Cyber Threat Weekly – #98
The week of October 6th through October 12th, around 347 cyber news articles were reviewed. A moderate amount of cyber threat trends and adversarial behavior news to share. Been thinkin about some of the emerging agentic AI protocols that have been released.
Anthropic’s model context protocol (MCP) tops the list. It allows large language models a standardized way to integrate and share data with external tools and systems. Next, IBM’s agent communication protocol (ACP), an open standard, allowing for communication between AI agents across systems, technologies, and frameworks. Last but not least, Google’s agent-2-agent protocol (A2A), an open standard designed for agent communication between opaque agentic applications. These protocols are the early building blocks of multi-agent agentic AI.
Let’s start with attackers deploying LockBit ransomware abuse Velociraptor DFIR tool. Python remote access trojan with polymorphic coding. Network devices are targeted often, this time in a coordinated campaign.
Legit infrastructure abused at scale for phishing campaign. Credentials and weak MFA lead to account takeover and payroll theft. Massive targeting of United States RDP infrastructure. An example of indirect prompt injection and possible long term affects.
Cache smuggling used in variant of FileFix social engineering attack. IUAM ClickFix Generator exposed. Google’s new AI agent finds bugs and fixes them. Hidden text salting in emails.
Broken Record Alert: Don’t get pwned by N-day vulnerabilities!!!
Known exploited software flaws are one of the top 4 initial access vectors and have increased sharply in recent months. We continue to share n-day vulnerabilities being actively exploited. Priority #1, start with the CISA / VulnCheck known exploited vulnerability (KEV) catalogs. If it’s in the catalog, it should be patched.
A close #2 priority is flaws with weaponized proof of concept (PoC) code available. Exploit chances are higher with weaponized PoC code available. If you do nothing else with patching, have an emergency 24-to-48-hour patching process for actively exploited and weaponized PoC code available vulnerabilities.
You should consider what is exposed to the Internet. Architecture and zero trust network access (ZTNA) can go a long way to minimizing the number of devices and services exposed to the Internet.
CISA Known Exploited Vulnerabilities – October 6th to October 12th:
CVE-2021-22555 – Linux Kernel Heap Out-of-Bounds Write Vulnerability:
Could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.
CVE-2010-3962 – Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability:
Could allow for remote code execution. The impacted product could be end-of-life and/or end-of-service. Users should discontinue product utilization.
CVE-2021-43226 – Microsoft Windows Privilege Escalation Vulnerability:
Could allow a local, privileged attacker to bypass certain security mechanisms.
CVE-2013-3918 – Microsoft Windows Out-of-Bounds Write Vulnerability:
An attacker could exploit the vulnerability by constructing a specially crafted webpage. When a user views the webpage, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CVE-2011-3402 – Microsoft Windows Remote Code Execution Vulnerability:
Could allow remote attackers to execute arbitrary code via crafted font data in a Word document or web page.
CVE-2010-3765 – Mozilla Multiple Products Remote Code Execution Vulnerability:
Could allow remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption. This bug affects Mozilla Firefox, SeaMonkey, and Thunderbird.
CVE-2025-61882 – Oracle E-Business Suite Unspecified Vulnerability:
Allows an unauthenticated attacker with network access via HTTP to compromise Oracle Concurrent Processing. Successful attacks can result in takeover of Oracle Concurrent Processing. This bug is known to be used in ransomware campaigns.
CVE-2025-27915 – Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability:
This bug could allow an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration.
CVE-2021-43798 – Grafana Path Traversal Vulnerability:
Could allow access to local files.
