Weekly Threat Landscape Digest – Week 1
This week’s threat landscape highlights the evolving sophistication of threat actors, who are increasingly targeting newly disclosed and unpatched vulnerabilities. From zero-day attacks to advanced phishing campaigns, their techniques continue to grow in complexity. To mitigate these risks, organizations must adopt a proactive, layered security approach. This includes timely patch management, continuous monitoring, and robust detection capabilities. Equally important is fostering a strong cybersecurity culture—one that is supported by real-time threat intelligence, ongoing awareness initiatives, and a well-defined incident response plan to minimize potential damage from emerging threats.
- Apache StreamPipes Privilege Escalation via JWT Manipulation (CVE-2025-47411)
A privilege escalation vulnerability has been identified in Apache StreamPipes that allows authenticated low-privileged users to impersonate administrators by manipulating JSON Web Tokens (JWTs). Successful exploitation results in full administrative control over the platform, posing a serious risk to data integrity and system security.
Details:
• Affected versions: Apache StreamPipes 0.69.0 through 0.97.0
• Root cause: improper user ID handling during JWT creation
• Attackers can modify JWT claims to impersonate an administrator
• No user interaction required beyond authentication
• Exploitation enables full administrative access
Impact:
• Unauthorized privilege escalation to administrator level
• Potential manipulation or deletion of pipelines and configurations
• Risk of data exposure and platform compromise
Recommendations:
• Upgrade all StreamPipes instances to version 0.98.0 or later
• Verify deployed versions across environments
• Review administrative accounts and audit access logs post-upgrade
• Rotate authentication tokens and credentials after remediation
Reference: • https://cybersecuritynews.com/apache-streampipes-vulnerability/
• https://seclists.org/oss-sec/2025/q4/319
- Multiple High-Risk Vulnerabilities in Advantech WebAccess/SCADA
Multiple high- and medium-severity vulnerabilities have been identified in Advantech WebAccess/SCADA that could be chained to compromise industrial control environments. Successful exploitation may allow file deletion, remote code execution, SQL injection, and unauthorized disclosure of system information, posing serious risks to OT environments.
Details:
• CVE-2025-14850 – Path traversal allowing arbitrary file deletion (CVSS 8.1)
• CVE-2025-14849 – Unrestricted file upload leading to remote code execution (CVSS 8.8)
• CVE-2025-14848 – Absolute path traversal allowing file existence disclosure (CVSS 4.3)
• CVE-2025-46268 – SQL injection enabling execution of arbitrary SQL commands (CVSS 6.3)
• CVE-2025-67653 – Path traversal allowing file existence disclosure (CVSS 4.3)
• Vulnerabilities may be chained to amplify attack impact
Affected Versions:
• Advantech WebAccess/SCADA 9.2.1
Fixed Version:
• Advantech WebAccess/SCADA 9.2.2 or later
Impact:
• Potential remote code execution and system compromise
• Unauthorized access to industrial control environments
• Operational disruption and integrity loss in OT networks
Recommendations:
• Upgrade immediately to WebAccess/SCADA version 9.2.2 or later
• Apply all vendor security patches without delay
• Restrict access using strong authentication and RBAC
• Avoid direct internet exposure of SCADA systems
• Monitor logs for anomalous activity and conduct periodic risk assessments
Reference:
• https://www.cisa.gov/news-events/ics-advisories/icsa-25-352-06
- Critical Authentication Bypass in IBM API Connect (CVE-2025-13915)
A critical authentication bypass vulnerability in IBM API Connect allows unauthenticated remote attackers to bypass login controls entirely, potentially granting full access to API management components and connected backend services.
Details:
• CVE ID: CVE-2025-13915
• CVSS v3.1 score: 9.8 (Critical)
• Attack vector: Network
• Privileges required: None
• User interaction: None
• Vulnerability type: Authentication bypass
• Exploitation enables unauthorized access to management interfaces
Impact:
• Complete compromise of API management environments
• Unauthorized manipulation of APIs and backend integrations
• Exposure of sensitive data and credentials
• Potential lateral movement into connected systems
Recommendations:
• Apply the appropriate IBM interim fix (iFix) for all affected versions immediately
• Identify all IBM API Connect deployments across environments
• Review authentication and access logs for suspicious activity
• Rotate credentials and API tokens after patching
• Restrict external access to management interfaces
• Perform post-remediation validation and security testing
Reference:
• https://www.ibm.com/support/pages/node/7255149
- Grafana Open Redirect and XSS Fix Bypass (CVE-2025-6023)
A bypass of the previously fixed CVE-2025-6023 vulnerability has been discovered in Grafana, allowing attackers to chain an open redirect flaw with a client-side path traversal issue to execute malicious JavaScript. Successful exploitation can lead to session hijacking and unauthorized access to dashboards.
Details:
• Vulnerability type: Open redirect bypass, path traversal, cross-site scripting
• Privileges required: None
• User interaction: Required (malicious link click)
• Attack vector: Network
• Exploitation chain combines:
– Server-side redirect validation bypass via URL fragments
– Client-side path traversal due to improper validation logic
• Attackers can force browsers to load attacker-hosted JavaScript
Affected Versions:
Grafana versions prior to:
• 12.3.0
• 12.2.2
• 12.1.4
• 12.0.7
• 11.6.8
Impact:
• Session hijacking and account takeover
• Unauthorized access to dashboards and data
• Execution of attacker-controlled scripts in user sessions
Recommendations:
• Upgrade Grafana immediately to a patched version
• Review logs for suspicious access to /dashboard/script/ and /user/auth-tokens/rotate
• Rotate session tokens and credentials after patching
• Restrict Grafana access to trusted networks only
Reference:
• https://blog.ethiack.com/blog/grafana-cve-2025-6023-bypass-a-technical-deep-dive
- Critical Remote Code Execution in SmarterMail (CVE-2025-52691)
A critical unauthenticated remote code execution vulnerability has been identified in SmarterMail, allowing attackers to upload arbitrary files and execute malicious code on affected servers without authentication.
