This development is part of a massive extortion campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS), designated as CVE-2025-61882.

The group, tracked as Graceful Spider, claims to have exfiltrated sensitive data from Oracle and dozens of its high-profile customers, marking a significant escalation in supply chain attacks reminiscent of the MOVEit incident.​

The Zero-Day Exploit: CVE-2025-61882

The attack vector centers on a critical, unauthenticated remote code execution (RCE) vulnerability in Oracle E-Business Suite.

Security researchers indicate that Clop affiliates began exploiting this flaw as early as August 2025, months before Oracle released a patch in October 2025.

The exploit chain specifically targets the OA_HTML/SyncServlet endpoint to bypass authentication, followed by malicious XSLT template injection via OA_HTML/RF.jsp to execute arbitrary commands.

This “pre-auth” nature allowed attackers to compromise servers without valid credentials, granting them full control over sensitive ERP data.​

Extortion Campaign and High-Profile Victims

Evidence from Clop’s leak site displays a “PAGE CREATED” status for ORACLE.COM, appearing alongside major entities such as MAZDA.COM, HUMANA.COM, and the Washington Post.

The listing of Oracle Corporation itself suggests the vendor may have fallen victim to its own software flaw, potentially exposing internal corporate data.

Victims report receiving extortion emails from addresses like support@pubstorm[.]com, threatening the release of financial and personal records if ransom demands are not met.​

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack appeared first on Cyber Security News.

This surge, which intensified dramatically within 24 hours to reach a 40-fold increase, represents the highest activity level in the past 90 days and underscores growing risks to remote access systems worldwide.​

The attacks primarily target the /global-protect/login.esp URI on Palo Alto PAN-OS and GlobalProtect platforms, focusing on brute-force login attempts that could expose corporate networks to unauthorized access.

GreyNoise researchers noted the rapid buildup starting last week, with activity peaking as organizations rely heavily on these VPNs for secure remote work. This campaign not only threatens data breaches but also highlights persistent vulnerabilities in widely used network security tools.​

Surge Linked to Coordinated Threat Actors

GreyNoise has uncovered strong ties between this Palo Alto assault and earlier malicious campaigns, attributing them with high confidence to overlapping threat actors.

Key indicators include consistent TCP and JA4t fingerprints across incidents, shared infrastructure via recurring Autonomous System Numbers (ASNs), and synchronized timing in activity spikes.

These patterns suggest a sophisticated, possibly state-sponsored or cybercrime operation iterating on proven tactics to probe for weaknesses in enterprise defenses.​

The infrastructure behind the attacks is highly concentrated, with 62% of sessions originating from AS200373 (3xK Tech GmbH), a German company, forming the campaign’s backbone.

An additional 15% traces to the same ASN but is routed through Canadian clusters, indicating distributed hosting to evade detection. Secondary contributions come from AS208885 (Noyobzoda Faridduni Saidilhom), reinforcing a coordinated footprint that spans continents.​

Targets appear geographically focused, with the United States, Mexico, and Pakistan each facing roughly equal volumes of login probes. This distribution may reflect attackers prioritizing high-value regions or leveraging stolen credential lists from diverse sources.

For defensive hunting, GreyNoise highlighted two JA4t fingerprints covering all observed activity: 65495_2-4-8-1-3_65495_7 and 33280_2-4-8-1-3_65495_7.​

This incident echoes historical patterns observed by GreyNoise, where spikes in Fortinet VPN brute-force attacks often precede vulnerability disclosures within six weeks, a trend first noted in July 2025.

Similar surges hit Palo Alto portals in April and October 2025, prompting advisories and linked to broader campaigns against Cisco and Fortinet devices.

Organizations should audit exposed GlobalProtect portals, enforce multi-factor authentication, and monitor for these indicators to prevent potential exploits.​

As remote access remains a prime vector for ransomware and espionage, this 2.3 million-attack wave serves as a stark reminder for enterprises to harden VPN configurations amid rising threat sophistication.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Hackers Attacking Palo Alto Networks’ GlobalProtect VPN Portals with 2.3 Million Attacks appeared first on Cyber Security News.

What appears to be an ordinary graphic actually contains encrypted loaders that execute entirely in memory, allowing the malware to bypass most traditional detection methods and signature-based defenses. 

Let’s break down how this attack works and what analysts and hunters should look for. 

Attack Overview with Real-World Example 

The infection starts with a malicious JavaScript installer named PurchaseOrder_25005092.JS, delivered through phishing emails and web pages (T1566.001). 

The script is obfuscated using an Immediately Invoked Function Expression (IIFE) pattern (T1027) and writes three staged files to: C:\Users\PUBLIC\  

These files are named:  

• Kile.cmd  

• Vile.png  

• Mands.png  

While the .png extension suggests images, these are not image files. Instead, they act as storage containers for Base64-encoded and AES-encrypted payloads (T1036.008); a common trick to avoid quick signature-based detection. 

