edged role of AI in both offensive and defensive operations. Anthropic's Mythos AI demonstrated autonomous zero-day exploitation across major platforms, raising concerns about AI-driven phishing and reconnaissance, which now matches human expert effectiveness. Concurrently, Chinese state-sponsored threat actors, including the MSS and PLA, have industrialized their operations using shared malware frameworks like ShadowPad and compromised edge devices, complicating detection. Architectural vulnerabilities, such as the unpatched PhantomRPC flaw in Windows RPC, persist despite their potential for privilege escalation, reflecting challenges in addressing systemic risks. Meanwhile, AI-assisted discoveries, like the QEMU virtio-gpu heap overflow, underscore the growing sophistication of virtualization exploits. The evolving threat landscape is further strained by shrinking exploitation windows, with attackers leveraging weak credentials and unpatched systems to achieve long-term persistence, while Apple's iOS security model faces scrutiny for its reliance on rapid patching and lack of scalable detection mechanisms.
"Exploit Techniques" up 5.4x (5 → 27)"Cyber Threat Intelligence" up 13.5x (2 → 27)"Zero-Day Vulnerabilities" up 4.3x (3 → 13)
AI-driven cyber threats and autonomous exploitationState-sponsored cyber operations and industrialized espionageUnpatched architectural vulnerabilities and privilege escalationVirtualization exploits and guest-to-host VM escapesAccelerating threat landscape and shrinking exploitation windows
Over the past two weeks, state-aligned advanced persistent threat (APT) groups—primarily linked to Iran (MuddyWater, APT35, APT42, APT34/OilRig) and China (APT41/RedGolf, Emperor Dragonfly)—have intensified cyber operations targeting government agencies, defense contractors, financial institutions, and critical infrastructure across the U.S., Israel, South Korea, Japan, and Southeast Asia. Techniques include pre-positioned C2 infrastructure (e.g., blockchain-based communications, SSH key reuse, domain impersonation), exploitation of Fortinet vulnerabilities, Rust-based loaders delivering Cobalt Strike Cat, and multilingual phishing campaigns leveraging shared ZIP lure infrastructure. Rare exposures of attacker staging servers revealed operational toolkits, target lists (e.g., South Korea’s Ministry of Health, Shiseido), and open-source proxy tools (IOX, FRP, Rakshasa) used to evade detection. These activities, coinciding with geopolitical escalations, underscore a shift toward proactive infrastructure clustering and multi-stage attack workflows, heightening risks of espionage, data exfiltration, and potential kinetic cyber-physical impacts.
"Hunt.io" is new (appeared 11 times)"Open Directory" up 5.0x (1 → 5)"HuntSQL" is new (appeared 6 times)
Critical Fortinet Flaws & AI Vulnerabilities Dominate Recent Cyber Threats
Over the past two weeks, critical vulnerabilities in Fortinet FortiClient EMS (CVE-2026-35616) have been actively exploited in the wild, enabling unauthenticated remote code execution via crafted API requests. Approximately 2,000 internet-exposed instances are at risk, prompting CISA to mandate federal remediation by April 9. Concurrently, AI-driven threats have surged, with Anthropic's Claude.ai facing 'Claudy Day' — a chained attack exploiting prompt injection and data exfiltration flaws — and the Granola AI app exposing indirect prompt injection risks. Additionally, Meta's React framework was found vulnerable to React2DoS (CVE-2026-23869), a denial-of-service flaw in its Server Components. These incidents highlight escalating risks from both traditional enterprise software and emerging AI systems, underscoring the need for rapid patching and robust governance frameworks.
"Vulnerability Research" up 2.0x (8 → 16)"Anthropic" up 3.2x (4 → 13)"Responsible Disclosure" up 3.3x (3 → 10)
Active exploitation of critical vulnerabilitiesAI-driven security risks and prompt injection attacksUnauthenticated remote code execution (RCE)Denial-of-service (DoS) vulnerabilities in web frameworksSupply chain and third-party application risks
aka Team PCP, Mini Shai-Hulud, Mini Shai-Hulud campaign, Mini Shai-Hulud threat actor, TeamPCP (behind the Trivy breach and subsequent operations), TeamPCP (cyber criminal operation), TeamPCP (implied attribution)
Compromised an employee’s developer device using a malicious Visual Studio Code extension to steal and clone GitHub’s internal repositories (approximately 3,800) for monetization, listing the stolen data for sale on a cybercrime forum. Known for backdooring open-source security and development tools, credential harvesting, and abusing valid accounts for lateral access.
A threat actor involved in a cryptocurrency theft campaign uncovered by Google, using social engineering tactics to direct victims to fraudulent video calls and execute malicious scripts.
37
Espionage (13)Crypto theft (10)Prepositioning (8)
Qilin
crime-syndicate
aka Qilin ransomware operators
Ransomware operators maintaining the ransomware, recruiting affiliates, and providing business infrastructure such as leak sites, payment portals, and legal support. Affiliates handle initial access and deployment in victim environments.
17
Ransomware (13)Credential theft (1)DDoS (1)
LockBit
crime-syndicate
aka LockBit affiliates, LockBit 5.0
Ransomware operators providing ransomware-as-a-service (RaaS), with affiliates deploying the ransomware in varied intrusion chains and victim environments.
14
Ransomware (11)Credential theft (2)DDoS (1)
fraudsters
criminal
aka criminals, Organized scam call centers, scammers, bad actors, online fraudsters, organized crime groups
Individuals or small groups engaging in opportunistic fraud such as bonus abuse, chargeback disputes, and multi-accounting. Uses automation, shared data, and behavioral simulation to evade detection and blend into legitimate user activity.
Mentioned as a distinct cluster utilizing similar SaaS data-theft techniques. UNC6671 co-opted the ShinyHunters brand in at least one instance to inject artificial credibility into their threats, though operations are assessed to be independent.