Details:
• CVE ID: CVE-2025-52691
• CVSS v3.1 score: 10.0 (Critical)
• Vulnerability type: Remote Code Execution
• Attack vector: Network
• Privileges required: None
• User interaction: None
• Root cause: improper validation of file upload functionality enabling arbitrary file placement and execution
Affected Versions:
• SmarterMail Build 9406 and earlier
Fixed Version:
• SmarterMail Build 9413 and later
Impact:
• Full compromise of mail servers
• Exposure of sensitive email data
• Service disruption and potential lateral movement
• High risk to enterprise messaging infrastructure
Recommendations:
• Upgrade immediately to SmarterMail Build 9413 or later
• Apply all vendor patches and mitigations
• Restrict external access to mail administration interfaces
• Monitor logs for suspicious upload or execution activity
• Conduct post-remediation integrity and security reviews
Reference:
• https://nvd.nist.gov/vuln/detail/CVE-2025-52691
- VMware Tanzu Greenplum Backup and Restore Vulnerabilities Enable Denial-of-Service Attacks
VMware has released a Product Security Advisory addressing multiple vulnerabilities affecting the Tanzu Greenplum Backup and Restore component. Several of the identified flaws are rated high severity and could allow unauthenticated remote attackers to trigger denial-of-service (DoS) conditions, disrupting backup and recovery operations.
Details:
• Affected component: greenplum-backup-restore
• High-severity vulnerabilities (CVSS 7.5):
– CVE-2025-61725
– CVE-2025-61723
– CVE-2025-58188
– CVE-2025-58187
• Medium-severity vulnerabilities:
– CVE-2025-58181 (GHSA-j5w8-q4qc-rx2x)
– CVE-2025-47914 (GHSA-f6x5-jh6r-wrfv)
– CVE-2025-61724
– CVE-2025-58189
– CVE-2025-58186
– CVE-2025-58185
– CVE-2025-47912
– CVE-2025-58183
• High-severity issues allow unauthenticated attackers to disrupt service availability
• Medium-severity issues may affect reliability, stability, and security posture
Affected Versions:
• VMware Tanzu Greenplum Backup and Restore versions prior to 1.32.2
Fixed Version:
• VMware Tanzu Greenplum Backup and Restore 1.32.2 or later
Impact:
• Remote denial-of-service affecting backup and restore workflows
• Potential disruption to business continuity and disaster recovery processes
• Reduced reliability of backup infrastructure
Recommendations:
• Upgrade immediately to VMware Tanzu Greenplum Backup and Restore version 1.32.2 or later
• Review exposure of backup services to untrusted or public networks
• Monitor backup and restore services for crashes or abnormal behavior
• Apply VMware-recommended hardening and deployment best practices
• Validate backup integrity and recovery operations after patching
Reference:
• https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36728
- Critical Vulnerabilities in Exim Mail Server Enable SQL Injection and Memory Corruption
Multiple critical vulnerabilities have been identified in the Exim mail transfer agent that could allow remote attackers to compromise affected systems under certain configurations. The issues stem from improper input handling and unsafe memory operations, potentially enabling SQL injection, heap corruption, denial-of-service, and possibly arbitrary code execution.
Details:
SQL Injection via Incomplete Escaping
• CVE ID: CVE-2025-26794
• Severity: Critical (CVSS 9.8)
• Vulnerability type: SQL Injection
• Root cause: incomplete escaping of single quotes in the xtextencode() function
• Attackers can inject SQL through specially crafted SMTP addresses
• Exploitation may allow execution of arbitrary SQL queries and manipulation of Exim behavior
Heap Buffer Overflow via bloom_size Manipulation
• Vulnerability type: Heap buffer overflow / memory corruption
• bloom_size value is read from the database without validation
• Fixed-size (40-byte) buffer can be overwritten using attacker-controlled values
• Triggered remotely through crafted SMTP interactions
• May lead to service crashes or, under certain conditions, code execution
Impact:
• Execution of attacker-controlled SQL queries
• Corruption of internal memory structures
• Denial-of-service conditions
• Potential unauthorized control of mail server components
Affected Versions:
• Exim 4.99
Recommendations:
• Apply vendor patches or updates as soon as they become available
• Review and harden Exim configurations to minimize exposure
• Restrict mail service access to trusted networks where possible
• Monitor mail logs for malformed SMTP inputs or anomalous behavior
• Conduct post-patch validation to ensure service stability and integrity
- MongoBleed: Unauthenticated Memory Disclosure in MongoDB Server (CVE-2025-14847)
A high-severity information disclosure vulnerability known as MongoBleed has been identified in MongoDB Server. The flaw allows unauthenticated remote attackers to extract sensitive data directly from server memory by sending specially crafted compressed messages. Active exploitation has been reported, placing internet-exposed MongoDB deployments at significant risk.