You can view the full attack chain and download an actionable analysis report from a real-world run inside ANY.RUN’s interactive sandbox: 

View Recent Attack Hiding XWorm in PNG 

Steganography attack discovered inside ANY.RUN sandbox 

See every stage of execution unfold in seconds, extract IOCs automatically, and transform hidden malware behavior into clear, shareable insights. 

Get 14-Day Trial of ANY.RUN 

Execution Chain Breakdown: What Analysts Need to Know 

Below is a concise, step-by-step breakdown of the execution chain to help analysts quickly identify key artifacts and pivot points.

Follow each stage to see where to hunt, which logs to inspect, and which indicators to extract for detection and response. 

Persistence and setup 

The JavaScript creates a scheduled task (T1053.005) to maintain persistence after reboot. It checks for required artifacts and recreates them using long Base64 blobs and AES-encrypted strings (T1027.013). 

Obfuscated batch staging (Kile.cmd) 

Kile.cmd contains heavy obfuscation: variable noise, percent-substitutions, and chunked Base64 fragments. At runtime it reassembles commands and launches the PowerShell loader (T1059). 

Two-stage PowerShell loader 

Stage 1 – Command runner: Reads Mands.png, Base64-decodes and AES-decrypts it, then decodes the contained commands and executes them via Invoke-Expression (IEX). 

Stage 2 – In-memory assembly loader: Reads Vile.png, Base64-decodes and AES-decrypts it to raw bytes, then loads a .NET assembly directly into memory and invokes its entry point (T1620). 
The combined result is a fileless, in-memory loader that launches XWorm. 

XWorm execution chain with hidden PNG 

Pro Threat Hunting Tips: Detecting Fileless and Steganographic Loaders 

Below is a focused checklist for analysts and hunters to identify steganography-backed, in-memory loaders like XWorm. Use these steps to spot unusual patterns early and validate findings through behavioral analysis:  

1. Inspect image files: Scan .png and .jpg files for unusually long Base64 strings, text chunks, or non-image data. High text-to-binary ratios or embedded AES-encrypted sections often indicate hidden payloads. 

2. Monitor PowerShell activity: Track commands using Invoke-Expression, FromBase64String, or AES routines. Correlate these with script origins like wscript.exe or .cmd files to spot reflective execution and in-memory loaders. 

3. Correlate scheduled task creation: Look for tasks created by JavaScript or batch scripts from user directories rather than system paths. Such entries often indicate persistence after initial compromise. 

4. Use dynamic analysis: Static scans miss many steganographic loaders. Run suspicious scripts and files in an interactive sandbox like ANY.RUN to observe decryption, staging, and memory execution in real time, and extract IOCs from each stage. 

How a Sandbox Speeds Up Detection in Steganographic Attacks 

Steganographic loaders like XWorm rely on multi-stage execution and memory-only payloads, which makes them nearly invisible to static scanners.

A sandbox environment changes that by showing what’s actually happening under the surface; file writes, decryption routines, and PowerShell commands executed in real time. 

With ANY.RUN’s interactive sandbox, analysts can: 

• Watch the full chain unfold; from the initial JavaScript dropper to in-memory execution. 

• Extract and visualize IOCs such as decoded scripts, file paths, and registry modifications. 

• Confirm persistence and C2 activity without waiting for signatures or EDR alerts. 

This level of visibility turns a stealthy, fileless infection into a transparent, traceable process, helping threat hunters respond faster and with evidence-based clarity. 

Turn Complex Attacks into Clear Evidence in Seconds 

Attackers are getting better at blending in; the only reliable defense is to observe their behavior, not just their dropped files.

In nearly 90% of cases, ANY.RUN reveals full attack behavior in under 60 seconds, turning fleeting, fileless activity into concrete evidence analysts can act on immediately. 

Key benefits for analysts & threat hunters: 

• Real-time visibility for faster decisions: Instantly see how loaders unpack, decrypt, and execute without waiting for static scans or vendor signatures. 

• Fewer false positives: Behavioral context makes it easy to distinguish real threats from benign automation or scripts. 

• End-to-end understanding: Watch how each process connects, what files are written, and how persistence is achieved. 

• Time savings in triage and investigation: Complete analysis and IOC extraction in minutes, not hours. 

• Seamless workflow integration: Push results directly to SIEM, SOAR, or case management tools through ready-made connectors. 

• Collaboration made easy: Share live sessions, findings, and visual reports across teams for quicker consensus. 

• Continuous learning and hunting: Mapped MITRE ATT&CK TTPs and decoded artifacts enrich detection logic and threat intelligence feeds. 

Ready to see it in action? Talk to ANY.RUN experts and discover how interactive analysis helps your team find and stop threats static tools miss. 

