Mustang Panda Uses Zoho WorkDrive in India-Focused Espionage Campaigns

Clean GitHub repo tricks AI coding agents into running malware

Các nhà nghiên cứu của Mozilla 0DIN phát hiện ra cách tấn công tinh vi khiến các AI coding agent như Claude Code vô tình chạy malware từ kho GitHub sạch. Kẻ tấn công sử dụng ba thành phần hợp pháp: kho chứa tiêu chuẩn, gói Python gây lỗi và hướng dẫn chạy lệnh init, cùng script init tải payload từ record DNS TXT do kẻ tấn công kiểm soát. AI agent tự động sửa lỗi sẽ vô tình kích hoạt toàn bộ chuỗi tấn công, tạo ra reverse shell với quyền của nhà phát triển.

Lập trình viên nên đọc bài này để hiểu cách các công cụ AI tự động hóa có thể bị lừa bằng các kỹ thuật social engineering nhẹ nhàng trong mã nguồn, từ đó bảo vệ dự án của mình khỏi các cuộc tấn công không trực tiếp mà vẫn có thể gây thiệt hại nghiêm trọng.

The Latest Addition to Turla’s Intelligence Gathering Apparatus

Google Threat Intelligence Group (GTIG) has published a detailed analysis of STOCKSTAY, a multi-component .NET backdoor attributed to the Russian state-linked threat actor Turla (FSB Center 16). Active since at least December 2022, STOCKSTAY targets Ukrainian government and military organizations as well as European entities with foreign affairs interests. The backdoor uses a modular architecture (STOCKBROKER for C2 tunneling, STOCKMARKET for orchestration, STOCKTRADER for execution) communicating over encrypted WebSockets. It masquerades as benign applications like stock market tools, PDF viewers, and calculators. STOCKSTAY shares significant code overlaps with Turla's established KAZUAR toolkit, including a shared string obfuscation mechanism called K1MORPHER based on the Squirrel3 PRNG. Deployment methods include malicious RDP files, HTA files, WinRAR CVE-2025-8088 exploitation, and GitHub-hosted MSI installers. The post includes a detailed operational timeline from 2022–2025, YARA detection rules, and indicators of compromise.

From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira

A detailed forensic analysis of a multi-stage ransomware intrusion that began with SEO poisoning on Bing, luring users to a trojanized ManageEngine OpManager installer. The BumbleBee loader was deployed via DLL side-loading, followed by an AdaptixC2 beacon for persistent C2. Over five days, threat actors performed extensive credential harvesting (NTDS.dit, Veeam, LSASS), lateral movement via RDP and reverse SSH tunnels, and exfiltrated over 75GB of data via FileZilla/SFTP to a server in Ukraine. The intrusion concluded with Akira ransomware deployment across root and child domains, with Volume Shadow Copies deleted via WMI. A parallel Swisscom intrusion tied to the same campaign is also documented, including BYOVD attacks and Cloudflare tunnel persistence.

The Gentlemen RaaS: rapid growth and a new ransomware variant

Kaspersky researchers provide a detailed technical analysis of The Gentlemen, a rapidly growing ransomware-as-a-service (RaaS) group that ranked among the top 10 ransomware actors in the first half of 2026. The group uses a Go-based ransomware with a custom obfuscator, a Go-based backdoor using Yamux for C2 communication, and a newly discovered C-based ransomware variant still in development. Their TTPs include exploiting internet-facing VPNs and firewalls, BYOVD attacks using multiple vulnerable drivers to kill EDR/AV products, lateral movement via GPO deployment and PsExec, network sniffing with netsh, and Active Directory reconnaissance with SharpADWS. The Go ransomware uses Curve25519 + XChaCha20 encryption while the new C variant uses AES256-GCM + RSA via OpenSSL. Targets span manufacturing, IT, healthcare, finance, and logistics across Brazil, China, Indonesia, Taiwan, and Thailand. Full IOCs including hashes, C2 IPs, and vulnerable driver hashes are provided.

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks

Kaspersky has identified a new cyberattack campaign called StrikeShark that uses a previously undocumented malware loader, SharkLoader, to deploy Cobalt Strike Beacon on compromised systems. Targets include government and diplomatic organizations across Asia, the Middle East, and Latin America, as well as software development companies globally. Attackers gained initial access by exploiting known vulnerabilities in Microsoft Exchange, Openfire, GeoServer, and other public-facing applications using publicly available proof-of-concept exploits. Post-compromise activity includes DLL side-loading, web shell deployment, in-memory Beacon execution, Active Directory enumeration, and credential theft targeting LSASS and NTDS. The campaign is attributed with moderate confidence to a Chinese-speaking threat actor. No confirmed data exfiltration has been observed, but the targeting pattern suggests cyber espionage objectives. CISOs are advised to patch exposed systems, hunt for SharkLoader and Cobalt Strike behavioral indicators, and review identity exposure after any suspected compromise.

Critical SimpleHelp flaw exploited to deploy new stealer malware

Hackers are actively exploiting CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp RMM, to deploy two previously undocumented malware families: TaskWeaver (a JavaScript-based loader) and Djinn Stealer (a cross-platform infostealer). The attack chain begins with unauthenticated creation of privileged technician accounts on OIDC-enabled SimpleHelp servers. Djinn Stealer specifically targets developer credentials including cloud provider keys, Git/GitHub tokens, SSH keys, Docker credentials, package registry auth, AI coding assistant configs (Claude, Gemini, Codex, Cline), MCP configuration files, and cryptocurrency wallets. Stolen data is packed into a TAR archive, GZIP-compressed, and AES-256-GCM encrypted before exfiltration. Blackpoint's MDR team investigated the incident and warns that stealing MCP tokens could grant attackers the same downstream access developers extended to their AI agents. Admins are urged to update SimpleHelp immediately and rotate all credentials.

TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry

A new malware campaign dubbed TONResolver targets Japanese hotel staff who are Booking.com partners via phishing emails impersonating guest complaints. The attack chain begins with a malicious LNK file inside a ZIP archive, which executes PowerShell to download a Node.js-based JavaScript RAT. The malware's key innovation is using the TON (The Open Network) blockchain as a dead drop resolver: the C&C server domain is stored in a TON smart contract and can be swapped at any time, making takedowns ineffective. The RAT uses VM-based obfuscation, ECDH key exchange, and AES-256-CBC encryption over WebSocket for C&C communication. Once installed, it maintains a Keepalive loop awaiting commands, with observed follow-on activity including credential theft from Chrome and Edge browser data. Two delivery methods were observed: bulk phishing and conversational Gmail-based attacks that build trust before delivering a malicious URL. Mitigations include blocking access to tonapi.io, restricting PowerShell external communications, and monitoring for anomalous Node.js usage.