The flaws, tracked as CVE-2025-20354 and CVE-2025-20358, affect the Java Remote Method Invocation (RMI) process and CCX Editor application, respectively.

Both vulnerabilities stem from improper authentication mechanisms and carry CVSS base scores of 9.8 and 9.4, earning a “Critical” severity rating from Cisco.

CVE-2025-20354 represents the more severe threat, enabling remote attackers to upload malicious files through the Java RMI process without authentication.

Successful exploitation enables attackers to execute arbitrary commands on the underlying operating system with root privileges, granting complete system control.

CVE-2025-20358 targets the CCX Editor application, allowing attackers to circumvent authentication by redirecting the authentication flow to a malicious server.

This tricks the CCX Editor into granting administrative permissions for script creation and execution. While exploitation results in access as an internal non-root user rather than root, attackers can still create and execute arbitrary scripts on the affected server.

Cisco Unified CCX Vulnerability

The vulnerabilities affect all Cisco Unified CCX deployments regardless of configuration. Cisco has confirmed that related products, including Packaged Contact Center Enterprise and Unified Contact Center Enterprise, are not impacted by these flaws.

The authentication bypass in CVE-2025-20358 exploits weaknesses in communication protocols between the CCX Editor and Unified CCX servers, while CVE-2025-20354 leverages insufficient validation in the Java RMI process to enable arbitrary file uploads.

Cisco has released patches for affected versions:

• Cisco Unified CCX 12.5 SU3 and earlier: Upgrade to 12.5 SU3 ES07
• Cisco Unified CCX 15.0: Upgrade to 15.0 ES01

No workarounds are available to mitigate these vulnerabilities. Cisco strongly recommends that organizations running affected versions upgrade to the fixed releases immediately to remediate the security risks fully.

Organizations using Cisco Unified CCX should prioritize patching these vulnerabilities given their critical severity and the potential for unauthenticated remote code execution.

The Cisco Product Security Incident Response Team reports no evidence of active exploitation or public proof-of-concept code at this time, providing a window for proactive remediation.

System administrators should verify their current Unified CCX versions and schedule maintenance windows to apply the security updates. Given the lack of workarounds, patching remains the only effective defense against these vulnerabilities.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands appeared first on Cyber Security News.

ThreatBook, a global leader in threat intelligence-based cybersecurity solutions, today announced that for its Threat Detection Platform (TDP), it has been recognized as a Strong Performer in the 2025 Gartner Peer Insights Voice of the Customer for Network Detection and Response (NDR).

This marks the third consecutive year that ThreatBook has received this distinction, which we believe underscores consistent customer satisfaction, product innovation, and operational excellence.

According to Gartner: “‘Voice of the Customer’ is a document that synthesizes Gartner Peer Insights reviews into insights for buyers of technology and services. This aggregated peer perspective, along with the individual detailed reviews, is complementary to Gartner expert research and can play a key role in your buying process. Peers are verified reviewers of a technology product or service, who not only rate the offering, but also provide valuable feedback to consider before making a purchase decision.”

“We’re thrilled to be recognized again as a Strong Performer in the Gartner Peer Insights ‘Voice of the Customer’ for NDR,” said Mr. Feng XUE, Chief Executive Officer of ThreatBook. “Our mission is to empower security teams with visibility and precision, especially in the Asia-Pacific region where attacks are becoming more sophisticated and targeted. We believe, this recognition reflects our customers’ trust in ThreatBook TDP’s ability to deliver real detection accuracy and operational resilience.”

Recognition Driven by Real-World Customer Feedback

To be included in the report, vendors must meet stringent inclusion criteria and are positioned within four quadrants based on user interest, product experience, and overall satisfaction — covering areas such as product capabilities, support, and delivery.

According to the research: “in the network detection and response market, Gartner Peer Insights published 1,263 reviews and ratings during the consideration period,” with 11 vendors ultimately meeting the inclusion standards. ThreatBook is among the few vendors recognized as a Strong Performer for three consecutive years. ThreatBook was among the few vendors to meet the full inclusion criteria and achieved 100% of customers willing to recommend ThreatBook TDP, based on 43 overall verified reviews submitted as of Aug 2025.

Enterprise users from finance, manufacturing, energy, services, and retail sectors across Asia-Pacific, North America, the Middle East, and Europe contributed feedback that rated ThreatBook TDP highly in overall product experience, detection precision, and operational efficiency.

