The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions.

"CVEs that do not meet those criteria will still be listed in the NVD but will not automatically be enriched by NIST," it said. "This change is driven by a surge in CVE submissions, which increased 263% between 2020 and 2025. We don’t expect this trend to let up anytime soon."

The prioritization criteria outlined by NIST, which went into effect on April 15, 2026, are as follows -

• CVEs appearing in the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog.
• CVEs for software used within the federal government.
• CVEs for critical software as defined by Executive Order 14028: this includes software that's designed to run with elevated privilege or managed privileges, has privileged access to networking or computing resources, controls access to data or operational technology, and operates outside of normal trust boundaries with elevated access. 

Any CVE submission that doesn't meet these thresholds will be marked as "Not Scheduled." The idea, NIST said, is to focus on CVEs that have the maximum potential for widespread impact.

"While CVEs that do not meet these criteria may have a significant impact on affected systems, they generally do not present the same level of systemic risk as those in the prioritized categories," it added.

NIST said the CVE submissions during the first three months of 2026 are nearly one-third higher than they were last year, and it's working faster than ever to enrich the submissions. It also said it enriched nearly 42,000 CVEs in 2025, which was 45% more than any prior year.

In cases where a high-impact CVE has been categorized as unscheduled, users have the option to request enrichment by sending an email to "nvd@nist[.]gov."NIST is expected to review those requests and schedule the CVEs for enrichment as applicable.

Changes have also been instituted for various other aspects of the NVD operations. These include -

• NIST will no longer routinely provide a separate severity score for a CVE where the CVE Numbering Authority has already provided a severity score.
• A modified CVE will be reanalyzed only if it "materially impacts" the enrichment data. Users can request specific CVEs to be reanalyzed by sending an email to the same address listed above.
• All unenriched CVEs currently in backlog with an NVD publish date earlier than March 1, 2026, will be moved into the "Not Scheduled" category. This does not apply to CVEs that are already in the KEV catalog.
• NIST has updated the CVE status labels and descriptions, as well as the NVD Dashboard, to accurately reflect the status of all CVEs and other statistics in real time.

"The announcement from NIST doesn't come as a major surprise, given they've previously telegraphed intent to move to a 'risk-based' prioritization model for CVE enrichment," Caitlin Condon, vice president of security research at VulnCheck, said in a statement shared with The Hacker News.

"On the plus side, NIST is clearly and publicly setting expectations for the community amid a huge and escalating rise in new vulnerabilities. On the other hand, a significant portion of vulnerabilities now appear to have no clear path to enrichment for organizations relying on NIST as their authoritative (or only) source of CVE enrichment data."

Data from the cybersecurity company shows that there are still approximately 10,000 vulnerabilities from 2025 without a CVSS score. NIST is estimated to have enriched 14,000 'CVE-2025' vulnerabilities, accounting for about 32% of the 2025 CVE population.

"This announcement underscores what we already know: We no longer live in a world where manual enrichment of new vulnerabilities is a feasible or effective strategy," Condon said.

"Even without AI-driven vulnerability discovery accelerating CVE volume and validation challenges, today's threat climate unequivocally demands distributed, machine-speed approaches to vulnerability identification and enrichment, along with a genuinely global perspective on risk that acknowledges the interconnected, interdependent nature of the worldwide software ecosystem – and the attackers who target it. After all, what we don't prioritize for ourselves, adversaries will prioritize for us."

David Lindner, chief information security officer of Contrast Security, said NIST's decision to only prioritize high-impact vulnerabilities marks the end of an era where defenders could leverage a single government-managed database to assess security risks, forcing organizations to pivot to a proactive approach to risk management that's driven by threat intelligence.

"Modern defenders must move beyond the noise of total CVE volume and instead focus their limited resources on the CISA KEV list and exploitability metrics," Lindner said.

"While this transition may disrupt legacy auditing workflows, it ultimately matures the industry by demanding that we prioritize actual exposure over theoretical severity. Relying on a curated subset of actionable data is far more effective for national resilience than maintaining a comprehensive but unmanageable archive of every minor bug."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals.

The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to databases containing over 3 million criminal user accounts. Authorities are also sending warning emails and letters to the identified criminal users, and 25 search warrants have been issued.

As many as 21 countries participated in the action: Australia, Austria, Belgium, Brazil, Bulgaria, Denmark, Estonia, Finland, Germany, Japan, Latvia, Lithuania, Luxembourg, the Netherlands, Poland, Portugal, Sweden, Thailand, the U.K., and the U.S.

"Booter services allow users to launch DDoS attacks against targeted websites, servers, or networks," Europol said in a statement. "Their infrastructure is made up of servers, databases, and other technical components that make DDoS-for-hire activities possible. By seizing these infrastructures, authorities were able to hinder these criminal operations and prevent further damage to victims."

The agency described DDoS-for-hire as one of the most prolific and easily accessible trends in cybercrime, as it allows even individuals with little to no technical knowledge to execute malicious attacks at scale and inflict significant damage to busin

Europol also noted that DDoS activity can originate from well-resourced and skilled threat actors, who could rely on such services to customize or optimize their illicit activities. DDoS attacks often tend to target various web-based services, with the motivations behind them as varied as they are broad.

This ranges from simple curiosity and financial gain through extortion to hacktivism driven by ideological reasons and disruption of competitors' services. Some operators of these services have been found to mask their true motives and escape law enforcement scrutiny by disguising them as stress-testing tools.

The development marks the latest step taken by authorities to dismantle criminal DDoS-for-hire infrastructures worldwide as part of PowerOFF. In August 2025, the U.S. government announced the takedown of a DDoS botnet called RapperBot that was used to conduct large-scale disruptive attacks targeting victims in over 80 countries since at least 2021.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

General strategies for mitigating supply chain cyber risk include rigorously vetting suppliers’ cybersecurity postures, adopting emerging technology to enhance monitoring, leveraging zero trust principles to reduce attack impacts, and creating and testing incident response and business continuity plans to build resilience and better manage supply chain related incidents. Your entire supplier web needs to be part of the risk assessment.

To build and operationalize supply chain cyber resilience, I recommend a sequence of activities that collectively build resilience over a one-year period.

In a world of escalating threats and risky interdependencies, supply chain cyber resilience is a competitive differentiator at the survival level. Cybercriminals are keen to identify and target an organization’s third-party linkages either upstream or downstream. It’s possible that a chain of disrupted partners could face collective extortion pressure – effectively a “crowdfunded” ransomware scenario.

As a foundational resilience building block, firms must comprehensively map their critical third-party dependencies and vulnerabilities across digital and non-digital systems, including those that may not be obvious. Some ways to look beyond typical operational supply chain risk assessment include:

A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by April 30, 2026.

CVE-2026-34197 has been described as a case of improper input validation that could lead to code injection, effectively allowing an attacker to execute arbitrary code on susceptible installations. According to Horizon3.ai's Naveen Sunkavally, CVE-2026-34197 has been "hiding in plain sight" for 13 years. 

"An attacker can invoke a management operation through ActiveMQ's Jolokia API to trick the broker into fetching a remote configuration file and running arbitrary OS commands," Sunkavally added.

"The vulnerability requires credentials, but default credentials (admin:admin) are common in many environments. On some versions (6.0.0–6.1.1), no credentials are required at all due to another vulnerability, CVE-2024-32114, which inadvertently exposes the Jolokia API without authentication. In those versions, CVE-2026-34197 is effectively an unauthenticated RCE."

The vulnerability impacts the following versions -

• Apache ActiveMQ Broker (org.apache.activemq:activemq-broker) before 5.19.4
• Apache ActiveMQ Broker (org.apache.activemq:activemq-broker) 6.0.0 before 6.2.3
• Apache ActiveMQ (org.apache.activemq:activemq-all) before 5.19.4
• Apache ActiveMQ (org.apache.activemq:activemq-all) 6.0.0 before 6.2.3

Users are advised to upgrade to version 5.19.4 or 6.2.3, which addresses the issue. There are currently no details on how CVE-2026-34197 is being exploited in the wild, but SAFE Security, in a report published this week, revealed that threat actors are actively targeting exposed Jolokia management endpoints in Apache ActiveMQ Classic deployments.

The findings once again demonstrate that exploitation timelines continue to collapse as attackers pounce upon newly disclosed vulnerabilities at an alarmingly faster rate and breach systems before they can be patched.

Apache ActiveMQ is a popular target for attack, with flaws in the open-source message broker repeatedly exploited in various malware campaigns since 2021. In August 2025, a critical vulnerability in ActiveMQ (CVE-2023-46604, CVSS score: 10.0) was weaponized by unknown actors to drop a Linux malware called DripDropper.

"Given ActiveMQ’s role in enterprise messaging and data pipelines, exposed management interfaces present a high-impact risk, potentially enabling data exfiltration, service disruption, or lateral movement," SAFE Security said. "Organizations should audit all deployments for externally accessible Jolokia endpoints, restrict access to trusted networks, enforce strong authentication, and disable Jolokia where it is not required."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Cloudflare dashboard can now complete tasks for you.

- "Create a Worker and bind a new R2 bucket to it"
- "Change my DNS records to 1.1.1.1"
- "How many errors have happened this week"

Not only do we tell you, but we show you with generative UI.

PROTIP: Use full-screen mode. pic.twitter.com/Q1o1vyoOwk

Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025.

"PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos researcher Chetan Raghuprasad said in a report published today.

"PowMix embeds the encrypted heartbeat data along with unique identifiers of the victim machine into the C2 URL paths, mimicking legitimate REST API URLs. PowMix has the capability to remotely update the new C2 domain to the botnet configuration file dynamically."

The attack chain begins with a malicious ZIP file, likely delivered via a phishing email, to activate a multi-stage infection chain that drops PowMix. Specifically, it involves a Windows Shortcut (LNK) that's used to launch a PowerShell loader, which then extracts the malware embedded within the archive, decrypts it, and runs it in memory.

The never-before-seen botnet is designed to facilitate remote access, reconnaissance, and remote code execution, while establishing persistence by means of a scheduled task. At the same time, it verifies the process tree to ensure that another instance of the same malware is not running on the compromised host.

PowMix's remote management logic allows it to process two different kinds of commands sent from the C2 server. Any non #-prefixed response causes PowMix to shift to arbitrary execution mode, and decrypt and run the obtained payload. 

• #KILL, to initiate a self-deletion routine and wipe traces of all malicious artifacts
• #HOST, to enable C2 migration to a new server URL.

In parallel, it also opens a decoy document with compliance-themed lures as a distraction mechanism. The lure documents reference legitimate brands like Edeka and include compensation data and valid legislative references, potentially in an effort to enhance their credibility and trick recipients, like job aspirants.

Talos said the campaign shares some level of tactical overlap with a campaign dubbed ZipLine that was disclosed by Check Point in late August 2025 as targeting supply chain-critical manufacturing companies with an in-memory malware called MixShell.

This includes the use of the same ZIP-based payload delivery, scheduled task persistence, and the abuse of Heroku for C2. That said, no final payloads have been observed beyond the botnet malware itself, leaving questions about its exact motives unanswered.

"PowMix avoids persistent connections to the C2 server," Talos said. "Instead, it implements a jitter via the Get-Random PowerShell command to vary the beaconing intervals initially between 0 and 261 seconds, and subsequently between 1,075 and 1,450 seconds. This technique attempts to prevent detection of C2 traffic through predictable network signatures."