Details:
• CVE ID: CVE-2025-14847
• Severity: High (CVSS 7.5)
• Attack vector: Network
• Authentication required: None
• Impact type: Information disclosure / memory leak
• Affected component: MongoDB zlib compression handling
Technical Summary:
• MongoDB trusts attacker-controlled “uncompressed size” values in zlib-compressed messages
• Malformed requests cause allocation of oversized buffers
• Uninitialized heap memory may be returned in error responses
• Exploitation occurs prior to authentication
• Repeated requests can leak sensitive memory contents
Impact:
• Disclosure of database credentials and authentication secrets
• Exposure of session tokens and API keys
• Leakage of PII and internal query data
• Enables reconnaissance and follow-on compromise
• High risk for internet-facing MongoDB instances
Affected Versions:
• MongoDB 8.2.0 – 8.2.2
• MongoDB 8.0.0 – 8.0.16
• MongoDB 7.0.0 – 7.0.27
• MongoDB 6.0.0 – 6.0.26
• MongoDB 5.0.0 – 5.0.31
• MongoDB 4.4.0 – 4.4.29
• All MongoDB Server 4.2, 4.0, and 3.6 releases
Fixed Versions:
• 8.2.3
• 8.0.17
• 7.0.28
• 6.0.27
• 5.0.32
• 4.4.30
Recommendations:
• Upgrade immediately to a patched MongoDB release
• Disable zlib compression if patching is delayed
• Restrict MongoDB access using firewalls or private networking
• Remove direct internet exposure of database services
• Monitor logs for unusual pre-authentication connection attempts
Reference:
• https://socradar.io/blog/mongobleed-cve-2025-14847-mongodb-memory-leak/
• https://jira.mongodb.org/browse/SERVER-115508
- FortiGate LDAP Username Case Mismatch Enables 2FA Bypass Under Specific Configurations (CVE-2020-12812)
Active exploitation has been reported for a previously disclosed FortiGate issue (FG-IR-19-283 / CVE-2020-12812) affecting environments using LDAP authentication with two-factor authentication (2FA). The weakness stems from username case-sensitivity mismatches between FortiGate and LDAP directory services (e.g., Active Directory), enabling LDAP-authenticated users to bypass 2FA under certain configurations. Any confirmed bypass should be treated as a security incident.
Details:
• Identifier: FG-IR-19-283
• CVE ID: CVE-2020-12812
• Vulnerability type: Authentication bypass / 2FA bypass (configuration-dependent)
• Attack vector: Network
• Severity: High (actively exploited)
• Root cause: FortiGate treats usernames as case-sensitive by default, while LDAP/AD typically treats them as case-insensitive; case mismatch may trigger fallback to LDAP group authentication and bypass 2FA enforcement.
• Exploitable only if all prerequisites are present:
– Local FortiGate user accounts have 2FA enabled and reference an LDAP directory
– Same users exist within LDAP/AD groups
– At least one LDAP group is configured on FortiGate and used in an authentication policy (Admin/SSL VPN/IPsec VPN)
– Username case sensitivity remains enabled (default in older FortiOS versions)
Impact:
• Bypass of two-factor authentication
• Unauthorized administrative or VPN access using valid LDAP credentials
• Potential perimeter compromise and persistent access establishment
Recommendations:
• Apply the mandatory configuration change immediately to disable username case sensitivity:
– FortiOS 6.0.10 / 6.2.4 / 6.4.1 and earlier syntax: set username-case-sensitivity disable
– FortiOS 6.0.13 / 6.2.10 / 6.4.7 / 7.0.1 and later: set username-sensitivity disable
• Review LDAP authentication flows and group mappings used by admin/VPN policies
• Audit VPN and administrative logs for logins occurring without expected 2FA prompts
• Treat any confirmed bypass as a security incident; reset credentials and rotate secrets where compromise is suspected
• Engage Fortinet Support if abnormal authentication behavior is detected
Reference:
• https://www.fortinet.com/blog/psirt-blogs/product-security-advisory-and-analysisobserved-abuse-of-fg-ir-19-283
- TeamViewer Digital Employee Experience (DEX) Vulnerabilities Enable Code Execution, Command Injection, and Privilege Escalation
TeamViewer has released security updates addressing multiple vulnerabilities in its Digital Employee Experience (DEX) suite (formerly 1E). The issues impact both the DEX Windows Client and the DEX Platform (SaaS and on-premise), with reported outcomes including arbitrary code execution, command injection, local privilege escalation, denial-of-service, and information disclosure.