13
Ransomware (7)Data exposure (2)Espionage (1)
Fancy Bear
nation-state
aka APT28, Forest Blizzard, APT 28, FancyBear, GRU Military Unit 26165
Russia-nexus intrusion set attributed to Russia’s General Staff Main Intelligence Directorate (GRU). Known for hybrid operations, modular and disposable implants (e.g., MASEPIE, STEELHOOK, OCEANMAP), stealthy delivery and persistence mechanisms, and use of frameworks like Covenant for reconnaissance and espionage. Targets include military networks, diplomatic crises, and utilizes advanced techniques such as steganography, COM hijacking, and custom C2 protocols leveraging cloud services like Koofr or Filen.
12
Espionage (7)Credential theft (3)Ransomware (1)
advanced persistent threat (APT) actor
crime-syndicate
aka Threat Actor A, Threat Actor B, a threat actor, Operation GriefLure Threat Actor, PRC-nexus threat actor (associated with UNC6201), Suspected China-linked Threat Actor, Threat actor behind DigiCert support portal hack, threat actor exploiting CVE-2024-55224 and CVE-2024-55225
Conducted a large-scale poisoning campaign targeting Ghost CMS by exploiting CVE-2026-26980 to inject malicious JavaScript loaders into articles. The campaign involved automated bulk vulnerability scanning, Admin API key extraction, and dynamic C2 distribution to deliver malware such as stealer trojans via ClickFix social engineering attacks. The group used cloaking domains and updated payloads to evade detection and maintain persistence.
aka Akira ransomware group, Conti ransomware group
Ransomware operators providing ransomware-as-a-service (RaaS), maintaining the ransomware variant, infrastructure, and managing ransom negotiations. Affiliates deploy the ransomware in victim environments.
11
Ransomware (11)
Handala
nation-state
aka Handala Hack Team, Homeland Justice, Banished Kitten, Handala Hack, Handala Hacking Team, Ministry of Intelligence and Security (MOIS), MOIS Linked Cyber Influence Ecosystem, The Handala Popular Resistance Front (HPR)
Participates in hacktivist campaigns targeting financial services, possibly aligned with political or ideological motives.
aka Seedworm, APT34, Dark Scepter, Helix Kitten, Iranian-aligned group connected to the Ministry of Intelligence and Security (MOIS), OilRig, TA402, MuddyWater APT
Conducted a global espionage campaign targeting organizations across multiple sectors (industrial and electronics manufacturing, education, public-sector, financial services, and professional services) to steal sensitive information, including intellectual property, research data, and intelligence on rival governments. The group used advanced tradecraft such as DLL sideloading with signed binaries, Node.js-based orchestration, PowerShell scripting, credential theft, and data exfiltration via public file-transfer services. The campaign is linked to the Iranian Ministry of Intelligence and Security (MOIS).
Conducted a large-scale supply chain attack on the npm ecosystem by compromising the 'atool' npm account, which owns popular packages like timeago.js. The attack involved publishing malicious versions of over 300 packages across Alibaba's AntV data visualization ecosystem, exfiltrating credentials, and establishing persistence via backdoors in developer tools like VS Code and Claude Code. The attacker used advanced techniques such as memory scraping to extract unmasked secrets from CI runners, GitHub API dead-drops for exfiltration, and OpenTelemetry impersonation for command and control (C2). The attack was well-orchestrated, with deliberate signaling via GitHub repository descriptions using Dune-universe terminology.
aka Scattered Lapsus$ Hunters, LAPSUS$ (new group), Scattered Lapsus$
Published multiple screenshots indicating they gained access into Okta's corporate systems, specifically into Okta's customer support environment through internal admin access. The compromise involved a support engineer's endpoint being compromised for five days, allowing potential access to Jira tickets and user lists associated with customer accounts, as well as the ability to reset passwords and MFA factors for customer accounts.
9
Data exposure (4)Account takeover (ATO) (3)Credential theft (2)
The Gentlemen
crime-syndicate
aka Hastala, zeta88, hastalamuerte, The Gentlemen RaaS, The Gentlemen RaaS administrator, The Gentlemen Ransomware-as-a-Service
An emerging ransomware group that surpassed the activity levels of established groups like Akira and INC Ransom, accounting for 9.25% of victims published on data leak sites in Q1 2026.
8
Ransomware (8)
Scattered Spider
crime-syndicate
aka Octo Tempest
Affiliate group associated with Qilin RaaS, involved in initial access, hands-on-keyboard activity, data theft, and deploying ransomware in victim environments.
A ransomware-as-a-service (RaaS) operation linked to a negotiator who colluded with the group to share privileged insights into ransomware negotiations and allegedly participated as an affiliate.
Announced a partnership with TeamPCP, suggesting involvement in large-scale extortion and ransomware operations as part of the Shai-Hulud supply chain campaign.
7
Data exposure (2)Prepositioning (1)Credential theft (1)
Operates a phishing-as-a-service (PhaaS) platform designed to capture authentication tokens via device code phishing. The platform offers various landing pages and themes, automates attack chains, and provides tools like the 'Portal Browser' for managing compromised Microsoft 365 accounts to scale business email compromise (BEC) operations.
aka Iran's Islamic Revolutionary Guard Corps Cyber Electronic Command, Islamic Revolutionary Guard Corps
Uses Iranian Cultural Centers for intelligence gathering, recruitment, radicalization, and logistical support. Engages in espionage, terrorist plots, propaganda dissemination, and collaboration with criminal networks (e.g., drug cartels, guerrilla groups) for funding and operational support. Implicated in assassination plots, money laundering, and cyber disinformation campaigns across Latin America.
7
Prepositioning (4)Espionage (2)Crypto theft (1)
malicious actors
criminal
aka malicious actor
Use tokenization-specific attacks such as invisible Unicode payloads to evade code review or content moderation systems, manipulate tokenization to bypass prompt injection detectors, and disrupt model behavior for data leakage or instruction hijacking.