The disclosure comes as Bitsight sheds light on the infection chain associated with the RondoDox botnet, highlighting the malware's evolving capabilities to illicitly mine cryptocurrency on infected systems using XMRig on top of the existing distributed denial-of-service (DDoS) attack functionality.

The findings paint the picture of an actively maintained malware that offers improved evasion, better resilience, aggressive competition removal, and an expanded feature set.

RondoDox is capable of exploiting over 170 known vulnerabilities in various internet-facing applications to obtain initial access and drop a shell script that performs basic anti-analysis and removes competing malware before dropping the appropriate botnet binary for the architecture.

The malware "does multiple checks and implements techniques to hinder analysis, which include the usage of nanomites, renaming/removing files, killing processes, and actively checking for debuggers during execution," Bitsight Principal Research Scientist João Godinho said.

"The bot is able to run DoS attacks at the internet, transport and application layer, depending on the command and arguments issued by the C2."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enough supply chain drama to fill a season of television nobody asked for.

Not all bad though. Some threat actors got exposed with receipts, a few platforms finally tightened things up, and there's research in here that's genuinely worth your time. Grab your coffee and keep scrolling.

That's a wrap for this week. If anything here made you pause, good. Go check your patches, side-eye your dependencies, and maybe don't trust that app just because it's sitting in an official store. The basics still matter more than most people want to admit.

We'll be back next Thursday with whatever fresh chaos the internet cooks up. Until then, stay sharp and keep your logs close. See you on the other side.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

This is trend is likely to accelerate. In February 2026, the Forum of Incident Response and Security Teams (FIRST) forecast a record-breaking 50,000 additional CVEs to be reported in 2026.

Jerry Gamblin, principal engineer at Cisco Threat Detection & Response, expects an even bigger growth, with a forecast of 70,135 CVEs by the end of this year. This would reflect a 45.6% growth rate compared to 48,171 in 2025.

These forecasts do not consider recent announcements by Anthropic and OpenAI of new generative AI models – namely Claude Mythos and GPT-5.4-Cyber – that promise to autonomously find and fix cybersecurity vulnerabilities at scale.

Booth acknowledged that his team also faced a growth in the number of Common Platform Enumeration (CPE) identifiers largely due to new vulnerability discovery tools based on large language models (LLMs).

CPE is a standardized naming scheme used to uniquely identify hardware, operating systems and software applications.

New Rules for CVE Scoring and Analysis

Booth also revealed other changes in how the NVD will now enrich CVEs, following the same risk-based approach.

The NVD will no longer provide its own severity scores (CVSS) for CVEs already scored by the submitting authority, unless they deem the score doesn’t align with the vulnerability.

Additionally, the NVD will only reanalyze modified CVEs if changes materially impact enrichment data.

Users can request a score change or a new CVE analysis by contacting the NVD, which will review the submission and decide how to process on a case-by-case basis.

Finally, Booth also announced updated status labels for CVEs to “make them clearer.” For instance, the NVD will drop the previous ‘Deferred’ status and replace it with ‘Not scheduled’ to indicate the NVD will not enrich the corresponding CVE.

The NVD has published a document explaining CVE and NVD status labels, what they mean and how they compare.

In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching.

For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI agent connections, andOAuth grants. When projects end or employees leave, most of these stay active. Fully privileged. Completely unmonitored.

Attackers don't need to break in. They just pick up the keys you left out.

Join our upcoming webinar where we’ll show you how to find and eliminate these "Ghost Identities" before they become a back door for hackers.

AI agents and automated workflows are multiplying these credentials at a pace security teams can't manually track. Many carry admin-level access they never needed. One compromised token can give an attacker lateral movement across your entire environment, and the average dwell time for these intrusions is over 200 days.

Traditional IAM wasn't built for this. It manages people. It ignores machines.

What we'll walk you through in this session:

• How to run a full discovery scan of every non-human identity in your environment
• A framework for right-sizing permissions across service accounts and AI integrations
• An automated lifecycle policy so dead credentials get revoked before attackers find them
• A ready-to-use Identity Cleanup Checklist you'll get during the live session

This isn't a product demo. It's a working playbook you can take back to your team the same week.

Don't let hidden keys compromise your data. We’re hosting a live session to walk you through securing these non-human identities step-by-step.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

BOURBON recrute une(e)

Responsable RH International H/F

En tant que Responsable RH (ROW), vous pilotez la stratégie RH des pays hors siège, avec une forte composante de mobilité internationale. Vous intervenez sur l’ensemble du cycle RH, de la planification des effectifs jusqu’à l’accompagnement des expatriations.

VOS MISSIONS ET RESPONSABILITES :

Pilotage RH international (ROW)

Vous accompagnez la croissance des équipes et structurez les pratiques RH à l’international :

•  Planification des effectifs en lien avec la stratégie business / anticipation des projections d’effectifs

•  Pilotage et suivi de la masse salariale (labour cost planning)

•  Pilotage des recrutements à l’international

•  Déploiement et gestion de la politique de rémunération

•  Mise en place des processus RH, incluant la gestion de la campagne annuelle de performance

Mobilité internationale & expatriation

En parallèle, vous pilotez l’ensemble de la politique de mobilité internationale du groupe :

• Déployer et faire évoluer la politique de mobilité internationale

• Négocier/ optimiser les packages et contrats d’expatriation

• Assurer le suivi de l’exécution des contrats

• Superviser l’administration des expatriés (paie, avantages, conformité)

VOTRE PROFIL

-          Vous avez un bac + 3/4 en Ressources Humaines et justifiez déjà d’une expérience réussie de 7 à 10 années à un poste RH équivalent.

-          Vous justifiez déjà d’une solide expérience en HR Business Partner ou HR Manager multi-pays

-          Vous avez déjà au moins une première expérience en mobilité internationale / expatriation validée ; vous avez par ailleurs une excellente capacité à mettre en place des processus.

-          Doté d’une forte autonomie, vous avez un très bon sens du business et un esprit collaboratif.

-          Rigoureux, vous avez de solides connaissances des principes et des bonnes pratiques en matière de ressources humaines ainsi que des règles et des bonnes pratiques en matière de mobilité internationale.

-          Vous avez un bel esprit d’équipe et faites preuve d’un fort engagement et d’excellentes qualités relationnelles ; vous êtes un très bon communiquant (oral et écrit) et vous savez animer des réunions avec aisance.

-          En contexte international, vous avez une excellente maitrise du français et de l’anglais (lu, écrit et oral), ainsi que des outils informatiques (Outlook, EXCEL, BI, PowerPoint…)

Poste en CDI basé à Marseille, à pourvoir dès que possible.

Dans le cadre de notre politique d’emploi, ce poste est ouvert aux personnes en situation de handicap.

Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service.

The details of the vulnerabilities are below -

• CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO) with Control Hub in Webex Services that could allow an unauthenticated, remote attacker to impersonate any user within the service and gain unauthorized access to legitimate Cisco Webex services.
• CVE-2026-20147 (CVSS score: 9.9) - An insufficient validation of user-supplied input vulnerability in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an authenticated, remote attacker in possession of valid administrative credentials to achieve remote code execution by sending crafted HTTP requests.
• CVE-2026-20180 and CVE-2026-20186 (CVSS scores: 9.9) - Multiple insufficient validation of user-supplied input vulnerabilities in ISE could allow an authenticated, remote attacker in possession of read only admin credentials to execute arbitrary commands on the underlying operating system of an affected device by sending crafted HTTP requests.

"A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root," Cisco said in an advisory for CVE-2026-20147, CVE-2026-20180, and CVE-2026-20186.

"In single-node ISE deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."

CVE-2026-20184 requires no customer action as it's cloud-based. However, customers who are using SSO are advised to upload a new identity provider (IdP) SAML certificate to Control Hub. The remaining vulnerabilities have been addressed in the following versions -

• CVE-2026-20147
  • Cisco ISE or ISE-PIC Release earlier than 3.1 (Migrate to a fixed release)
  • Cisco ISE Release 3.1 (3.1 Patch 11)
  • Cisco ISE Release 3.2 (3.2 Patch 10)
  • Cisco ISE Release 3.3 (3.3 Patch 11)
  • Cisco ISE Release 3.4 (3.4 Patch 6)
  • Cisco ISE Release 3.5 (3.5 Patch 3)
• CVE-2026-20180 and CVE-2026-20186
  • Cisco ISE Release earlier than 3.2 (Migrate to a fixed release)
  • Cisco ISE Release 3.2 (3.2 Patch 8)
  • Cisco ISE Release 3.3 (3.3 Patch 8)
  • Cisco ISE Release 3.4 (3.4 Patch 4)
  • Cisco ISE Release 3.5 (Not Vulnerable)

While Cisco noted that it is not aware of any of these shortcomings being exploited in the wild, it's essential that users update their instances to the latest version for optimal protection.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors.

Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage elaborate social engineering tactics through LinkedIn and Telegram to breach both Windows and macOS systems, approaching prospective individuals under the guise of a venture capital firm and then moving the conversation to a Telegram group where several purported partners are present.

The Telegram group chat is engineered to lend the operation a smidgen of credibility, with the members discussing topics related to financial services and cryptocurrency liquidity solutions. The target is then instructed to use Obsidian to access what appears to be a shared dashboard by connecting to a cloud-hosted vault using the credentials provided to them.

It's this vault that triggers the infection sequence. As soon as the vault is opened in the note-taking application, the target is asked to enable "Installed community plugins" sync, effectively causing malicious code to be executed.

"The threat actors abuse Obsidian's legitimate community plugin ecosystem, specifically the Shell Commands and Hider plugins, to silently execute code when a victim opens a shared cloud vault," researchers Salim Bitam, Samir Bousseaden, and Daniel Stepanic said in a technical breakdown of the campaign.

Given that the option is disabled by default and cannot be remotely turned on, the attacker must convince the target to manually toggle the community plugin sync on their device so that the malicious vault configuration can trigger the execution of commands through the Shell Commands plugin. Also used in conjunction with Shell Commands is another plugin named Hider to hide certain user interface elements of Obsidian, such as status bar, scrollbar, tooltips, and others.

"While this attack requires social engineering to cross the community plugin sync boundary, the technique remains notable: it abuses a legitimate application feature as a persistence and command execution channel, the payload lives entirely within JSON configuration files that are unlikely to trigger traditional AV [antivirus] signatures, and execution is handed off by a signed, trusted Electron application, making parent-process-based detection the critical layer," the researchers said.

Dedicated execution paths are activated depending on the operating system. On Windows, the commands are used to invoke a PowerShell script to drop an intermediate loader codenamed PHANTOMPULL that decrypts and launches PHANTOMPULSE in memory.

PHANTOMPULSE is an artificial intelligence (AI)-generated backdoor that uses the Ethereum blockchain for resolving its command-and-control (C2) server by fetching the latest transaction associated with a hard-coded wallet address. Upon obtaining the C2 address, the malware uses WinHTTP for communications, allowing it to send system telemetry data, fetch commands and transmit the execution results, upload files or screenshots, and capture keystrokes.

The supported commands are designed to facilitate comprehensive remote access -

• inject, to inject shellcode/DLL/EXE into target process
• drop, to drop a file to disk and execute it
• screenshot, to capture and upload a screenshot 
• keylog, to start/stop a keylogger
• uninstall, to initiate removal of persistence and perform cleanup
• elevate, to escalate privileges to SYSTEM via the COM elevation moniker
• downgrade, to transition from SYSTEM to elevated admin

On macOS, the Shell Commands plugin delivers an obfuscated AppleScript dropper that iterates over a hard-coded domain list, while employing Telegram as a dead drop resolver for fallback C2 resolution. This approach also offers added flexibility as it makes it possible to easily rotate C2 infrastructure, rendering domain-based blocking insufficient.