Details:
• Arbitrary code execution (Content Distribution Service):
– CVE-2025-44016 (CVSS 8.8, High)
• Denial of service (application crash):
– CVE-2025-12687 (CVSS 6.5, Medium)
• Information disclosure:
– CVE-2025-46266 (CVSS 4.3, Medium)
• Command injection (DEX Platform instructions):
– CVE-2025-64986 (CVSS 7.2, High)
– CVE-2025-64987 (CVSS 7.2, High)
– CVE-2025-64988 (CVSS 7.2, High)
– CVE-2025-64989 (CVSS 7.2, High)
• Local privilege escalation to SYSTEM:
– CVE-2025-64994 (High)
– CVE-2025-64995 (High)
Affected Versions:
• TeamViewer (1E) DEX Platform – SaaS: versions prior to 25.12
• TeamViewer (1E) DEX Platform – On-Premise: all versions
• TeamViewer DEX Windows Client (affected versions per vendor bulletin)
Impact:
• Remote code execution and command execution within DEX environments
• Elevated privileges on endpoints (SYSTEM-level control)
• Service disruption via crashes/DoS
• Potential data exposure and misuse of enterprise management tooling
Recommendations:
• Apply all TeamViewer-provided security updates immediately
• Inventory and verify DEX platform and client versions across the environment
• Prioritize patching on on-premise deployments and high-privilege endpoints
• Restrict DEX management interfaces to trusted administrators and networks only
• Monitor for abnormal command execution, privilege escalation attempts, and unexpected crashes
• Review logs for indicators of exploitation or misuse
Reference:
• https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/
- ShadowV2 Mirai Variant Exploits Unpatched IoT Vulnerabilities for Botnet Propagation and DDoS Capability
FortiGuard Labs has reported an active Mirai-based botnet variant, ShadowV2, exploiting multiple known IoT vulnerabilities across diverse device types. Analysis indicates the campaign may have been used to test exploit chains, scanning coverage, and propagation mechanics ahead of potential large-scale botnet operations. Organizations with exposed IoT devices or internet-accessible management interfaces should treat this as urgent.
Details:
• Malware family: Mirai (variant: ShadowV2)
• Threat type: IoT botnet / DDoS / scanning and lateral movement enablement
• Observed activity: global
• Primary objective: device recruitment and validation of exploit propagation
• Post-compromise capabilities:
– Distributed denial-of-service (DDoS)
– Network scanning and reconnaissance
– Potential lateral movement within internal networks
– Coordinated attacks on demand
Exploited Vulnerabilities / Affected Platforms:
• DD-WRT: CVE-2009-2765
• D-Link devices: CVE-2020-25506, CVE-2022-37055, CVE-2024-10914, CVE-2024-10915
• DigiEver: CVE-2023-52163
• TBK: CVE-2024-3721
• TP-Link: CVE-2024-53375
• Many targets remain vulnerable due to delayed patching, exposed interfaces, and legacy deployments.
Indicators of Compromise (IOCs):
• Hosts:
– silverpath[.]shadowstresser[.]info
– 81[.]88[.]18[.]108
– 198[.]199[.]72[.]27
• Hashes:
– Downloader: 7dfbf8cea45380cf936ffdac18c15ad91996d61add606684b0c30625c471ce6a
– Payloads:
0408d57c5ded5c79bf1c5b15dfde95547e17b81214dfc84538edcdbef4e61ffe
dfaf34b7879d1a6edd46d33e9b3ef07d51121026b8d883fdf8aced630eda2f83
6f1a5f394c57724a0f1ea517ae0f87f4724898154686e7bf64c6738f0c0fb7b6
5b5daeaa4a7e89f4a0422083968d44fdfe80e9a32f25a90bf023bca5b88d1e30
c0ac4e89e48e854b5ddbaef6b524e94cc86a76be0a7a8538bd3f8ea090d17fc2
499a9490102cc55e94f6a9c304eea86bbe968cff36b9ac4a8b7ff866b224739f
bb326e55eb712b6856ee7741357292789d1800d3c5a6be4f80e0cb1320f4df74
24ad77ed7fa9079c21357639b04a526ccc4767d2beddbd03074f3b2ef5db1b69
80ee2bf90545c0d539a45aa4817d0342ff6e79833e788094793b95f2221a3834
cb42ae74216d81e87ae0fd51faf939b43655fe0be6740ac72414aeb4cf1fecf2
22aa3c64c700f44b46f4b70ef79879d449cc42da9d1fe7bad66b3259b8b30518
c62f8130ef0b47172bc5ec3634b9d5d18dbb93f5b7e82265052b30d7e573eef3
Impact:
• Rapid expansion of botnet-capable IoT footholds
• Increased risk of DDoS operations and widespread service disruption
• Potential internal reconnaissance and follow-on attacks from compromised edge devices
Recommendations:
• Apply firmware and vendor patches addressing the listed CVEs immediately
• Decommission unsupported or end-of-life IoT devices
• Remove default credentials and enforce strong, unique passwords per device
• Eliminate direct internet exposure of IoT management interfaces
• Disable unused services (e.g., Telnet, UPnP, legacy admin services)
• Place IoT assets behind firewalls and segment them from core enterprise networks
• Monitor for outbound connections to listed hosts and matches to provided hashes
Reference:
• https://www.fortinet.com/blog/threat-research/shadowv2-casts-a-shadow-over-iotdevices
- Session Token Exposure Vulnerability in M-Files Server (CVE-2025-13008)
A high-severity vulnerability has been disclosed in M-Files Server affecting the M-Files Web interface. The flaw allows authenticated attackers to capture active session tokens, enabling user impersonation and unauthorized access to sensitive content. Exploitation may allow attackers to bypass standard authentication controls and operate under another user’s session context.