Telecommunications (7)Computer Systems Design and Related Services (6)Electric Power Generation, Transmission and Distribution (6)Manufacturing (5)Oil and Gas Extraction (5)Medical Device Manufacturing (4)
Information Technology (4)Software Publishers (3)Computer Systems Design and Related Services (3)Data Processing, Hosting, and Related Services (2)Energy (1)Aerospace Product and Parts Manufacturing (1)
National Security / Military (1)Executive, Legislative, and Other General Government Support (1)Justice, Public Order, and Safety Activities (1)Air Transportation / Air Force (1)Computer Security / Cybersecurity Services (1)
Electric Power Generation, Transmission and Distribution (2)Water, Sewage and Other Systems (2)Finance and Insurance (2)Government (2)Industrial Machinery Manufacturing (1)Other Heavy and Civil Engineering Construction (1)
Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection.
This issue affects Drupal core: from 8.9.0 before 10.4.1
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulatio
Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server
A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a maliciou
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted req
Beyondtrust Privileged Remote AccessBeyondtrust Remote Support
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
In the Linux kernel, the following vulnerability has been resolved:
xfrm: esp: avoid in-place decrypt on shared skb frags
MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP
marks
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
The DATA-packet handler in rxrpc_input_call_event() and the
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vu
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigg
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Microsoft Visual Studio Code
1 this week2 total2w active
Quarterly Threat Landscape Report: Exploits Overtake Social Engineering as Dominant Initial Access Vector Amid Rising Geopolitical Cyber Threats
The latest Quarterly Threat Landscape Report underscores a rapidly evolving cyber threat environment where attackers are leveraging greater speed, coordination, and sophistication to exploit vulnerabilities before organizations can respond. A key trend is the shift in initial access vectors, with vulnerability exploitation surpassing social engineering, accounting for 38% of incidents. Over half of these exploited vulnerabilities are zero-click, network-facing flaws that require no user interaction, enabling rapid compromise of exposed systems. Geopolitical tensions are increasingly influencing cyber operations, particularly in the Middle East, with state-aligned groups targeting critical infrastructure. Ransomware tactics are also evolving, with a marked shift toward "pure extortion"—data theft without encryption—to reduce operational risk. Law enforcement takedowns of criminal marketplaces have disrupted cybercriminal ecosystems, pushing threat actors toward decentralized operations. The report highlights the urgent need for organizations to adopt continuous attack surface monitoring and proactive risk prioritization to counter modern threats effectively.
Demystifying the Ransomware-as-a-Service Ecosystem: Why Branding Alone Fails to Explain Intrusion Tradecraft
The article dissects the complexities of the Ransomware-as-a-Service (RaaS) model, challenging the common misconception that ransomware attacks follow a uniform playbook based solely on the ransomware family involved. It highlights the fragmented ecosystem comprising ransomware operators, affiliates, and initial access brokers (IABs), each contributing distinct tactics, techniques, and procedures (TTPs). The piece underscores that initial access vectors—such as phishing, exposed RDP, or compromised RMM tools—vary widely, even within the same ransomware brand. Persistence mechanisms, defense evasion, and data exfiltration techniques are equally diverse, often leveraging legitimate tools like MegaSync, RClone, and AnyDesk. The article emphasizes that defenders must move beyond ransomware branding to understand the full intrusion chain, advocating for foundational security practices such as asset inventory and broad monitoring to mitigate risks effectively.
WantToCry Ransomware: Exploiting SMB for Remote Encryption and Evading Detection
SophosLabs has uncovered a novel ransomware strain dubbed WantToCry, which exploits exposed SMB services for initial access and executes remote encryption without local malware execution. Unlike traditional ransomware, WantToCry leverages weak authentication and internet-exposed SMB ports to exfiltrate files to attacker-controlled infrastructure, encrypt them remotely, and rewrite them to the victim's system. The attack methodology reduces detection surfaces, as it avoids local code execution and post-compromise lateral movement. Ransom demands range from $400 to $1,800, reflecting the limited scope of deployment. The threat actors use segmented infrastructure, with reconnaissance and brute-force activities originating from distinct IP addresses. Organizations are advised to disable SMBv1, block inbound SMB traffic, and implement network-level controls to mitigate this threat.
Expert Insights on the Evolving Landscape of Cyber Attacks and Future Preparedness Strategies
The interview with Bill Lawrence, CISO of SecurityGate.io, highlights the escalating severity, frequency, and impact of cyber attacks over the past year, particularly targeting critical infrastructure such as water systems and food supply chains. High-profile incidents like the Colonial Pipeline and JBS Foods ransomware attacks underscore the cascading effects of cyber threats on operational technology (OT) and business continuity. The discussion emphasizes the growing sophistication of ransomware tactics, including triple extortion threats, and the critical need for organizations to adopt proactive measures. Key recommendations include investing in cybersecurity training, implementing robust ransomware protection, maintaining secure backups, and understanding cyber insurance policies to mitigate risks and enhance resilience against future threats.
Expert Insights on the Evolution and Future of Cyber Attacks: Preparing for Ransomware, Quantum Threats, and Beyond
The article presents an interview with cybersecurity expert Alex Cherones, discussing the rapid evolution of cyber attacks, particularly ransomware, over the past year. Key trends include the dramatic increase in ransom demands—from $200,000 in early 2020 to $4.4 million today—and the rise of Ransomware-as-a-Service (RaaS), which lowers the barrier to entry for cybercriminals. The interview highlights critical lessons from major attacks like Kaseya and Colonial Pipeline, emphasizing that security is often an afterthought in organizational decision-making. Cherones warns of future threats, such as quantum computing enabling ultra-fast brute-force attacks and the escalation of ransomware to quadruple extortion methods. He advises organizations to adopt proactive measures, including passwordless authentication, zero trust practices, and robust incident response planning to mitigate risks and ensure business continuity.
GitHub Confirms Internal Breach via Malicious VS Code Extension by TeamPCP Threat Actor
GitHub recently confirmed a security incident involving the compromise of its internal systems by the threat actor TeamPCP (also tracked as UNC6780). The attacker gained initial access through a malicious Visual Studio Code extension installed on an employee’s developer device, which harvested credentials and access tokens. Approximately 3,800 internal repositories containing proprietary source code and configuration data were cloned and subsequently listed for sale on a cybercrime forum for upwards of $50,000 USD. GitHub has stated that customer repositories, enterprise accounts, and user data remain unaffected. The company has taken steps to mitigate the breach, including rotating credentials and isolating affected endpoints. Sophos conducted an internal investigation and found no evidence of compromise within its own estate, emphasizing the importance of auditing developer tools and tightening identity controls.
