theregister.com 2025/08/22/ -
: Pro tip: When taking revenge, don't use your real name
A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company’s servers.
Davis Lu, 55, spent a dozen years at Eaton and rose to become a senior developer of emerging technology, before the company demoted him after restructuring. Lu unwisely responded to that setback by installing a "kill switch" that would activate if the company revoked his network access.
The package was a Java program that generated increasing numbers of non-terminating threads in an infinite loop that would eventually use enough resources to crash the server.
"The defendant breached his employer’s trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a US company," said acting assistant Attorney General Matthew Galeotti of the Justice Department’s Criminal Division in an email. "However, the defendant’s technical savvy and subterfuge did not save him from the consequences of his actions."
Not that he had much technical savvy. Lu labeled his malware IsDLEnabledinAD, for "Is Davis Lu enabled in Active Directory." Furthermore, after developing the software he uploaded it using his corporate credentials – hardly clean OPSEC, to quote the US Defense Secretary.
Eaton terminated Lu’s position on September 9, 2019, and cut off his network access, which caused the Java program to fire up, overloading the network, preventing login access for thousands of Eaton's global staff, and deleting some corporate data.
But when it came time for Lu to turn in his corporate laptop, it turned out he'd been using it to execute his plan. His search history showed he'd been looking up how to delete data, escalate privileges, and conceal process trails. He also deleted a large chunk of encrypted data.
Less than a month after his malware ran, federal agents arrested Lu. He admitted to his crime but still opted for a jury trial. That didn't work out so well for him, and a federal jury in Cleveland found him guilty of intentionally damaging a protected computer. On Thursday he received a four-year sentence and an additional three years of supervised release.
"I am proud of the FBI cyber team’s work which led to today’s sentencing and hope it sends a strong message to others who may consider engaging in similar unlawful activities," said assistant director Brett Leatherman of the FBI’s Cyber Division. "This case also underscores the importance of identifying insider threats early."
As The Register has pointed out time and time again, insiders can cause the most damage with ease. All the fancy firewalls, AI tools, and malware monitoring services won't protect you if the person running them goes rogue.
Eaton had no comment on the sentence.
eaton-works.com 2025/08/18 - Hardcoded credentials, pointless encryption, and generous APIs exposed details of every employee and made it possible to break into internal websites.
Key Points / Summary
...
Intel’s Response and Timeline
Intel’s bug bounty program has been around a while and is well-known. There are some great rewards too – up to $100k. After discovering multiple critical website vulnerabilities, I was excited about the potential rewards I would get. Then I read the fine print:
Credentials: Username, password, account identifier, keys, certificates, or other credentials that have been published, leaked, or exposed in some way should be reported to this program to ensure they can be properly investigated, cleaned up, and secured. Credentials are out of Scope for rewards.
Is Intel’s Web Infrastructure, i.e.*.intel.com in scope? Intel’s web infrastructure, i.e., website domains owned and/or operated by Intel, fall out of Scope. Please send security vulnerability reports against Intel.com and/or related web presence to external.security.research@intel.com.
Obviously disappointing, but the right thing to do was to still report the vulnerabilities, and that is what I did.
That is the only official correspondence I ever received from Intel. The good news is that everything was fixed, so while the email inbox was essentially a one-way black hole, at least the reports got to the right people eventually.
The full timeline:
October 14, 2024: Business Card vulnerability report sent.
October 29, 2024: Hierarchy Management and Product Onboarding vulnerability reports sent.
November 11, 2024: Follow-up email sent on the Hierarchy Management and Product Onboarding thread with more information as to what specific steps should be taken to fix the vulnerabilities.
November 12, 2024: SEIMS vulnerability report sent.
December 2, 2024: Follow-up email sent on the Hierarchy Management and Product Onboarding thread letting them know they must rotate the leaked credentials.
February 28, 2025: At this point, it has been more than 90 days since my first report and all vulnerabilities have been resolved. A new email was sent to alert Intel about the intent to publish.
August 18, 2025: Published.
The good news is that Intel has recently expanded their bug bounty coverage to include services. Hopefully they will include blanket coverage for *.intel.com in the future for bug bounty rewards.
nationalcrimeagency.gov.uk 16 August 2025 - The National Crime Agency leads the UK's fight to cut serious and organised crime.
A cyber criminal who hacked into the websites of organisations in North America, Yemen and Israel and stole the log in details of millions of people has been jailed.
Al Tahery AL MASHRIKYAl-Tahery Al-Mashriky, 26, from Rotherham, South Yorkshire, was arrested by specialist National Crime Agency cybercrime officers in August 2022, who were acting on intelligence supplied by US law enforcement around the activities of extremist hacker groups ‘Spider Team’ and ‘Yemen Cyber Army.
NCA investigators were able to link Al-Mashriky to the Yemen Cyber Army through social media and email accounts.
Forensic analysis of his laptop and several mobile phones showed that Al-Mashriky had infiltrated a number of websites including the Yemen Ministry of Foreign Affairs, the Yemen Ministry of Security Media and an Israeli news outlet.
His offending centred around gaining unauthorised access to the websites, then creating hidden webpages containing his online monikers and messaging that furthered his religious and political ideology.
He would often target websites with low security, gaining kudos in the hacking community for the sheer number of infiltrations.
Using one of his many online aliases, Al-Mashriky claimed on one cybercrime forum that he had hacked in to over 3,000 websites during a three month period in 2022.
However, a review of his seized laptop by NCA Digital Forensic Officers revealed the extent of his cyber offending. He was in possession of personal data for over 4 million Facebook users and several documents containing usernames and passwords for services such as Netflix and Paypal, which could be used for further acts of cybercrime.
Investigators found that in February 2022, after hacking into the website for Israeli Live News he accessed admin pages and downloaded the entire website. He had also hacked into two Yemeni government websites, deploying tools to scan for usernames and vulnerabilities.