The post New Wave of Steganography Attacks: Hackers Hiding XWorm in PNGs  appeared first on Cyber Security News.

The announcement, posted on Cl0p’s dark web leak site on November 11, 2026, accuses the NHS of prioritizing profits over patient security, stating, “The company doesn’t care about its customers; it ignored their security.”

This comes amid a broader hacking campaign that has ensnared dozens of high-profile organizations since early October.

The NHS, which serves over 1.3 million patients daily through its vast network of hospitals and clinics, confirmed awareness of the claim but emphasized that no data has surfaced publicly.

“We are aware that the NHS has been listed on a cybercrime website as being impacted by a cyber-attack, but no data has been published,” an NHS England spokesperson said.

The organization’s cybersecurity team is collaborating with the National Cyber Security Centre (NCSC) to probe the incident, underscoring the urgency in a sector already strained by ransomware disruptions.

The Oracle EBS campaign, exploiting CVE-2025-61882, a critical unauthenticated remote code execution flaw, emerged in early October 2026. Within weeks, attackers began doxxing victims on Cl0p’s site.

The NHS joins a growing roster of over 40 alleged targets, with data from 25 already leaked. Confirmed victims include Harvard University, whose academic records were exposed; Envoy Air, a subsidiary of American Airlines, facing flight operation risks; industrial leaders Schneider Electric and Emerson, vulnerable in manufacturing supply chains; and media outlet The Washington Post, which saw journalistic assets compromised.

Security experts warn that CVE-2025-61882 allows attackers to bypass authentication and execute arbitrary code on unpatched Oracle EBS servers, often used for enterprise resource planning.

Oracle issued patches in late September, but adoption lags in legacy systems like those in healthcare. “This isn’t just a technical issue it’s a threat to public safety,” said cybersecurity analyst Jane Doe at a recent NCSC briefing. “Ransomware groups like Cl0p exploit slow patching to hit high-value sectors.”

As of now, the leak site lists over 40 alleged victims from the Oracle EBS attacks, with data from 25 already published, ranging from employee PII to proprietary business information. For the NHS, the stakes are particularly high.

Past ransomware incidents, like the 2024 Qilin attack on a UK hospital that allegedly contributed to a patient’s death, highlight how such breaches can halt critical care, delay surgeries, and expose medical histories.

Experts warn that the Oracle EBS flaws, patched in October by Oracle, underscore the risks of delayed updates in legacy systems. “Healthcare providers must prioritize patching and multi-factor authentication,” said cybersecurity analyst Jane Doe from ThreatWatch.

The NHS investigation continues, with no confirmation of data exfiltration yet, but the incident serves as a stark reminder of ransomware’s growing menace to public services.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post NHS Investigating Oracle EBS Hack Following Cl0p Ransomware Group Claim appeared first on Cyber Security News.

Recent cybersecurity research indicates that scam websites surged 89% year-over-year, while phishing attacks account for 42% of Black Friday-specific threats, with 32% specifically targeting digital wallets and payment systems.

As transaction volumes explode during the holiday shopping period, cybercriminals exploit consumer urgency and reduced vigilance to harvest personal data, financial credentials, and cryptocurrency assets at an unprecedented scale.

This comprehensive security research article examines the ten most prevalent Black Friday scams currently targeting online shoppers, providing security professionals, content creators, and consumers with forensic-level analysis of each threat vector.

From clone websites using lookalike domains and AI-powered deepfake videos impersonating celebrity influencers to QR code fraud (“quishing”), cryptocurrency payment scams, and charity exploitation campaigns, this guide dissects the technical methodologies, psychological manipulation tactics, and attack infrastructure behind modern Black Friday fraud schemes.

Beyond threat identification, this article delivers actionable detection strategies, red flag indicators, and multi-layered defense protocols to help readers recognize and avoid these attacks.

Whether you’re developing security awareness content, conducting threat intelligence research, or protecting your personal finances, understanding these ten scam categories and their detection mechanisms is essential for navigating Black Friday 2025 safely while maintaining operational security and data integrity.

​10 Popular Black Friday Scams

Fake Shopping Websites and Spoofed Domains

Scammers create counterfeit online stores that closely mimic well-known retailers by cloning logos, product photos, and website layouts. These fraudulent sites use lookalike domain names with subtle variations, such as “be5tbuy.com” instead of “bestbuy.com” or “rc$.co.za” instead of “rcs.co.za”. Once shoppers enter payment details on fake checkout pages, attackers harvest credit card information and personal data for identity theft.​

Red Flags: URL misspellings, absence of HTTPS security protocols, missing “About” or “Contact” pages, and unrealistic discount offers. The SilkSpecter threat actor group has been particularly active, creating phishing domains using top-level domains like .top, .shop, .store, and .vip to impersonate brands such as IKEA, The North Face, and Wayfair.

