惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Hacker News: Ask HN
Hacker News: Ask HN
N
News and Events Feed by Topic
Forbes - Security
Forbes - Security
The Last Watchdog
The Last Watchdog
TaoSecurity Blog
TaoSecurity Blog
Schneier on Security
Schneier on Security
SecWiki News
SecWiki News
V
Vulnerabilities – Threatpost
Project Zero
Project Zero
O
OpenAI News
W
WeLiveSecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
H
Hacker News: Front Page
Cisco Talos Blog
Cisco Talos Blog
Spread Privacy
Spread Privacy
Help Net Security
Help Net Security
P
Privacy & Cybersecurity Law Blog
K
Kaspersky official blog
S
Security @ Cisco Blogs
Latest news
Latest news
AWS News Blog
AWS News Blog
U
Unit 42
Martin Fowler
Martin Fowler
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Know Your Adversary
Know Your Adversary
Scott Helme
Scott Helme
博客园 - 司徒正美
B
Blog RSS Feed
C
Check Point Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
D
Docker
Google Online Security Blog
Google Online Security Blog
Jina AI
Jina AI
aimingoo的专栏
aimingoo的专栏
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Last Week in AI
Last Week in AI
月光博客
月光博客
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
SegmentFault 最新的问题
NISL@THU
NISL@THU
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
Attack and Defense Labs
Attack and Defense Labs
小众软件
小众软件

The Hacker News

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation 22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023 5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files ⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More Why Most AI Deployments Stall After the Demo Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories [Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data The Hacker News The Hacker News Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More Deterministic + Agentic AI: The Architecture Exposure Validation Requires Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report) 108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025 FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More Your MTTD Looks Great. Your Post-Alert Gap Doesn't North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs Browser Extensions Are the New AI Consumption Channel That No One Is Talking About Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns The Hidden Security Risks of Shadow AI in Enterprises Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025 Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP) Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign [Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign The Hidden Cost of Recurring Credential Incidents New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners The State of Trusted Open Source Report WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
The Hacker News · 2026-04-09 · via The Hacker News

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't.

This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in practice anyway.

Mix of malware, infrastructure exposure, AI-adjacent weirdness, and some supply chain stuff that's... not great. Let's get into it.

  1. Resilient hybrid botnet surge

    A new variant of the botnet known as Phorpiex (aka Trik) has been observed, using a hybrid communication model that combines traditional C2 HTTP polling with a peer-to-peer (P2P) protocol over both TCP and UDP to ensure operational continuity in the face of server takedowns. The malware acts as a conduit for encrypted payloads, making it challenging for external parties to inject or modify commands. The primary goal of Phorpiex's Twizt variant is to drop a clipper that re-routes cryptocurrency transactions, as well as distribute high-volume sextortion email spam and facilitate ransomware deployment (e.g., LockBit Black, Global). It also exhibits worm-like behavior by propagating through removable and remote drives, and drop modules responsible for exfiltrating mnemonic phrases and scanning for Local File Inclusion (LFI) vulnerabilities. "Phorpiex has consistently demonstrated its capability to evolve, shifting from a pure spam operation to a sophisticated platform," Bitsight said. "The Phorpiex botnet remains a highly adaptive and resilient threat." There are about 125,000 infections daily on average, with the most affected countries being Iran, Uzbekistan, China, Kazakhstan, and Pakistan.

  2. Chained flaws enable stealth RCE

    A remote code execution (RCE) vulnerability that lurked in Apache ActiveMQ Classic for 13 years could be chained with an older flaw (CVE-2024-32114) to bypass authentication. Tracked as CVE-2026-34197 (CVSS score: 8.8), the newly identified bug allows attackers to invoke management operations through the Jolokia API and trick the message broker into retrieving a remote configuration file and executing operating system commands. According to Horizon3.ai, the security defect is a bypass for CVE-2022-41678, a bug that allows authenticated attackers to trigger arbitrary code execution and write web shells to disk. "The vulnerability requires credentials, but default credentials (admin:admin) are common in many environments," Horizon3.ai researcher Naveen Sunkavally said. "On some versions (6.0.0 - 6.1.1), no credentials are required at all due to another vulnerability, CVE-2024-32114, which inadvertently exposes the Jolokia API without authentication. In those versions, CVE-2026-34197 is effectively an unauthenticated RCE." The newly discovered security defect was addressed in ActiveMQ Classic versions 5.19.4 and 6.2.3.