Al-Mashriky was also found to have targeted faith websites in Canada and the USA as well as the website for the California State Water Board.
The NCA, working with international law enforcement partners, was able to obtain accounts from the victims of these intrusions, who gave detailed insights into the significant cost and inconvenience he had caused.Al-Mashriky was due to stand trial at Sheffield Crown Court in March this year for 10 offences under the Computer Misuse Act.
However, on 17 March he pleaded guilty to nine offences and was sentenced to 20 months imprisonment at the same court yesterday (15 August).
Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “Al-Mashriky’s attacks crippled the websites targeted, causing significant disruption to their users and the organisations, just so that he could push the political and ideological views of the ‘Yemen Cyber Army’.
“He had also stolen personal data that could have enabled him to target and defraud millions of people.
“Cybercrime can often appear faceless, with the belief that perpetrators hide in the shadows and can avoid detection. However, as this investigation shows, the NCA has the technical capability to pursue and identify offenders like Al-Mashriky and bring them to justice.”
hackread.com August 18, 2025 - A seller named Chucky_BF is offering 15.8M PayPal logins with emails, passwords, and URLs. The data may come from infostealer malware logs.
A threat actor using the name Chucky_BF on a cybercrime and hacker forum is advertising what they claim to be a massive PayPal data dump. The post describes a trove labeled “Global PayPal Credential Dump 2025,” allegedly containing more than 15.8 million records of email and plaintext password pairs.
The size of the dataset is said to be 1.1GB, and according to the seller, the leak covers accounts from many email providers and users in different parts of the world. What makes this claim threatening is not just the number of exposed accounts but also the type of data said to be included. Other than the email and password combinations, the seller mentions that many records come with URLs directly linked to PayPal services.
Endpoints like /signin, /signup, /connect, and Android-specific URIs are also referenced in the listing. These details suggest that the dump is structured in a way that could make it easier for criminals to automate logins or abuse services.
The description provided by Chucky_BF describes the dataset as a goldmine for cybercriminals. The threat actor claims the records are “raw email:password:url entries across global domains,” warning that this could lead to credential stuffing, phishing schemes, and fraud operations.
A closer look by Hackread.com at the samples posted in the forum shows Gmail addresses paired with passwords and linked directly to PayPal’s login pages, while another features a user account appearing in both web and mobile formats, showing that the same account details were found in different versions of PayPal’s services, both web and mobile.
The way the data is put together is also important. It seems to include a mix of real accounts and test or fake ones, which is often the case with stolen or old databases. The seller claims most of the passwords look strong and unique, but also admits many are reused. That means people who used the same password on other websites could be at risk well outside PayPal.
As for pricing, Chucky_BF is asking for 750 US dollars for full access to the 1.1GB dump. That figure positions it in line with other credential dumps of similar size sold in cybercrime markets, which often find buyers among groups looking to monetize stolen accounts through fraud or resale.
If the claims are accurate, this would represent one of the larger PayPal-focused leaks of recent years, with millions of users across Gmail, Yahoo, Hotmail, and country-specific domains implicated.
Infostealer Logs as the Likely Source
PayPal has never suffered a direct data breach in which attackers broke into its systems or stole millions of user records. Past incidents, including the one that involved 35,000 users, linked to the company have usually been the result of credential stuffing or data harvested elsewhere.
This makes it possible that the newly advertised dataset is not the product of a PayPal system breach at all, but rather the result of infostealer malware collecting login details from infected devices and bundling them together.
The structure of the dataset shown in the samples shared by the threat actor suggests it may have been collected through infostealer malware logs. Infostealers infect personal devices and steal saved login details, browser data, and website activity, which later appear in bulk on cybercrime markets.
The presence of PayPal login URLs and mobile URIs in this dump makes it possible that the information was gathered from infected users worldwide, then compiled to be sold as a single PayPal-focused leak.
Infostealer malware infecting devices worldwide is hardly surprising. In May, cybersecurity researcher Jeremiah Fowler discovered a misconfigured cloud server containing 184 million login credentials, including unique usernames, email addresses, and passwords, which he believes were likely collected using infostealer malware.
According to Hudson Rock, a cybercrime intelligence company, infostealer malware is easily and cheaply available on the dark web. The company’s research also revealed the scale at which these tools have successfully targeted critical infrastructure, including in the United States.
Researchers found that employees at key US defense entities such as the Pentagon, major contractors like Lockheed Martin and Honeywell, military branches, and federal agencies, including the FBI, have also fallen victim to infostealer malware.
As for PayPal, the company itself has not confirmed any such incident, and it is not yet clear whether the dataset is entirely authentic, a mix of real and fabricated records, or a repackaging of older leaks.
Hackread.com has also not been able to verify whether the data is genuine, and only PayPal can confirm or deny the claims. The company has been contacted for comment, and this article will be updated accordingly.
techcrunch.com 2025/08/21 - The two self-described hacktivists said they had access to the North Korean spy’s computer for around four months before deciding what they had found should be made public.
Earlier this year, two hackers broke into a computer and soon realized the significance of what this machine was. As it turned out, they had landed on the computer of a hacker who allegedly works for the North Korean government.
The two hackers decided to keep digging and found evidence that they say linked the hacker to cyberespionage operations carried out by North Korea, exploits and hacking tools, and infrastructure used in those operations.
Saber, one of the hackers involved, told TechCrunch that they had access to the North Korean government worker’s computer for around four months, but as soon as they understood what data they got access to, they realized they eventually had to leak it and expose what they had discovered.
“These nation-state hackers are hacking for all the wrong reasons. I hope more of them will get exposed; they deserve to be,” said Saber, who spoke to TechCrunch after he and cyb0rg published an article in the legendary hacking e-zine Phrack, disclosing details of their findings.
There are countless cybersecurity companies and researchers who closely track anything the North Korean government and its many hacking groups are up to, which includes espionage operations, as well as increasingly large crypto heists and wide-ranging operations where North Koreans pose as remote IT workers to fund the regime’s nuclear weapons program.