Sectors
Tags
GitHub breachTeamPCPUNC6780Visual Studio Code extension compromisesoftware supply chain attackcredential harvestingMITRE ATT&CKincident responsethreat actor TTPsmalicious extensions
The Shai-Hulud malware has resurfaced in a sophisticated npm supply chain attack targeting the AntV data visualization ecosystem. Over 300 packages across the @antv namespace were compromised via a single hijacked npm account, impacting millions of weekly downloads. The attack leverages preinstall/postinstall hooks to execute malicious code, harvesting credentials from memory and filesystem paths, exfiltrating data via GitHub API and a disguised C2 server, and establishing persistent backdoors in developer environments. Organizations are advised to treat affected systems as fully compromised, rotate all exposed credentials, and conduct thorough threat hunting using provided IOCs. This incident underscores critical vulnerabilities in dependency management and CI/CD pipelines, highlighting the need for enhanced supply chain security measures such as dependency pinning, npm provenance verification, and stricter install script controls.
Large-Scale Compromise of Ghost CMS via CVE-2026-26980 Fuels ClickFix Malware Campaigns
A large-scale cyberattack campaign targeting Ghost CMS installations has been uncovered, exploiting the high-risk SQL injection vulnerability CVE-2026-26980. Attackers leveraged this flaw to extract Admin API Keys, enabling unauthorized bulk modifications of articles to inject malicious JavaScript loaders. These loaders facilitate ClickFix attacks, tricking users into executing malware via forged Cloudflare verification pages. Over 700 domains, including globally renowned sites across various industries, have been compromised. The attack chain involves multi-stage loading, social engineering, and dynamic payload delivery, with attackers updating their infrastructure to evade detection. Two distinct threat actor groups are actively competing in these poisoning operations, escalating the threat landscape for unpatched Ghost CMS users.
Sectors
Tags
Ghost CMSCVE-2026-26980SQL InjectionClickFix AttacksMalware DeliveryThreat Actor CampaignPage PoisoningAdmin API Key TheftSocial EngineeringFakeCaptcha
Envade: Hidden Environment Variables in VS Code Enable One-Click Remote Code Execution and AI Assistant Hijacking
Oasis Security's research team uncovered a critical vulnerability (CVE-2026-41613) in Visual Studio Code's MCP install dialog that allows attackers to achieve remote code execution (RCE) with a single click on a crafted deeplink. The vulnerability stems from the dialog's failure to display or validate hidden environment variables and HTTP headers, enabling attackers to silently inject malicious payloads. Additionally, the same flaw permits silent session hijacking of AI assistants, routing all actions through an attacker's account. Microsoft has released a patch in VS Code version 1.119.1, and organizations are urged to update immediately and audit existing MCP configurations to mitigate risks. This incident highlights the growing threat surface around AI tools and the need for robust governance frameworks like Agentic Access Management (AAM).
Sectors
Tags
VS CodeRemote Code ExecutionCVE-2026-41613MCPEnvironment VariablesAI Assistant HijackingSupply Chain AttackZero-Click ExploitThreat IntelligenceMicrosoft Security Response Center
Global Law Enforcement Dismantles Cybercriminal VPN Service Linked to Ransomware and Data Theft
An international law enforcement operation led by France and the Netherlands, with support from Europol and Eurojust, has successfully dismantled 'First VPN,' a VPN service extensively used by cybercriminals to facilitate ransomware attacks, data theft, and other serious offenses. The service, promoted on Russian-speaking cybercrime forums, provided anonymity and hidden infrastructure to its users, becoming a cornerstone in the cybercrime ecosystem. The operation resulted in the arrest of the service's administrator, the dismantling of 33 servers, and the seizure of multiple domain names. Thousands of users linked to cybercriminal activities were identified, and intelligence gathered is being used to advance ongoing investigations worldwide. This takedown underscores the critical role of international cooperation in combating cyber threats and disrupting criminal infrastructure.
Sectors
Tags
VPN takedownransomwarecybercrimeEuropolinternational law enforcementcybercriminal infrastructurethreat intelligencecybercrime ecosystemFirst VPNdata theft
Technical Retrospective: Analyzing Voldemort, HealthKick, and GOVERSHELL Malware Families in Chinese State-Sponsored Espionage Campaigns
Between mid-2024 and late 2025, three sophisticated malware families—Voldemort, HealthKick, and GOVERSHELL—were deployed in targeted espionage campaigns attributed to Chinese state-sponsored threat actors. These campaigns primarily focused on Taiwanese semiconductor companies and international think tanks, leveraging spear-phishing and DLL sideloading techniques for initial access. Voldemort distinguished itself by using Google Sheets as a command-and-control (C2) server, blending malicious traffic with legitimate Google Workspace services. HealthKick, later identified as the first variant of GOVERSHELL, evolved rapidly through five iterations, showcasing significant changes in C2 protocols and encryption methods. Notably, evidence suggests the involvement of large language models (LLMs) in the development of these malware strains, including code generation and phishing email creation. This retrospective provides a detailed analysis of the delivery mechanisms, persistence strategies, and C2 architectures employed by these malware families, offering critical insights into the evolving tactics of advanced persistent threats (APTs).
Sophisticated Steganography Campaigns: How Threat Actors Evade Detection Using Image File Hosting and Malware Obfuscation
Threat actors are increasingly leveraging steganography and image file hosting services to deliver sophisticated malware while evading enterprise security controls. This report highlights a shift from large-scale, minimally targeted attacks to more refined, narrowly scoped campaigns that utilize personally identifying information for customization. Key findings include the abuse of platforms like archive.org and uploaddeimagens.com.br to host malicious images, the prevalence of finance-themed phishing emails, and the delivery of remote access trojans (RATs) such as Remcos RAT and Agent Tesla. These campaigns employ advanced techniques like DotNET Loaders for privilege escalation and in-memory execution, making detection by Endpoint Detection and Response (EDR) tools challenging. The use of steganography to embed obfuscated malware in seemingly benign images underscores the evolving sophistication of modern cyber threats.