  3. Cyber fraud losses hit record highs

    Cyber-enabled fraud cost victims over $17.7 billion during 2025, as financial losses to internet-enabled fraud continue to grow. The total loss exceeds $20.87 billion, up 26% from 2024. "Cyber-enabled fraud is responsible for almost 85% of all losses reported to IC3 [Internet Crime Complaint Center] in 2025," the U.S. Federal Bureau of Investigation (FBI) said. "Cryptocurrency investment fraud was the highest source of financial losses to Americans in 2025, with $7.2 billion reported in losses." In all investment scams led the pack with $8.6 billion in reported losses, followed by business email compromise ($3 billion) and tech support scams ($2.1 billion). Sixty-three new ransomware variants were identified last year, leading to more than $32 million in losses. Akira, Qilin, INC./Lynx/Sinobi, BianLian, Play, Ransomhub, Lockbit, Dragonforce, Safepay, and Medusa emerged as the top ten variants to hit critical manufacturing, healthcare, public health, and government entities.

  4. AI-driven DDoS tactics escalate

    According to data from NETSCOUT, more than 8 million DDoS attacks were recorded across 203 countries and territories between July and December 2025. "The attack count remained stable compared to the first half of the year, but the nature and sophistication of attacks changed dramatically," the company said. "The TurboMirai class of IoT botnets, including AISURU and Eleven11 (RapperBot), emerged as a major force. DDoS-for-hire platforms are now integrating dark-web LLMs and conversational AI, lowering the technical barrier for launching complex, multi-vector attacks. Even unskilled threat actors can now orchestrate sophisticated campaigns using natural-language prompts, increasing risk for all industries."

  5. Insider breach exposes private photos

    A former Meta employee in the U.K. is under investigation over allegations that he illegally downloaded about 30,000 private photos from Facebook. According to The Guardian, the accused developed a software program to evade Facebook's internal security systems and access users' private images. Meta uncovered the breach more than a year ago, terminated the employee, and referred the case to law enforcement. The company said it also notified affected users, although it's not clear how many were impacted.

  6. Help desk attacks enable enterprise breaches

    Google said it's tracking a financially motivated threat cluster called UNC6783 that's tied to the "Raccoon" persona and is targeting dozens of high-profile organizations across multiple sectors by compromising business process outsourcing (BPO) providers and help desk staff for later data extortion. "The campaign relies on live chat social engineering to direct employees to spoofed Okta logins using [org].zendesk-support[##].com domains," Austin Larsen, Google Threat Intelligence Group (GITG) principal threat analyst, said. "Their phishing kit steals clipboard contents to bypass MFA and enroll their own devices for persistent access. We also observed them using fake security updates (ClickFix) to drop remote access malware." Organizations are advised to prioritize FIDO2 hardware keys for high-risk roles, monitor live chat for suspicious links, and regularly audit newly enrolled MFA devices.

  7. Magecart skimmer hides in SVG

    A large-scale Magecart campaign is using invisible 1x1 pixel SVG elements to inject a fake checkout overlay on 99 Magento e-commerce stores, exfiltrating payment data to six attacker-controlled domains. "In the early hours of April 7th, nearly 100 Magento stores got mass-infected with a 'double-tap' skimmer: a credit card stealer hidden inside an invisible SVG element," Sansec said. "The likely entry vector is the PolyShell vulnerability that continues to affect unprotected Magento stores." Like other attacks of this kind, the skimmer shows victims a convincing "Secure Checkout" overlay, complete with card validation and billing fields. Once the payment details are captured, it silently redirects the shopper to the real checkout page. Adobe has yet to release a security update to address the PolyShell flaw in production versions of Magento.

