Attacks & Vulnerabilities |
GhostClaw steals crypto wallet data from devs (2 minute read)
The @openclaw-ai/openclawai npm package, uploaded March 3 and active for a week before removal, infected 178 developers on macOS by posing as a legitimate OpenClaw CLI tool before deploying GhostLoader, a second-stage JavaScript payload retrieved from a C2 server that harvested crypto wallet keys, macOS Keychain passwords, SSH keys, cloud credentials, and AI platform API tokens for OpenAI and Anthropic. GhostLoader polled the clipboard every three seconds for private keys and seed phrases, cloned browser sessions for direct wallet access, and exfiltrated stolen data via Telegram, GoFile, and attacker-controlled command servers. A parallel GitHub-based campaign tagged developers in issue threads with fake $5,000 CLAW token airdrop offers, redirecting victims through token-claw[.]xyz to a phishing site at watery-compost[.]today that drained wallets on connection. |
INC Ransomware Group Targets Airports Company (2 minute read)
The Namibia Airports Company (NAC) has announced that it suffered a data breach when an unauthorized party stole 500GB of data from its system and threatened to release it online. The stolen data allegedly contains financial records, HR information, customer data, and contact details. The INC ransomware group has claimed responsibility for the attack but has not yet released the data. |
Mazda Discloses Security Breach Exposing Employee and Partner Data (2 minute read)
Mazda states that attackers exploited a vulnerability in a warehouse management system for parts procured from Thailand, resulting in a breach of employee and partner data. The breached data includes: user IDs, full names, email addresses, company names, and business partner IDs. The company has implemented security improvements, including reducing internet exposure, applying security patches, increasing monitoring for suspicious activity, and introducing stricter access policies. |
|
Threat Intelligence Report: MANGO SANDSTORM Dindoor / Fakeset Campaign (8 minute read)
MuddyWater (MANGO SANDSTORM/MERCURY) conducted an espionage campaign in February against a US financial institution, a US airport, a Canadian non-profit, and an Israeli defense software subsidiary using Dindoor, a Deno runtime backdoor chosen specifically to evade PowerShell/Python-tuned detection logic, alongside the Python-based Fakeset implant linked to prior Stagecomp and Darkcomp certificate lineage (T1059, T1566, T1567, T1105, and T1071). Rclone exfiltrated data to Wasabi cloud storage while staging infrastructure leveraged Backblaze B2, deno.land, and Cloudflare-fronted domains including uppdatefile[.]com, serialmenot[.]com, and moonzonet[.]com to blend C2 traffic within legitimate enterprise cloud activity. Defenders should prioritize detecting Deno runtime execution in non-development environments, anomalous Rclone invocations outside sanctioned backup workflows, and outbound traffic to commodity cloud storage, as the absence of traditional static IOCs is itself a deliberate operational characteristic of this campaign. |
The Rug Pull Attack (4 minute read)
The MCP spec contains no versioning, content hashing, or approval-time snapshots, allowing a malicious server to silently rewrite a tool's description, parameters, and behavior between user approval and agent execution, enabling exfiltration that existing observability platforms like LangSmith and Datadog cannot detect since they record what was called but not whether it matched what was authorized. The attack is fully silent: the tool name and parameter schema remain unchanged, the agent receives a normal-looking response, and mutable logs provide no cryptographic evidence of what the tool actually did with accessed data, creating HIPAA, SOC 2, and EU AI Act Article 12 compliance gaps. Mitigation requires SHA-256 hashing the full tool definition at approval time, verifying the hash before each execution call, and recording every action in a Merkle-tree-backed append-only hash chain that produces tamper-evident receipts independently verifiable without trusting the agent framework or MCP server. |
Why Your Brain is a Cyber Security Risk (4 minute read)
Under stress, the brain defaults to familiar choices, a response that threat actors deliberately exploit. A fake password reset email triggers panic, which leads to clicking a phishing link and reusing an old password. That reused password can compromise a corporate account. Familiarity bias and cognitive narrowing are the mechanisms behind this. The fixes are concrete: deploy MFA with certificates on VPN, roll out a corporate key vault, stop forcing password expiry per NIST SP 800-63B, adopt passkeys, run monthly security awareness training, and monitor dark web credential leaks. |
|
OBLITERATUS (GitHub Repo)
An open-source mechanistic interpretability toolkit that locates and surgically removes refusal behaviors from transformer-based LLMs using SVD decomposition to extract refusal direction vectors from hidden states, then projects them out via norm-preserving biprojection across attention and MLP layers without retraining. The pipeline spans 15 analysis modules covering concept cone geometry, alignment imprint detection (distinguishing DPO vs. RLHF vs. CAI from subspace geometry), cross-model universality indexing, and Ouroboros effect quantification to predict whether guardrails self-repair post-removal. Every opted-in run contributes anonymous benchmark data, including refusal rate, perplexity, and KL divergence, to a crowd-sourced cross-architecture dataset accessible via a community leaderboard on HuggingFace Spaces. |
Scanner (Product Launch)
Scanner lets security teams build a cloud-native security data lake that connects to existing tools and runs fast threat hunting, continuous detections, and AI-agent workflows using inverted indexes that scale up on query and down when idle. |
Secutils (GitHub Repo)
Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers built by application security engineers. |
|
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks (2 minute read)
The US Justice Department, alongside Canadian and German authorities, seized infrastructure behind four IoT botnets named Aisuru, Kimwolf, JackSkid, and Mossad that collectively compromised over three million routers and webcams and launched hundreds of thousands of record-breaking DDoS attacks against targets including DoD infrastructure. Aisuru emerged in late 2024 and seeded Kimwolf in October 2025, a variant that introduced a novel lateral-movement mechanism capable of infecting devices behind internal networks, a technique subsequently copied by several competing botnets. Law enforcement actions in Canada and Germany targeted suspected operators, including a 22-year-old Canadian identified as a core Kimwolf operator and a 15-year-old in Germany. |
We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them (5 minute read)
XM Cyber's research team mapped eight validated attack vectors in AWS Bedrock targeting permissions and integrations, not the models themselves. A single over-privileged identity can redirect invocation logs to an attacker-controlled S3 bucket, steal SaaS credentials stored in Knowledge Base configs, hijack agents via bedrock:UpdateAgent, inject malicious Lambda layers, reroute flow data, strip guardrails entirely, or poison shared prompt templates in-flight — all without triggering an application redeployment. |
Palantir Extends Reach Into British State as it Gets Access to Sensitive FCA Data (3 minute read)
The UK's Financial Conduct Agency (FCA) has awarded Palantir a contract to design an AI system to help the agency tackle financial crimes such as money laundering, fraud, and insider trading. The data includes sensitive information such as recordings of phone calls, emails, and social media posts. Employees within the FCA have raised alarms at feeding this sensitive data into a private company's AI system. |
|
| Love TLDR? Tell your friends and get rewards! | | Share your referral link below with friends to get free TLDR swag! | | | |
| Track your referrals here. |
|
| |
0 Comments