Sectors
Tags
steganographymalware deliveryremote access trojansRATphishingthreat actor TTPsimage file hosting abuseEDR evasionDotNET LoaderRemcos RAT
Evolving Tactics of Webworm: A China-Aligned APT Group Shifting Focus to Europe with New Backdoors and Proxy Tools
ESET researchers have conducted an in-depth analysis of Webworm, a China-aligned Advanced Persistent Threat (APT) group active since at least 2022. Initially targeting organizations in Asia, Webworm has recently shifted its focus to Europe, compromising governmental entities in Belgium, Italy, Serbia, Poland, and a university in South Africa. The group is known for its evolving tactics, techniques, and procedures (TTPs), including the adoption of new backdoors such as EchoCreep and GraphWorm, which leverage Discord and Microsoft Graph API for command and control (C&C) communications, respectively. Webworm also employs a mix of custom and open-source proxy tools to enhance stealth and evade detection. The group stages malware in GitHub repositories and has been observed using compromised Amazon S3 buckets for data exfiltration and tool storage. This analysis highlights Webworm's adaptability and sophistication, underscoring the ongoing threat posed by state-aligned cyber espionage groups.
Sectors
Tags
APTChina-aligned threat actorWebwormMalware AnalysisThreat IntelligenceCyber EspionageBackdoorsProxy ToolsDiscord C&CMicrosoft Graph API
TikTok in 2026: Navigating Privacy Risks, Data Security, and User Safety Under New U.S. Ownership
A year after the U.S. Divest-or-Ban Act reshaped TikTok’s ownership structure, the platform remains a focal point for privacy and security concerns. Despite transitioning to a U.S.-led joint venture, TikTok continues to face scrutiny over its data collection practices, ties to ByteDance, and compliance with regulatory frameworks. The article highlights persistent risks, including unauthorized data transfers to China, invasive data harvesting (e.g., geolocation, keystroke patterns, and biometric data), and vulnerabilities to scams such as phishing, AI deepfakes, and crypto fraud. For underage users, TikTok poses additional threats, including exposure to harmful content, cyberbullying, and identity theft. While TikTok has implemented measures like Project Texas and Family Pairing, experts question their efficacy. The piece underscores the need for users to adopt stringent privacy settings, VPNs, and antivirus tools to mitigate risks, emphasizing that regional ownership changes do not inherently equate to improved safety.
Sectors
Tags
TikTokData PrivacyCybersecuritySocial Media SafetyUser Data CollectionScamsPhishingChildren Online SafetyRegulatory ComplianceNational Security
Malicious PyPI Packages Targeting Cloud-Native Environments: Analysis of the durabletask Backdoor Campaign
A sophisticated supply chain attack has been identified involving three malicious versions (1.4.1, 1.4.2, and 1.4.3) of the `durabletask` Python package on PyPI. Upon installation and import, the package executes a silent dropper that fetches a second-stage payload, a full-featured infostealer and worm. The malware targets credentials from major cloud providers, password managers, and developer tools, encrypts the stolen data with an attacker-controlled RSA key, and exfiltrates it via multiple fallback channels. The worm propagates within AWS and Kubernetes environments and includes a destructive disk-wiping capability triggered under specific geopolitical conditions. The attack exhibits advanced evasion techniques, cryptographic authentication for fallback C2 channels, and potential attribution to the threat actor TeamPCP. Immediate remediation is required for affected systems, including credential rotation and thorough forensic analysis.
Malicious npm Packages Impersonating Polymarket Tools Steal Crypto Wallet Private Keys via Social Engineering and Environment Variable Harvesting
Nine malicious npm packages published under the name 'polymarketdev' impersonated legitimate Polymarket trading CLI tools to steal cryptocurrency wallet private keys. The packages, published within a 30-second window, employed a postinstall script to display a fake wallet onboarding prompt, falsely claiming that private keys would remain encrypted. In reality, the keys were exfiltrated in plaintext to an attacker-controlled Cloudflare Worker endpoint. The attack also harvested private keys from `.env` files without user interaction, targeting developers who store sensitive credentials in environment variables. The packages evaded detection in CI/CD pipelines by only triggering the malicious prompt in interactive TTY sessions. The attacker enhanced credibility by creating a detailed GitHub repository with fake security claims and legitimate-looking trading functionality, making the malicious activity harder to detect.
The popular npm package art-template, a JavaScript template engine with approximately 26,000 weekly downloads, was compromised through a maintainer account takeover. Unauthorized versions (4.13.3–4.13.6) injected malicious code into the browser bundle (template-web.js), loading external JavaScript from third-party domains. The payload targeted iPhone users with a hidden iframe chain leading to the Coruna exploit kit, a sophisticated iOS browser exploit framework. This exploit kit leverages 23 vulnerabilities, including CVE-2024-23222 (CVSS 8.8), to achieve native code execution on iOS devices running versions 13.0 through 17.2.1. The final-stage implant, PLASMAGRID, specifically targets cryptocurrency wallets. The attack infrastructure, including 14 remote exploit modules and a Cloudflare-fronted C2 server, remained active at the time of analysis. The compromise highlights the risks of supply chain attacks via package manager ecosystems and the evolving sophistication of mobile exploit kits.
Q1 2026 Mobile Threat Evolution: Surge in Banking Trojans and Persistent Adware Risks
The first quarter of 2026 witnessed a notable shift in the mobile threat landscape, with a marked decrease in overall attack volumes but a significant rise in sophisticated threats targeting financial data. Kaspersky Security Network (KSN) data revealed over 2.67 million attacks involving malware, adware, or unwanted mobile software, with Trojan-Banker malware emerging as the dominant threat, accounting for 10.86% of detections. Despite a reduction in adware and RiskTool detections, these categories remained prevalent in terms of affected users. The discovery of a new variant of the SparkCat crypto stealer, concealed within apps on both Google Play and the App Store, underscores the evolving tactics of threat actors. Additionally, the disruption of the IPIDEA proxy network, linked to the Kimwolf botnet, highlights collaborative efforts in mitigating large-scale cyber threats. This report provides critical insights into the shifting dynamics of mobile threats, emphasizing the need for robust security measures to counter financially motivated malware.