  8. Emoji-coded signals evade detection

    Cybercriminals are using emojis across illicit communities to signal financial activity, access and account compromise, tooling and service offerings, represent targets or regions, and communicate momentum or importance. Using emojis allows bad actors to bypass security controls. "Emojis provide a shared visual layer that allows actors to communicate core concepts without relying entirely on text," Flashpoint said. "This is particularly valuable in: large Telegram channels with international membership, cross-border fraud operations, [and] decentralized marketplaces. This ability to compress meaning into visual shorthand helps scale operations and coordination across diverse actor networks."

  9. Stealth RAT delivered via MSI

    A ClickFix campaign targeting Windows users is leveraging malicious MSI installers to deliver a Node.js-based information stealer. "This Windows payload is a highly adaptable remote access Trojan (RAT) that minimizes its forensic footprint by using dynamic capability loading," Netskope said. "The core stealing modules and communication protocols are never stored on the victim’s disk. Instead, they are delivered in-memory only after a successful C2 connection is established. To further obfuscate the attacker’s infrastructure, the malware routes gRPC streaming traffic over the Tor network, providing a persistent and masked bidirectional channel."

  10. macOS attack bypasses Terminal safeguards

    More ClickFix, this time targeting macOS. According to Jamf, a ClickFix-style macOS attack is abusing the "applescript://" URL scheme to launch Script Editor and deliver an Atomic Stealer infostealer payload, thereby bypassing Terminal entirely. The attack leverages fake Apple-themed web pages that include instructions to "reclaim disk space on your Mac" by clicking on an "Execute" button that triggers the "applescript://" URL scheme. The new approach is likely a response to a new security feature introduced by Apple in macOS 26.4 that scans commands pasted into Terminal before they're executed. "It's a meaningful friction point, but as this campaign illustrates, when one door closes, attackers find another," security researcher Thijs Xhaflaire said.

  11. PyPI package exfiltrates AI prompts

    A malicious PyPI package named hermes-px has been advertised as a "Secure AI Inference Proxy" but contains functionality to steal users' prompts. "The package actually hijacks a Tunisian university's private AI endpoint, bundles a stolen and rebranded Anthropic Claude Code system prompt, launders all responses to hide the true upstream source, and exfiltrates every user message directly to the attacker's Supabase database, bypassing the very Tor anonymity it promises," JFrog said.

  12. Exposed PLCs targeted by state actors

    Data from Censys has revealed that there are 5,219 internet-exposed hosts that self-identify as Rockwell Automation/Allen-Bradley devices. "The United States accounts for 74.6% of global exposure (3,891 hosts), with a disproportionate share on cellular carrier ASNs indicative of field-deployed devices on cellular modems," it said. "Spain (110), Taiwan (78), and Italy (73) represent the largest non-Anglosphere concentrations. Iceland's presence (36 hosts) is disproportionate to its population and warrants attention, given its geothermal energy infrastructure." The disclosure follows a joint advisory from U.S. agencies that warned of ongoing exploitation of internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs) by Iranian-affiliated nation-state actors since March 2026 to breach U.S. critical infrastructure sectors, causing operational disruption and financial loss in some cases. The agencies said the attacks are reminiscent of similar attacks on PLCs by Cyber Av3ngers in late 2023.

  13. Code leak weaponized for malware spread

    In late March 2026, Anthropic inadvertently exposed internal Claude Code source material via a misconfigured npm package, which included approximately 512,000 lines of internal TypeScript. While the exposure lasted only about three hours, it triggered rapid mirroring of the source code across GitHub, prompting Anthropic to issue takedown notices (and later a partial retraction). Needless to say, threat actors wasted no time and took advantage of the topical nature of the leak to distribute Vidar Stealer, PureLogs Stealer, and GhostSocks proxy malware through fake leaked Claude Code GitHub repositories. "The campaign abuses GitHub Releases as a trusted malware delivery channel, using large trojanized archives and disposable accounts to repeatedly evade takedowns," Trend Micro said. "The combined functionality of the malware payloads enables credential theft, cryptocurrency wallet exfiltration, session hijacking, and residential proxy abuse across Windows, giving the operators multiple monetization paths from a single infection."