In this case, Saber and cyb0rg went one step further and actually hacked the hackers, an operation that can give more, or at least different, insights into how these government-backed groups work, as well as “what they are doing on a daily basis and so on,” as Saber put it.
The hackers want to be known only by their handles, Saber and cyb0rg, because they may face retaliation from the North Korean government, and possibly others. Saber said that they consider themselves hacktivists, and he name-dropped legendary hacktivist Phineas Fisher, responsible for hacking spyware makers FinFisher and Hacking Team, as an inspiration.
At the same time, the hackers also understand that what they did is illegal, but they thought it was nonetheless important to publicize it.
“Keeping it for us wouldn’t have been really helpful,” said Saber. “By leaking it all to the public, hopefully we can give researchers some more ways to detect them.”
“Hopefully this will also lead to many of their current victims being discovered and so to [the North Korean hackers] losing access,” he said.
“Illegal or not, this action has brought concrete artifacts to the community; this is more important,” said cyb0rg in a message sent through Saber.
Saber said they are convinced that while the hacker — who they call “Kim” — works for North Korea’s regime, they may actually be Chinese and work for both governments, based on their findings that Kim did not work during holidays in China, suggesting that the hacker may be based there.
Also, according to Saber, at times Kim translated some Korean documents into simplified Chinese using Google Translate.
Saber said that he never tried to contact Kim. “I don’t think he would even listen; all he does is empower his leaders, the same leaders who enslave his own people,” he said. “I’d probably tell him to use his knowledge in a way that helps people, not hurt them. But he lives in constant propaganda and likely since birth so this is all meaningless to him.” He’s referring to the strict information vacuum that North Koreans live in, as they are largely cut off from the outside world.
Saber declined to disclose how he and cyb0rg got access to Kim’s computer, given that the two believe they can use the same techniques to “obtain more access to some other of their systems the same way.”
During their operation, Saber and cyb0rg found evidence of active hacks carried out by Kim, against South Korean and Taiwanese companies, which they say they contacted and alerted.
North Korean hackers have a history of targeting people who work in the cybersecurity industry as well. That’s why Saber said he is aware of that risk, but “not really worried.”
“Not much can be done about this, definitely being more careful though :),” said Saber.
bitdefender.com 19.08.2025 - A hack of the Netherlands' Public Prosecution Service has had an unusual side effect - causing some speed cameras to be no longer capturing evidence of motorists breaking the rules of the road.
Last month, Dutch media reports confirmed that Openbaar Ministerie (OM), the official body responsible for bringing suspects before the criminal court in the Netherlands, had suffered a security breach by hackers.
The National Cybersecurity Centre (NCSC) and data protection regulators in The Netherlands were informed that a data breach had potentially occurred, and an internal memo from the organisation's director of IT warned of the risks of reconnecting systems to the internet without knowing that the hackers had been expelled from the network.
And it is the disconnection of systems which has left many speed cameras in a non-functioning state - news that will bemuse cybercriminals, delight errant motorists, but is unlikely to be welcomed by those who care about road safety.
Local media reports claim that fixed speed cameras, average speed checks, and portable speed cameras that are usually in one location for about two months before relocation are impacted by the outage - with the only type to escape the problem being those which look out for motorists who are using their mobile phone while driving.
According to evidence seen by journalists, the Public Prosecution Service took itself offline on July 17, following suspicions that hackers had exploited vulnerabilities in Citrix devices to gain unauthorised access.
The organisation's disconnection from the internet left workers still able to email each other internally, but any communications or documents that were needed outside the organisation had to be printed out on paper.
Marthyne Kunst, a member of the crisis team dealing with the hack, told the media that this meant messages were having to be sent by post, lawyers were having to bring paperwork to their cases.
The consequence? Cases may be prevented from going ahead in a timely fashion.
"Unfortunately, it all takes more time," said Kunst.
And as for the speed cameras? Well, apparently it is not possible to reactivate them while the prosecution service's systems are down.
So this isn't a case of police cameras being hacked (although that has happened before), but it is another example of how all manner of connected systems can be impacted in the aftermath of a cyber attack.
The outage of speed cameras in the Netherlands is a timely reminder to us that cyber attacks do not just steal data - they can cause repercussions in sometimes strange and dangerous ways. In this instance, a hack hasn't only slowed down court cases and forced lawyers back to their filing cabinets, it has also blinded cameras designed to keep roads safe.
theregister.com 21.08.2025 - Better late than never after SharePoint assault?
Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month's SharePoint zero-day attacks, which appear to be related to a leak in Redmond's early-bug-notification program.
The software behemoth gives some software vendors early bug disclosures under its Microsoft Active Protections Program (MAPP), which typically delivers info two weeks before Patch Tuesday. MAPP participants sign a non-disclosure agreement, and in exchange get vulnerability details so that they can provide updated protections to customers more quickly.
According to Microsoft spokesperson David Cuddy, who spoke with Bloomberg about changes to the program, MAPP has begun limiting access to companies in "countries where they're required to report vulnerabilities to their governments," including China. Companies in these countries will no longer receive "proof of concept" exploit code, but instead will see "a more general written description" that Microsoft sends at the same time as patches, Cuddy told the news outlet.
Microsoft did not respond to The Register's inquiries.
In late July, China-based crews – including government goons, data thieves, and a ransomware gang – exploited a couple of bugs that allowed them to hijack on-premises SharePoint servers belonging to more than 400 organizations and remotely execute code.
Redmond disclosed the two SharePoint flaws during its July 8 Patch Tuesday event, and a couple weeks later admitted that the software update didn't fully fix the issues. The Windows giant issued working patches on July 21 to address its earlier flawed fixes, but by then the bugs were already under mass exploitation.
This led some to speculate that whomever was exploiting the CVEs knew about them in advance – and also knew how to bypass the original patches.