Details:
• CVE ID: CVE-2025-13008
• Severity: High
• CVSS v4.0 score: 8.6
• Vulnerability type: Information disclosure / session token exposure
• Affected component: M-Files Web (M-Files Server)
• Attackers can reuse exposed session tokens to impersonate legitimate users
• Exploitation enables unauthorized access to documents and workflows without credentials
Affected Versions:
M-Files Server versions prior to:
• 25.12.15491.7
• LTS 25.8 SR3 (25.8.15085.18)
• LTS 25.2 SR3 (25.2.14524.14)
• LTS 24.8 SR5 (24.8.13981.17)
Fixed Versions:
• M-Files Server 25.12.15491.7
• Corresponding patched LTS service releases listed above
Impact:
• Session hijacking and user impersonation
• Unauthorized access to sensitive documents and metadata
• Potential data exposure and integrity violations
• Elevated risk in environments with external or shared access
Recommendations:
• Upgrade immediately to a patched M-Files Server version
• Review M-Files Web access logs for:
– Reused or hijacked session tokens
– Concurrent sessions from multiple IP addresses
– Abnormally long-lived sessions
• Implement enhanced monitoring for token-based authentication anomalies
• Enforce strict session lifecycle and timeout policies
• Restrict M-Files Web access to trusted users and networks
Reference:
• https://gbhackers.com/m-files-vulnerability/
- Critical Vulnerability in LangChain Allows Secret Exposure and Potential Remote Code Execution
A critical vulnerability has been identified in the LangChain framework, a widely used orchestration library for large language model (LLM) applications. The issue affects the langchain-core package and may allow attackers to extract sensitive environment variables and, in certain scenarios, achieve remote code execution through unsafe serialization and deserialization behavior.
Given LangChain’s widespread use across enterprise AI pipelines, this vulnerability represents a significant supply-chain and data exposure risk.
Details:
• CVE ID: CVE-2025-68664
• GHSA ID: GHSA-c67j-w6g6-q2cm
• Severity: Critical
• CVSS score: 9.3
• Vulnerability type: Serialization injection / information disclosure
• Affected component: langchain-core
Technical Summary:
• Vulnerability arises from unsafe handling of serialized objects
• Secrets may be extracted from environment variables during deserialization
• Improper defaults allow untrusted input to influence object reconstruction
• Under certain conditions, exploitation may lead to remote code execution
• Risk is elevated in applications accepting untrusted prompts or serialized inputs
Affected Versions:
• All LangChain deployments using vulnerable versions of langchain-core prior to patches
Fixed Versions:
• LangChain 1.2.5
• LangChain 0.3.81
Security Hardening Changes Introduced:
• allowed_objects now defaults to core-only
• secrets_from_env default changed from True to False
• Jinja2 template execution blocked by default via a new init_validator
• Safer defaults applied to serialization and deserialization paths
Impact:
• Exposure of environment variables and secrets
• Leakage of API keys, tokens, and credentials
• Potential remote code execution in misconfigured deployments
• Compromise of AI application pipelines and downstream services
Recommendations:
• Upgrade immediately to LangChain 1.2.5 or 0.3.81 (or later)
• Review applications for use of dump() / dumpd() and streaming features
• Audit prompt-handling logic for untrusted or user-controlled input
• Rotate all sensitive environment variables if exposure is suspected
• Restrict deserialization to explicitly trusted object types
• Monitor applications for anomalous behavior tied to serialization or secret access
Reference:
• https://gbhackers.com/critical-langchain-vulnerability/
- Mustang Panda Deploys Signed Kernel-Mode Rootkit to Deliver TONESHELL Backdoor
The China-linked threat actor Mustang Panda has been observed deploying a previously undocumented, signed kernel-mode rootkit to install an updated variant of the TONESHELL backdoor. The campaign, detected in mid-2025, targets government entities in Southeast and East Asia and represents a significant escalation in stealth and persistence techniques.
The attack chain leverages a malicious kernel driver signed with a stolen or leaked digital certificate, allowing the malware to bypass security controls and protect malicious processes from detection.
Details:
• Threat actor: Mustang Panda (aka Bronze President / RedDelta)
• Malware: TONESHELL (new variant)
• Delivery mechanism: Signed kernel-mode rootkit loader
• Target regions: Southeast and East Asia (notably Myanmar and Thailand)
• Initial access vector: Likely via previously compromised systems
• Driver signed using a leaked certificate issued to Guangzhou Kingteller Technology Co., Ltd.
Technical Characteristics:
• Malicious driver registers as a minifilter and operates at a high altitude level
• Uses stolen/expired certificate to bypass driver-signing enforcement
• Protects malicious files, registry keys, and processes from inspection
• Intercepts file, registry, and process operations to prevent removal
• Lowers Microsoft Defender filter priority to evade detection
• Injects user-mode shellcode into svchost.exe
• Drops and launches the TONESHELL backdoor payload
TONESHELL Capabilities:
• Reverse shell access
• File upload and download
• Remote command execution
• Payload staging and delivery
• Persistent C2 communication over TCP port 443
• Commands supported include:
– File upload/download
– Remote shell creation
– Command execution
– Connection termination
Command-and-Control Infrastructure:
• avocadomechanism[.]com
• potherbreference[.]com
Notable Behavior:
• Kernel driver blocks AV drivers by manipulating filter altitudes
• Protects malicious processes via kernel callbacks
• Uses in-memory execution to evade disk-based detection
• Payload execution and protection logic is fully memory-resident
• Detection requires memory forensics rather than file-based scanning
Impact:
• Persistent and stealthy espionage foothold
• Full system compromise with kernel-level control
• Long-term evasion of endpoint protection
• Data exfiltration and covert surveillance
• High risk for government and diplomatic organizations
Recommendations:
• Hunt for signed but untrusted kernel drivers, especially with abnormal filter altitudes
• Monitor for unauthorized drivers registered as minifilters
• Inspect memory for injected shellcode and anomalous svchost.exe behavior
• Block known C2 domains at network boundaries
• Apply strict driver signing enforcement and kernel protection policies
• Enable attack surface reduction and kernel-mode protections
• Conduct memory forensic analysis on suspected systems
• Reimage compromised hosts and rotate credentials
Reference:
• https://securelist.com/mustang-panda-toneshell-kernel-rootkit/
- GlassWorm Malware Abuses VS Code Extensions to Target macOS Users
A new wave of the GlassWorm malware campaign has been identified targeting macOS systems through malicious Visual Studio Code extensions hosted on the Open VSX marketplace. The malware uses encrypted payloads, delayed execution, and blockchain-based command-and-control to evade detection and enable persistent compromise.