In the final step, the dropper script contacts the C2 domain to download and execute a second-stage payload via osascript. The exact nature of this payload remains unknown given that the C2 servers are currently offline. The intrusion was ultimately unsuccessful, as the attack was detected and blocked before the adversary could accomplish their goals on the infected machine.

"REF6598 demonstrates how threat actors continue to find creative initial access vectors by abusing trusted applications and employing targeted social engineering," Elastic said. "By abusing Obsidian's community plugin ecosystem rather than exploiting a software vulnerability, the attackers bypass traditional security controls entirely, relying on the application's intended functionality to execute arbitrary code."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation.

Read the full technical breakdown in the Security Intelligence Brief. Download now →

The "First-Hop Bias" Blind Spot

Most security stacks, including WAFs, static analyzers, and standard CSPs, share a common failure mode: they evaluate the declared origin of a script, not the runtime destination of its request chain.

If sync.taboola.com is in your Content Security Policy (CSP) allow-list, the browser considers the request legitimate. However, it does not re-validate against the terminal destination of a 302 redirect. By the time the browser reaches temu.com, it has inherited the trust granted to Taboola.

The Forensic Trace

During a February 2026 audit of a European financial platform, Reflectiz identified the following redirect chain executing on logged-in account pages:

1. Initial Request: A GET request to https://sync.taboola.com/sg/temurtbnative-network/1/rtb/.
2. The Redirect: The server responded with a 302 Found, redirecting the browser to https://www.temu.com/api/adx/cm/pixel-taboola?....
3. The Payload: The redirect included the critical header Access-Control-Allow-Credentials: true.

This header specifically instructs the browser to include cookies in the cross-origin request to Temu’s domain. This is the mechanism by which Temu can read or write tracking identifiers against a browser it now knows visited an authenticated banking session.

Why Conventional Tools Missed It

```html

```

The Regulatory Fallout

For regulated entities, the absence of direct credential theft does not limit the compliance exposure. Users were never informed their banking session behavior would be associated with a tracking profile held by PDD Holdings — a transparency failure under GDPR Art. 13. The routing itself involves infrastructure in a non-adequate country, and without Standard Contractual Clauses covering this specific fourth-party relationship, the transfer is unsupported under GDPR Chapter V. "We didn't know the pixel did that" is not a defense available to a data controller under Art. 24.

The PCI DSS exposure compounds this. A redirect chain terminating at an unanticipated fourth-party domain falls outside the scope of any review that evaluated only the primary vendor — which is precisely what Req. 6.4.3 was written to close.

Inspect Runtime, Not Just Declarations

Right now, the same Taboola pixel configuration runs on thousands of websites. The question isn't whether redirect chains like this are happening. They are. The question is whether your security stack can see past the first hop — or whether it stops at the domain you approved and calls it done.

For security teams: inspect runtime behavior, not just declared vendor lists. 

For legal and privacy teams: browser-level tracking chains on authenticated pages warrant the same rigor as backend integrations.

The threat entered through the front door. Your CSP let it in.

The full technical evidence log is in the Security Intelligence Brief. Download it here →

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

BOURBON recrute un(e)

Responsable Supply Chain locale / Head of Local Supply Chain H/F

Rattaché au Chief Supply Chain Officer · International vous êtes garant de la performance opérationnelle de la Supply Chain dans les filiales et agences du Groupe à l'international, vous assurez l'alignement entre la stratégie Groupe et l'exécution terrain, en garantissant excellence opérationnelle, fiabilité et continuité de bout en bout.

VOS MISSIONS ET RESPONSABILITES :

-          Vous pilotez la performance E2E des filiales : procurement, logistique, douanes, stock et last-mile

-          Vous managez hiérarchiquement les SCM locaux et développez leur maturité opérationnelle

-          Vous définissez et challengez les KPI, animez les revues opérationnelles et pilotez les plans d'actions correctifs

-          Vous coordonnez en étroite collaboration avec les fonctions Groupe : Procurement, Logistique, Douanes, Digitalisation

-          Vous assurez la couverture des agences sans équipe SCM dédiée via des modèles adaptés (mutualisés, 3PL, gouvernance à distance)

-          Vous contribuez activement à l'amélioration continue, à l'harmonisation des processus et à la transformation digitale

VOTRE PROFIL

-          Vous êtes titulaire d'un Bac+5 en Business, Ingénierie, Supply Chain ou équivalent

-          Vous justifiez d'au moins 10 ans d'expérience en logistique internationale multi-pays

-          Vous avez une expérience terrain en Afrique obligatoire, dont Afrique de l'Ouest

-          Vous maîtrisez les environnements logistiques complexes, les procédures douanières et les contraintes last-mile

-          Vous exercez un leadership pragmatique, exigeant et orienté excellence opérationnelle

-          Dans un environnement fortement international, vous avez une excellente maitrise du français et de l’anglais.

-          Vous avez un bel esprit d’équipe, fédérateur vous faites preuve d’un fort engagement et d’excellentes qualités relationnelles ; vous êtes un très bon communiquant (oral et écrit) et vous savez animer des réunions avec aisance.

-          En contexte international, vous avez une parfaite maitrise du français et de l’anglais (lu, écrit et oral), ainsi que des outils informatiques (Outlook, EXCEL, BI, PowerPoint…).

Poste en CDI basé à Marseille, à pourvoir dès que possible.

Dans le cadre de notre politique d’emploi, ce poste est ouvert aux personnes en situation de handicap.

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp.

The activity, which was observed between March and April 2026, has been attributed to a threat cluster dubbed UAC-0247. The origins of the campaign are presently unknown.

According to CERT-UA, the starting point of the attack chain is an email message claiming to be a humanitarian aid proposal, urging recipients to click on a link that redirects to either a legitimate website compromised via a cross-site scripting (XSS) vulnerability or a bogus site created with help from artificial intelligence (AI) tools.

Regardless of what the site is, the goal is to download and run a Windows Shortcut (LNK) file, which then executes a remote HTML Application (HTA) using the native Windows utility, "mshta.exe."The HTA file, for its part, displays a decoy form to divert the victim's attention, while simultaneously fetching a binary responsible for injecting shellcode into a legitimate process (e.g., "runtimeBroker.exe").

"At the same time, recent campaigns have recorded the use of a two-stage loader, the second stage of which is implemented using a proprietary executable file format (with full support for code and data sections, import of functions from dynamic libraries, and relocation), and the final payload is additionally compressed and encrypted," CERT-UA said.

One of the stagers is a tool called TCP reverse shell or its equivalent, tracked as RAVENSHELL, which establishes a TCP connection with a management server to receive commands for execution on the host using "cmd.exe."

Also downloaded to the infected machine is a malware family dubbed AGINGFLY and a PowerShell script referred to as SILENTLOOP that comes with several functions to execute commands, auto-update configuration, and obtain the current IP address of the management server from a Telegram channel, and fall back to alternative mechanisms for determining the command-and-control (C2) address.

Developed using C#, AGINGFLY is engineered to provide remote control of the affected systems. It communicates with a C2 server using WebSockets to fetch commands that allow it to run commands, launch a keylogger, download files, and run additional payloads.

An investigation of about a dozen incidents has revealed that these attacks facilitate reconnaissance, lateral movement, and the theft of credentials and other sensitive data from WhatsApp and Chromium-based browsers. Thisis accomplished by deploying various open-source tools, such as those listed below -

• ChromElevator, a program designed to bypass Chromium's app-bound encryption (ABE) protections and harvest cookies and saved passwords
• ZAPiXDESK, a forensic extraction tool to decrypt local databases for WhatsApp Web
• RustScan, a network scanner
• Ligolo-Ng, a lightweight utility to establish tunnels from reverse TCP/TLS connections
• Chisel, a tool for tunneling network traffic over TCP/UDP
• XMRig, a cryptocurrency miner 

The agency said there is evidence suggesting that representatives of the Defense Forces of Ukraine may also have been targeted as part of the campaign. Thisis based on the distribution of malicious ZIP archives via Signal that are designed to drop AGINGFLY using the DLL side-loading technique.

To mitigate the risk associated with the threat and minimize the attack surface, it's recommended to restrict the execution of LNK, HTA, and JS files, along with legitimate utilities such as "mshta.exe," "powershell.exe," and "wscript.exe."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

A Michigan resident has been sentenced for defrauding a public pension system by unlawfully collecting retirement benefits after the death of a family member, prosecutors announced. According to the Michigan Attorney General’s Office, the defendant concealed the pension recipient’s death for years, allowing monthly benefit payments to continue long after eligibility had ended.

Authorities say the pensioner passed away more than a decade ago, but the death was never reported to the municipal pension system. Instead, the defendant continued receiving benefit payments through a jointly held bank account, using the funds for personal expenses including housing costs, utilities, and travel. Over time, the scheme resulted in more than $400,000 in improper payments.

The fraud persisted because of gaps in how eligibility status was verified. Pension payments continued automatically, with no periodic confirmation of the recipient’s life status and no immediate cross-check against state death records. The deception only came to light years later during a routine data match between pension enrollment files and statewide vital records.

That review revealed a pension recipient listed as living well beyond expected lifespan thresholds, with uninterrupted payments and no corresponding termination or survivor benefit paperwork on file. Investigators confirmed the death through official records and determined that the pension system had not been notified.

“This was not an administrative oversight—it was an intentional effort to exploit system blind spots,” said Michigan Attorney General Dana Nessel. “Public pension funds exist to support workers in retirement, and every dollar taken through fraud erodes the integrity of those systems.”

Following the case, the pension administrator implemented additional safeguards, including more frequent death-record matching, enhanced account monitoring, and mandatory periodic eligibility certifications. Officials noted that as pension systems increasingly rely on automated payments, continuous data validation is essential to prevent long-running fraud.

The defendant pleaded guilty to fraud-related charges and was ordered to repay the misappropriated funds.

Today’s Fraud of the Day is based on reporting from the Michigan Attorney General’s Office and regional news coverage regarding pension fraud in Michigan.

Tanya Janca

I had my data stolen once, Graham, from a governmental organization I worked at.

Tanya Janca

And they were selling it online for the bitcoin equivalent of $50 Canadian. And that made me feel very humiliated.

Graham Cluley

Were you like, please, please sell it for more?

Tanya Janca

I know, I was like, aren't we worth more than that?

Unknown

463. This AI company leaked its own code. It's also built something terrifying. With Graham Cluley and special guest Tanya Janca. Hello, hello, and welcome to Smashing Security episode 463. My name's Graham Cluley.

Tanya Janca

And I'm Tanya Janca.

Graham Cluley

Tanya Janca, first time on Smashing Security. Hello. How the flip are you?

Tanya Janca

I am wonderful, Graham. How are you?

Graham Cluley

I'm gorgeous. Now, you are dialing in today from the beautiful Canadia. Thank you very much for doing that. Now, you are a famous name, right? You're a pretty big deal in the world of cybersecurity. So if people haven't heard of you, how can you describe what you do and what you're all about?

Tanya Janca

So I am a software developer turned application security expert who really likes to write. And now has written a bunch of books and tons of blogs. I really like to speak, so I speak at conferences, and right now I'm giving secure coding training to large organizations and then kind of just doing contracts here and there, helping people change their application security program so it's more AI aware.