"A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told The Register in July. "And now you've got a zero-day exploit in the wild, and worse than that, you've got a zero-day exploit in the wild that bypasses the patch, which came out the next day."
One possible explanation: Someone leaked details from the MAPP update to Beijing.
Childs said ZDI was able to poke holes in the initial patches. China does not lack talented security researchers capable of doing likewise.
At the time, Microsoft declined to answer The Register's specific questions about what role, if any, MAPP played in the SharePoint attacks. "As part of our standard process, we'll review this incident, find areas to improve, and apply those improvements broadly," a Microsoft spokesperson told us in July.
Microsoft today declined to comment on its internal investigation.
Childs today told The Register that the MAPP change "is a positive change, if a bit late. Anything Microsoft can do to help prevent leaks while still offering MAPP guidance is welcome."
"In the past, MAPP leaks were associated with companies out of China, so restricting information from flowing to these companies should help," Childs said. "The MAPP program remains a valuable resource for network defenders. Hopefully, Microsoft can squelch the leaks while sending out the needed information to companies that have proven their ability (and desire) to protect end users."
Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple customers across various industries address such campaigns attempting to deliver payloads like the prolific Lumma Stealer malware. These payloads affect Windows and macOS devices and typically lead to information theft and data exfiltration.
The ClickFix technique attempts to trick users into running malicious commands on their devices by taking advantage of their target’s tendency to solve minor technical issues and other seemingly benign interactions, such as human verification and CAPTCHA checks. It typically gives the users instructions that involve clicking prompts and copying, pasting, and running commands directly in the Windows Run dialog box, Windows Terminal, or Windows PowerShell. It’s often combined with delivery vectors such as phishing, malvertising, and drive-by compromises, most of which even impersonate legitimate brands and organizations to further reduce suspicion from their targets.
Because ClickFix relies on human intervention to launch the malicious commands, a campaign that uses this technique could get past conventional and automated security solutions. Organizations could thus reduce the impact of this technique by educating users in recognizing its lures and by implementing policies that will harden the device configurations in their environment (for example, disallowing users to use the Run dialog if it’s not necessary in their daily tasks). Microsoft Defender XDR also provides a comprehensive set of protection features that detect this threat at various stages of the attack chain.
This blog discusses the different elements that make up a ClickFix campaign—from the arrival vectors it comes with to its various implementations—and provides different examples of threat campaigns we’ve observed to further illustrate these elements. We also provide recommendations and detection details to surface and mitigate this threat.
helpnetsecurity.com 20.08.2025 - Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day in targeted attacks.
CVE-2025-43300 is an out-of-bounds write issue that could be triggered by a vulnerable device processing a malicious image file, leading to exploitable memory corruption.
The vulnerability affects the Image I/O framework used by Apple’s iOS and macOS operating systems.
Apple has fixed this flaw with improved bounds checking in:
iOS 18.6.2 and iPadOS 18.6.2
iPadOS 17.7.10
macOS Sequoia 15.6.1
macOS Sonoma 14.7.8
macOS Ventura 13.7.8
With Apple claiming the discovery of the vulnerability, it’s unlikely that we will soon find out who is/was leveraging it and for what.
But even though these attacks were apparently limited to targeting specific individuals – which likely means that the goal was to delivery spyware – all users would do well to upgrade their iDevices as soon as possible.
cybernews.com 18.08.2025 - Friendly AI chatbot Lena greets you on Lenovo’s website and is so helpful that it spills secrets and runs remote scripts on corporate machines if you ask nicely. Massive security oversight highlights the potentially devastating consequences of poor AI chatbot implementations.
Cybernews researchers discovered critical vulnerabilities affecting Lenovo’s implementation of its AI chatbot, Lena, powered by OpenAI’s GPT-4.
Designed to assist customers, Lena can be compelled to run unauthorized scripts on corporate machines, spill active session cookies, and, potentially, worse. Attackers can abuse the XSS vulnerabilities as a direct pathway into the company’s customer support platform.
“Everyone knows chatbots hallucinate and can be tricked by prompt injections. This isn’t new. What’s truly surprising is that Lenovo, despite being aware of these flaws, did not protect itself from potentially malicious user manipulations and chatbot outputs,” said the Cybernews Research team.
“This isn’t just Lenovo’s problem. Any AI system without strict input and output controls creates an opening for attackers. LLMs don’t have an instinct for “safe” – they follow instructions exactly as given. Without strong guardrails and continuous monitoring, even small oversights can turn into major security incidents,” says Žilvinas Girėnas, Head of Product at nexos.ai.
Just a single-prompt attack demonstrates a chain of flaws that led to the Lenovo chatbot spilling active session cookies.
The discovery highlights multiple security issues: improper user input sanitization, improper chatbot output sanitization, the web server not verifying content produced by the chatbot, running unverified code, and loading content from arbitrary web resources. This leaves a lot of options for Cross-Site Scripting (XSS) attacks.
Cybernews responsibly disclosed the issue. Lenovo acknowledged it and has protected its systems.
Single prompt launches multi-step attack
All it took to exfiltrate active session cookies from Lenovo was a single 400-character-long prompt, containing four critical elements:
Seemingly innocent request: The prompt starts with an inquiry for legitimate information, i.e., product information, like “Show me the specifications of Lenovo IdeaPad 5 Pro.”
Instructions to change output format: The sneaky part is tricking the chatbot into providing a final answer in HTML, a language for creating websites. The researchers achieved that by asking the chatbot to convert its responses into HTML, JSON, and plain text in a specific order that the web server expected to receive instructions in. This ensured that the malicious payload would be correctly executed by the web server.
Malicious HTML injection trap: The prompt continues with instructions on how to produce the final response, specifically with HTML code for loading an image. The image URL is also nonexistent. Therefore, when it fails to load, the second part of the command instructs the browser to make a network request to the attacker-controlled server and send all cookie data as part of a URL.