This campaign marks a significant evolution from earlier variants by introducing advanced evasion techniques and supply-chain-style distribution via developer tooling.
Details:
• Malware family: GlassWorm
• Platform targeted: macOS
• Distribution vector: Malicious VS Code extensions (Open VSX)
• Threat type: Self-propagating malware / supply-chain compromise
• Campaign wave: Fourth iteration (late 2025)
Malicious Extensions Identified:
• pro-svelte-extension
• vsce-prettier-pro
• full-access-catppuccin-pro-extension
Technical Characteristics:
• Payload encrypted using AES-256-CBC
• Hardcoded encryption key and IV shared across variants
• Execution delayed by 15 minutes (900,000 ms) to evade sandbox detection
• Payload decrypted and executed via JavaScript eval()
• Command-and-control retrieved dynamically from the Solana blockchain
• C2 URLs encoded in blockchain transaction memos
• Infrastructure previously linked to IP: 45.32.151.157
macOS-Specific Capabilities:
• AppleScript-based execution
• Persistence via LaunchAgents
• Access to macOS Keychain for credential theft
• Replacement of legitimate wallet applications (Ledger Live, Trezor Suite)
• Staging of exfiltrated data in /tmp/ijewf/
• Exfiltration to 45.32.150.251/p2p
Evasion Techniques:
• Delayed execution to bypass sandbox timeouts
• Encrypted payloads embedded in extension source
• Blockchain-based C2 to resist takedown
• Validation of payload size before execution
• Shared crypto material across extensions
Impact:
• Compromise of developer systems
• Credential and keychain theft
• Cryptocurrency wallet hijacking
• Persistent backdoor installation
• Supply-chain risk via trusted extension ecosystems
• Difficult takedown due to decentralized C2
Recommendations:
• Remove all identified malicious VS Code extensions immediately
• Audit installed extensions across developer environments
• Restrict extension installation sources and enforce allowlists
• Monitor macOS systems for LaunchAgent persistence artifacts
• Block outbound connections to known C2 infrastructure
• Inspect for abnormal JavaScript execution delays and encrypted blobs
• Rotate credentials and crypto wallets if exposure is suspected
• Use endpoint protection capable of behavioral and memory analysis
- NeuroSploit v2: AI-Powered Penetration Testing Framework Leveraging Multiple LLMs
A new version of the open-source penetration testing framework NeuroSploit v2 has been released, introducing advanced AI-driven capabilities for offensive and defensive security operations. The tool integrates multiple large language models (LLMs) — including Claude, GPT, Gemini, and Ollama — to automate vulnerability discovery, exploitation workflows, and security analysis.
While positioned as a defensive and research-oriented framework, NeuroSploit v2 significantly lowers the barrier to conducting sophisticated offensive security operations and may be abused if adopted by malicious actors.
Details:
• Tool name: NeuroSploit v2
• Category: AI-assisted penetration testing / red teaming framework
• License: MIT (open source)
• Distribution: Public GitHub repository
• Primary use: Automated vulnerability discovery, exploitation, and reporting
• Target users: Security researchers, red teams, penetration testers
Core Capabilities:
• Multi-LLM integration supporting Claude, GPT, Gemini, and Ollama
• Modular agent-based architecture with specialized roles:
– Red Team operator
– Bug bounty hunter
– Malware analyst
– Blue team analyst
– OWASP / CWE specialist
• Automated vulnerability discovery and exploitation workflows
• Integration with common offensive security tools:
– Nmap
– Metasploit
– Subfinder
– Nuclei
– SQLMap
– Burp Suite
– Hydra
• Interactive CLI and automated execution modes
• Structured output in JSON and HTML report formats
• Support for custom prompt templates and extensible agent definitions
AI Safety and Control Features:
• Grounding and self-reflection mechanisms to reduce hallucinations
• Consistency checks to validate model outputs
• Keyword filtering and content validation safeguards
• Configurable guardrails for ethical and controlled testing
• Customizable parameters per agent:
– Temperature
– Token limits
– Context depth
– Caching behavior
Security Implications:
• Lowers technical barrier for conducting advanced reconnaissance and exploitation
• Enables rapid automation of vulnerability discovery workflows
• May be abused by threat actors if deployed without oversight
• Highlights growing convergence between AI tooling and offensive security
• Increases risk of AI-assisted exploitation against poorly secured systems
Impact:
• Accelerated discovery of exploitable vulnerabilities
• Potential misuse for automated attack campaigns
• Increased pressure on defenders to detect AI-assisted reconnaissance
• Reinforces need for continuous monitoring and exposure management
Recommendations:
• Treat AI-based security frameworks as dual-use tools
• Restrict access to offensive tooling in enterprise environments
• Monitor for automated scanning or anomalous probing behavior
• Ensure rate limiting and detection controls are in place
• Strengthen vulnerability management and patch hygiene
• Use such frameworks only in authorized and controlled testing scenarios
• Educate security teams on AI-assisted attack methodologies
Reference:
• https://thehackernews.com/2025/12/neurosploit-v2-ai-powered.html
- Threat Actors Advertise AI-Enhanced Metamorphic Crypter Claiming Windows Defender Bypass
Threat actors are advertising an advanced AI-powered metamorphic crypter on underground forums, marketed under the name InternalWhisper x ImpactSolutions. The service claims to generate fully undetectable malware by dynamically rewriting malicious code during compilation, enabling evasion of traditional signature-based defenses, including Windows Defender.