Graham Cluley

Okay, so you are going into organizations and you're helping those developers code more securely, which is a pretty good idea, I think, because we don't want software which is full of security holes like Swiss cheese.

Tanya Janca

Well, we have a lot of that right now all over the internet. Right now, that is a giant problem, and especially not on the internet, embedded devices. You know, you go into an emergency room, a hospital, all of those places, the security is usually much worse than it is on the internet, and it's not great on the internet.

Graham Cluley

Now, a little birdie tells me, Tanya, that you have recently set up a rival podcast to Smashing Security, and you are basically I'm thinking that you can come in here and tell everyone about your podcast. Is that correct?

Tanya Janca

It's 100% correct, Graham. Right, right. My completely different topic podcast is called DevSecStation, and it's 5 to 10 minute mini lessons for software developers about security. So, this month I'm covering the supply chain and how to secure the supply chain and how software developers they're a target now. Malicious actors are actually targeting the actual developer, the human, and they need to know.

Graham Cluley

That's interesting actually, isn't it? Because of course, it's easy to imagine how hackers could target people who work in the finance department, for instance.

Graham Cluley

But if they're targeting the developers themselves, the idea, I presume, is to try to implant code within the code which these developers are writing, because eventually it will roll out to many, many organizations and could cause absolute mayhem.

Tanya Janca

Absolutely. So, often, the past couple years, people will say, oh, there was a software supply chain breach. But if we look at maybe half of those, it was actually the software developer that was compromised. And then as a result, multiple parts of the supply chain was breached because they have superpowers, because they can control the CI, and they control their IDE, and they control the repo, and they can go to prod, and, and, and. And so, you get the developer's credentials and suddenly you have everything. And then on top of that, what some of the malicious actors have been doing, Graham, is then they rob the developer as well.

Tanya Janca

So they go and they try to empty their crypto wallets because why don't we just kick people while we're down?

Graham Cluley

Developers are the kind of people who quite often would have crypto wallets, wouldn't they?

Graham Cluley

And so they understand the technology and so they may have a few thousand dollars or perhaps more.

Tanya Janca

They'd be significantly more likely to have a crypto wallet than the average person.

Graham Cluley

And I'm also thinking that, I mean, my background is I used to be a developer many years ago, used to write antivirus software. And I remember from way back then that the programmers are also the kind of people who would demand to have admin privileges on their computers because they feel they have godlike capabilities anyway. And so they would be arguing with the IT team, well, I need all of these rights. And that could be a security threat in itself, couldn't it?

Tanya Janca

Oh yeah, for sure, Graham. And I was a software developer longer than I've worked in security. I was that person for sure. And on top of having admin rights and being the lord of their workstation, I think a lot of people, when we think of the CI/CD, we think of it as a thing that publishes code and we don't think about how it's a thing that talks to the outside, does downloads, tells us if everything's okay or not, decides to log or not log certain security things. And very few organizations are currently logging or alerting, for instance, if a new admin gets added or if a new workflow gets added. I worked at a place, I was contracting there, and we're playing around with their CI because I'm going to add some stuff and—

Graham Cluley

Time, time, time, Tanya. Look, you've been developing code more recently than me, and I recognize that there's a lot of listeners who may not work in the programming world. You're giving me some acronyms here. No, no, no, it's all right. But what is that? What is that that you are talking about?

Tanya Janca

So a CI/CD, continuous integration, continuous delivery pipeline. It's a piece of software that the software developers will put their code into, and then it will run lots of tests. It will go and get things off the internet for them. It'll add some updates, it can log things, it can send alerts, and then it will put a copy of whatever the thing is they're building onto maybe a development server so they can play with it and look at it and do more tests. And then if all those tests pass, it's, hmm, that seemed pretty good. Let's put it on another server and let another team see it. And it goes from environment to environment automatically, automagically even. And then by the end, assuming it passes all the tests and the humans it, it goes out into production, which is where you and I and most of us humans live. So, if you're a customer and you're using software, you don't know, but that's called production. That's the place where the magic happens, where the users are. But there's all these other environments below that where we're playing around with things of making sure things are okay and making sure they're safe. And so this system is usually the most powerful software system in an organization. It can go to the internet and download things. It can install things. It can delete things. It can decide this code's not good enough and it's not going anywhere on my watch. And it does most of this quite automatically without human intervention. And now imagine a malicious actor takes that over. They could literally put code in that's bad and put it out into your product and release it to all your customers without you knowing. And it's happened a bunch of times and we're not protecting these systems very well. And so, I'm talking about it.

Tanya Janca

If you're there for a month, Graham, you could have 50 cappuccinos.

Tanya Janca

I think new software is having security added significantly more often. However, we couldn't have a podcast episode without talking about AI. So everyone right now is using Cloud, which we're going to talk about in a bit, and Copilot, et cetera, to write code for them. And the quality of code coming out of those is not very good right now. And I am seeing it improve, but not the speed that I dream of. Graham, it sounds weird, but I want to be put out of a job, right? Like, I would like to not need to teach secure coding anymore because we've got this. That's what I want. And the AI is not doing it for us. So what's happening now is that we have developers with varying levels of how to create secure software and varying level of prioritization on that. And then now they're being told develop software at 10 times the speed or we're going to fire you and hire someone else. So, they're using the AI, the AI is changing tons and tons of things they don't fully understand. They don't have time to review it. They're just pressing the commit button. And that is my fear for new software. For old software, it's, it's that, oh, it's always worked. Why would we update it? We'd have to re-architect it to fix that. We don't have money for that. We'll just leave it. A lot of legacy is in a bad shape. And by legacy, I mean software that's already out in production that's been out one or more years.

Graham Cluley

Well, you know what? I think more people need to tune into DevSecStation, the brand new podcast, something of a competitor to Smashing Security, to learn more about this. Anyway, great to have you here, Tanya. Before we kick off, let's thank this week's wonderful sponsors: Meta, CoreView, and Vanta. We'll be hearing more about them later on in the podcast. This week on Smashing Security, we won't be talking about how hackers have breached travel site Booking.com, stealing names, addresses, phone numbers, and information shared with hotels. You'll hear no discussion of how Rockstar Games, the makers of Grand Theft Auto, have been hacked for the second time in 3 years. And we won't even mention how Meta is blocking lawyers from running ads on Facebook and Instagram to recruit clients who say that they've been harmed by social media. So, Tanya, what are you going to be talking about this week?

Tanya Janca

I am going to talk about how Anthropic accidentally leaked their code for Claude Code CLI. And then I'm also going to talk about Mythos, the new model that is terrifying. Yeah.

Graham Cluley

Yeah. And I'm going to be talking about how Venetians are getting themselves in a world about hackers. All this and much more coming up on this episode of Smashing Security. Well, we've got time now to talk about one of today's sponsors, Vanta. Joe, what keeps you up at 2 o'clock in the morning?

Joe

The dog next door, mostly.

Graham Cluley

So you are not even All right, well, yeah, but I'm getting the web traffic is talking professionally, what keeps you up? the truth, right?

Joe

Oh, whether we've got the right security controls in place, whether our vendors are secure, how to escape the nightmare of outdated tools and endless manual processes.

Graham Cluley

Exactly, which is where today's sponsor comes in. It's Vanta.

Tanya Janca

It's a little bit like when H.D. Moore released Metasploit so many years ago. So Metasploit is a tool that you can point at a web app or a piece of online infrastructure. So it needs to be webby. And it will go and try to exploit a list of known CVEs, so Common Vulnerability Enumerators. So vulnerabilities that are publicly known in software that you can buy. So not custom software, but, you know, I have version XYZ of Apache web server and it's known to have that vulnerability. And so you point Metasploit at it, and if it has that vulnerability, it'll go and it'll open up a hole there and exploit it. And in the wrong hands, you can use that to hurt people just the same as if you give a scalpel to someone, they can cut themselves, they can cut someone else. But this tool, it's kind of handing someone an atomic bomb.

Joe

Fanta, the fizzy orange drink.

Tanya Janca

And so I feel, you know, for instance, let's say a big company Microsoft or Netflix or whatever, some big software company, they get a license to use it internally. They find all their own bugs. They have time because they're not publicly exposing, you know, no one else knows but them and they're fixing it. It would be the ultimate pen test, right? That could be great, except for what if one of those employees then sells those vulnerabilities to a malicious actor?

Joe

How can this possibly be true?

Tanya Janca

You know what I mean? Or they take it and then they point it at something they're not supposed to, right? Because it's so powerful and it's so fast and it's finding apparently very novel, unique things that humans haven't been able to see before. It's quite disconcerting, or I think so.

Graham Cluley

No, no, Joe, it's a Vanta with a V. It's a trust management platform. It's not a drink full of sugar. It automates all of that tedious manual compliance work so you can stop drowning in spreadsheets, chasing audit evidence, and filling out questionnaire after questionnaire.

Joe

Lush. I hate questionnaires.

Graham Cluley

Well, who doesn't? Vanta continuously monitors your systems. It centralizes your security data. It keeps your program audit ready all of the time. It also uses AI to streamline evidence collection and flag risks. It automates compliance for SOC 2, ISO 27001, HIPAA, GDPR, and more.

Joe

So basically it handles the boring stuff so we can focus on the interesting stuff.

Graham Cluley

Exactly. Precisely that. And for a limited time, new customers can get $1,000 off. $1,000? Yep, $1,000. Head to vanta.com/smashing. That's vanta.com/smashing and get started today. Which is this. Maybe this will give you a little bit of comfort.

Joe

And maybe get a decent night's sleep for once. Oh, and unlike fizzy drinks, Fanta isn't bad for you.

Graham Cluley

Do you get any comfort at all from the thought that the people building these tools are still fundamentally human and therefore fundamentally fallible? Thank goodness it's not the AI, right?

Joe

That was a fruit twist.

Graham Cluley

It's human error. Hey, yes, us humans, haven't we done great? Now, chums, I want you to picture this. You are a tourist in Venice. It's a warm, Spring morning, you've just paid €12 for a cappuccino, and you're standing in Piazza San Marco watching the pigeons do their thing. Because we've really cocked up on this occasion by leaking the source code. I think we should feel good about that rather than it being an AI which screwed up, which surely is only a short way away. And what you don't realise is, while you're there in that beautiful setting, that somewhere on a dark Telegram channel, a hacking group is claiming that they could, at the press of a button, send water flooding across the very stones that you are standing on. Which would of course solve the pigeon problem in Venice, at least temporarily. Now, Tanya, have you ever been to Venice? Does this make you want to go?

Tanya Janca

So I haven't been to Venice, and I still want to go. Wet feet are okay with me.

Graham Cluley

Right? Wet feet are alright. Pack your flippers. Well, a hacking group called the Infrastructure Destruction Squad, they announced in early April that they had broken into the hydraulic pump system that protects Piazza San Marco, in Venice from the notorious high tides of Venice. They said that they accessed the system's control interface on the 26th of March. They spent about 10 days quietly poking around, having a little rummage, and then on the 7th of April, they began what they called the disclosure phase. And the disclosure phase, that's hacker speak for bragging about it on Telegram. Right?

Graham Cluley

Because you can't be a hacker these days without a bit of bragging. They were sharing screenshots of control panels and valve states and system layouts, and then they offered to sell full root access to one of Italy's most iconic pieces of critical infrastructure.