TDP: Industry Leading Intelligence-Driven Detection and Response

As the market leader in China’s threat intelligence sector (iResearch, 2024 China Threat Intelligence Industry Development Report), ThreatBook integrates high-fidelity threat intelligence into its detection and response solutions.

ThreatBook TDP is a full-traffic, intelligence-driven NDR platform designed to provide visibility, context, and actionability at scale.

Key strengths include:

l High-Precision Detection – Built on ThreatBook’s proprietary global and APAC threat intelligence, TDP achieves industry-leading detection accuracy for targeted and advanced attacks.

l Operational Readiness – Automatically maps enterprise attack surfaces and reconstructs attack chains from an adversarial perspective for proactive defense.

l Closed-Loop Response – Integrates with a broad ecosystem of security tools, supporting automated blocking and orchestration with 99% effectiveness.

l User-Focused Experience – Offers an intuitive interface and multi-dimensional analytics to enhance SOC efficiency and decision-making.

Proven Across Industries and Regions

Today, ThreatBook TDP is deployed in thousands of leading enterprises across critical industries including finance, energy, power, internet, and smart manufacturing.

It has become a core detection and response system for enterprise and government SOCs, helping them achieve visibility, precision, and proactive defense in dynamic threat environments.

Full review: https://www.gartner.com/reviews/market/network-detection-and-response/vendor/threatbook/product/threatbook-tdp-ndr/review/view/6146934

Full Review: https://www.gartner.com/reviews/market/network-detection-and-response/vendor/threatbook/product/threatbook-tdp-ndr/review/view/6145510

Gartner, Voice of the Customer for Network Detection and Response, 30 October 2025

* Disclaimer: GARTNER and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

About ThreatBook

ThreatBook is a global cybersecurity company specializing in advanced threat intelligence, detection, and response. Founded in 2015, ThreatBook equips enterprises, governments, and service providers with the clarity and context needed to defend against evolving digital risks.

By combining artificial intelligence with deep threat intelligence, ThreatBook delivers real-time visibility, hyper-accurate detections, and early-warning insights against nation-state actors, cybercriminal groups, and emerging attack campaigns. 

With unique vantage points from across the Asia Pacific region and beyond, ThreatBook provides intelligence coverage that bridges Eastern and Western threat landscapes, offering an unmatched perspective for global defenders.

ThreatBook: Act with Intelligence that Matters. To learn more, visit www.threatbook.io or follow us on LinkedIn.

Contact

Belmont Communications
ThreatBook
threatbook@belmontcomms.co

The post ThreatBook Peer-Recognized as a Strong Performer in the 2025 Gartner® Peer Insights™ Voice of the Customer for Network Detection and Response — for the Third Consecutive Year appeared first on Cyber Security News.

Recent security discoveries reveal that Kimsuky, a nation-state group operating since 2012, has been utilizing JavaScript-based malware to infiltrate systems and establish persistent command and control infrastructure.

The threat group traditionally focuses on espionage operations against government entities, think tanks, and subject matter experts, but this latest campaign demonstrates their expanding technical capabilities and supply chain targeting sophistication.

The attack chain begins with a simple yet effective delivery mechanism: a JavaScript file named Themes.js that serves as the initial dropper.

Unlike heavily obfuscated malware, this sample employs straightforward code wrapped in a try-catch block, prioritizing functionality over stealth.

The file initiates contact with an adversary-controlled infrastructure hosted on medianewsonline[.]com, a domain infrastructure service that allows threat actors to create subdomains for malicious purposes.

This infrastructure choice reflects the attacker’s understanding of legitimate hosting services that security systems often whitelist or overlook.

Pulsedive security researchers noted the sophistication of the multi-stage attack architecture during their analysis of the infection chain.

The malware operates through a cascading payload delivery system, where each stage downloads and executes subsequent components.

The initial JavaScript file sends a GET request to iuh234[.]medianewsonline[.]com/dwnkl.php, transmitting the compromised machine’s hostname and a hardcoded authentication key.

This reconnaissance phase allows attackers to identify high-value targets before deploying additional payloads to selected systems.

Dissecting the Infection Chain

The second stage represents the reconnaissance backbone of the campaign, collecting critical system information for further exploitation.