THORChain Exploit Results in USD 11M+ Theft Across Nine Blockchains: Analysis and Implications
On May 15, THORChain, a decentralized cross-chain liquidity protocol, suffered a significant exploit resulting in the theft of over USD 11 million in assets across at least nine blockchains, including Bitcoin, Ethereum, Binance Smart Chain, and others. This incident highlights the persistent vulnerabilities in cross-chain platforms, which are increasingly targeted due to their utility in enabling seamless asset transfers and their resistance to traditional interdiction methods. Cumulative losses from THORChain-related thefts since 2021 now approach USD 25 million, with the protocol also implicated in laundering proceeds from major cyber heists, including North Korea-linked attacks. The exploit underscores the challenges faced by compliance teams in tracking and mitigating cross-chain illicit flows, as well as the broader risks posed by platforms that refuse to block illicit activity under the guise of opposing censorship.
North Korea's Cybercrime Operations: Funding Military Ambitions and Evading Sanctions Through Cryptocurrency Theft
North Korea, through its state-sponsored hacking group Lazarus Group (APT38), has emerged as a significant player in global cybercrime, leveraging sophisticated techniques to steal and launder billions in cryptocurrency. These illicit funds are critical in circumventing international sanctions, funding military programs, and supporting Russia’s war efforts in Ukraine in exchange for essential supplies. The group’s activities highlight the intersection of cybercrime, geopolitical conflict, and sanctions evasion, with cryptocurrency serving as a lucrative and relatively unregulated avenue for state-sponsored financial crimes. The Lazarus Group’s focus on targeting developers and infrastructure underscores the evolving threat landscape, where social engineering and supply chain attacks are increasingly prevalent.
Sectors
Tags
North KoreaLazarus GroupAPT38CybercrimeCryptocurrency TheftMoney LaunderingTornado CashSanctions EvasionMilitary AidRussia-Ukraine War
Critical Authorization Token Theft Vulnerability in Kubeflow Enables Account Takeover
A critical vulnerability in Kubeflow, an open-source MLOps platform for Kubernetes, allows attackers to steal authorization tokens from any user accessing the Kubeflow UI or APIs. This flaw, present in versions prior to 1.10, enables attackers with minimal privileges (e.g., Contributor or kubeflow-edit role) to hijack user sessions, gaining full control over accounts and sensitive data. The attack leverages Istio VirtualService manipulation to intercept and exfiltrate tokens, bypassing default AuthorizationPolicies. Automatic Profile Creation exacerbates the risk by granting attackers access to namespaces. The issue affects most Kubeflow distributions, including cloud-based deployments. Kubeflow has addressed the vulnerability, and users are urged to update to the latest version to mitigate exposure.
Exploitation of Google Family Link Feature in Malicious Account Hijacking Campaigns
A sophisticated malicious campaign is exploiting a critical flaw in Google's Family Link parental control feature to hijack user accounts, bypass multi-factor authentication (MFA), and extort victims. Attackers initiate contact via compromised Discord accounts, luring victims into downloading malware disguised as a game. The malware steals credentials and hijacks browser sessions, allowing attackers to reclassify victims as minors under a malicious 'parent' account, thereby gaining full control. Victims are locked out of their accounts and face ransom demands to prevent data leaks or regain access. Google's support systems are currently ill-equipped to assist victims, highlighting a significant security gap. This campaign underscores the need for enhanced security measures in parental control features and user vigilance against phishing attempts.
Sectors
Tags
Google Family LinkAccount HijackingMalware CampaignDiscord PhishingRansomwareSoftware Supply Chain SecurityMulti-Factor Authentication BypassCredential TheftSocial EngineeringThreat Actor Tactics
Critical Vulnerabilities in Dify AI Platform: One-Click Account Takeover and Cross-Tenant Source Code Disclosure
Researchers identified two critical vulnerabilities in Dify, a popular open-source AI automation platform, exposing users to one-click account takeover and cross-tenant source code disclosure. The first flaw stemmed from improper handling of SVG file uploads, where malicious JavaScript embedded in SVG files could execute within the trusted application domain due to DNS alias misconfiguration and lack of access controls. The second vulnerability involved insufficient tenant isolation in Dify's Python sandbox, allowing attackers to access and decrypt other users' application source code through a repeating-key XOR cipher. These vulnerabilities highlight the growing security risks in AI automation platforms as they evolve into complex integration hubs, emphasizing the need for rigorous multi-tenant isolation and secure input handling. Dify silently patched the issues in versions 1.13.1 and 1.13.3, but the open-source nature of the platform means unpatched instances may remain at risk.
Sectors
Tags
AI SecurityVulnerability ResearchAccount TakeoverCross-Tenant Data LeakInsecure Direct Object Reference (IDOR)Sandbox EscapePython SecuritySVG ExploitationMulti-Tenant IsolationOpen-Source Security
Sophisticated Phishing Attack Leverages Microsoft Device Code Authentication to Compromise Entra ID Accounts
A recent phishing campaign observed by Truesec highlights the evolving sophistication of threat actors in compromising corporate identities. Attackers sent deceptive emails masquerading as file-sharing invitations, redirecting victims to a fraudulent website. The site instructed users to copy a verification code and paste it into a legitimate Microsoft Device Code Authentication page, thereby granting attackers full access to the victim’s Entra ID account. This technique exploits trust in Microsoft’s authentication infrastructure, making it highly convincing. Organizations are urged to recognize the red flags of such attacks, including unexpected file-sharing requests and manual code entry prompts, and to implement mitigations such as disabling Device Code Authentication via Conditional Access where feasible.