Tanya Janca

So they should go to shehackspurple.ca. And if you sign up for my newsletter, which is free, you'll get invites to everywhere I speak. That's scary. You'll see all my new content every month. You'll get the episode of the podcast and you'll get at least one meme. And memes are important, Graham.

Graham Cluley

How much do you think they could charge?

Tanya Janca

A million dollars?

Graham Cluley

I mean, that is plausible, isn't it? They could try that. How about $600? Oh my gosh, Graham. Not $6 million. Not $6,000. $600. Which is about the price of a mid-range Android phone. Or if you're in Venice, round about 50 cappuccinos.

Tanya Janca

Yeah, 50 cappuccinos. That sounds nice though. 50 cappuccinos sounds nice.

Graham Cluley

You'd be high as anything, Tanya. You can't drink 50 cappuccinos.

Graham Cluley

I suppose over a month you could. I was thinking it would all be consumed in one day, in which case you'd be desperate for the loo, wouldn't you?

Tanya Janca

Yeah, that'd be awful.

Graham Cluley

Now, you live in the world of application security, Tanya. It's all about software code, web apps, all that CI/CD nonsense. When you hear $600 to access flood defense infrastructure, is that a surprising number to you, or is it just depressingly familiar for critical systems security? What's your feeling?

Tanya Janca

So my first thought is that it's very low. However, I had my data stolen once, Graham, from a governmental organization I worked at.

Tanya Janca

And they were selling it online for the bitcoin equivalent of $50 Canadian. And that made me feel very humiliated.

Graham Cluley

Were you like, please, please sell it for more?

Tanya Janca

I know. I was like, aren't we worth more than that?

Graham Cluley

It's such a slap in the face, isn't it?

Tanya Janca

Right, right. But you could just scrape the stuff off our website. None of it was private. It was publicly available data. So I was like, well, I mean, maybe what they're paying for is the convenience of it being in an Excel spreadsheet instead of having to scrape it. But I feel like $600 seems like they don't actually have access and they're just a kid in a basement being like, whoa, €600, that would be amazing. We could have 50 cappuccinos.

Graham Cluley

It's a strange old thing, isn't it? So they were posting up on Telegram this thing saying, you know, you can have access to this too as well for such a small amount of money. And their Telegram post, which was written in Chinese— I don't speak Chinese, I don't read Chinese, but thankfully the internet can do all that for me. This is what it was saying in English. It said, yes, you conducted new checks after the attack in late March. Yes, equipment tests came back positive after Easter. In other words, they were tracking the remediation efforts being made by the organisation trying to clean up afterwards. They were doing this in real time while Telegram posts were being written about it. And they continued, but what you haven't understood is that we have refused to completely shut down the flood defense system. So they're trying to make Venice basically say, oh, thank you very much. That's very good of you. We're very grateful. They said, we are not here to destroy you. We are simply here to deliver a message. We can do it and we are still inside your network. 'No tests conducted by your security teams can drive us away. No system updates can expel us. We've been here for months and will remain here for months to come.' Which is fairly aggressive, kind of spooky talk, isn't it?

Tanya Janca

It is. It makes me wonder if they have persistence on the network, where that is, right?

Graham Cluley

Yeah. I wonder how they're managing it. It'd be interesting to know, wouldn't it? And they carried on. They had a message for the press as well. They said, 'Any newspaper that disseminates this news without understanding the truth, prepare for a devastating attack. I mean, to be honest, at this point, I'm beginning to think this is most likely a 14-year-old. Yeah, there's a lot of bravado going on here, isn't there? But to recap, these hackers broke in, refusing to leave, threatening journalists, but they're only charging $600 for the privilege of having access yourself. So you could imagine if someone had a problem with Venice. I don't know, maybe you were in charge of IT at a rival European tourist destination. Maybe if you thought, "Oh, Venice has beaten us once again with all of their gondoliers and cornettos. If only we could access their flood defence system, and basically when that next high tide comes, we could ensure that they get flooded."

Tanya Janca

I don't know. I don't want to cause destruction. Maybe I'm weird.

Graham Cluley

You're Canadian. Of course you're not destructive. You know, you're just unbelievably pleasant all the time, aren't you? But I mean, but there are— now, this may come as a shock to you as a Canadian, but there are countries— I'm not going to name any countries, particularly to you, a Canadian— but there are countries which are perhaps a little bit more interested sometimes, some elements of them, in destruction. I'm just saying it's possible. But of course, lots of hacktivist groups may be interested. And look, a lot of the early malware which we saw was purely destructive. It would wipe drives or delete files. You know, there was no point to it. There was no financial incentive. It was about just being mindless, really, in a way.

Tanya Janca

I feel like there's a certain, I need to prove that I'm cool sort of thing, especially when we are coming of age, like teenagers, like I need my peers to see I'm cool. I need people to think I'm powerful. And then hopefully that sort of just wears off when we mature and we're like, actually, I could just achieve things and be awesome and I could prove I'm amazing by actually doing positive, good contributions to the world rather than negative ones. But I feel like sometimes people get lost, and maybe they don't see that there are good things that they could do to prove how awesome they are rather than bad things.

Graham Cluley

Do you think it's a bit of low self-esteem? Do you think, is it that they simply don't have girlfriends, boyfriends, or whatever it is that they're after? Maybe there's something missing in their lives.

Tanya Janca

Yeah, I often joke they just need to go get a life and maybe they need a dog. Think about it though, they're not finding this purpose in their life, this thing that brings them joy, and they're angry. And so they're taking it out on people. And I feel like if we could find a way— when we do the Pick of the Week, we're gonna talk a little bit about maybe this, but I feel like you're really onto something there, Graham. I've said things like this before where I'm just like, you know, why are people doing this? Maybe we need to find a focus to give them where they could show their brilliance, show their determination and be successful, but in a positive way.

Graham Cluley

Yeah, absolutely. So this claim they make about still being on the network, that's interesting to me. And this, no updates can expel us. In your world, when someone says they've got that kind of persistent access, do you take that seriously? Is that a technical claim, do you think, or is that just bravado?

Tanya Janca

So I do software and that's definitely an infrastructure network thing, but yeah, absolutely. Potentially still have access. There was an incident a few years ago where I remember the malicious actor was posting images of the Slack channel that the incident responders and security team was using. So they could actually see the Slack channel and the discussions of the security incident, and then they were posting it to Twitter, mocking them, which made me feel so bad for that team. And this is why we need to have a way to talk to each other that's I call it out of bound, a different separate way. So maybe there's a Signal chat where you talk or Telegram if that's your jam and you have this separate space where you can discuss things and where you can double-check things.

Graham Cluley

You've given the example of that Slack channel. It reminded me of a story from, oh my goodness, years and years ago, there was a hacking group in the UK. I think it was the LulzSec hacking gang. The police in the States, the police in the UK, Smashing Security set up a conference call to discuss this particular hacking group. And one of the participants in that call, a British police officer, was accessing the call from his private email account, or he had forwarded the login details because he had to connect late in the evening. What he didn't know was that a member of that particular hacking group had hacked his personal email, and they were actually able to tune in to the conference call and hear the police discussing the investigation into them. So, these things can really badly backfire.

Tanya Janca

Yeah. The comms are really important during an incident. When I teach software developers, I have this little section about what a security incident is, what it looks like, how you should call the security team, and what not to do. Because I've had so many software developers attempt to help me, and always from a good place, just to be clear, then ruining the chain of custody, effing up all my evidence. You know, "Don't worry, I erased it." I was like, oh my God. Yeah, I feel like the security team needs to communicate better to the entire rest of the organization, the processes that they should follow so that if there is an emergency, everyone knows what to do because a helpful person can sometimes completely ruin everything.

Graham Cluley

Yeah. Well, this is at its heart what we call an OT attack, operational technology. So it's not your email server. It's not a web application necessarily. It's not a customer database. This is all about the physical world of pumps and valves and sensors. This means that when it goes wrong, it's not your data that's being leaked. It could mean water's going everywhere. I know your world is very much the software side of things, Tanya, but OT security and application security, they are converging in some ways, aren't they?

Tanya Janca

Software runs everything. You can't have OT without any software. And I would say in this case, it sounds like it's critical infrastructure because at first when you were describing it, you're like, oh, you'll get your feet wet. And I was like, whatever, I'm British Columbian, we're always wet. It would actually flood, people could be harmed and stuff. It becomes critical infrastructure, if that makes sense. And so software runs literally everything.

Graham Cluley

That's true. And the problem is that OT systems, these operational technology systems, they were built for longevity and reliability and uptime. You know, the important thing was that they need to always work. And this was long before people were thinking about connecting them to anything. But once they were networked for convenience, maybe, or remote maintenance, suddenly this decades-old infrastructure is perhaps accessible via the public internet and may have very weak security.

Tanya Janca

I find, Graham, quite frankly, that a lot of the security industry focuses on the internet and web, but that's the tip of the iceberg of all the software that we have. In December I was working with this company that does embedded medical devices and then they do operating systems and emergency room systems, all of the devices that are in there, they write the software for that. And obviously, the security is pretty important. Safety and security and privacy, pretty darn important, right? And we worked together, and it was a really cool project. But I feel like a lot of organizations, they're like, oh, well, we're not on the internet, so it's not that important. So when we did a threat model of all the things that could happen and how easy it would be, they're really shocked. And hospitals get hit with ransomware all the time, but if you— it'd be so easy to hit a hospital physically.

Graham Cluley

Yeah, it's a big problem. And we're living in this world of web apps. People build them, they work, and then they think, oh, maybe we should add security later. If you're lucky, they have that part of the conversation. But do you think the software world is actually learning that lesson to integrate security earlier on in the process? Well, whether you believe every word that Infrastructure Destruction Squad has said about Venice or not doesn't really matter, because the next group that finds their way into a system like that, they might not be interested in writing threatening Telegram posts or asking for the mighty sum of $600. They might just want to open the valves and cause mayhem that way.

Tanya Janca

Yeah, it's true.

Graham Cluley

Well, time now to talk about one of our sponsors, Meta. Joe, have you ever had to set up a network for a new office?

Joe

Once. I've since sought therapy.

Graham Cluley

Ah, right. Well, Meta exists to make all of that someone else's problem. They are a network as a service company, but a proper end-to-end one. You hand them a physical address, a floor plan, they handle everything. They sort out the ISP, they design and deploy the network, they turn up on the site, they rack their own hardware. Kits that they've actually designed themselves, not just rebranded someone else's gubbins.

Joe

So I don't have to spend 45 minutes on hold with the telecoms company only to be told they've misspelled our company name on the contract.

Graham Cluley

Right, right. Yeah. Not a single minute of that. And once you're up and running, you get one dashboard for monitoring, security, VLANs, firewall, DNS security, the whole works. Full control without any of the soul-destroying groundwork.

Joe

This begs the question, what's the catch?

Graham Cluley

Genuinely, no catch. It's a straightforward subscription model. They even have a hardware buyback program if you've already blown the budget on equipment from another vendor.

Joe

So they'll take away the evidence of my previous terrible decisions.

Graham Cluley

Right, basically, yes. So find out more at meter.com/smashing. That's meter.com/smashing. Smashingsecurity.com/smashing, and thanks to Meta for supporting the show. Tanya, what story have you got for us this week?

Tanya Janca

Okay, so I wanted to talk about how Anthropic accidentally leaked the full source code for Claude Code CLI. So—

Graham Cluley

Sorry, isn't it Claude rather than Claude?

Tanya Janca

Oh, je parle français. I'm Canadian. I speak French. So—

Graham Cluley

Ah, mais oui, ce sont des mots qui vont très bien ensemble. Sorry, I'm putting you off.