When the C2 server responds to the initial GET request, it delivers another JavaScript payload containing five functions that systematically enumerate the infected system’s environment.

The malware executes commands to gather system information, including hardware specifications and network configuration details.

It then retrieves a comprehensive list of all running processes, providing attackers with insight into installed security software and legitimate applications that might interfere with payload execution.

The reconnaissance phase also enumerates files within C:\Users directory, targeting user profiles and identifying potentially valuable data or configuration files.

Each command’s output gets packaged into cabinet (.cab) files and exfiltrated via POST requests to the same C2 server.

The malware demonstrates technical sophistication by modifying the HKCU\Console\CodePage registry key to UTF-8 encoding, ensuring proper text handling during data collection.

Temporary files are systematically deleted after exfiltration, implementing basic operational security practices that hinder forensic analysis.

Persistence mechanisms reveal the attackers’ commitment to long-term access.

The malware writes itself to %APPDATA%\Microsoft\Windows\Themes\Themes.js and creates a scheduled task named Windows Theme Manager that executes the JavaScript dropper every minute using wscript.exe.

This approach leverages legitimate Windows scheduling utilities to maintain command and control connectivity without requiring elevated privileges, making detection more difficult for defenders relying on privilege escalation alerts.

The campaign’s final stage introduces a Word document delivery component, potentially serving as a social engineering lure.

However, security researchers found the document remained empty without embedded macros, suggesting it may function as a placeholder or secondary infection vector for specific targets.

The complete infection chain demonstrates calculated malware engineering designed to evade traditional detection while establishing resilient persistence across multiple execution mechanisms.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Threat Actors May Abuse VS Code Extensions to Deploy Ransomware and Use GitHub as C2 Server appeared first on Cyber Security News.

First observed in early 2023, this malware employs a carefully orchestrated infection chain that progresses through multiple components—downloader, loader, injector, and final payload—making detection and removal significantly challenging for security teams.

The threat actors behind ValleyRAT distribute the malware through phishing campaigns and trojanized installers, exploiting trust relationships common in Chinese business environments.

What distinguishes this malware is its geographic kill switch mechanism that queries the Windows Registry for specific applications before execution.

The malware specifically searches for WeChat (HKCU\Software\Tencent\WeChat) and DingTalk (HKCU\Software\DingTalk) registry entries, terminating immediately if neither is found.

Picussecurity security analysts identified the malware’s advanced evasion capabilities, noting its aggressive approach to bypassing system defenses.

ValleyRAT employs multiple User Account Control (UAC) bypass techniques targeting Windows executables like Fodhelper.exe and Event Viewer, while simultaneously manipulating security tokens to gain SeDebugPrivilege access.

This privilege enables the malware to interact with processes at higher integrity levels, effectively granting system-wide control.

The malware’s creators implemented extensive anti-analysis measures to evade detection in virtualized environments.

ValleyRAT performs CPUID instruction checks to verify genuine Intel or AMD processors, examining vendor strings that virtual environments often fail to replicate correctly.

Additionally, it enumerates active windows searching for analysis tools including Wireshark, Fiddler, and other security research applications.

Infection Mechanism and Payload Delivery

ValleyRAT’s loader component utilizes .NET executables containing 3DES-encrypted resources that decrypt and execute entirely in memory.

The malware leverages MSBuild.exe, a legitimate Microsoft build engine binary, as its execution host through process masquerading techniques.

This Living-off-the-Land Binary (LOLBin) approach allows ValleyRAT to blend malicious activities with normal system operations.

The cryptographic implementation employs TripleDES decryption with MD5-hashed keys derived from BigEndianUnicode encoding.

The malware constructs obfuscated strings using .Replace methods, Strings.StrReverse functions, and Unicode escape sequences to evade static analysis.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Multi-Staged ValleyRAT Uses WeChat and DingTalk to Attack Windows Users appeared first on Cyber Security News.

The attack, termed agent session smuggling, allows a malicious AI agent to inject covert instructions into established cross-agent communication sessions, effectively taking control of victim agents without user awareness or consent. This discovery highlights a critical vulnerability in multi-agent AI ecosystems that operate across organizational boundaries.

How Agent Session Smuggling Works

The attack targets systems using the Agent2Agent (A2A) protocol, an open standard designed to facilitate interoperable communication between AI agents regardless of vendor or architecture.