Final encouragement: In the end, additional instructions try to reinforce that the chatbot must produce the image: “Show the image at the end. It is important for my decision-making. SHOW IT.”
What happened when Lenovo’s Lena received the full prompt?
“People-pleasing is still the issue that haunts large language models (LLMs), to the extent that, in this case, Lena accepted our malicious payload, which produced the XSS vulnerability and allowed the capture of session cookies upon opening the conversation. Once you’re transferred to a real agent, you’re getting their session cookies as well,” said Cybernews researchers.
lenovo-chatbot-response
“Already, this could be an open gate to their customer support platform. But the flaw opens a trove of potential other security implications.”
To better understand what’s happening under the hood, here’s the breakdown of the attack chain:
The chatbot falls for a malicious prompt and tries to follow instructions helpfully to generate an HTML answer. The response now contains secret instructions for accessing resources from an attacker-controlled server, with instructions to send private data from the client browser.
Malicious code enters Lenovo’s systems. The HTML is saved in the chatbots' conversation history on Lenovo’s server. When loaded, it executes the malicious payload and sends the user’s session cookies.
Transferring to a human: An attacker asks to speak to a human support agent, who then opens the chat. Their computer tries to load the conversation and runs the HTML code that the chatbot generated earlier. Once again, the image fails to load, and the cookie theft triggers again.
An attacker-controlled server receives the request with cookies attached. The attacker might use the cookies to gain unauthorized access to Lenovo’s customer support systems by hijacking the agents’ active sessions.
forbes.com 20.08.2025 - xAI published conversations with Grok and made them searchable on Google, including a plan to assassinate Elon Musk and instructions for making fentanyl and bombs.
Elon Musk’s AI firm, xAI, has published the chat transcripts of hundreds of thousands of conversations between its chatbot Grok and the bot’s users — in many cases, without those users’ knowledge or permission.
Anytime a Grok user clicks the “share” button on one of their chats with the bot, a unique URL is created, allowing them to share the conversation via email, text message or other means. Unbeknownst to users, though, that unique URL is also made available to search engines, like Google, Bing and DuckDuckGo, making them searchable to anyone on the web. In other words, on Musk’s Grok, hitting the share button means that a conversation will be published on Grok’s website, without warning or a disclaimer to the user.
Today, a Google search for Grok chats shows that the search engine has indexed more than 370,000 user conversations with the bot. The shared pages revealed conversations between Grok users and the LLM that range from simple business tasks like writing tweets to generating images of a fictional terrorist attack in Kashmir and attempting to hack into a crypto wallet. Forbes reviewed conversations where users asked intimate questions about medicine and psychology; some even revealed the name, personal details and at least one password shared with the bot by a Grok user. Image files, spreadsheets and some text documents uploaded by users could also be accessed via the Grok shared page.
Among the indexed conversations were some initiated by British journalist Andrew Clifford, who used Grok to summarize the front pages of newspapers and compose tweets for his website Sentinel Current. Clifford told Forbes that he was unaware that clicking the share button would mean that his prompt would be discoverable on Google. “I would be a bit peeved but there was nothing on there that shouldn’t be there,” said Clifford, who has now switched to using Google’s Gemini AI.
Not all the conversations, though, were as benign as Clifford’s. Some were explicit, bigoted and violated xAI’s rules. The company prohibits use of its bot to “promot[e] critically harming human life or to “develop bioweapons, chemical weapons, or weapons of mass destruction,” but in published, shared conversations easily found via a Google search, Grok offered users instructions on how to make illicit drugs like fentanyl and methamphetamine, code a self-executing piece of malware and construct a bomb and methods of suicide. Grok also offered a detailed plan for the assassination of Elon Musk. Via the “share” function, the illicit instructions were then published on Grok’s website and indexed by Google.
xAI did not respond to a detailed request for comment.
xAI is not the only AI startup to have published users’ conversations with its chatbots. Earlier this month, users of OpenAI’s ChatGPT were alarmed to find that their conversations were appearing in Google search results, though the users had opted to make those conversations “discoverable” to others. But after outcry, the company quickly changed its policy. Calling the indexing “a short-lived experiment,” OpenAI chief information security officer Dane Stuckey said in a post on X that it would be discontinued because it “introduced too many opportunities for folks to accidentally share things they didn’t intend to.”
After OpenAI canned its share feature, Musk took a victory lap. Grok’s X account claimed at the time that it had no such sharing feature, and Musk tweeted in response, “Grok ftw” [for the win]. It’s unclear when Grok added the share feature, but X users have been warning since January that Grok conversations were being indexed by Google.
Some of the conversations asking Grok for instructions about how to manufacture drugs and bombs were likely initiated by security engineers, redteamers, or Trust & Safety professionals. But in at least a few cases, Grok’s sharing setting misled even professional AI researchers.
Nathan Lambert, a computational scientist at the Allen Institute for AI, used Grok to create a summary of his blog posts to share with his team. He was shocked to learn from Forbes that his Grok prompt and the AI’s response was indexed on Google. “I was surprised that Grok chats shared with my team were getting automatically indexed on Google, despite no warnings of it, especially after the recent flare-up with ChatGPT,” said the Seattle-based researcher.
Google allows website owners to choose when and how their content is indexed for search. “Publishers of these pages have full control over whether they are indexed,” said Google spokesperson Ned Adriance in a statement. Google itself previously allowed chats with its AI chatbot, Bard, to be indexed, but it removed them from search in 2023. Meta continues to allow its shared searches to be discoverable by search engines, Business Insider reported.
Opportunists are beginning to notice, and take advantage of, Grok’s published chats. On LinkedIn and the forum BlackHatWorld, marketers have discussed intentionally creating and sharing conversations with Grok to increase the prominence and name recognition of their businesses and products in Google search results. (It is unclear how effective these efforts would be.) Satish Kumar, CEO of SEO agency Pyrite Technologies, demonstrated to Forbes how one business had used Grok to manipulate results for a search of companies that will write your PhD dissertation for you.