Tanya Janca

Basically, when we publish code to production, the magical place where the users are, software developers are supposed to turn off debug mode, which is a nerdy thing that we use so that we can find problems and fix things. And then we also usually have something called an ignore file, which means don't put all of those files up there. These are the just-for-us files. And both of those things didn't happen. And so then they published this file, it's called a source map file, and it can be opened like a present, and inside was the code.

Graham Cluley

What actually got leaked here? This was Anthropic, the big AI company, which did this. They leaked the code for Claude. Is that right? The thing they spent billions on, right?

Tanya Janca

So they accidentally leaked all the intellectual property. This would be a data spill because they did it themselves. I can't imagine being the software developer that did that because they're probably pretty upset with themselves. So it wasn't a hack, it was human error. And the reason why this is a really big deal is, so first of all, they spilled their intellectual property. And as a person who has made most of her income off of her intellectual property her whole life, 'cause when I was younger, I was a professional musician, then I was a software developer writing code, then I wrote books. I did all of these things, right? All of that's intellectual property. So that's one thing. But the other thing is that then the internet got ahold of it and analyzed it for vulnerabilities and started writing exploits for it so that they could take advantage of Claude. And so people can dissect all of its defenses and come up with better attacks. And all of the other AI companies now are stealing it. And basically, so someone, rather than seeing that and reporting it immediately to Anthropic, the person's "you know what I'm gonna do? I'm gonna copy it to my own GitHub repo and start distributing it." Which makes me sad. And I know that it's a cool thing to find. I would be really excited too, but—

Graham Cluley

The thing is, yes, obviously that's naughty, right? Because it's Anthropic's code, right? But let's not forget what Anthropic and the other AI companies have been doing for years, which is they've been stealing everyone else's content without permission in order to train their AI models, right? So isn't this just actually a case of they're getting their just desserts. They have spilt their code and now it's in the hands of everybody.

Tanya Janca

So I would say yes to that part. So I've written two books and my second book came out last year and it is barely sold. And the theory is, is because Claude and all the other AIs just give you all the answers. When you go and you Google something now, it'll just tell you the smart thing that Tanya said, but it doesn't say Tanya said it.

Tanya Janca

And so before people would Google things and it'd be "oh, you wanna know what pushing left is, or you wanna know what security drift is, or whatever the many things that I have defined throughout my entire career." And then instead of it bringing you to the blog post where I'll explain that to you, it now just tells you the answer. No. So there's a place where I write articles for them that I'm not gonna name 'cause I like them. And I used to write articles for them and they'd get a couple hundred thousand reads, and now they're getting 2,000 reads. It's that different because the AI reads it and then now it knows everything Tanya just spent weeks researching to write that article. And so this is a huge problem for those of us that do research and release research because immediately it's taken from us. It sucks.

Tanya Janca

I know we're supposed to do one article, but I wanted to do two because they're related. So Anthropic also announced but did not publicly release a new model called Mythos. And what Mythos does, it's quite dangerous. So it finds vulnerabilities in applications and chains them together into exploits. And it has been finding novel new kinds of things that humans haven't been able to find before. And it's been finding them so terribly fast. It's absolutely completely terrifying. So for instance, they found, I can't even remember just how many bugs in OpenSSL, but Heartbleed level terrifying bugs. For those of you that don't know, Heartbleed was a bug found in OpenSSL where you could just send a specially crafted call and then it would just tell you all the secret sauce.

Graham Cluley

Yeah, it would spit back what should have been confidential encrypted information, things which no one should ever have been able to see.

Tanya Janca

And Anthropic, they're not publicly releasing it. They're just working with a couple trusted organizations for now. But they've openly admitted that they can't fully control it or understand it. And I would really not want to see Mythos on the internet.

Graham Cluley

Oh, okay. So let's just backtrack for one second. So we've got this company Anthropic, which has just goofed up. They called it a human error. They said it was a release packaging issue rather than a security breach. And they're saying, oh, it doesn't matter because no customer data or credentials were involved. And technically that's right. It's their code. It's not somebody else's. But, you know, they were leaking their source code. They were careless.

Tanya Janca

It's still a data spill. It's their data and they spilled it and it was private, confidential data that's high value.

Graham Cluley

Yeah. And meanwhile, they've just publicized this new technology they've built called Mythos, which can do something which could be very useful for many people in terms of securing their systems, because it can find vulnerabilities and you could find flaws in software and you could hopefully patch them and fix those bugs. But if that fell into the wrong hands, if they had a release packaging issue and they spilt it out like they've just spilt out something, that's horrendous because anybody could use something like Mythos to hack all kinds of systems and software, couldn't they?

Graham Cluley

And there have been AI-powered bug hunting solutions in the past. I mean, I believe if you look at the HackerOne league table right now, the number one bug hunter is an AI-powered bug hunting solution at the moment.

Graham Cluley

But the other thing which worries me is that, okay, so Anthropic has had this data spill. We're worried that maybe it could happen with Mythos as well. Potentially it could. The thing which I think changes the story a bit, this isn't even the first time Anthropic has had a data leak this. I mean, earlier versions of the same package in 2025 also shipped with full source maps before being pulled. So this isn't a one-off slip. It seems to almost be a pattern which has happened. And who's to say it couldn't happen again? And maybe it could happen with Mythos.

Tanya Janca

You know what, Graham? I had no idea that they'd previously accidentally leaked their map. Oh my gosh. This is completely shocking. I don't mean to sound insulting, but I can't believe that they could make the same mistake again, right? Because that would be so painful the first time.

Graham Cluley

So Anthropic says this is a human error. But should it be possible for a single human error to publish source code that should never have been made public? Is that a process failure? Is it a tooling failure? Do we just have to sort of shrug and say, oh well, that's life, these things happen?

Tanya Janca

So first of all, in Git, so Git is a tool that you can use to hold your source code and take care of it and manage it and store it. There's this setting that you can do called .gitignore, and you list all of these files to say basically no matter what I say, don't upload this.

Graham Cluley

Yes. Override my own stupidity. Yes.

Tanya Janca

Yeah, exactly. And I take advantage of that all the time. So there should be a default for every org and it should include those map files. So that's step one is that we want to have the ignore file things set up properly. And then we always know we're not supposed to have debug mode in production, right? So, we know that we should have on the build server these settings turned off. And so basically this is like security misconfiguration happening twice, which is on the new OWASP Top 10 2025, as a top risk to web apps. Basically, they didn't configure the build server correctly and then they didn't configure Git correctly. And then they don't have a process or a checklist to check that. So I would love to see those three things. I teach supply chain security. I'm expanding and expanding that class all the time because there's more and more that we're doing wrong there. And I feel like if organizations had a checklist and they had, you know, a hardening of these things that they're using that are part of their supply chain, like we talked about earlier, if we properly hardened our build server. So, the CI/CD and build server, those are usually synonymous. They're usually the same thing. Or you have a build server and then you have a pipeline and you connect the two, but usually, it's all one big thing. And so, if we were properly hardening that, if we're checking it at least once a year, if we analyzed who, you know, there's an alert. Oh my gosh, there's a new administrator.

Tanya Janca

Who's that? Why do we have a new administrator? We could do a lot better. So, it is a human error, but the human error happened because we didn't have processes to protect that human from making that error. And I don't like to blame Alice or Bob. I like to look at, no, but did we train Alice or Bob on this? Did we? Right? Did we have a safeguard to stop them from making this error? Did we have a policy? Or do we just assume they knew? Because when we assume, we're let down a lot.

Graham Cluley

So what we have here, Tanya, is an AI company which has leaked the source code of its AI coding assistant. Via a packaging mistake, which is kind of ironic. I'm going to give you a little bit of silver lining on the cloud, right? Because this has all been a bit depressing.

Tanya Janca

Okay. But we don't know that.

Graham Cluley

That's true, actually. That is true.

Tanya Janca

Right? Have you heard this term dark factory?

Tanya Janca

So we don't know if Anthropic is becoming a dark factory. So in manufacturing, it means we just have robots, so we don't need lights. But there's software dark factories being built now where you don't have a single software developer anymore, and literally every single part is only written by the AI. And wouldn't you think the AI company might be most likely to do something like that? I don't know.

Graham Cluley

Well, thank you very much, Tanya. There I was trying to be optimistic and cheer everybody up, and you've just made it all doomy and gloomy again. Great. That's great. Thank you.

Joe

This episode of Smashing Security is brought to you with support from CoreView.

Graham Cluley

Now, Joe, quick question. If someone broke into your Microsoft 365 tenant right now and quietly disabled your conditional access policies, grabbed global admin rights, turned off Defender, would you even notice?

Graham Cluley

Well, that's the spirit, Joe. Good job. But here's the uncomfortable reality. 63% of Microsoft 365 tenants hand out admin rights not that they're going out of fashion. One compromised account and an attacker can quietly reshape your entire tenant. No alerts, no noise, just someone systematically dismantling your defenses while you're none the wiser.

Joe

So wait, restore from backup doesn't fix that?

Graham Cluley

No, no, no. Backups protect your data. They don't restore tenant-level configurations. There's no native rollback for that. You could be rebuilding your tenant settings from scratch for weeks.

Joe

And who's doing that?

Graham Cluley

Exactly. Who wants to do that? Well, CoreView have written a white paper called Total Tenant Takeover: The Microsoft 365 Disaster No One's Ready For. It's actually a really practical read. It covers how these attacks unfold step by step, where your existing tools are leaving gaps, and what it actually takes to recover control once it's been lost.

Joe

So less detect and panic, more here's how to actually get your tenant back.

Graham Cluley

That's it. Exactly. And you can download this paper for free right now. You can learn more at smashingsecurity.com/coreview and maybe do it before someone else does something bad to your organization.

Joe

That's smashingsecurity.com/coreview. And thanks to CoreView for supporting the show.

Tanya Janca

And welcome back.

Graham Cluley

And you join us for our favorite part of the show, the part of the show that we like to call pickpocketing. Pick of the Week.

Tanya Janca

Pick of the Week.

Graham Cluley

Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app, whatever they wish. It doesn't have to be security related necessarily. Well, my Pick of the Week this week is actually security related. In fact, my Pick of the Week this week, and this is gonna get very, very meta, not in a Mark Zuckerberg kind of way, because my pick of the week this week is actually about the Smashing Security podcast, because I've been busy doing a bit of vibe coding. I know, very dangerous. I've been exploring the world of podcast transcripts, ladies and gentlemen. I think it must have been about 9 years ago when I first got an email from a listener saying, why don't you have a transcript? I'd much rather read rather than listen to you. And I said, well, you know, it's very hard putting together a transcript. I'd be up all hours typing my nonsensical words into a word processor. Or I'd get some computer system to try and transcribe me into written English. And, you know, the quality is going to be diabolical anyway. After quite a lot of work involving largely pipe cleaners and pots of treacle, bicycle chains, I have got together a Heath Robinson-type solution which now has, I believe, acceptable transcripts for this show. Now, my podcast host, does create automated transcripts. So if you go into your favorite podcast app at the moment and look at transcripts, if it supports that, you will see a very, very bad transcript of the show. My intention is to replace all of those. And if you go to my website or to the Smashing Security website right now, you will find a much better transcript. And in fact, it will even display the words as they are being said. So you can read as you are listening I think it works reasonably well most of the time. Sometimes it makes a mistake, for goodness' sake. Yes, I know. Sometimes it will mix up my name with someone else's or something will go wrong. But most of the time, I think it's pretty darn impressive. So my pick of the week, rather self-referentially, is the new transcripts on the Smashing Security podcast. Go to smashingsecurity.com or go and check out my articles on Graham Cluley.com. And you will be able to see the transcripts in all of their glory there and tell me that it doesn't work. And then I'll have to try and work out what the code's doing and try and fix it. Cool. That is my pick of the week.