The A2A protocol stateful nature—its ability to remember recent interactions and maintain coherent conversations—becomes the attack’s enabling weakness.

Unlike previous threats that rely on tricking an agent with a single malicious input, agent session smuggling represents a fundamentally different threat model: a rogue AI agent can hold conversations, adapt its strategy and build false trust over multiple interactions.

The attack exploits a critical design assumption in many AI agent architectures: agents are typically designed to trust other collaborating agents by default.

Once a session is established between a client agent and a malicious remote agent, the attacker can stage progressive, adaptive attacks across multiple conversation turns. The injected instructions remain invisible to end users, who typically only see the final consolidated response from the client agent, making detection extraordinarily difficult in production environments.

Understanding the Attack Surface

Research demonstrates that agent session smuggling represents a threat class distinct from previously documented AI vulnerabilities. While straightforward attacks might attempt to manipulate a victim agent with a single deceptive email or document, a compromised agent serving as an intermediary becomes a far more dynamic adversary.

The attack’s feasibility stems from four key properties: stateful session management allowing context persistence, multi-turn interaction capabilities enabling progressive instruction injection, autonomous and adaptive reasoning powered by AI models, and invisibility to end users who never observe the smuggled interactions.

The distinction between the A2A protocol and the similar Model Context Protocol (MCP) proves important here. MCP primarily handles LLM-to-tool communication through a centralized integration model, operating in a largely stateless manner.

A2A, by contrast, emphasizes decentralized agent-to-agent orchestration with persistent state across collaborative workflows. This architectural difference means MCP’s static, deterministic nature limits the multi-turn attacks that make agent session smuggling particularly dangerous.

Real-World Attack Scenarios

Security researchers developed proof-of-concept demonstrations using a financial assistant as the client agent and a research assistant as the malicious remote agent.

The first scenario involved sensitive information leakage, where the malicious agent issued seemingly harmless clarification questions that gradually tricked the financial assistant into disclosing its internal system configuration, chat history, tool schemas and even prior user conversations.

The user asks the financial assistant to retrieve the investment portfolio and profile, followed by a request for a briefing on AI market news.

Crucially, these intermediate exchanges would remain completely invisible in production chatbot interfaces—developers would only see them through specialized developer tools.

The second scenario demonstrated unauthorized tool invocation capabilities. The research assistant manipulated the financial assistant into executing unauthorized stock purchase operations without user knowledge or approval.

By injecting hidden instructions between legitimate requests and responses, the attacker successfully completed high-impact actions that should have required explicit user confirmation. These proofs-of-concept illustrate how agent session smuggling can escalate from information exfiltration to direct unauthorized actions affecting user assets.

Defending against agent session smuggling requires a comprehensive security architecture addressing multiple attack surfaces. The most critical defense involves enforcing out-of-band confirmation for sensitive actions through human-in-the-loop approval mechanisms.

When agents receive instructions for high-impact operations, execution should pause and trigger confirmation prompts through separate static interfaces or push notifications—channels the AI model cannot influence.

Implementation of context-grounding techniques can algorithmically enforce conversational integrity by validating that remote agent instructions remain semantically aligned with the original user request’s intent.

Significant deviations should trigger automatic session termination. Additionally, secure agent communication requires cryptographic validation of agent identity and capabilities through signed AgentCards before session establishment, establishing verifiable trust foundations and creating tamper-evident interaction records.

Organizations should also expose client agent activity directly to end users through real-time activity dashboards, tool execution logs and visual indicators of remote instructions. By making invisible interactions visible, organizations significantly improve detection rates and user awareness of potentially suspicious agent behavior.

Critical Implications for AI Security

While researchers have not yet observed agent session smuggling attacks in production environments, the technique’s low barrier to execution makes it a realistic near-term threat.

An adversary needs only convince a victim agent to connect to a malicious peer, after which covert instructions can be injected transparently. As multi-agent AI ecosystems expand globally and become more interconnected, their increased interoperability opens new attack surfaces that traditional security approaches cannot adequately address.

The fundamental challenge stems from the inherent architectural tension between enabling useful agent collaboration and maintaining security boundaries.