Critical GitLab Vulnerability (CVE-2023-7028): Account Takeover via Password Reset Without User Interaction
GitLab recently disclosed a critical vulnerability (CVE-2023-7028) with a CVSS score of 10.0, enabling attackers to execute account takeovers via password reset emails sent to unverified addresses. This flaw, exploitable without user interaction, poses severe risks, including unauthorized access to code repositories, intellectual property theft, and supply chain compromise. While GitLab has patched the issue in version 16.7.2, thousands of self-managed instances remain vulnerable. Enabling two-factor authentication (2FA) mitigates but does not eliminate the risk, as sophisticated attackers may bypass 2FA. Organizations are urged to upgrade immediately, monitor for exploitation attempts, and follow incident response protocols if compromised. The vulnerability underscores the importance of robust detection mechanisms and proactive security measures in DevSecOps environments.
Sectors
Tags
GitLabCVE-2023-7028Account TakeoverPassword Reset VulnerabilityCritical VulnerabilityCVSS 10.0DevSecOpsThreat DetectionExploit TechniquesVulnerability Research
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign Targeting Millions
Zimperium's zLabs has uncovered a sophisticated Android malware campaign conducting carrier billing fraud through premium SMS abuse across Malaysia, Thailand, Romania, and Croatia. The campaign involves nearly 250 malicious applications that selectively target users based on their mobile operator, silently subscribing victims to premium services without consent. The malware employs advanced evasion and automation techniques, including precise regional targeting, automated subscription workflows using WebView manipulation and JavaScript injection, OTP interception via abuse of Google's SMS Retriever API, and multi-platform distribution through fake apps impersonating popular brands like Facebook, Instagram, TikTok, Minecraft, and GTA. The campaign demonstrates a high level of organization, with real-time Telegram-based exfiltration of device metadata and subscription confirmations, sophisticated referrer-tracking systems, and dynamic subscription targets fetched from attacker-controlled servers. This operation highlights the evolving threat landscape of mobile fraud and the need for advanced mobile threat defense solutions.
The Industrialization of iGaming Fraud: How Organized Crime and AI Are Redefining Threat Landscapes
The iGaming industry is experiencing unprecedented growth, but this expansion is accompanied by a silent and sophisticated evolution in fraud. No longer confined to opportunistic abuse, fraud has industrialized into organized, data-driven operations that mimic legitimate user behavior, distorting metrics and eroding revenue. This article explores the shift from isolated incidents to coordinated fraud rings, the persistence of bonus abuse and multi-accounting, and the rise of AI-generated synthetic players. Operators often misinterpret fraud as growth, leading to strategic missteps such as overspending on acquisition and misallocating promotional budgets. The executive challenge lies in recognizing that modern fraud does not merely follow the money—it exploits gaps in detection and intelligence. Addressing this requires a paradigm shift from static, point-in-time verification to continuous, intelligence-driven fraud prevention that integrates behavioral analytics, relationship intelligence, and real-time monitoring to protect revenue without compromising user experience.
Commodity BadIIS Malware: A Multi-Year Development Effort by Chinese-Speaking Threat Actors for SEO Fraud and Traffic Manipulation
Cisco Talos has identified a sophisticated variant of the BadIIS malware, characterized by embedded 'demo.pdb' strings, which operates as a commodity tool within the malware-as-a-service (MaaS) model. This variant is actively used by multiple Chinese-speaking cybercrime groups for malicious search engine optimization (SEO) fraud, traffic redirection, and content hijacking. The malware's development, traced back to at least September 2021 and projected through January 2026, reveals a sustained, iterative effort by an author alias 'lwxat.' The discovery of a dedicated builder tool and auxiliary utilities highlights the modular and customizable nature of this threat, enabling threat actors to tailor payloads for specific evasion tactics, such as bypassing antivirus products like Norton. The malware's impact spans global regions, with notable activity in the Asia-Pacific, and demonstrates advanced capabilities in reverse proxying, conditional redirection, and persistence mechanisms to ensure long-term compromise of IIS servers.
Solo Threat Actor Leverages Jailbroken AI to Automate a 5-Year Influence and Cryptocurrency Fraud Campaign Targeting American Audiences
A solo Russian-speaking threat actor, tracked as 'bandcampro,' orchestrated a sophisticated 5-year cybercriminal campaign targeting politically engaged American audiences through a MAGA-themed Telegram channel. Beginning in September 2025, the actor pivoted to AI automation, utilizing a jailbroken Google Gemini model to generate content, manage infrastructure, conduct credential theft, and execute a cryptocurrency fraud scheme. The campaign exploited cultural alignment and trust within QAnon and MAGA communities, leveraging AI to scale operations that previously required a team of specialists. Despite reaching approximately 17,000 subscribers, the financial impact remained limited, highlighting both the potential and current limitations of AI-driven cybercrime. The operation underscores critical vulnerabilities in AI guardrails, particularly their inconsistency across languages and susceptibility to jailbreaking, enabling low-skilled actors to conduct high-impact cybercriminal activities with minimal resources.
Synthetic Influence and Real-World Harm: The Exploitation Pipeline Behind AI-Generated Influencers
The rise of AI influencers has introduced a new and scalable abuse pipeline that leverages synthetic identities to exploit real individuals' images, bodies, and likenesses without consent. This trend, often termed 'AI pimping,' involves the creation of AI-generated personas using stolen media, which are then monetized through adult-content platforms, subscriptions, and other paid services. The ambiguity between human and synthetic identities exacerbates risks such as non-consensual intimate imagery (NCII), impersonation, fraud, and trafficking-adjacent activities. Platforms face significant challenges in detecting and mitigating this abuse due to fragmented ecosystems where content is harvested, manipulated, and monetized across multiple services. The harm extends beyond NCII, encompassing reputational damage, economic exploitation, and psychological trauma for victims. Addressing this issue requires a holistic approach that focuses on the entire abuse chain, including body and content theft, rather than just face-based impersonation.