Tanya Janca

I your pick of the week, Graham.

Graham Cluley

Thank you very much.

Tanya Janca

That was awesome. Well done.

Graham Cluley

Do you have a pick of the week, Tanya?

Tanya Janca

I do. So my pick of the week is a television show on Apple TV called Shrinking. And it is about three psychologists that are friends that are all grieving because one of the psychologists, his wife died. And it shows how he grieves, how his daughter grieves, how the two other psychologists grieve. And they teach all these different psychology lessons essentially in the show. And last year I did a talk about the psychology of bad code and applying economic behavior types of concepts to our security programs. And how if we do that, we can get better results. 'Cause just yelling at software developers actually doesn't improve code quality at all, as it turns out. Just being mean to them doesn't work. We've tried that for two decades. So, I was what if instead we did something different?

Graham Cluley

Have you tried the old cricket bat trick of taking a cricket bat and just bopping them on the back of the head? Does that help at all?

Tanya Janca

My old boss was have you tried violence, Tanya? And I was no, I haven't. And he's you're not really trying to problem solve at all, are you?

Graham Cluley

Oh, so I've just realized why your show is called Shrinking because of—

Tanya Janca

It shrinks. Yeah.

Graham Cluley

I'm so stupid sometimes. It's taken me this long to work it out. Okay.

Tanya Janca

No, but so I'm fascinated by the reason that people do things and why people react the way they do. I've always been really curious about things like that. And so also so that I could get better results, right? If someone blows up at me, it's like, why did they blow up at me? And often it's not because of something I did. It's because they feel insecure or afraid or whatever.

Tanya Janca

And so in the show, they're always explaining these different concepts and I keep seeing them pop up in my life, whether it be at work or personally. And so most shows aren't very educational, Graham. Most of them are kind of garbage.

Graham Cluley

Oh, really? I'd never noticed. I've just been watching Married at First Sight Australia. So I thought all of them were really high quality, personally.

Tanya Janca

But so this one teaches lots of psychology lessons and why people do the things they do, but in an entertaining way. So I don't know, I like that. I think if people are curious about, you know, why people do the things they do, they might like this.

Graham Cluley

And is this a drama or a documentary? What is it?

Tanya Janca

So it's sort of a drama and it's sort of a comedy. So I think they call them dramedies.

Graham Cluley

I think that's what you call a one-humped camel, actually. So anyway, yes, carry on. So a dromedary, right?

Tanya Janca

Basically, there's a bunch of parts that are sad, and then there's a bunch of parts that are funny. And so I think they call it a drama comedy, which they literally put on Apple TV, Dramedy.

Graham Cluley

Oh, I don't know if I like that word. Yeah. I'm not so sure about that.

Tanya Janca

You're like, no, I do not accept.

Graham Cluley

Anyway. Okay. So your pick of the week is the TV show Shrinking.

Graham Cluley

Well, that just about wraps up the show for this week. Thank you so much, Tanya, for joining us. I think you've been absolutely smashing. I'm sure lots of our listeners would love to find out what you're up to and follow you online or listen to your podcast, of course. What's the best way to do that?

Graham Cluley

Yes, that's what we need more of, is more memes.

Graham Cluley

That and emojis and animated GIFs. And of course, Smashing Security is on social media as well. You can find me, Graham Cluley, on LinkedIn, or you can follow Smashing Security on Reddit or Bluesky or Mastodon. And don't forget to ensure you never miss another episode. Follow Smashing Security in your favorite podcast app, such as Apple Podcasts, Spotify, and Pocket Casts for episode show notes, sponsorship info, guest lists, and the entire back catalog of 463 episodes, check out smashingsecurity.com. Until next time, cheerio. Bye-bye.

Tanya Janca

Bye. You've been listening to Smashing Security with me, Graham Cluley, and I'm very grateful to Tanya for joining us this week and this episode's sponsors, CoreView, Vanta, and Meta. And of course, to all of our fabulous supporters via Patreon.

Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails.

"By leveraging trusted infrastructure, these attackers bypass traditional security filters, turning productivity tools into delivery vehicles for persistent remote access," Cisco Talos researchers Sean Gallagher and Omid Mirzaei said in an analysis published today.

N8n is a workflow automation platform that allows users to connect various web applications, APIs, and AI model services to sync data, build agentic systems, and run repetitive rule-based tasks.

Users can register for a developer account at no extra cost to avail a managed cloud-hosted service and run automation workflows without having to set up their own infrastructure.Doing so, however, creates a unique custom domain that goes by the format – <account name>.app.n8n.cloud – from where a user can access their applications.

The platform also supports the ability to create webhooks to receive data from apps and services when certain events are triggered.Thismakes it possible to initiate a workflow after receiving certain data.The data, in this case, is sent via a unique webhook URL.

According to Cisco Talos, it's these URL-exposed webhooks – which make use of the same *.app.n8n[.]cloud subdomain – that has been abused in phishing attacks as far back as October 2025.

"A webhook, often referred to as a 'reverse API,' allows one application to provide real-time information to another. These URLs register an application as a 'listener' to receive data, which can include programmatically pulled HTML content," Talos explained.

"When the URL receives a request, the subsequent workflow steps are triggered, returning results as an HTTP data stream to the requesting application. If the URL is accessed via email, the recipient's browser acts as the receiving application, processing the output as a web page."

What makes this significant is that it opens a new door for threat actors to propagate malware while maintaining a veneer of legitimacy by giving the impression that they are originating from a trusted domain.

Threat actors have wasted no time taking advantage of the behavior to set up n8n webhook URLs for malware delivery and device fingerprinting. The volume of email messages containing these URLs in March 2026 is said to have been about 686% higher than in January 2025.

In one campaign observed by Talos, threat actors have been found to embed an n8n-hosted webhook link in emails that claimed to be a shared document. Clicking the link takes the user to a web page that displays a CAPTCHA, which, upon completion, activates the download of a malicious payload from an external host.

"Because the entire process is encapsulated within the JavaScript of the HTML document, the download appears to the browser to have come from the n8n domain," the researchers noted.

The end goal of the attack is to deliver an executable or an MSI installer that serves as a conduit for modified versions of legitimate Remote Monitoring and Management (RMM) tools like Datto and ITarian Endpoint Management, and use them to establish persistence by establishing a connection to a command-and-control (C2) server.

A second prevalent case concerns the abuse of n8n for fingerprinting. Specifically, this entails embedding in emails an invisible image or tracking pixel that's hosted on an n8n webhook URL. As soon as the digital missive is opened via an email client, it automatically sends an HTTP GET request to the n8n URL along with tracking parameters, like the victim's email address, thereby enabling the attackers to identify them.

"The same workflows designed to save developers hours of manual labor are now being repurposed to automate the delivery of malware and fingerprinting devices due to their flexibility, ease of integration, and seamless automation," Talos said. "As we continue to leverage the power of low-code automation, it’s the responsibility of security teams to ensure these platforms and tools remain assets rather than liabilities."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

PPC analysis is the foundation of profitable paid advertising, helping marketers understand what’s working, what’s wasting budget, and where performance can improve. In today’s competitive, automation-heavy ad landscape, launching campaigns without regularly analyzing performance data leaves advertisers vulnerable to inefficiencies, poor targeting, and distorted results.

Modern platforms like Google Ads rely heavily on machine learning and automated bidding, which means bad data can compound quickly if left unchecked. According to Google, smart bidding systems optimize based on historical performance signals, making accurate data critical to long-term results.

This guide walks through how to analyze PPC campaigns step-by-step so your decisions are grounded in clarity, consistency, and clean data.

What is PPC Analysis?

PPC analysis is the ongoing process of evaluating pay-per-click advertising performance to understand how well campaigns support business goals. It goes beyond reviewing surface metrics to examine how users behave after the click, how efficiently the budget is being spent, and where optimization opportunities still exist. At its core, PPC data analysis turns raw performance data into insights that guide smarter targeting, creative decisions, and budget allocation.

Basic reporting often focuses on clicks and impressions in isolation. True PPC campaign analysis looks at how metrics work together, like how Quality Score influences cost per click or how engagement impacts conversion rates. Google confirms that Quality Score directly affects both ad rank and cost efficiency, which is why deeper analysis is essential.

Clicks alone don’t equal success. A campaign can generate high traffic while still underperforming if that traffic doesn’t convert or engage. PPC analysis helps advertisers determine whether traffic is genuinely valuable by evaluating engagement, attribution accuracy, and cost efficiency. When done consistently, it enables smarter spend distribution, tighter targeting, and continuous optimization that improves ROI over time.

What Is Included in a PPC Campaign Analysis?

A comprehensive PPC campaign analysis typically includes the following:

1. Account structure review: Evaluating how campaigns, ad groups, and keywords are organized to ensure logical segmentation and clearer performance insights.
2. Traffic and engagement quality assessment: Analyzing bounce rate, session duration, and post-click activity to identify low-quality or mismatched traffic.
3. Conversion performance and attribution accuracy: Ensuring conversion tracking is configured correctly, and attribution models reflect real customer journeys.
4. Cost efficiency and spend distribution: Reviewing CPC, CPA, and ROAS to determine whether spend aligns with outcomes.
5. Ongoing PPC monitoring vs. one-time audits: Continuous monitoring outperforms sporadic reviews by catching performance issues before they escalate.

Core Metrics to Review During PPC Analysis

Effective PPC analysis depends on reviewing multiple categories of metrics together, not separately. These include:

• Traffic quality
• Cost efficiency
• Engagement
• Visibility

All of these metrics influence performance and isolating any one of them without the others leads to misleading conclusions. A campaign may look successful based on clicks or impressions alone, while underlying inefficiencies quietly drain marketing budgets.

Evaluating traffic quality helps determine whether clicks come from real, high-intent users or invalid sources that distort reporting and inflate spend. Cost and efficiency metrics reveal how well the budget translates into meaningful results, while engagement and conversion data show whether users actually take action after clicking. Visibility metrics round out the picture by identifying missed opportunities caused by budget limits or ad rank constraints.

When these metric groups are analyzed together, advertisers gain a clearer understanding of campaign health, can diagnose performance issues faster, and make smarter decisions that improve ROI.

How Do You Measure ROI in PPC Ads?

Measuring ROI for PPC ads requires looking at how well your campaigns turn ad spend into meaningful results. ROI (return on investment) focuses on profitability after costs, while ROAS (return on ad spend) shows how much revenue your ads generate for each dollar spent. Industry benchmarks show PPC remains a revenue driver, with average ROAS figures around 1.5-3x depending on industry and strategy, underscoring the importance of measuring both efficiency and profitability rather than just traffic volume.

To truly assess ROI, advertisers should consider:

• Revenue-based ROI: Best for ecommerce or direct sales models where revenue can be tied back to PPC spend.
• Lead-based ROI: when PPC generates leads rather than immediate sales, linking those leads back to actual revenue (via CRM or long-term sales data) provides a more accurate picture.
• Comparative benchmarks: Using industry metrics for guidance helps set realistic expectations for PPC performance. For example, PPC can consistently deliver meaningful conversion rates and revenue performance when strategies focus on intent and quality metrics.