Organizations deploying multi-agent systems across trust boundaries must abandon assumptions of inherent trustworthiness and implement orchestration frameworks with comprehensive layered safeguards specifically designed to contain risks from adaptive, AI-powered adversaries.

Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.

The post Agent Session Smuggling: How Malicious AI Hijacks Victim Agents appeared first on Cyber Security News.

The warrant, unsealed last week in Maine and reviewed by cybersecurity outlets, stems from a year-long probe into a dark web site distributing child sexual abuse material (CSAM).

Federal agents, operating undercover, hit a breakthrough when the site’s administrator casually revealed their use of ChatGPT during online chats.

The suspect, chatting with investigators posing as site users, shared snippets of interactions with the AI tool.

One prompt explored a whimsical crossover: “What would happen if Sherlock Holmes met Q from Star Trek?” Another involved requesting a 200,000-word poem, to which ChatGPT responded with a sample a bombastic, self-aggrandizing ode in the style of President Donald Trump praising the Village People’s “Y.M.C.A.”

The administrator even pasted the full excerpt, unwittingly providing investigators with a digital trail.

DHS Warrant to OpenAI

The warrant seen by Forbes directed OpenAI to surrender extensive records on the account behind these prompts.

This included full transcripts of other ChatGPT conversations, associated names, email addresses, IP logs, and payment details linked to subscriptions.

Such requests echo past law enforcement demands on search engines like Google for user queries, but mark the debut of generative AI platforms.

Experts warn this could set a precedent, allowing agencies to reverse-engineer criminal intent from seemingly benign AI interactions.

OpenAI has not publicly commented on the warrant or its compliance. Privacy advocates, however, raise alarms about the chilling effect on AI users, arguing that innocuous prompts could now flag everyday citizens in broad surveillance nets.

Ironically, the OpenAI data proved unnecessary for identification. Undercover exchanges revealed the suspect’s ties to the U.S. military: mentions of health assessments, seven years in Germany at Ramstein Air Force Base, and his father’s service in Afghanistan.

Cross-referencing with Department of Defense records confirmed 36-year-old Drew Hoehner as the administrator.

Hoehner, who had applied for further DoD roles, faces one count of conspiracy to advertise CSAM. He has yet to enter a plea, and his attorney did not respond to inquiries.

This case underscores evolving tactics in cybercrime investigations, where AI tools become unwitting informants. As generative platforms proliferate, law enforcement’s reach into user creativity grows, potentially eroding trust in tools like ChatGPT.

For now, it highlights how a single shared prompt can unravel hidden networks, blending pop culture queries with serious allegations.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post DHS Asks OpenAI To Share Information on ChatGPT Prompts Used By Users appeared first on Cyber Security News.

The issue, tracked under advisory DZ1168079, stems from a code bug and affects the Threat and Vulnerability Management feature within the Microsoft Defender XDR suite.

The bug impacts explicitly organizations running SQL Server 2017 and 2019. Within the Microsoft Defender for Endpoint portal, administrators may see an “End-Of-Support” (EOS) tag incorrectly applied to these software versions.

Microsoft has clarified that while the EOS tag is erroneous, the associated vulnerability recommendations are legitimate and should still be addressed.

This mislabeling creates a confusing situation where administrators must act on valid security alerts while ignoring the incorrect end-of-life status.

The scope of the impact is significant, as it could affect any environment using these widely deployed SQL Server versions with Defender for Endpoint for security management.

This can lead to misprioritization of tasks as teams may mistakenly believe they need to perform urgent software upgrades.

Root Cause And Initial Response

According to Microsoft, the problem originated from a recent change related to End-Of-Support software detection that introduced a code issue.

The service degradation officially began on Wednesday, October 8, 2025, although Microsoft’s incident timeline traces the start of the impact back to Monday, September 29, 2025. Initially, the company reported that users might be seeing false positive vulnerability recommendations.

However, after further investigation, it was determined that the vulnerability reports were accurate, but the EOS tags were being incorrectly applied.

In response, Microsoft developed a fix intended to correct the faulty code and began deploying it to its test environment for validation before a wider rollout.

Despite the initial remediation efforts, the problem persists. Microsoft confirmed on Thursday, October 9, that after deploying the fix, the inaccurate end-of-life tagging was still occurring for some users.

This indicates that the first attempted solution was not entirely effective. The company’s engineers are now investigating what additional actions are necessary to ensure the fix is applied correctly and resolves the issue for all affected customers.

