Attacks & Vulnerabilities
|
Hackers hack victims hacked by other hackers (3 minute read)
An unidentified group broke into servers already compromised by TeamPCP, ejected them, wiped their tooling, and deployed a self-spreading worm that targeted their cloud services. It also stole their credentials for resale, accessed brokerage accounts, and engaged in extortion, including phishing for password manager logins and using fake help desk sites, without bothering with slower crypto-mining schemes.
|
A Route to Root in a 4G Industrial Router (8 minute read)
Tanto Security's Sam C reverse-engineered the PUSR USR-G806AU 4G LTE industrial router (firmware 1.0.41 and 2.0.13) and found an undocumented uid=0 account named usr whose password sat in the /bin/usr_root helper, encoded by adding 0x61 (mod 256) to each character of a 14-byte blob and piped into su - usr -c at runtime, tracked as CVE-2024-42682. The same binary's command allowlist also enables local privilege escalation via $(...) and backtick command substitution (omitted from its &;|# denylist) and via /bin/sh -c argument stacking that smuggles /sbin/tcpdump past the valid-command check, with the recovered password granting remote root over the SSH and Telnet daemons exposed by default on ports 2222 and 2233. Owners should block management interfaces (HTTP, SSH, Telnet on 80/1080/8008/8888/9080, 23/2233/2323, 2222) from untrusted networks since PUSR stopped responding after July 2024, and no fix has been confirmed. Developers should replace embedded-credential su wrappers with sudoers policies that avoid storing recoverable passwords on disk.
|
AISLE Discovers 38 CVEs in Healthcare Software Used by 100,000 Medical Providers (5 minute read)
AISLE's autonomous AI analyzer disclosed 38 CVEs in OpenEMR, the ONC-certified electronic health record platform serving over 100,000 providers and 200 million patients, accounting for more than half of all OpenEMR GitHub advisories in Q1 2026. The findings include two CVSS 10.0 SQL injections (CVE-2026-24908 in the Patient REST API _sort parameter and CVE-2026-23627 in the Immunization search/report patient_id field) where unsanitized concatenation into ORDER BY and WHERE clauses enables UNION-based extraction, time-based blind injection, and RCE via FILE privileges, plus a FHIR CareTeam patient compartment bypass (CVE-2026-24487) caused by FhirCareTeamService failing to implement the marker interface that triggers patient-scoping filters, alongside a long tail of IDORs, stored XSS crossing the patient-to-clinician trust boundary, path traversals, and a session-timeout bypass. Defenders running OpenEMR should immediately upgrade past 8.0.0 and the three subsequent March patch releases, audit OAuth2 token scope enforcement on FHIR endpoints, and revoke FILE privileges from the OpenEMR database account to contain any pre-patch SQL injection compromise.
|
|
The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords (8 minute read)
GitGuardian researchers built Markov chains trained on 8,000 passwords from 40 LLMs across 11 providers, exploiting statistical biases like Claude Opus 4.6's 35% uniqueness rate and recurring substrings (e.g., Llama-3.3-70b's Gx#8dL in 96% of outputs) to identify model and provider with 55% and 65% accuracy respectively. Applied to 34M GitHub passwords from November 2025 to March 2026, the classifier flagged 28,000 as LLM-generated at ~1,500/week, with Anthropic, Qwen, and Google accounting for 63%, and 1,800 .env files plus Terraform configs containing hardcoded AI-generated credentials. Defenders should prohibit LLMs as password generators in policy, mandate vault-based generation, and deploy hook-event scanners like ggshield against Claude and Cursor agent outputs since the same Markov models enable far more efficient cracking than brute-force.