By measuring ROI and ROAS alongside cost and conversion metrics, businesses can determine whether PPC campaigns are delivering balanced value by maximizing revenue without overspending.

How Often Should You Perform PPC Analysis?

PPC analysis shouldn’t be a one-and-done exercise; it needs regular review. Daily checks help spot urgent issues, like sudden spikes in spending, unexpected drops in conversions, or early signs of campaign inefficiencies, and allow rapid corrective action. Weekly and monthly reviews tend to reveal trends so you can refine targeting, budget allocation, and bidding strategies.

Certain performance triggers should prompt deeper investigation immediately, including:

• Major fluctuations in cost metrics like CPC and CPA.
• Significant changes in conversion rates.
• Unusual shifts in traffic quality or engagement.
• Sudden drops in visibility metrics like impression share.

Consistent PPC monitoring delivers better insights over time, enabling advertisers to catch small issues before they become costly problems, especially as automated bidding systems respond continuously to performance patterns.

Common PPC Performance Issues that PPC Analysis Reveals

A thorough PPC analysis often uncovers common performance bottlenecks that aren’t obvious from basic reporting. For example:

• High spend, low engagement traffic: Spending heavily on low-quality traffic drains budget without driving results.
• Clicks without conversions: This can point to mismatched intent, weak landing page relevance, or poor user experience.
• Geographic or device inefficiencies: Performance often varies significantly by location or device type, revealing where bids or creatives need to be adjusted.
• Invalid or non-human traffic inflating metrics: Traffic quality issues skew data and lead to poor optimization choices, a problem that only deeper analysis can find.

Industry metrics reinforce that focusing solely on high-level numbers like impressions or generic clicks often misses these nuances, underscoring why deeper analysis is necessary for meaningful optimization.

Effective PPC analysis combines multiple tools to create a complete picture of how campaigns perform:

• Native platform reporting: Built-in dashboards like Microsoft Ads, etc., provide core metrics like CPC, conversion rate, and impression share that are foundational to review.
• Analytics platforms: Third-party tools, such as Google Analytics 4 or Adobe Analytics, help connect clicks to onsite engagement and conversions.
• Visualization and dashboard tools: Tools like Looker, Tableau, or Data Studio unify metrics across channels, making trends and anomalies easier to spot.
• Traffic validation and quality tools: Ensuring that PPC analysis reflects real user engagement rather than bots, automated clicks, or invalid interactions strengthens the quality of decisions made from the data.

Layering these tools together gives advertisers a multi-dimensional view of performance that supports smarter optimization and better budget decisions.

How Anura Strengthens PPC Analysis

One of the biggest hidden issues in PPC analysis is data quality. Invalid traffic, including bot activity, automated scripts, or malicious interactions, can inflate metrics like CPC, conversion rate, and even derived ROI figures. When these invalid signals enter reporting, automated bidding systems and optimization logic can push budget toward traffic sources that aren’t delivering real value.

Anura addresses this challenge by validating traffic in real time, identifying non-human interactions before they reach analytics or bidding systems. This ensures that the performance data you analyze and optimize against reflects real human engagement.

With a 99.999% Accuracy Guarantee, Anura ensures that when traffic is flagged as invalid, you can trust that assessment with confidence. Clean data leads to clearer insights, letting you optimize bids, refine targeting, and allocate budget with assurance that your performance metrics are meaningful and actionable.

Turning PPC Analysis into Action

PPC analysis is an ongoing discipline that bridges data and decision-making. Accurate measurement, consistent monitoring, and clean traffic data unlock the insights needed to optimize effectively, scale performance, and improve ROI.

When your analysis reflects real engagement rather than inflated metrics, your optimization strategies become more reliable, more strategic, and ultimately more impactful.

Experience the power of Anura and discover just how much fraud you have with a free Traffic Quality Audit.

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases.

Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database commands.

"The vulnerable ABAP program allows a low-privileged user to upload a file with arbitrary SQL statements that will then be executed," Onapsis said in an advisory.

In a potential attack scenario, a bad actor could abuse the affected upload-related functionality to run malicious SQL against BW/BPC data stores, extract sensitive data, and delete or corrupt database content.

"Manipulated planning figures, broken reports, or deleted consolidation data can undermine close processes, executive reporting, and operational planning," Pathlock said. "In the wrong hands, this issue also creates a credible path to both stealthy data theft and overt business disruption."

Another security vulnerability that deserves a mention is a critical-severity remote code execution in Adobe Acrobat Reader (CVE-2026-34621, CVSS score: 8.6) that has come under active exploitation in the wild.

That said, there are many unknowns at this stage. It is not clear how many people have been affected by the hacking campaign. Nor is there any information about who is behind the activity, who is being targeted, and what their motives could be.

Also patched by Adobe are five critical flaws in ColdFusion versions 2025 and 2023 that, if successfully exploited, could lead to arbitrary code execution, application denial-of-service, arbitrary file system read, and security feature bypass.

The vulnerabilities are listed below -

• CVE-2026-34619 (CVSS score: 7.7) - A path traversal vulnerability leading to security feature bypass
• CVE-2026-27304 (CVSS score: 9.3) - An improper input validation vulnerability leading to arbitrary code execution
• CVE-2026-27305 (CVSS score: 8.6) - A path traversal vulnerability leading to arbitrary file system read
• CVE-2026-27282 (CVSS score: 7.5) - An improper input validation vulnerability leading to security feature bypass
• CVE-2026-27306 (CVSS score: 8.4) - An improper input validation vulnerability leading to arbitrary code execution

Fixes have also been released for two critical FortiSandbox vulnerabilities that could result in authentication bypass and code execution -

• CVE-2026-39813 (CVSS score: 9.1) - A path traversal vulnerability in FortiSandbox JRPC API that could allow an unauthenticated attacker to bypass authentication via specially crafted HTTP requests. (Fixed in versions 4.4.9 and 5.0.6)
• CVE-2026-39808 (CVSS score: 9.1) - An operating system command injection vulnerability in FortiSandbox that could allow an unauthenticated attacker to execute unauthorized code or commands via crafted HTTP requests. (Fixed in version 4.4.9)

The development comes as Microsoft addressed a staggering 169 security defects, including a spoofing vulnerability impacting Microsoft SharePoint Server (CVE-2026-32201, CVSS score: 6.5) that could allow an attacker to view sensitive information. The company said it's being actively exploited, although there are no insights into the in-the-wild exploitation associated with the bug.

"SharePoint services, especially those used as internal document stores, can be a treasure trove for threat actors looking to steal data, especially data that may be leveraged to force ransom payments using double extortion techniques by threatening to release the stolen data if payment is not made," Kev Breen, senior director of threat research at Immersive, said.

"A secondary concern is that threat actors with access to SharePoint services could deploy weaponised documents or replace legitimate documents with infected versions that would allow them to spread to other hosts or victims moving laterally across the organization."

Software Patches from Other Vendors

In addition to Microsoft, security updates have also been released by other vendors over the past several weeks to rectify several vulnerabilities, including —

• ABB
• Amazon Web Services
• AMD
• Apple
• ASUS
• AVEVA
• Broadcom (including VMware)
• Canon
• Cisco
• Citrix
• CODESYS
• D-Link
• Dassault Systèmes
• Dell
• Devolutions
• dormakaba
• Drupal
• Elastic
• F5
• Fortinet
• Foxit Software
• FUJIFILM
• Gigabyte
• GitLab
• Google Android and Pixel
• Google Chrome
• Google Cloud
• Grafana
• Hitachi Energy
• HP
• HP Enterprise (including Aruba Networking and Juniper Networks)
• Huawei
• IBM
• Ivanti
• Jenkins
• Lenovo
• Linux distributions AlmaLinux, Alpine Linux, Amazon Linux, Arch Linux, Debian, Gentoo, Oracle Linux, Mageia, Red Hat, Rocky Linux, SUSE, and Ubuntu
• MediaTek
• Mitel
• Mitsubishi Electric
• MongoDB
• Moxa
• Mozilla Firefox, Firefox ESR, and Thunderbird
• NETGEAR
• Node.js
• NVIDIA
• ownCloud
• Palo Alto Networks
• Phoenix Contact
• Progress Software
• QNAP
• Qualcomm
• Rockwell Automation
• Ruckus Wireless
• Samsung
• Schneider Electric
• Siemens
• SonicWall
• Splunk
• Spring Framework
• Supermicro
• Synology
• TP-Link
• WatchGuard, and
• Xiaomi

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild.

The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security.

"The nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: /mcp and /mcp_message," according to an advisory released by nginx-ui maintainers last month. "While /mcp requires both IP whitelisting and authentication (AuthRequired() middleware), the /mcp_message endpoint only applies IP whitelisting -- and the default IP whitelist is empty, which the middleware treats as 'allow all.'" 

"This means any network attacker can invoke all MCP tools without authentication, including restarting nginx, creating/modifying/deleting nginx configuration files, and triggering automatic config reloads - achieving complete nginx service takeover."

According to Pluto Security researcher Yotam Perkal, who identified and reported the flaw, the attack can facilitate a full takeover in seconds via two requests -

• An HTTP GET request to the /mcp endpoint to establish a session and obtain a session ID.
• An HTTP POST request to the /mcp_message endpoint using the session ID to invoke any MCP tool sans authentication

In other words, attackers can exploit this vulnerability by sending specially crafted HTTP requests directly to the "/mcp_message" endpoint without any authentication headers or tokens.

Successful exploitation of the flaw could enable them to invoke MCP tools and modify Nginx configuration files and reload the server. Furthermore, an attacker could exploit this loophole to intercept all traffic and harvest administrator credentials. 

Following responsible disclosure, the vulnerability was addressed in version 2.3.4, released on March 15, 2026. As workarounds, users are advised to add "middleware.AuthRequired()" to the "/mcp_message" endpoint to force authentication. Alternatively, it's advised to change the IP allowlisting default behavior from "allow-all" to "deny-all."

The disclosure comes as Recorded Future, in a report published this week, listed CVE-2026-33032 as one of the 31 vulnerabilities that have been actively exploited by threat actors in March 2026. There are currently no insights on the exploitation activity associated with the security flaw.

"When you bolt MCP onto an existing application, the MCP endpoints inherit the application’s full capabilities but not necessarily its security controls. The result is a backdoor that bypasses every authentication mechanism the application was carefully built with," Perkal said.

Data from Shodan shows that there are about 2,689 exposed instances on the internet, with most of them located in China, the U.S., Indonesia, Germany, and Hong Kong.

"Given the approximately 2,600 publicly reachable nginx-ui instances our researchers identified, the risk to unpatched deployments is immediate and real," Pluto told The Hacker News. "Organizations running nginx-ui should treat this as an emergency: update to version 2.3.4 immediately, or disable MCP functionality and restrict network access as an interim measure."

News of CVE-2026-33032 follows the discovery of two security flaws in the Atlassian MCP server ("mcp-atlassian") that could be chained to achieve remote code execution. The flaws – tracked as CVE-2026-27825 (CVSS 9.1) and CVE-2026-27826 (CVSS 8.2) and dubbed MCPwnfluence – enable any attacker on the same local network to run arbitrary code on a vulnerable machine without requiring any authentication.

"When chaining both vulnerabilities -- we are able to send requests to the MCP from the LAN [local area network], redirect the server to the attacker machine, upload an attachment, and then receive a full unauthenticated RCE from the LAN," Pluto Security said.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.