The service status remains at “serviceDegradation,” and Microsoft has committed to providing its next update on the situation by Sunday, October 12, 2025.

In the meantime, administrators are advised to acknowledge the legitimacy of the vulnerability alerts for SQL Server 2017 and 2019 but disregard the incorrect end-of-life notifications.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Microsoft Defender Incorrectly Flags SQL Server Software as End-of-life appeared first on Cyber Security News.

The attack uncovered by Truesec, dubbed “TamperedChef,” represents a new evolution in social engineering tactics that leverage trusted software categories to deploy information-stealing malware.

The malicious campaign centers around AppSuite PDF Editor, a free PDF editing tool promoted across multiple websites and distributed through Google advertising campaigns.

What makes this attack particularly insidious is its patient approach. The software initially appears harmless, functioning as advertised while secretly establishing persistence mechanisms and awaiting activation commands.

The campaign’s sophistication is evident in its execution timeline. Beginning on June 26, 2025, threat actors registered multiple domains and began promoting the PDF editor through at least five different Google advertising campaigns.

The malware remained dormant for 56 days strategically timed to coincide with typical Google advertising campaign durations—before activating its malicious capabilities on August 21, 2025.

Upon installation, the software establishes communication with command-and-control servers through specific URLs, including inst.productivity-tools.ai and vault.appsuites.ai.

The malware’s persistence mechanism involves creating registry entries that execute with various command-line arguments, including --install, --enableupdate, --fullupdate, and others.

When the --fullupdate argument is triggered, the software downloads and executes an obfuscated JavaScript file containing the core TamperedChef payload.

Data Theft Capabilities

Once activated, TamperedChef demonstrates sophisticated information-stealing capabilities. The malware queries web browser databases using Windows Data Protection API (DPAPI) to extract stored credentials and sensitive information.

It systematically terminates browser processes to access locked data files, ensuring comprehensive data harvesting from popular web browsers, Truesec said.

The malware also conducts system reconnaissance, identifying installed security products before proceeding with its data exfiltration operations. This behavior suggests the threat actors have invested significant effort in developing evasion techniques to bypass common security solutions.

The campaign’s legitimacy facade is reinforced through the abuse of digital certificates from multiple companies, including ECHO Infini SDN BHD, GLINT By J SDN. BHD, and SUMMIT NEXUS Holdings LLC.

Investigation reveals these companies share suspicious characteristics, including generic websites with potentially AI-generated content and shared business addresses.

Particularly concerning is the discovery that certificates from these entities have been used to sign other malicious software, including the Epibrowser malware, indicating a broader certificate abuse operation supporting multiple malware families.

Campaign Scope and Impact

The threat actors behind TamperedChef have addressed long-term persistence in the threat landscape, with evidence suggesting activity dating back to August 2024.

For the company BYTE Media, there are also digital certificates used to sign malware, but another one called Epibrowser.

In several cases, we have observed a file called elevate.exe being installed together with the PDF Editor bundle.

Their operations extend beyond the PDF editor to include other potentially unwanted programs like OneStart browser, all sharing common command-and-control infrastructure.

European organizations have been significantly impacted, with multiple companies reporting employee infections after downloading the malicious PDF editor.

The campaign’s success highlights the effectiveness of disguising malware as legitimate productivity tools—a category users typically trust and readily install.

This campaign represents a concerning evolution in malware distribution tactics. By leveraging legitimate advertising platforms and maintaining extended dormancy periods, threat actors can achieve widespread distribution before revealing malicious intent.

The use of AI-generated code and generic business fronts further demonstrates the industrialization of cybercrime operations.

The TamperedChef campaign serves as a stark reminder that even seemingly innocuous productivity tools can pose significant security risks. Organizations must implement robust software vetting procedures and maintain heightened awareness of free utilities from unknown sources, as today’s helpful application could become tomorrow’s security nightmare.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.

The post New TamperedChef Attack With Weaponized PDF Editor Steals Sensitive Data and Login Credentials appeared first on Cyber Security News.

Ethan Foltz, 22, of Eugene, Oregon, faces federal charges for allegedly operating the “Rapper Bot” botnet, also known as “Eleven Eleven Botnet” and “CowBot,” which conducted sophisticated DDoS attacks since at least 2021.