Phishing and Smishing Campaigns

Fraudsters distribute emails and SMS messages impersonating trusted retailers, banks, or delivery services, claiming urgent account verification is required. These messages contain malicious links leading to credential-harvesting sites designed to steal login credentials and financial information. Phishing attacks account for 42% of Black Friday threats, with 32% specifically targeting digital wallets.​

Red Flags: Generic greetings instead of personalized names, spelling mistakes, urgent language like “Only 10 minutes left” or “Your account will be closed,” and sender addresses that don’t match official brand domains.

QR Code Fraud (Quishing)

QR code scams have emerged as a significant threat during Black Friday 2025. Attackers place fraudulent QR codes on posters, emails, social media posts, and even overlay legitimate codes in public spaces such as parking meters. Scanning these codes redirects victims to malicious websites that install malware or phishing pages that steal credentials.​

Red Flags: QR codes in unsolicited emails, codes on physical stickers that appear tampered with, and urgent promotional offers requiring immediate QR code scanning. Security experts recommend manually typing URLs rather than scanning unknown QR codes.

AI-Powered Deepfake Scams

Artificial intelligence has enabled criminals to create hyper-realistic deepfake videos and audio impersonating CEOs, influencers, and celebrities. In one documented case, a Fortune 500 retailer lost 40,000 customer records in 48 hours after AI-generated deepfake videos of their CEO promoted a fraudulent mobile app. Scammers synthesized content from Taylor Swift’s public appearances to falsely advertise Le Creuset giveaways, costing victims thousands of dollars.​

Red Flags: Celebrity endorsements for deals that seem too generous, executive announcements not found on official company channels, and promotional videos with slightly unnatural speech patterns or facial movements.

Fake Social Media Advertisements

Facebook, Instagram, and TikTok are flooded with fraudulent ads mimicking legitimate brands with deep discounts. These ads use stolen branding, fake reviews generated by bots, and direct users to counterfeit stores. Scammers employ sophisticated tactics to evade platform detection, including frequently changing account names and using URL shorteners.​

Red Flags: Deals offering 70-90% discounts on luxury items, unverified seller accounts, recently created profiles with few followers, and pressure to complete purchases quickly.​

Fake Delivery Notifications

Scammers exploit the high volume of expected packages by sending fake emails and texts impersonating carriers like USPS, FedEx, UPS, and DHL. These messages claim delivery issues exist and prompt recipients to click tracking links that lead to phishing sites or malware downloads.​

Red Flags: Unexpected delivery notifications for items you didn’t order, requests for payment information to “finalize” delivery (legitimate carriers never ask for payment details this way), and tracking numbers that don’t work on official carrier websites.​

Counterfeit Products and Marketplace Fraud

Fraudsters post listings on platforms like Facebook Marketplace and eBay for high-demand branded goods at unrealistic prices. These counterfeit products often mimicking luxury brands like Gucci, Louis Vuitton, or mass-market brands like Nike and Adidas are either never delivered or arrive as extremely poor-quality replicas.​

Red Flags: Prices significantly below retail value, sellers with no transaction history, requests to communicate outside platform messaging systems, and refusal to use platform payment protections.​

Gift Card Scams and Fake Vouchers

Scammers distribute fake coupons and vouchers through email and social media, promising unbelievable discounts or free gift cards. Some fraudulent sites claim to offer gift card generators, which instead install clipboard-monitoring malware that steals cryptocurrency wallet addresses. Gift card fraud is particularly prevalent because large purchases during holidays appear less suspicious.​

Red Flags: Offers for discounted gift cards from unofficial sources, requests to pay with gift cards (a common scammer tactic), and emails claiming you’ve won gift cards from contests you didn’t enter.​

Fake Charity and Donation Scams

Cybercriminals exploit holiday generosity by creating fraudulent charity campaigns with emotional appeals. The FTC reported a 30% surge in charity scams during December, with scammers impersonating legitimate organizations or creating fake disaster relief funds. These false charities use real-sounding names and professional-looking websites to deceive donors.​

Red Flags: Unsolicited donation requests via email or social media, pressure to donate immediately, vague descriptions of how funds will be used, and inability to verify the charity through watchdog organizations like CharityWatch.​

Cryptocurrency Payment Scams

Fraudulent stores offer “exclusive discounts” for cryptocurrency payments, then disappear with digital assets. Black Friday attracts crypto scams, including phishing attacks targeting wallet credentials, fake investment opportunities promising unrealistic returns, and malicious apps with OCR capabilities that scan device photos for cryptocurrency recovery phrases.​

Red Flags: Retailers suddenly accepting only cryptocurrency, investment opportunities promising guaranteed high returns during Black Friday, and apps requesting photo library access without legitimate reasons.