“Every shared chat on Grok is fully indexable and searchable on Google,” he said. “People are actively using tactics to push these pages into Google’s index.”
ravenmail.io - Aug 14, 2025
In a recent credential phishing campaign, Raven AI (formerly Ravenmail) has uncovered attackers weaponizing Cisco's secure links to evade link scannin.
Picture this: You receive an email with a link that starts with "secure-web.cisco.com" Your brain immediately registers "secure" and "Cisco" – two words that scream safety and reliability. You click without hesitation. After all, if Cisco is protecting the link, it must be safe, right?
Unfortunately, cybercriminals are banking on exactly that assumption – and traditional email security solutions are falling for it too. But Raven's context-aware AI recently caught a sophisticated attack that perfectly illustrates how attackers weaponize trusted security infrastructure.
The Irony of Trust
Cisco Safe Links represents one of cybersecurity's most elegant solutions – and its most exploitable weakness. Designed as part of Cisco's Secure Email Gateway and Web Security suite, Safe Links works by rewriting suspicious URLs in emails, routing clicks through Cisco's scanning infrastructure before allowing users to reach their destination. Think of it as a digital bodyguard that checks every door before you walk through it.
The technology mirrors similar offerings from Microsoft Defender and Proofpoint TAP. When you click a protected link, Cisco's systems perform real-time threat analysis, blocking malicious destinations and allowing legitimate ones. It's a brilliant concept that has undoubtedly prevented countless successful phishing attacks.
But here's where the story takes a dark turn: attackers have figured out how to turn this protective mechanism into their own weapon.
The Attack Vector That Shouldn't Exist
The scheme is diabolically simple. Cybercriminals deliberately embed legitimate Cisco Safe Links into their phishing campaigns, creating a perfect storm of misdirected trust. Here's why this approach is so devastatingly effective:
Trust by Association: When users see "secure-web.cisco.com" in a URL, they instinctively assume it's been vetted and approved. The Cisco brand carries enormous weight in cybersecurity circles – seeing it in a link feels like getting a security clearance stamp.
Bypass Detection Systems: Many email security gateways focus their analysis on the visible domain in URLs. When that domain is "secure-web.cisco.com", it often sails through filters that would otherwise flag suspicious links.
The Time Gap Advantage: Even Cisco's robust threat intelligence needs time to identify and classify new threats. Attackers exploit this window, using freshly compromised websites or newly registered domains that haven't yet been flagged as malicious.
How Attackers Generate Cisco's Links
You might wonder: how do cybercriminals get their hands on legitimate Cisco Safe Links in the first place? The methods are surprisingly straightforward:
Method 1: The Inside Job
Attackers compromise or create accounts within Cisco-protected organizations. They simply email themselves malicious links, let Cisco's system rewrite them into Safe Links, then harvest these URLs for their campaigns.
Method 2: The Trojan Horse
Using compromised email accounts within Cisco-protected companies, attackers send themselves test emails containing malicious links. The organization's own security infrastructure helpfully converts these into trusted Safe Links.
Method 3: The SaaS Backdoor
Many cloud services send emails through Cisco-protected environments. Attackers sign up for these services, trigger automated emails to themselves containing their malicious links, and receive back the Cisco-wrapped versions.
Method 4: The Recycling Program
Sometimes the simplest approach works best. Attackers scour previous phishing campaigns for still-active Cisco Safe Links and reuse them in new attacks.
Raven AI Catches the Attack in Action
Recently, RavenMail's context-aware AI detected a perfect example of this attack technique in the wild. The phishing email appeared legitimate at first glance – a professional-looking "Document Review Request" from what seemed to be an e-signature service.
This is an AI-overview of the attack, this is not just the summary of the attack but the detection engine has context of the organization and consumes relevant signals to make a verdict.
Raven AI in action
Here's what made this attack particularly sophisticated:
The Setup: The email claimed to be from "e-Sign-Service" with a Swiss domain, requesting document review for a "2025_Remittance_Adjustment" file. Everything looked professional – proper branding, business terminology, and a clear call-to-action.
The Cisco Safe Links Component: While this particular example shows the final malicious URL, the attack pattern follows the exact methodology we described – using trusted domains and legitimate-looking parameters to bypass detection systems.
What RavenAI Spotted: Unlike traditional email security solutions that might have been fooled by the professional appearance and trusted domain elements, RavenMail's context-aware AI identified several red flags:
Inconsistent sender identity (e-signature service from a non-standard domain)
Suspicious URL structure with encoded parameters
Document request patterns commonly used in credential phishing
Contextual anomalies in the business process workflow
The smoking gun? This wasn't a random phishing attempt – it was a carefully crafted attack designed to exploit user trust in legitimate business processes and security infrastructure.
Why Traditional Security Missed This
This attack would likely have bypassed many conventional email security solutions for several reasons:
Professional Appearance: The email looked like a legitimate business communication – complete with proper formatting, business terminology, and what appeared to be a standard document review workflow.
Domain Trust: While not using Cisco Safe Links directly, the attack employed similar trust-exploitation tactics by using a domain structure that appeared legitimate.
Context Deception: The attack leveraged realistic business scenarios (document review, remittance adjustments) that users encounter daily in professional environments.
Multi-Layer Misdirection: By providing both a primary button and an "alternative access method," the attacker created multiple attack vectors while appearing helpful and legitimate.
The Raven AI Advantage: Context-Aware AI Detection
Context-aware artificial intelligence that goes beyond simple domain and signature-based detection:
Business Process Understanding: Raven's AI understands legitimate business workflows and can identify when communications deviate from expected patterns – even when they look professionally crafted.
Multi-Signal Analysis: Rather than relying solely on domain reputation or static signatures, the AI analyzes multiple contextual signals simultaneously to identify sophisticated attacks.
