A fully unauthenticated MCP server in a Spring Boot communications platform exposed internal tools that enabled tool enumeration, SSRF to AWS IMDS, and LFI via file://, leading to live AWS IAM credential and database secret exposure. The case highlights how rapidly adopted MCP infrastructure has become a high-risk AI attack surface, with recent activity linked to GTG-1002, postmark-mcp, SmartLoader, and other MCP-targeting campaigns. #MCP #AWSIMDS #GTG-1002 #postmark-mcp #SmartLoader
Category: Threat Research
A phishing scam is impersonating Google to target Chrome extension publishers with a fake copyright removal notice that steals their Google credentials. The attackers use the victim’s real extension details, a fabricated deadline, and a counterfeit sign-in window to lure developers into handing over account access. #ChromeWebStore #MalwarebytesBrowserGuard #dmca-chrome-extensions.click…
Iran’s MOIS has likely expanded the Handala brand to unify cyber, physical, and influence personas, including Handala Hack Team, HPRF, VIPEmployment, MOISIRAN, and Brave Israel. These personas have been used to amplify hack-and-leak, surveillance, recruitment, arson, and sabotage efforts targeting US and Israeli interests, while leveraging the brand’s recognition to recruit proxies and intensify intimidation. #Handala Hack Team #HPRF #VIPEmployment #MOISIRAN #Brave Israel #Void Manticore
GitHub Actions has become a prime target in supply chain attacks, with examples including s1ngularity against Nx, hackerbot-claw, and TeamPCP’s compromises of Trivy, KICS, and LiteLLM. The article explains that many organizations still have vulnerable workflows and unpinned actions, while GitHub is rolling out new controls such as deterministic dependencies, scoped secrets, and endpoint monitoring. #Nx #Trivy #KICS #LiteLLM #TeamPCP #StepSecurity #Datadog
Operation FlutterBridge is a widespread macOS malvertising campaign tied to CL-CRI-1089 that delivers FlutterShell, a Flutter-based backdoor masquerading as legitimate apps while also enabling adware and data exfiltration. The campaign uses verified Google Ads and shell companies to distribute rapidly evolving variants that hijack Google Chrome, execute shell commands, and in…
The Gentlemen is a ransomware and data extortion group active since July 2025 that uses double extortion, dedicated leak sites, and mature tradecraft such as GPO abuse, encrypted exfiltration, and defense evasion. AttackIQ released emulations of its TTPs to help organizations validate detection and prevention against the group’s Windows, Linux, and…
JS.MonoGlyphRAT is a newly identified JavaScript backdoor and loader that is being delivered through phishing lures such as purchase orders, quotes, and business proposals, primarily targeting U.S. organizations. It uses monoglyph obfuscation, registry-based persistence, and an HTTP C2 protocol to maintain access, collect host data, and download additional payloads. #JSMonoGlyphRAT #ANYRUN…
Socket detected a malicious npm supply chain campaign in compromised @redhat-cloud-services packages that uses install-time execution, credential harvesting, encrypted exfiltration, and possible downstream propagation. The payload targets GitHub Actions secrets, npm tokens, cloud credentials, Kubernetes and Vault material, SSH keys, and Git credentials while using Shai-Hulud-like tactics and GitHub/Anthropic infrastructure for staging and exfiltration. #RedHatCloudServices #ShaiHulud #TeamPCP #BreachForums #Anthropic #Bun
ReversingLabs identified a coordinated supply chain attack against the @redhat-cloud-services npm scope in which 32 malicious package versions were published in 72 seconds, affecting about 9.8 million downloads. The payload used layered obfuscation, installed a bun-based credential stealer during npm install, and may have enabled further package propagation through stolen npm credentials. #RedHatCloudServices #bun #GitHubActions #AWS #Azure #GoogleCloud #HashiCorpVault #npm #obfuscatorio
A fake BlueWallet site at update-bluewallet[.]com impersonates the real Bitcoin wallet to trick Mac users into downloading and manually running an AppleScript that installs a credential-stealing implant. The malware can steal browser logins, wallets, files, and clipboard cryptocurrency addresses, then exfiltrate data and accept commands through Telegram. #BlueWallet #update-bluewallet #projects2026box #Telegram…
Seqrite Labs analyzed a SideCopy-linked spear phishing campaign targeting Afghanistan’s Ministry of Finance and provincial Mustoufiats, using a Pashto-named LNK file to deliver a multi-stage loader chain that ends in XenoRAT. The operation abused compromised Afghan infrastructure for delivery and bulletproof European hosting for C2, reinforcing attribution to SideCopy and the codename “Operation XENOFISCAL.” #SideCopy #TransparentTribe #APT36 #XenoRAT #MinistryofFinance #Afghanistan
Sekoia.io’s TDR team reconstructed a January 2026 Gamaredon infection chain targeting Ukraine, showing how the group uses GammaPhish and GammaWorm to deliver modular payloads through hidden Windows features, malicious archives, and dead-drop resolvers. The report also unifies Gamaredon malware naming and details how the worm persists, propagates via USB and network drives, and exfiltrates data through GammaSteel-like stages while maintaining backdoor access. #Gamaredon #GammaPhish #GammaWorm #GammaLoad #GammaSteel
A malicious obfuscated JavaScript loader was discovered appended to tailwind.js in the Packagist dev version dev-drewroberts/feature/test-case of the roberts/leads package, which appears to be tied to a compromised development branch rather than the stable release. The loader uses TRON, Aptos, and BNB Smart Chain infrastructure to fetch encrypted payloads, then decrypts and executes them, with indicators and infrastructure overlapping Famous Chollima, DEV#POPPER RAT, OmniStealer, and BeaverTail activity. #FamousChollima #DEVPOPPERRAT #OmniStealer #BeaverTail #robertsleads #DrewRoberts
Sicoob.Sdk versions 2.0.0 through 2.0.4 secretly exfiltrate client IDs, PFX passwords, and base64-encoded certificate archives to a hardcoded Sentry endpoint while posing as an official Sicoob .NET SDK. The malicious NuGet package appears to use a GitHub repository as a clean-source façade and was blocked after disclosure, with indicators tied to Sicoob-Cooperativa, joaobcdev, and the sicoob NuGet profile. #Sicoob.Sdk #Sicoob-Cooperativa #joaobcdev #sicoob
Rapid7 reported active exploitation of CVE-2026-0257 in Palo Alto Networks PAN-OS and Prisma Access, where attackers used forged GlobalProtect authentication override cookies to bypass login on vulnerable appliances. The activity appeared in two waves from hosting providers including Vultr and Dromatics Systems, and Rapid7 urged urgent patching or disabling the authentication override feature. #CVE-2026-0257 #PaloAltoNetworks #GlobalProtect #Vultr #DromaticsSystems #CISAKEV