Threat Actors in Ransomware Attacks Abuse Velociraptor
An outdated version of the open-source digital forensics and incident response (DFIR) tool was abused for privilege escalation. This led to arbitrary command execution and endpoint takeover. Threat actors are abusing admin and dual use tools more often than ever.
https://thehackernews.com/2025/10/hackers-turn-velociraptor-dfir-tool.html
https://blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
Polymorphic Python Based Remote Access Trojan
A researcher found an interesting malware with specific polymorphic coding. The functions could be easily modified and continually abused. If it works and evades detection, chances are we’ll see more malware like this.
https://thecyberexpress.com/polymorphic-malware-undetected-by-security/
https://isc.sans.edu/diary/32354
Coordinated Scanning Campaign Discovered on Network Edge Devices
Last week GreyNoise observed a spike in Palo Alto scanning. This week it appears that the same IPs are scanning Cisco devices and brute forcing Fortinet SSL VPN devices. At least partially, the same threat actors appear to be responsible for all three campaigns.
https://www.greynoise.io/blog/palo-alto-scanning-surges
Large Scale Phishing Campaign Abusing Legit Free Infrastructure
Threat actors use 175 malicious packages on the npm registry to facilitate credential harvesting. In addition, unpkg CDN hosts JavaScript that redirects browsers to attacker-controlled domains, pre-filling the victims email address to enhance authenticity and credential theft success.
https://thehackernews.com/2025/10/175-malicious-npm-packages-with-26000.html
https://socket.dev/blog/175-malicious-npm-packages-host-phishing-infrastructure
Dubbed Payroll Pirates, Threat Actors Steal Salary Payments
Abusing credentials and weak or no MFA for account takeover, attackers then divert salary payments to themselves. This tactic can be abused by any threat actor on any third-party human resources (HR) software as a service (SaaS) platform.
https://thecyberexpress.com/payroll-pirate-attacks-target-u-s-universities/
United States RDP Infrastructure Targeted by Multi-Country Botnet
Over 100,000 unique IPs targeted RDP services with two attack vectors, RD Web Access timing and RDP web client login enumeration. A similar TCP fingerprint was shared by nearly all traffic. The use of Internet exposed remote desktop protocol (RDP) services is highly discouraged; it is and has been a massive target for threat actors.
https://www.greynoise.io/blog/botnet-launches-coordinated-rdp-attack-wave
Researchers Share an Example of Indirect Prompt Injection
To deliver personalized and coherent experiences, LLMs increasingly rely on memory features. The point of this test was to target a large language models (LLMs) long term memory. Indirect prompt injection was used to deploy persistent malicious instructions.
https://unit42.paloaltonetworks.com/indirect-prompt-injection-poisons-ai-longterm-memory/
Stealthy Cache Smuggling Variant of FileFix Attack
When the victim visits the phishing page, JavaScript instructs the browser to retrieve an image file. The image type is ‘image/jpeg’, the browser automatically caches it. When the victim pastes and runs the lure, a PowerShell script creates a folder and grabs Google cache data and copies it to the folder. No file was downloaded; no web requests are made.
https://expel.com/blog/cache-smuggling-when-a-picture-isnt-a-thousand-words/
Exposed: IUAM ClickFix Generator
If it works, it’ll be commoditized and automated. Such is the case with the ClickFix social engineering technique. This ClickFix generator can create highly customizable phishing pages mimicking browser verification challenges. The ClickFix technique has soared in popularity and is now automated.
https://unit42.paloaltonetworks.com/clickfix-generator-first-of-its-kind/
CodeMender, Google DeepMind’s New AI Agent
Based on several projects focusing on AI to discover software bugs, the new agent not only finds bugs, but fixes them. CodeMender is powered by Gemini DeepThink models, it can reason about code, understand, and predict code behavior without running it.
https://www.securityweek.com/google-deepminds-new-ai-agent-finds-and-fixes-vulnerabilities/
https://deepmind.google/discover/blog/introducing-codemender-an-ai-agent-for-code-security/
The Abuse of Hidden Text Salting in Emails
Generally, detection evasion and indirectly influencing email language detection are common reasons for hidden text salting in emails. Researchers also observed attackers using it to confuse language detection procedures. This is an interesting exploration of threat actor trade craft.
31337 InfoSec - Cyber Threat Weekly - Derek Krein Newsletter
Join the newsletter to receive the latest updates in your inbox.
Comments
Sign in to join the conversation.
Just enter your email below to receive a login link.