|
Ghosts of Encryption Past – How we Read All Your Emails in Salesforce Marketing Cloud (12 minute read)
Searchlight Cyber chained AMPScript template injection (via TreatAsContent and a default double-evaluation of email subject lines) with a CBC padding oracle on the qs parameter shared across all SFMC tenants, then bypassed MicrositeURL's reserved-parameter blocklist by smuggling =0&LID=1&j=2&m=3&ls=4 into a single argument to forge arbitrary encrypted query strings cross-tenant. A legacy XOR scheme keyed off a static repeating string with a 0xFFFF ^ sum(bytes) checksum still validated on brand-new tenants, collapsing enumeration of the ls SubscriberID to one HTTP request per guess and exposing _Subscribers, _Sent, _Job, _Click, and _SMSMessageTracking data views across every Fortune 500 instance hosted on the platform. Salesforce shipped AES-GCM, expired all pre-January 23, 2026 21:00 UTC links, and disabled subject-line double evaluation under CVE-2026-22585, CVE-2026-22586, CVE-2026-22582, CVE-2026-22583, and CVE-2026-2298, so defenders should confirm no marketing email links remain pinned to the old format, audit any custom AMPScript that passes subscriber input to TreatAsContent, and treat any historical SFMC-rendered URL as untrusted.
|
N-Day Research with AI: Using Ollama and n8n (8 minute read)
A security researcher chained a local Ollama deployment running qwen3-coder:30b with n8n workflow automation and a Qdrant vector database to triage Microsoft Patch Tuesday binaries, feeding patched and vulnerable function diffs from Ghidra headless version tracking through an AI agent that produces a structured vulnerability report and pushes it to GitHub. A RAG pipeline ingests RSS feeds, URLs, and uploaded notes via a Document Processor agent using qwen3:embedding, giving the analyzer agent historical CVE context to ground its findings, though the ~20k token prompt budget forced tiktoken-based truncation of patched functions and occasionally drops the actual vulnerable one. The published reports at github.com/ghostbyt3/nday-automation-ai are a triage accelerator rather than ground truth, and defenders building similar pipelines should treat AI output as a starting point that still requires manual reverse engineering validation before any CVE assertion.
|
|
Boost Security (Product Launch)
Boost Security offers an SDLC defense platform that secures developer endpoints and the software supply chain, using automated analysis to find and fix code vulnerabilities and block supply chain threats across multiple programming languages.
|
Introducing AIMap: Security Testing For AI Agent Infrastructure (4 minute read)
AIMap is an open-source discovery and security testing platform that queries Shodan and runs Nuclei templates plus live HTTP probes against exposed AI agent infrastructure including MCP servers, Ollama, vLLM, LiteLLM, LocalAI, LangServe, OpenWebUI, Gradio, ComfyUI, and HuggingFace TGI to fingerprint protocol, framework, authentication state, tools, models, and leaked system prompts. Each endpoint receives a 0-10 risk score weighted on auth posture, CORS, TLS, tool exposure, prompt leakage, and dangerous capability combinations, with built-in attack suites for MCP tool enumeration and unauthorized invocation, Ollama model weight extraction, and OpenAI-compatible system prompt extraction streamed in real time. The Docker Compose stack ships backend, frontend, MongoDB, and Redis services and requires only a Shodan API key to run, with full source at github.com/BishopFox/aimap, though operators are responsible for ensuring CFAA and GDPR compliance since active modules require explicit target confirmation.
|
TrailTool (GitHub Repo)
TrailTool aggregates CloudTrail logs to simplify analysis for AI agents using a Lambda for ingestion, parsing, and correlation, DynamoDB tables for persisting queryable entities, and a CLI for accessing entity data.
|
|
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack (3 minute read)
Attackers backdoored Daemon Tools installers signed with the vendor's certificate, pushing Windows malware via official updates between April 8 and early May. The first-stage payload fingerprints hosts and reports data to attacker servers, while selected targets receive minimalistic backdoors or the more capable QUIC RAT, which supports multiple C2 protocols and process injection. At least 100 organizations in over 100 countries are affected, with about a dozen receiving advanced payloads.
|
AI Vibe-Coding Apps Leak Sensitive Data (3 minute read)
Cybersecurity firm RedAccess found 5,000 websites built using vibe-coding tools from Replit, Netlify, Lovable, and Base44 that were publicly accessible and leaked private data with little or no authentication required. Some of these apps exposed data belonging to a hospital, private customer conversations, and financial information. Spokespeople from Replit, Lovable, and Base44 reported to Axios that RedAccess did not provide them sufficient notice or information to identify and help customers secure the sites prior to publication.
|
|
Love TLDR? Tell your friends and get rewards! |
|
Share your referral link below with friends to get free TLDR swag!
|
|
|
|
| Track your referrals here. |
|
|
|
0 Comments