The offering reflects a growing trend toward commercialization of AI-assisted malware development, significantly lowering the barrier for cybercriminals to deploy sophisticated evasion techniques.
Details:
• Threat actor alias: ImpactSolutions
• Tool type: AI-powered metamorphic crypter
• Delivery model: Malware-as-a-Service (web-based panel)
• Target platform: Windows (x86/x64)
• Payload support: Native C/C++ and .NET binaries
• Distribution: Underground forums
Technical Characteristics:
• AI-driven metamorphic engine rewrites malicious code on each build
• Produces unique binaries with no static signatures
• Supports direct system calls to bypass API monitoring
• Uses process hollowing to inject payloads into legitimate processes
• Supports signed binary sideloading using trusted executables
• Implements AES-256 encryption for payload protection
• Runtime string encryption to hide malicious logic
• Anti-analysis and sandbox detection logic
• Optional persistence mechanisms
• Metadata spoofing and icon masquerading
• Certificate cloning to impersonate legitimate software
Operational Model:
• Delivered via an automated web-based builder
• Rapid generation of customized payloads
• Tiered pricing suggests commercial “service” model
• Designed for ease of use by low-skill operators
• Continuous updates promised by the seller
Impact:
• Increased availability of highly evasive malware tooling
• Reduced effectiveness of signature-based detection
• Higher likelihood of commodity malware achieving persistence
• Greater abuse potential by financially motivated actors
• Escalation in AI-assisted malware development trends
Recommendations:
• Strengthen behavioral and memory-based detection controls
• Monitor for process hollowing and suspicious parent–child process chains
• Detect abnormal use of signed binaries for sideloading
• Enforce application allowlisting and attack surface reduction rules
• Monitor for encrypted payload execution and delayed execution logic
• Enhance threat hunting for polymorphic and metamorphic malware behavior
• Maintain updated EDR engines with heuristic and ML detection enabled
Reference:
• https://thehackernews.com/2025/12/threat-actors-advertising-ai.html
- European Space Agency Confirms Breach of External Servers Supporting Scientific Collaboration
The European Space Agency (ESA) has confirmed a cybersecurity breach affecting a limited number of servers located outside its core corporate network. The compromised systems were reportedly used to support external scientific and engineering collaboration activities and did not host classified systems.
While the incident scope appears limited, the breach highlights ongoing risks associated with third-party and extended research environments connected to critical space-sector operations.
Details:
• Organization affected: European Space Agency (ESA)
• Impacted assets: External servers outside ESA corporate network
• Purpose of systems: Collaborative engineering and scientific research
• Classification level: Unclassified systems
• Status: Forensic investigation ongoing
• Disclosure date: December 30, 2025
Incident Overview:
• ESA detected unauthorized activity affecting a small number of external servers
• Servers were not part of the agency’s internal corporate infrastructure
• Systems supported joint research and engineering workflows
• No confirmed disruption to core missions or operations
• Stakeholders and partners have been notified
Potential Exposure:
• Engineering documentation
• Research collaboration data
• Simulation or modeling artifacts
• Metadata useful for reconnaissance or supply-chain targeting
Impact:
• Limited operational disruption reported
• Possible exposure of non-classified technical or collaboration data
• Increased risk of downstream supply-chain targeting
• Highlights weaknesses in extended and partner-hosted environments
Recommendations:
• Apply zero-trust principles to all external and collaborative infrastructure
• Enforce strong authentication and access segmentation for partner systems
• Conduct forensic review of externally hosted servers
• Review access logs for anomalous or unauthorized activity
• Strengthen third-party risk management and contractual security controls
• Monitor for follow-on phishing or intrusion attempts leveraging exposed data
• Implement continuous monitoring for externally hosted research systems
- Copilot Studio “Connected Agents” Feature Abused to Create Undetected Backdoor Access
Researchers have identified a serious security risk in Microsoft Copilot Studio’s Connected Agents feature, which can be abused by attackers to gain persistent and stealthy access to enterprise environments. The feature, enabled by default on newly created agents, allows AI agents to share tools, logic, and capabilities — but lacks sufficient visibility and access controls.
Attackers can exploit this design by creating malicious agents that silently connect to legitimate, privileged agents, effectively inheriting their capabilities without generating audit logs or alerts.