  14. Lumma successor adopts evasive tactics

    A new 64-bit version of Lumma Stealer called Remus (historically called Tenzor) has emerged in the wild following Lumma's takedown and the doxxing of its alleged core members. "The first Remus campaigns date back to February 2026, with the malware switching from Steam/Telegram dead drop resolvers to EtherHiding and employing new anti-analysis checks," Gen researchers said. Besides using identical code, direct syscalls/sysenters, and the same string obfuscation technique, another detail linking the two is the use of an application-bound encryption method, only observed in Lumma Stealer to date.

  15. Court rulings split on AI risk label

    In a setback for Anthropic, a Washington, D.C., federal appeals court declined to block the U.S. Department of Defense's national security designation of the AI company as a supply chain risk. The development comes after another appeals court in San Francisco came to the opposite conclusion in a separate legal challenge by Anthropic, granting it a preliminary injunction that bars the Trump administration from enforcing a ban on the use of AI chatbot Claude.The company has said the designation could cost the company billions of ⁠dollars in lost business and reputational harm. As Reuters notes, the lawsuit is one of two that Anthropic filed over the Trump administration's unprecedented move to classify it as a supply chain risk after it refused to allow the military to use Claude for domestic mass surveillance or autonomous weapons.

  16. Trojanized tools deliver crypto clipper

    In a new campaign observed by Kaspersky, unwitting users searching for proxy clients like Proxifier on search engines like Google and Yandex are being directed to malicious GitHub repositories that host an executable, which acts as a wrapper around the legitimate Proxifier installer.Once launched, it configures Microsoft Defender Antivirus exclusions, launches the real Proxifier installer, sets up persistence, and runs a PowerShell script that reaches out to Pastebin to retrieve a next-stage payload. The downloaded PowerShell script is responsible for retrieving another script containing the Clipper malware from GitHub. The malware substitutes cryptocurrency wallet addresses copied to the clipboard with an attacker-controlled wallet with the intention of rerouting financial transactions. Since the start of 2025, more than 2,000 Kaspersky users – most of them in India and Vietnam – have encountered the threat.

  17. SaaS platforms abused for phishing delivery

    Threat actors are leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. Because these emails are dispatched from the platform's own infrastructure (e.g., Jira's Invite Customers feature), they are unlikely to be blocked by email security tools. "These emails are transmitted using the legitimate mail delivery infrastructure associated with GitHub and Jira, minimizing the likelihood that they will be blocked in transit to potential victims," Cisco Talos said. "By taking advantage of the built-in notification functionality available within these platforms, adversaries can more effectively circumvent email security and monitoring solutions and facilitate more effective delivery to potential victims." The development coincides with a phishing campaign targeting multiple organizations with invitation lures sent from compromised email accounts that lead to the deployment of legitimate remote monitoring and management (RMM) tools like LogMeIn Resolve. The campaign, tracked as STAC6405, has been ongoing since April 2025. In one case, the threat actor has been found to leverage a pre-existing installation of ScreenConnect to download a HeartCrypt-protected ZIP file that ultimately leads to the installation of malware that's consistent with ValleyRAT. Other campaigns have leveraged procurement-themed emails to direct users to cloud-hosted PDFs containing embedded links that, when clicked, take victims to Dropbox credential harvesting pages. Threat actors have also distributed executable files disguised as copyright violation notices to trick them into installing PureLogs Stealer as part of a multi-stage campaign. What's more, Reddit posts advertising the premium version of TradingView have acted as a conduit for Vidar and Atomic Stealer to steal valuable data from both Windows and macOS systems. "The threat actor actively comments on their own posts with different accounts, creating the illusion of a busy and helpful community," Hexastrike said. "More concerning, any comments from real users pointing out that the downloads are malware get deleted within minutes. The operation is hands-on and closely monitored."

