News & Alerts

Malware, Phishing, and Infrastructure Attacks Surge Across Platforms

A wave of critical vulnerabilities, new malware families, and AI-driven attacks target Apache, Chrome, Firefox, Linux, Azure AD, Microsoft Teams, and critical infrastructure systems.

CSBadmin
CSBadmin
2 Min Read

Critical Vulnerability and Tooling Updates

A critical vulnerability in the Apache HTTP Server (CVE pending) exposes millions of servers to remote code execution attacks, prompting urgent patches. Meanwhile, Google Chrome 148 was released with 127 security fixes, including three critical vulnerabilities. Mozilla also patched 423 Firefox zero-day vulnerabilities, leveraging AI models like Claude Mythos to identify and remediate the flaws. Additionally, multiple critical vulnerabilities were patched in Next.js and React Server Components, and a new Linux privilege escalation vulnerability known as “Dirty Frag” allows attackers to gain root privileges on most Linux distributions. Let’s Encrypt temporarily halted certificate issuance after a cross-signed root certificate incident.

Contents
Critical Vulnerability and Tooling UpdatesNew Malware Families and Attack TechniquesBypassing Security Controls and AI-Driven Attacks

New Malware Families and Attack Techniques

A new modular RAT with credential theft and screenshot capture capabilities is being deployed by hackers. The PamDOORa backdoor targets Linux systems to steal SSH credentials, while the ZiChatBot malware uses Zulip REST APIs as a command and control server. A new infostealer campaign uses GitHub Releases for payload hosting and evasion. Hackers are also leveraging Hugging Face and ClawHub with over 575 malicious skills to deploy malware. A fake OpenClaw installer is being used to steal crypto wallet and password manager credentials. A massive 2.45 billion request DDoS attack used 1.2 million IPs to evade rate limits.

Bypassing Security Controls and AI-Driven Attacks

Attackers bypassed Azure AD Conditional Access through phantom device registration and primary refresh token (PRT) abuse. Hackers are using Microsoft Teams to steal credentials and manipulate multi-factor authentication. A fake moustache was able to bypass an age verification system, raising concerns about the Online Safety Act. The DarkMoon AI-powered autonomous penetration testing platform with over 50 tools has been released. Critical Microsoft 365 Copilot vulnerabilities expose sensitive information. Hackers also used Claude AI to attack water and drainage utility systems, marking a significant escalation in AI-driven attacks against critical infrastructure.

Source: Cyber Security News

CSBadmin

The latest in cybersecurity news and updates.

TAGGED:
Share This Article
ByCSBadmin
Follow:
The latest in cybersecurity news and updates.
Previous Article Android Zero-Click Shell, Apache RCE, Ivanti 0-Day, and Chrome 148 Patch Roundup
Next Article cPanel and WHM Emergency Patches Address Three Critical Flaws

Trending

Related Stories

CSBadmin

Criminal IP and Securonix ThreatQ Integrate to Strengthen Threat Intelligence Operations

CSBadmin

Fake TanStack npm Package Steals Developer Credentials via Postinstall Script

CSBadmin

AI Coding Tools Fuel a New Wave of Low Skill High Impact Cyber Attacks

CSBadmin

Bluekit Phishing Platform Bundles Domain Automation, 2FA Circumvention, and Session Hijack Tools