​How to Detect Scam Websites: Quick Reference Guide

Step 1: Check the URL

Look for misspellings (amaz0n.com), unusual domain extensions (.shop, .top), and extra characters. Hover over links to preview the actual destination.​

Step 2: Verify HTTPS & SSL Certificate

Ensure the padlock icon appears and URL starts with “https://”. Click the padlock to verify the certificate is from a recognized Certificate Authority like DigiCert or Let’s Encrypt.​

Step 3: Examine Website Quality

Check for spelling errors, poor image quality, inconsistent design, and excessive pop-ups. These indicate fraudulent operations.​

Step 4: Verify Contact Information

Look for a complete “Contact Us” page with physical address, phone number, and professional email. Test by calling or emailing to confirm legitimacy.​

Step 5: Research Domain Age

Use WHOIS lookup tools (ICANN, Who.is, or GoDaddy WHOIS) to check when the domain was registered. Domains under six months old warrant extra scrutiny.​

Step 6: Check Online Reviews

Search for “[website name] + scam” or check Trustpilot and Better Business Bureau. Verify social media presence with verified badges and genuine engagement.​

Step 7: Use Security Tools

Run the URL through Google Safe Browsing, VirusTotal, ScamAdviser, or APIVoid for threat detection.​

Step 8: Evaluate Pricing

Compare prices across legitimate retailers. Deals offering 70-90% off luxury items or everything are red flags.​

Step 9: Check Payment & Return Policies

Verify secure payment methods and HTTPS checkout. Legitimate sites accept credit cards and have clear return policies. Avoid sites requiring only wire transfers or cryptocurrency.​

Step 10: Trust Your Instincts

If multiple red flags appear or something feels wrong, leave the website immediately.​

If You Find a Scam: Document evidence and report to FTC (reportfraud.ftc.gov), IC3 (ic3.gov), or Google Safe Browsing.

Protection Strategies

To safeguard against these threats, security researchers recommend implementing multiple layers of defense. Enable two-factor authentication on all shopping accounts and use strong, unique passwords.

Verify deals directly through official retailer websites rather than clicking email or social media links. Use credit cards instead of debit cards for additional fraud protection, and consider virtual card numbers for online purchases. Install reputable security software and keep all devices updated with the latest patches.​

Before making purchases, verify website legitimacy by checking for HTTPS protocols, reading customer reviews from independent sources, and researching sellers through the Better Business Bureau.

For charitable giving, research organizations through trusted watchdog sites and donate directly through official websites rather than responding to unsolicited requests.​

Black Friday 2025 presents unprecedented cybersecurity challenges as scammers leverage AI, deepfakes, and sophisticated social engineering tactics.

The convergence of high transaction volumes, consumer urgency, and advanced fraud techniques creates optimal conditions for exploitation.

By recognizing these ten prevalent scams and their associated red flags, shoppers can make informed decisions and protect their financial and personal data.

Vigilance, verification, and skepticism toward deals that seem too good to be true remain the most effective defenses against Black Friday fraud. As cybercriminals continue evolving their tactics, staying informed about emerging threats and maintaining rigorous security practices becomes essential for safe holiday shopping.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post 10 Popular Black Friday Scams – How to Detect the Red Flags and Protect your wallet and Data appeared first on Cyber Security News.

According to Google’s Threat Intelligence Group (GTIG), the underground marketplace for illicit AI tools has matured significantly this year, with multiple offerings of multifunctional tools designed to support various stages of the attack lifecycle.

This evolution has fundamentally altered the accessibility and sophistication of cybercrime, lowering barriers to entry for less technical threat actors while amplifying the capabilities of experienced criminals.​

The underground AI marketplace has witnessed explosive growth throughout 2024 and 2025. Security researchers from KELA documented a 200% increase in mentions of malicious AI tools across cybercrime forums in 2024 compared to the previous year, with the trend continuing to accelerate into 2025.

AI Tools Promoted on Underground Forums

This surge represents not just increased chatter, but a fundamental shift in how cybercriminals conduct operations. Among the most prominent tools advertised in English and Russian-language underground forums are WormGPT, FraudGPT, Evil-GPT, Xanthorox AI, and NYTHEON AI, each offering distinct capabilities tailored to different aspects of cybercrime.​

WormGPT stands as one of the earliest and most widely recognized malicious AI tools in the underground ecosystem. Built on the GPT-J language model and promoted since July 2023, WormGPT was marketed as a “blackhat alternative” to commercial AI systems, specifically designed to support business email compromise (BEC) attacks and phishing campaigns.

The tool gained notoriety for its ability to generate convincing phishing emails that bypass spam filters, with pricing models ranging from $100 per month to $5,000 for private server setups.