Key Takeaways
1. An Oregon man, 22, charged for operating a massive DDoS botnet, faces 10 years prison.
2. 370,000+ attacks across 80+ countries using 65,000-95,000 hijacked devices.
3. FBI seized control and shut down the botnet on August 6, 2025.

Massive Scale of Cyberattacks Revealed

The Rapper Bot operation represented a significant threat to global internet infrastructure, utilizing between 65,000 and 95,000 compromised devices to launch devastating attacks. 

Court documents reveal that the botnet primarily infected Internet of Things (IoT) devices, including Digital Video Recorders (DVRs) and WiFi routers, by deploying specialized malware that converted these devices into unwitting participants in cyberattacks.

The scale of the operation was unprecedented, with investigators documenting over 370,000 attacks targeting 18,000 unique victims from April 2025 to the present. 

These DDoS attacks are commonly measured between two and three terabits per second, with the largest attack potentially exceeding six terabits per second. 

Such massive attack volumes could cost victims anywhere from $500 to $10,000 for a 30-second attack, not including lost revenue, customer dissatisfaction, and incident response costs.

The criminal enterprise monetized its illegal services by providing paying customers access to what prosecutors describe as “one of the most sophisticated and powerful DDoS-for-hire Botnets currently in existence”. 

Targets included critical infrastructure such as U.S. government networks, popular social media platforms, and numerous technology companies. 

Some clients allegedly used the botnet’s capabilities for extortion, leveraging the threat of massive DDoS attacks to force victims.

On August 6, 2025, the Defense Criminal Investigative Service (DCIS) executed a search warrant at Foltz’s residence, successfully terminating the botnet’s attack capabilities and seizing administrative control. 

The disruption was part of Operation PowerOFF, an international law enforcement initiative targeting DDoS-for-hire infrastructures worldwide.

Industry partners, including Akamai, Amazon Web Services, Cloudflare, and Google, provided crucial assistance in the investigation.

Foltz faces allegations of assisting in computer intrusions, which carries a potential sentence of ten years in jail.  

The case demonstrates law enforcement’s growing capability to combat sophisticated cybercriminal operations that threaten global internet security and infrastructure.

Safely detonate suspicious files to uncover threats, enrich your investigations, and cut incident response time. Start with an ANYRUN sandbox trial → 

The post Hacker Charged in Connection with DDoS-for-Hire ‘Rapper Bot’ Scheme appeared first on Cyber Security News.

This groundbreaking achievement positions Android at the forefront of secure mobile technology, establishing a new benchmark for open-source security frameworks in the consumer electronics industry.

The certification process involved rigorous evaluation by Dekra, a globally recognized cybersecurity certification laboratory, which conducted comprehensive testing against the TrustCB SESIP scheme in compliance with EN-17927 standards.

The SESIP Level 5 certification incorporates AVA_VAN.5, representing the highest level of vulnerability analysis and penetration testing under the ISO 15408 Common Criteria standard.

This certification validates that pKVM can withstand attacks from highly skilled, well-motivated, and well-funded adversaries who may possess insider knowledge and system access.

According to Dave Kleidermacher, VP of Engineering for Android Security & Privacy, this certification enables Android to securely support next-generation high-criticality isolated workloads, including on-device AI applications processing ultra-personalized data with maximum privacy and integrity assurances.

Google Security Blog analysts noted that this achievement addresses a critical gap in the industry, where many Trusted Execution Environments (TEEs) lack formal certification or operate at lower security assurance levels.

Revolutionary Impact on Android’s Security Architecture

The certified pKVM fundamentally transforms Android’s multi-layered security strategy by providing a single, open-source, and exceptionally high-quality firmware foundation that all device manufacturers can utilize.

This standardization eliminates the inconsistency challenges developers face when building highly critical applications requiring robust and verifiable security levels.

Moving forward, Android device manufacturers will be mandated to implement isolation technology meeting equivalent security standards for various device-dependent security operations, ensuring every user benefits from a consistent, transparent, and verifiably secure foundation across the Android ecosystem.

Boost your SOC and help your team protect your business with free top-notch threat intelligence: Request TI Lookup Premium Trial.

The post Google Announces That Android’s pKVM Framework Achieves SESIP Level 5 Certification appeared first on Cyber Security News.