  18. Linux SMB flaw leaks crypto keys

    A high-severity security flaw has been disclosed in the Linux kernel's ksmbd SMB3 server. Tracked as CVE-2026-23226 (CVSS score: 8.8), it falls under the same bug class as CVE-2025-40039, which was patched in October 2025. "When two connections share a session over SMB3 multichannel, the kernel can read a freed channel struct – exposing the per-channel AES-128-CMAC signing key and causing a kernel panic," Orca said. "An attacker needs valid SMB credentials and network access to port 445." Alternatively, the vulnerability can be exploited by an attacker to leak the per-channel AES-128-CMAC key used to sign all SMB3 traffic, enabling them to forge signatures, impersonate the server, or bypass signature verification. It has been fixed in the commit "e4a8a96a93d."

  19. Prompt injection turns AI into attack tool

    New research has demonstrated it's possible to trick Anthropic's vibe coding tool Claude Code into performing a full-scope penetration attack and credential theft by modifying a project's "CLAUDE.md" file to bypass the coding agent's safety guardrails. The instructions explicitly tell Claude Code to help the developer complete a penetration testing assessment against their own website and assist them in their tasks. "Claude Code should scan CLAUDE.md before every session, flagging instructions that would otherwise trigger a refusal if attempted directly within a prompt," LayerX said. "When Claude detects instructions that appear to violate its safety guardrails, it should present a warning and allow the developer to review the file before taking any actions."

  20. AI exploit silently leaks enterprise data

    Grafana has patched a security vulnerability that could have enabled attackers to trick its artificial intelligence (AI) capabilities into leaking sensitive data by means of an indirect prompt injection and without requiring any user interaction. The attack has been codenamed GrafanaGhost by Noma Security. "By bypassing the client-side protections and security guardrails that restrict external data requests, GrafanaGhost allows an attacker to bridge the gap between your private data environment and an external server," the cybersecurity company said. "Because the exploit ignores model restrictions and operates autonomously, sensitive enterprise data can be leaked silently in the background." GrafanaGhost is stealthy, as it requires no login credentials and does not depend on a user clicking a malicious link. The attack is another example of how AI-assisted features integrated into enterprise environments can be abused to access and extract critical data assets while remaining entirely invisible to defenders.

  21. Android framework abused for payment fraud

    LSPosed is a powerful framework for rooted Android devices that allows users to modify the behavior of the system and apps in real-time without actually making any modifications to APK files. According to CloudSEK, threat actors are now weaponizing the tool to remotely inject fraudulent SMS messages and spoof user identities in modern payment ecosystems via a malicious module called "Digital Lutera." The attack effectively undermines SIM-binding restrictions applied to banking and instant payment apps in India. However, for this approach to work, the threat actor requires a victim to install a Trojan that can intercept SMS messages sent to/from the device. While the attack previously combined a trojanized mobile device (the victim) and a modified mobile payment APK (on the attacker's device) to trick bank servers into believing the victim's SIM card is physically present in the attacker's phone, the latest iteration leans on LSPosed to achieve the same goals. A key requisite to this attack is that the attacker must have a rooted Android device with the LSPosed module and the legitimate, unmodified payment app installed. "This new attack vector allows threat actors to hijack legitimate, unmodified payment applications by 'gaslighting' the underlying Android operating system," CloudSEK said. "By using LSPosed, the threat actor ensures the payment app's signature remains valid, making it invisible to many standard integrity checks."

That's the week. A lot of ground covered — old problems with new angles, platforms being abused in ways they weren't designed for, and a few things that are just going to keep getting worse before anyone seriously addresses them.

Patch what you can. Audit what you've trusted by default. And maybe double-check anything that touches AI right now — that space is getting messy fast.

Same time next Thursday.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.