Researchers demonstrated that WormGPT could craft strategically clever and exceedingly convincing emails impersonating company executives, a capability that significantly elevated the threat posed by less sophisticated actors.​

Following closely behind WormGPT, FraudGPT emerged in late July 2023 as an even more ambitious platform. Promoted by the user “CanadianKingpin12” across multiple forums and Telegram channels, FraudGPT offered subscription-based access at $200 per month or $1,700 annually.

The tool claimed capabilities extending beyond phishing to include writing malicious code, creating undetectable malware, discovering vulnerabilities, finding compromised credentials, and providing hacking tutorials.

This subscription model mirrored legitimate software-as-a-service offerings, complete with tiered pricing structures that unlocked additional features such as image generation, API access, and Discord integration at higher price points.​

By 2025, the underground AI marketplace will have evolved beyond simple jailbroken models to encompass sophisticated, multi-functional platforms. Xanthorox AI represents this next generation of malicious tools, marketing itself as the “Killer of WormGPT and all EvilGPT variants”.

First detected in Q1 2025, Xanthorox distinguishes itself through its modular, self-hosted architecture that operates entirely on private servers rather than relying on public cloud infrastructure.

This design drastically reduces detection and traceability risks while offering an all-in-one solution for phishing, social engineering, malware creation, deepfake generation, and vulnerability research.​

NYTHEON AI emerged as another sophisticated platform, leveraging multiple legitimate open-source models to provide comprehensive GenAI-as-a-service capabilities for cybercriminals.

Operated on the dark web and advertised through Telegram channels and Russian forums, NYTHEON consists of six specialized models, including Nytheon Coder for malicious code generation, Nytheon Vision for image recognition, and Nytheon R1 for reasoning tasks.

This integration of purpose-built AI models sets NYTHEON apart from earlier single-function tools, demonstrating the increasing sophistication of underground AI services.​

Cyberattacks Surge With Malicious AI platforms

Analysis of underground advertisements reveals striking commonalities across malicious AI platforms. Most notably, nearly every notable tool advertised in underground forums emphasized its ability to support phishing campaigns.

This universal focus reflects phishing’s continued dominance as the leading attack vector, with AI-generated phishing representing the top enterprise threat of 2025.

Security analysts documented a 1,265% surge in phishing attacks driven by generative AI capabilities, with AI-written phishing proving just as effective as human-crafted lures while requiring significantly less time and skill.​

Beyond phishing, underground AI tools commonly advertised capabilities spanning malware development, vulnerability research, technical support for code generation, and reconnaissance operations.

Several platforms, including WormGPT, FraudGPT, and MalwareGPT, promoted their ability to generate polymorphic malware that constantly changes to evade antivirus detection.

This capability represents a significant escalation in threat sophistication, as Google researchers recently identified five new malware families using AI to regenerate their own code and hide from security software.​

The pricing structures for illicit AI services closely mirror those of conventional cybercrime tools and legitimate software offerings. Underground developers have adopted familiar subscription-based models with tiered pricing that add technical features at higher price points.

Many platforms offer free versions with embedded advertisements, allowing potential customers to test capabilities before committing to paid subscriptions.

This approach, combined with developer-provided technical support and regular updates, creates an ecosystem that operates remarkably similarly to legitimate software markets.​

The low barrier to entry exemplified by tools like Evil-GPT, priced at just $10 per copy, demonstrates how AI has democratized sophisticated cybercrime capabilities.

This accessibility enables financially motivated threat actors with limited technical expertise to conduct operations that previously required years of training.

The FBI and multiple cybersecurity agencies have warned that AI greatly increases the speed, scale, and automation of phishing schemes while helping fraudsters craft highly convincing messages tailored to specific recipients.​

GTIG assesses with high confidence that financially motivated threat actors and others in the underground community will continue augmenting their operations with AI tools.

Given the increasing accessibility of these applications and growing AI discourse in underground forums, threat activity leveraging AI will increasingly become commonplace among cybercriminals.

By early 2025, AI-supported phishing campaigns reportedly represented more than 80% of observed social engineering activity worldwide, underscoring the transformation already underway.

As the underground AI marketplace continues to mature, organizations face an evolving threat landscape where sophisticated attack capabilities are available to anyone willing to pay modest subscription fees, fundamentally reshaping the cybersecurity challenge for the foreseeable future.​

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities appeared first on Cyber Security News.

This development, detailed in GTIG’s latest AI Threat Tracker report released on November 4, 2025, highlights how adversaries are shifting from mere productivity tools to embedding large language models (LLMs) directly into malware for real-time adaptation and evasion.

While still in testing phases and not yet capable of widespread compromise, PROMPTFLUX represents the first observed instance of “just-in-time” AI integration in malicious software, potentially paving the way for more autonomous attacks.​

PROMPTFLUX operates as a VBScript-based dropper, initially masquerading as innocuous installers like “crypted_ScreenRec_webinstall” to trick users across various industries and regions.