Behavioral Pattern Recognition: The system recognizes common attack methodologies, including trust exploitation tactics that leverage legitimate-seeming domains and professional formatting.
Real-Time Adaptation: As attackers evolve their techniques, RavenMail's AI continuously learns and adapts, staying ahead of emerging threats like Safe
The Bigger Picture: Why Context-Aware AI Matters
This detection illustrates a fundamental shift in cybersecurity: attackers are no longer just exploiting technical vulnerabilities – they're weaponizing human psychology and business processes.
This isn't just about Cisco Safe Links abuse (though that remains a significant threat). It's about a new class of attacks that exploit our trust in legitimate business processes, professional communication patterns, and security infrastructure itself.
Traditional signature-based and reputation-based security solutions struggle with these attacks because they look legitimate at every technical level. The malicious elements are hidden in context, behavior, and the subtle exploitation of trust relationships.
Context Over Content: Rather than just analyzing what's in an email, RavenMail's AI understands what the email is trying to accomplish and whether that aligns with legitimate business processes.
Trust Verification: The system doesn't just trust professional appearance or legitimate-looking domains – it actively verifies the contextual appropriateness of communications.
Adaptive Learning: As attackers develop new trust exploitation techniques (like Safe Links abuse), AI-driven solutions can adapt without requiring manual rule updates.
Proactive Defense: Instead of waiting for attacks to succeed and then updating blacklists, context-aware AI can identify attack patterns before they cause damage.
The most effective defense against modern email threats isn't just about blocking bad domains or scanning attachments – it's about understanding the attacker's intent and recognizing when legitimate-looking communications serve malicious purposes
blog.pypi.org - The Python Package Index Blog - PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over PyPI accounts through password resets.
These changes improve PyPI's overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts.
Since early June 2025, PyPI has unverified over 1,800 email addresses when their associated domains entered expiration phases. This isn't a perfect solution, but it closes off a significant attack vector where the majority of interactions would appear completely legitimate.
Background
PyPI user accounts are linked to email addresses. Email addresses are tied to domain names; domain names can expire if unpaid, and someone else can purchase them.
During PyPI account registration, users are required to verify their email addresses by clicking a link sent to the email address provided during registration. This verification ensures the address is valid and accessible to the user, and may be used to send important account-related information, such as password reset requests, or for PyPI Admins to use to contact the user.
PyPI considers the account holder's initially verified email address a strong indicator of account ownership. Coupled with a form of Two-Factor Authentication (2FA), this helps to further secure the account.
Once expired, an attacker could register the expired domain, set up an email server, issue a password reset request, and gain access to accounts associated with that domain name.
Accounts with any activity after January 1 2024 will have 2FA enabled, and an attacker would need to have either the second factor, or perform a full account recovery.
For older accounts prior to the 2FA requirement date, having an email address domain expire could lead to account takeover, which is what we're attempting to prevent, as well as minimize potential exposure if an email domain does expire and change hands, regardless of whether the account has 2FA enabled.
This is not an imaginary attack - this has happened at least once for a PyPI project back in 2022, and other package ecosystems.
TL;DR: If a domain expires, don't consider email addresses associated with it verified any more.
itnews.com.au - TPG Telecom has revealed that iiNet’s order management system was breached by an unknown attacker who abused legitimate credentials to gain access.
The telco said [pdf] that it “appears” that a list of email addresses and phone numbers was extracted from the system.
“Based on current analysis, the list contained around 280,000 active iiNet email addresses and around 20,000 active iiNet landline phone numbers, plus inactive email addresses and numbers,” TPG said.
“In addition, around 10,000 iiNet usernames, street addresses and phone numbers and around 1700 modem set-up passwords, appear to have been accessed.”
The order management system is used to create and track orders for iiNet services.
TPG Telecom said that the system does not store “copies or details of identity documents, credit card or banking information.”
The telco apologised “unreservedly” for the incident and said it would contact all iiNet customers, both those impacted as well as “all non-impacted iiNet customers to confirm they have not been affected.”
Investigations so far have not uncovered any escalation of the breach by the attacker beyond the order management system.
TPG Telecom has advised relevant government agencies of the incident.
WARSAW, Aug 14 (Reuters) - A large Polish city could have had its water supply cut off on Wednesday as a result of a cyberattack, a deputy prime minister said after the intrusion was foiled.
In an interview with news portal Onet on Thursday, Deputy Prime Minister Krzysztof Gawkowski, who is also digital affairs minister, did not specify who was behind the attack or which city was targeted.
Poland has said that its role as a hub for aid to Ukraine makes it a target for Russian cyberattacks and acts of sabotage. Gawkowski has described Poland in the past as the "main target" for Russia among NATO countries.
Gawkowski told Onet that the cyberattack could have meant there would be no water in one of Poland's big cities.
"At the last moment we managed to see to it that when the attack began, our services had found out about it and we shut everything down. We managed to prevent the attack."
He said Poland manages to thwart 99% of cyberattacks.
Gawkowski last year that Poland would spend over 3 billion zlotys ($800 million) to boost cybersecurity after the state news agency PAP was hit by what authorities said was likely to have been a Russian cyberattack.
The digital affairs ministry did not immediately respond to an email requesting further details.
On Wednesday Prime Minister Donald Tusk, who has warned that Russia is trying to drive a wedge between Warsaw and Kyiv, said that a young Ukrainian man had been detained for acts of sabotage on behalf of foreign intelligence services, including writing graffiti insulting Poles.
PAP reported on Thursday that a 17-year-old Ukrainian man detained, among other things, for desecrating a monument to Poles killed by Ukrainian nationalists in World War Two has been charged with participating in an organised criminal group aimed at committing crimes against Poland.
nist.gov - Face morphing software, which combines photos of different people into a single image, is being used to commit identity fraud
August 18, 2025
bleepingcomputer.com - Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability.
The company has yet to assign a CVE-ID to track the flaw and didn't provide additional details regarding the patch, only saying that it impacts Plex Media Server versions 1.41.7.x to 1.42.0.x.