Details:
• Product: Microsoft Copilot Studio
• Feature abused: Connected Agents
• Attack type: Unauthorized access / privilege abuse / backdoor creation
• Exposure: Enabled by default on new agents
• Visibility gap: No native logging showing which agents are connected
Attack Technique:
• Attacker creates a malicious agent within the same environment
• Malicious agent connects to a legitimate, privileged agent
• Connection exposes tools, knowledge, and actions of the trusted agent
• No activity appears in the victim agent’s audit or activity logs
• Enables covert execution of actions on behalf of the trusted agent
High-Risk Scenarios Observed:
• Abuse of agents with email-sending permissions
• Impersonation of official corporate communications
• Large-scale phishing sent from trusted domains
• Abuse of agents connected to sensitive business data
• Long-term persistence through hidden agent-to-agent trust
Impact:
• Unauthorized access to internal AI workflows
• Abuse of corporate email and automation privileges
• Brand impersonation and phishing campaigns
• Loss of visibility into agent activity
• Elevated insider and supply-chain risk
Recommendations:
• Disable Connected Agents on all production agents unless explicitly required
• Treat agents with Connected Agents enabled as publicly exposed assets
• Enforce authentication for all tools used by agents
• Audit all existing agents for unintended connections
• Restrict creation of new agents to trusted administrators
• Review knowledge sources and exposed actions for each agent
• Monitor outbound actions such as email sending or API calls
• Apply least-privilege principles to agent permissions
- Silver Fox Threat Group Targets Indian Organizations Using Tax-Themed Phishing and ValleyRAT Malware
The China-linked threat actor Silver Fox is actively targeting Indian organizations using phishing campaigns themed around income tax notifications. The attacks deliver multi-stage malware that ultimately installs ValleyRAT, a remote access trojan capable of persistent surveillance and command execution.
The campaign relies on social engineering combined with DLL hijacking and in-memory execution to evade traditional detection.
Details:
• Threat actor: Silver Fox (China-aligned)
• Target region: India
• Primary lure: Fake Income Tax–themed emails
• Initial vector: Malicious PDF leading to executable download
• Final payload: ValleyRAT
Infection Chain:
• Phishing email contains PDF masquerading as tax documentation
• PDF redirects to malicious site hosting tax_affairs.exe
• Loader drops a legitimate signed executable (Thunder.exe)
• Malicious libexpat.dll placed alongside for DLL hijacking
• DLL executes after Thunder.exe loads, bypassing trust checks
• Anti-analysis checks detect sandboxes and security tools
• Windows Update services disabled
• Encrypted payload (box.ini) decrypted and executed in memory
• Final payload injected directly into memory
Payload Capabilities (ValleyRAT):
• Remote command execution
• Credential harvesting
• File upload and download
• Process injection
• Persistence via registry storage
• Multi-protocol C2 (HTTP / HTTPS / TCP)
• Automatic failover across multiple C2 servers
Impact:
• Persistent compromise of targeted systems
• Espionage-focused data theft
• Long-term access with modular payload delivery
• Elevated risk to government and enterprise environments
Recommendations:
• Block execution of unknown binaries delivered via email
• Monitor for DLL sideloading involving legitimate executables
• Detect suspicious process injection and memory-only payloads
• Monitor registry locations used for binary configuration storage
• Enforce application allowlisting and ASR rules
• Educate users on tax-themed phishing campaigns
• Perform threat hunting for ValleyRAT indicators
Reference:
• https://thehackernews.com/2025/12/silver-fox-hackers-attacking-indian.html
- Critical Bluetooth Headphone Vulnerabilities Enable Smartphone Hijacking and Eavesdropping
Researchers have disclosed multiple critical vulnerabilities affecting Bluetooth headphones and earbuds using Airoha SoCs, allowing attackers to hijack connected smartphones, eavesdrop on conversations, and extract sensitive data. The flaws affect devices from major vendors including Sony, Bose, JBL, Marshall, Jabra, and others.
The vulnerabilities stem from insecure implementations of the RACE (Remote Access Control Engine) protocol, originally intended for debugging and firmware operations.
Details:
• Affected chipset vendor: Airoha
• Attack surface: Bluetooth LE, Bluetooth Classic, USB HID
• Vulnerability class: Missing authentication / arbitrary read-write
• Disclosure timeframe: June–December 2025
Vulnerabilities:
• CVE-2025-20700 – Missing BLE authentication (CVSS 8.8)
• CVE-2025-20701 – Missing Classic Bluetooth authentication (CVSS 8.8)
• CVE-2025-20702 – RACE protocol arbitrary read/write & RCE (CVSS 9.6)
Technical Impact:
• Unauthenticated access to device internals
• Read/write access to RAM and flash memory
• Retrieval of Bluetooth link keys
• Extraction of paired phone identifiers
• Execution of arbitrary commands
• Silent microphone activation and audio interception
Chained Attack Scenario:
• Attacker connects to nearby headphones via BLE
• Uses RACE protocol to dump flash memory
• Extracts paired-device Link Key
• Impersonates trusted headset to smartphone
• Gains access to calls, voice assistants, and data
• Can trigger calls, send messages, or eavesdrop
Affected Devices (examples):
• Sony WH-1000XM5 / WF-1000XM5
• Bose QuietComfort series
• JBL Live Buds
• Marshall Major V / Minor IV
• Jabra, Beyerdynamic, Teufel (various models)
Impact:
• Stealth surveillance via compromised headphones
• Unauthorized smartphone access
• Credential and conversation leakage
• High risk to journalists, diplomats, executives
• Long-lived compromise via trusted Bluetooth pairing
Recommendations:
• Update headphone firmware immediately via vendor apps
• Remove unused Bluetooth pairings from smartphones
• Disable Bluetooth when not in use
• Avoid using vulnerable wireless headsets for sensitive calls
• Prefer wired headsets for high-risk environments
• Manufacturers should apply Airoha SDK patches and conduct security audits