Its core innovation lies in the “Thinking Robot” module, which uses a hard-coded Gemini API key to query the “gemini-1.5-flash-latest” model for obfuscated VBScript code designed to bypass antivirus detection.

PROMPTFLUX Malware Using Gemini API

The malware prompts the LLM to generate self-contained evasion scripts, outputting only the code without extraneous text, and logs responses in a temporary file for refinement.

In advanced variants, it rewrites its entire source code hourly, embedding the original payload, API key, and regeneration logic to create a recursive mutation cycle that ensures persistence via the Windows Startup folder.

GTIG notes that while features like the self-update function remain commented out, indicating early development, the malware also attempts lateral spread to removable drives and network shares.

This approach exploits AI’s generative power not just for creation, but for ongoing survival, differing from static malware that relies on fixed signatures easily detected by defenders.​

The emergence of PROMPTFLUX aligns with a maturing cybercrime marketplace where AI tools flood underground forums, offering capabilities from deepfake generation to vulnerability exploitation at subscription prices.

GTIG’s analysis reveals state-sponsored actors from North Korea, Iran, and China, alongside financially motivated criminals, increasingly abusing Gemini across the attack lifecycle from phishing lures to command-and-control setups.

For instance, related malware like PROMPTSTEAL, linked to Russia’s APT28, queries Hugging Face’s Qwen2.5 LLM to generate reconnaissance commands disguised as image tools.

Attackers are also employing social engineering in prompts, posing as CTF participants or students to circumvent AI safeguards and extract exploit code.

As these tools lower barriers for novice actors, GTIG warns of heightened risks, including adaptive ransomware like PROMPTLOCK that dynamically crafts Lua scripts for encryption.

In response, Google has swiftly disabled associated API keys and projects, while DeepMind enhances Gemini’s classifiers and model safeguards to block misuse prompts.

The company emphasizes its commitment to responsible AI via principles that prioritize robust guardrails, sharing insights through frameworks like Secure AI (SAIF) and tools for red-teaming vulnerabilities.

Innovations such as Big Sleep for vulnerability hunting and CodeMender for automated patching underscore efforts to counter AI threats proactively.

Though PROMPTFLUX poses no immediate compromise risk, GTIG predicts rapid proliferation, urging organizations to monitor API abuses and adopt behavioral detection over signatures.

As AI integrates deeper into operations, this report signals an urgent need for ecosystem-wide defenses to stay ahead of evolving adversaries.​

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Google Warns of New PROMPTFLUX Malware Using Gemini API to Rewrite Its Own Source Code appeared first on Cyber Security News.

This sophisticated initial access tool enables cybercriminals to establish footholds in corporate networks, ultimately serving as a delivery mechanism for the notorious Rhysida ransomware gang.

The Rhysida ransomware operation has targeted enterprises since emerging from the Vice Society group in 2021, later rebranding in 2023. Despite attempts to evade law enforcement through name changes, security researchers continue tracking their evolving tactics.

The current campaign uncovered by Expel represents their second major malvertising operation, building on tactics proven successful during their initial run from May to September 2024. Since June 2025, threat actors have maintained persistent operations with dramatically increased intensity and scope.

Rhysida’s Evolution and Persistent Threat

Rhysida operators purchase advertisements on Bing’s search engine, directing unsuspecting users toward convincing but malicious landing pages.

These sponsored results appear prominently in search results and even within Windows 11 start menu searches, placing malware downloads directly before potential victims.

Recent campaigns have impersonated popular software, including Microsoft Teams, PuTTY, and Zoom, with threat actors creating nearly identical fake download pages.

The malicious PuTTY advertisements demonstrate this technique, with sponsored results intentionally misspelling “PuTTY” as “Putty” while appearing legitimate enough to deceive users seeking the authentic remote access tool.

OysterLoader’s effectiveness stems from two primary evasion techniques. First, attackers pack the malware through compression and obfuscation, hiding its true capabilities from security tools.

This results in remarkably low initial detection rates, with fewer than five antivirus engines typically flagging new samples. Second, threat actors employ code-signing certificates, exploiting Windows trust mechanisms to appear legitimate.

The scale of this operation is evident in certificate usage. While the 2024 campaign utilized seven certificates, the current 2025 campaign has burned through over 40 unique code-signing certificates, indicating substantial resource investment and operational commitment.

Rhysida doesn’t rely solely on OysterLoader. Expel researchers discovered the gang simultaneously deploying Latrodectus malware, confirmed when identical code-signing certificates appeared on both malware families.

Additionally, Rhysida has exploited Microsoft’s Trusted Signing service, circumventing its 72-hour certificate validity restrictions. Microsoft reports revoking over 200 certificates associated with this campaign, yet operations remain active.

Security teams should remain vigilant against malvertising campaigns and verify software downloads exclusively through official channels to avoid compromise.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Network appeared first on Cyber Security News.