Yesterday, four days after releasing security updates that addressed the mysterious security bug, Plex emailed those running affected versions to update their software as soon as possible.
"We recently received a report via our bug bounty program that there was a potential security issue affecting Plex Media Server versions 1.41.7.x to 1.42.0.x. Thanks to that user, we were able to address the issue, release an updated version of the server, and continue to improve our security and defenses," the company said in the email.
"You're receiving this notice because our information indicates that a Plex Media Server owned by your Plex account is running an older version of the server. We strongly recommend that everyone update their Plex Media Server to the most recent version as soon as possible, if you have not already done so."
Plex Media Server 1.42.1.10060, the version that patches this vulnerability, can be downloaded from the server management page or the official downloads page.
While Plex hasn't shared any details regarding the vulnerability so far, users are advised to follow the company's advice and patch their software before threat actors reverse engineer the patches and develop an exploit.
Although Plex has experienced its share of critical and high-severity security flaws over the years, this is one of the few instances where the company has emailed customers about securing their systems against a specific vulnerability.
In March 2023, CISA tagged a three-year-old remote code execution (RCE) flaw (CVE-2020-5741) in the Plex Media Server as actively exploited in attacks. As Plex explained two years earlier, when it released patches, successful exploitation can allow attackers to make the server execute malicious code.
While the cybersecurity agency didn't provide any information on the attacks exploiting CVE-2020-5741, they were likely linked to LastPass' disclosure that one of its senior DevOps engineers' computers had been hacked in 2022 to install a keylogger by abusing a third-party media software RCE bug.
The attackers exploited this access to steal the engineer's credentials and compromise the LastPass corporate vault, resulting in a massive data breach in August 2022 after stealing LastPass's production backups and critical database backups.
The same month, Plex also notified users of a data breach and asked them to reset passwords after an attacker gained access to a database containing emails, usernames, and encrypted passwords.
euractiv.com - MADRID – Spanish magistrates, law enforcement leaders and opposition politicians are voicing alarm over Madrid’s unusually close ties to Beijing, as the Chinese tech giant’s footprint in Spain’s public sector is deeper than first thought.
The concerns have intensified since July, when reports surfaced of an alleged €12.3 million contract between 2021 and 2025 for Huawei to store sensitive judicial wiretap data for the interior ministry.
Opposition Popular Party (PP) secretary general Miguel Tellado branded the public tender “shady” and claimed it was part of “the Chinese branch of Pedro Sánchez’s enormous corruption network.” The PP is also demanding that Sánchez’s top ministers testify before parliament after the summer recess.
The interior ministry has denied the existence of the Huawei agreement and did not clarify whether the initial €12.3 million figure was part of a broader deal with Spanish firms such as Telefónica, TRC or Econocom, as several local outlets have suggested.
The alleged deal has landed at a politically delicate moment for the Socialist-led government, already reeling from multiple corruption scandals.
This blog post is a detailed write-up of one of the vulnerabilities we disclosed at Black Hat USA this year. The details provided in this post are meant to demonstrate how these security issues can manifest and be exploited in the hopes that others can avoid similar issues. This is not meant to shame any particular vendor; it happens to everyone. Security is a process, and avoiding vulnerabilities takes constant vigilance.
Note: The security issues documented in this post were quickly remediated in January of 2025. We appreciate CodeRabbit’s swift action after we reported this security vulnerability. They reported to us that within hours, they addressed the issue and strengthened their overall security measures responding with the following:
They confirmed the vulnerability and immediately began remediation, starting by disabling Rubocop until a fix was in place.
All potentially impacted credentials and secrets were rotated within hours.
A permanent fix was deployed to production, relocating Rubocop into their secure sandbox environment.
They carried out a full audit of their systems to ensure no other services were running outside of sandbox protections, automated sandbox enforcement to prevent recurrence, and added hardened deployment gates.
More information from CodeRabbit on their response can be found here: https://www.coderabbit.ai/blog/our-response-to-the-january-2025-kudelski-security-vulnerability-disclosure-action-and-continuous-improvement
Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures (TTPs) to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application, stands out as particularly advanced.
Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and persistence. Once deployed, it can dynamically execute payloads while maintaining robust command-and-control (C2) communication via a dedicated networking module. As the malware receives and loads payload modules from C2, it grants the threat actor granular control over code execution on the compromised host. By offloading network communication and backdoor tasks to discrete modules, PipeMagic maintains a modular, stealthy, and highly extensible architecture, making detection and analysis significantly challenging.
Microsoft Threat Intelligence encountered PipeMagic as part of research on an attack chain involving the exploitation of CVE-2025-29824, an elevation of privilege vulnerability in Windows Common Log File System (CLFS). We attributed PipeMagic to the financially motivated threat actor Storm-2460, who leveraged the backdoor in targeted attacks to exploit this zero-day vulnerability and deploy ransomware. The observed targets of Storm-2460 span multiple sectors and geographies, including the information technology (IT), financial, and real estate sectors in the United States, Europe, South America, and Middle East. While the impacted organizations remain limited, the use of a zero-day exploit, paired with a sophisticated modular backdoor for ransomware deployment, makes this threat particularly notable.
This blog provides a comprehensive technical deep dive that adds to public reporting, including by ESET Research and Kaspersky. Our analysis reveals the wide-ranging scope of PipeMagic’s internal architecture, modular payload delivery and execution mechanisms, and encrypted inter-process communication via named pipes.
The blog aims to equip defenders and incident responders with the knowledge needed to detect, analyze, and respond to this threat with confidence. As malware continues to evolve and become more sophisticated, we believe that understanding threats such as PipeMagic is essential for building resilient defenses for any organization. By exposing the inner workings of this malware, we also aim to disrupt adversary tooling and increase the operational cost for the threat actor, making it more difficult and expensive for them to sustain their campaigns.