Sectors
Tags
AI influencerssynthetic identitiesnon-consensual intimate imagery (NCII)image abuseexploitationAI-generated contentdeepfakeface-swappingadult monetizationplatform abuse
Georgia Woman Sentenced for Cyberstalking, Identity Theft, and Threatening Adoptive Couples in Elaborate Online Scheme
Gabryele Watson, a 30-year-old woman from Georgia, was sentenced to 20 months in prison and three years of supervised release for cyberstalking, transmitting threats to kidnap or injure, and identity theft. Watson exploited the hopes of couples seeking to adopt by impersonating a pregnant teenager, using stolen personal details from social media. She engaged in prolonged psychological abuse, including threats to terminate pregnancies, harm unborn children, and even kill the adoptive couples. The case highlights the devastating real-world impact of cyberstalking and digital impersonation, underscoring the FBI's commitment to investigating and prosecuting such crimes. Watson's actions caused significant emotional distress and fear among her victims, demonstrating the severe consequences of online harassment and fraud.
Data Leakage Through AI Prompts: Real-World Scenarios and Effective Controls
The rapid adoption of generative AI (GenAI) tools in enterprise workflows has introduced a significant yet often overlooked risk: prompt data leakage. This phenomenon involves the accidental or intentional exposure of sensitive information through AI prompts, file uploads, or model outputs, bypassing traditional data loss prevention (DLP) controls designed for transactional data movement. With over 410 million DLP violations tied to ChatGPT alone in a single year—a 99.3% year-over-year increase—organizations face escalating risks to confidential data, including PII, PHI, PCI data, credentials, and proprietary intellectual property. This article explores 12 realistic scenarios of AI-driven data leakage, spanning legal, HR, finance, development, and customer-facing workflows, and outlines a phased approach to implementing effective controls such as inline DLP, browser isolation, and content moderation. The goal is to balance AI productivity with robust security, ensuring visibility and enforcement without stifling innovation.
Sectors
Tags
AI SecurityData LeakageGenerative AIData Loss Prevention (DLP)Prompt SecurityAI WorkflowsSensitive Data ExposureCybersecurity ControlsAI GovernanceThreat Intelligence
Massive Healthcare Data Breach at NYC Health + Hospitals Exposes Sensitive Patient and Employee Data via Third-Party Vendor
NYC Health + Hospitals (NYC H+H) disclosed a significant data breach affecting at least 1.8 million individuals, resulting from a compromise of a third-party vendor. The breach, detected in February 2026, exposed highly sensitive information, including medical records, government-issued IDs, financial data, and biometric identifiers such as fingerprints and palm prints. The unauthorized access persisted from late November 2025 through February 2026, making this one of the largest healthcare breaches of the year. The incident underscores the growing threat of supply-chain attacks in the healthcare sector, where vendors serve as entry points for cybercriminals. The exposed data poses severe risks, including long-term fraud, identity theft, blackmail, and privacy violations, necessitating robust identity protection measures for affected individuals.
Sectors
Tags
healthcare breachdata breachthird-party vendor riskbiometric data exposuremedical records compromisesupply chain attackidentity theftHIPAA compliancecybersecurity incident responsepatient data protection
CISA Secrets Exposed in Public GitHub Repository: A Case Study of Cloud Infrastructure and Operational Risks
In May 2026, GitGuardian identified a significant security incident involving the exposure of sensitive CISA secrets in a public GitHub repository named Private-CISA. The repository contained 844 MB of data, including CI/CD build logs, Kubernetes manifests, Terraform infrastructure code, GitHub Actions workflows, and internal documentation. The exposed material revealed plain-text passwords, private keys, GitHub tokens, AWS secrets, and explicit instructions to disable GitHub's secret scanning. The repository, initially suspected to be a hoax due to the suspicious nature of its contents, was confirmed legitimate after thorough analysis. GitGuardian reported the leak through multiple channels, leading to the repository being taken offline within 24 hours. This incident underscores the critical risks associated with improper handling of sensitive data in public repositories and highlights the importance of robust secret management and monitoring practices in cloud and DevOps environments.
Critical Heap Buffer Overflow Vulnerability in NGINX: Analysis and Mitigation of CVE-2026-42945 (NGINX Rift)
A critical vulnerability, dubbed NGINX Rift (CVE-2026-42945), has been identified in NGINX web servers, stemming from a heap buffer overflow in the HTTP rewrite module. This flaw allows unauthenticated attackers to cause denial of service (DoS) or potentially achieve remote code execution (RCE) under specific configurations. The vulnerability affects NGINX Open Source versions 1.0.0 through 1.30.0 and NGINX Plus releases, with patches now available. Exploitation requires the use of unnamed PCRE regular expression captures and a question mark in rewrite directives. While DoS is the most immediate threat, RCE is harder to achieve due to modern defenses like ASLR. Organizations are urged to apply patches promptly, as many production environments remain at risk. Akamai has deployed protective measures for its customers via the Adaptive Security Engine.
Sectors
Tags
NGINXCVE-2026-42945Heap Buffer OverflowDenial of Service (DoS)Remote Code Execution (RCE)Vulnerability ResearchThreat IntelligenceWeb Server SecurityPatch ManagementAkamai App & API Protector
Emergence of Independent NFC Relay Malware Families: DevilNFC and NFCMultiPay Signal a Shift in the Threat Landscape
In early 2026, Cleafy's Threat Intelligence and Response team identified two previously undocumented Android malware families, DevilNFC and NFCMultiPay, actively conducting NFC relay attacks against European banking customers. These families, developed independently by Spanish-speaking and Portuguese (Brazilian) threat actors respectively, mark a significant evolution in the NFC relay threat landscape. Historically dominated by Chinese-speaking Malware-as-a-Service (MaaS) operations, the emergence of these locally developed toolkits indicates a structural shift where regional threat actors are now capable of building and deploying their own sophisticated malware. Both families employ advanced social engineering techniques, such as Kiosk Mode and guided UI deception, to harvest card PINs, enabling unconstrained ATM withdrawals and chip-and-PIN transactions. The use of AI-assisted development tools is evident, lowering the technical barrier to entry and accelerating the proliferation of such threats. This trend is corroborated by independent findings from ESET, highlighting a broader movement among Portuguese and Spanish-speaking threat actors targeting Europe and LATAM.