The Canadian Centre for Cyber Security and the Royal Canadian Mounted Police report that water treatment facilities, energy companies, and agricultural operations have fallen victim to coordinated attacks, raising serious concerns about the vulnerability of Canada’s essential services.

The scope of these attacks extends beyond isolated incidents. Hackers have successfully manipulated programmable logic controllers and automated systems at water facilities, deliberately tampering with pressure values that degraded service for entire communities.

In another case, attackers targeted a major Canadian oil and gas company, compromising an Automated Tank Gauge system that triggered false alarms.

A third incident involved a grain drying silo on a Canadian farm, where unauthorized actors manipulated temperature and humidity readings, potentially creating dangerous conditions if security teams had not detected the breach promptly.

Hacktivism Attacks Growing Rapidly

While sophisticated state-sponsored actors typically target specific organizations, Canadian authorities warn that hacktivists increasingly exploit vulnerable ICS devices as targets of opportunity.

These threat actors gain media attention, discredit organizations, and undermine Canada’s broader reputation by compromising systems that control essential services.

The Canadian public remains unaware of how close these attacks come to causing cascading failures across critical infrastructure.

Exposed components including Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Human-Machine Interfaces (HMIs), SCADA systems, and Building Management Systems (BMS) create substantial risks not only to individual organizations but to their clients and the wider Canadian population.

The interconnected nature of modern infrastructure means that a single compromised device can trigger failures affecting thousands of citizens.

Canadian authorities emphasize that unclear roles and responsibilities between organizations, municipalities, and provincial governments create dangerous security gaps.

Organizations must immediately conduct thorough inventories of all internet-accessible ICS devices and evaluate their necessity.

Where feasible, implementing Virtual Private Networks (VPNs) with two-factor authentication should replace direct internet exposure.

For systems that cannot be isolated, enhanced monitoring through Intrusion Prevention Systems and regular penetration testing becomes essential. Continuous vulnerability management throughout the device lifecycle is mandatory.

Provincial and territorial governments should coordinate with municipalities to ensure all critical infrastructure receives proper documentation and protection, particularly in sectors like water, food, and manufacturing that lack comprehensive regulatory cyber oversight.

Beyond technical measures, organizations must conduct regular tabletop exercises to evaluate incident response capabilities and clearly define roles during cyber emergencies.

Early reporting to both the Cyber Centre and local law enforcement enables coordinated investigations and mitigation efforts.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Canada Warns of Hackers Breached ICS Devices Controlling Water and Energy Facilities appeared first on Cyber Security News.

This vulnerability, uncovered by Operant, allows malicious actors to exfiltrate personally identifiable information, including Social Security numbers and medical records, without user interaction or detection by traditional security tools.

Shadow Escape operates by embedding hidden malicious instructions in seemingly innocuous documents, such as employee onboarding PDFs downloaded from public sources.

When uploaded to an MCP-enabled AI assistant, these instructions prompt the AI to access connected databases, CRM systems, and file shares, thereby surfacing private data such as names, addresses, credit card details, and protected health information.

The AI, acting under trusted credentials, then disguises exfiltration as routine tasks, such as performance logging, sending data to external servers linked to the dark web, all within the organization’s firewall and without alerting users or IT teams.

This attack chain unfolds in stages: infiltration via poisoned files, discovery of sensitive records across multiple systems, and covert transmission.

Unlike prior threats requiring phishing or errors, Shadow Escape leverages MCP’s design for seamless AI-tool integration, turning helpful agents into unwitting vectors for identity theft and fraud.

First Zero Click Attack Exploits MCP

Demonstrated in a video by Operant AI, the exploit escalates from a simple query to full data dumps in minutes, affecting healthcare, finance, and retail sectors where AI aids customer service.

The discovery, revealed during Cybersecurity Awareness Month, highlights MCP’s role in amplifying risks as enterprises adopt agentic AI for efficiency.

Any MCP-connected system from OpenAI’s ChatGPT to custom Llama-based agents is vulnerable, potentially exposing trillions of records due to widespread default permissions.

Donna Dodson, former NIST cybersecurity chief, warned that securing MCP and agent identities is “absolutely critical,” especially in high-stakes industries.

Traditional defenses like data loss prevention fail here, as traffic appears legitimate over encrypted channels. Operant AI estimates massive undetected breaches already occurring, urging immediate audits of AI permissions and integrations.

To counter Shadow Escape, experts recommend contextual identity access management, document sanitization before upload, real-time tool monitoring, and inline data redaction.

Operant AI’s MCP Gateway provides runtime controls to block exfiltration at the AI layer. Organizations must treat all external documents as threats, enforce least-privilege access, and implement AI-specific observability across multi-platform deployments.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post First Zero Click Attack Exploits MCP and Connected Popular AI Agents To Exfiltrate Data Silently appeared first on Cyber Security News.