ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Cybersecurity company Resecurity revealed that it deliberately lured threat actors who claimed to be associated with Scattered LAPSUS$ Hunters (SLH) into a trap, after the group claimed on Telegram that it had hacked the company and stolen internal and client data. The company said it set up a honeytrap account populated with fake data designed to resemble real-world business data and planted a fake account on an underground marketplace for compromised credentials after it uncovered a threat actor attempting to conduct malicious activity targeting its resources in November 2025 by probing various publicly facing services and applications. The threat actor is also said to have targeted one of its employees who had no sensitive data or privileged access. "This led to a successful login by the threat actor to one of the emulated applications containing synthetic data," it said. "While the successful login could have enabled the actor to gain unauthorized access and commit a crime, it also provided us with strong proof of their activity. Between December 12 and December 24, the threat actor made over 188,000 requests attempting to dump synthetic data." As of January 4, 2025, the group removed the post announcing the hack from their Telegram channel. Resecurity said the exercise also allowed them to identify the threat actor and link one of their active Gmail accounts to a U.S.-based phone number and a Yahoo account. Regardless of the setback, new findings from CYFIRMA indicate that the loose-knit collective has resurfaced with scaled-up recruitment activity, seeking initial access brokers, insider collaborators, and corporate credentials. "Chatroom discussions repeatedly reference legacy threat brands such as LizardSquad, though these mentions remain unverified and are likely part of an intimidation or reputation-inflation strategy rather than proof of a formal alliance," it said.

Threat actors are exploiting a known flaw in GeoServer, CVE-2024-36401, to distribute an XMRig cryptocurrency miner by means of PowerShell commands. "Additionally, the same threat actor is also distributing a coin miner to WegLogic servers," AhnLab said. "It appears that they are installing CoinMiner when they scan the systems exposed to the outside world and find vulnerable services." Two other threat actors have also benefited from abusing the flaw to deliver the miner, AnyDesk for remote access, and a custom-made downloader malware dubbed "systemd" from an external server whose exact function remains unknown. "Threat actors are targeting environments where GeoServer is installed and are installing various coin miners," the company said. "The threat actor can then use NetCat, which is installed together with the coin miner, to install other malware or steal information from the system."

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 245 vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, as the database grew to 1,484 software and hardware flaws at high risk of cyber attacks – an increase of about 20% from the previous year. In comparison, 187 vulnerabilities were added in 2023 and 185 in 2024. Of the 245 flaws, 24 were exploited by ransomware groups. Microsoft, Apple, Cisco, Fortinet, Google Chromium, Ivanti, Linux Kernel, Citrix, D-Link, Oracle, and SonicWall accounted for 105 of the total vulnerabilities added to the catalog. According to Cyble, the oldest vulnerability added to the KEV catalog in 2025 was CVE-2007-0671, a Microsoft Office Excel Remote Code Execution vulnerability. The oldest vulnerability in the catalog is CVE-2002-0367, a privilege escalation vulnerability in the Windows NT and Windows 2000 "smss.exe" debugging subsystem that has been known to be used in ransomware attacks.

OpenAI has been ordered to turn over 20 million anonymized ChatGPT logs in a consolidated AI copyright case in the U.S. after it failed to convince a federal judge to dismiss a magistrate judge's order, the company said insufficiently weighed privacy concerns. The high-profile lawsuit, which has major news publishers like the New York Times and Chicago Tribune as plaintiffs, is centred around the core argument that the data that powers ChatGPT has included millions of copyrighted works from the news organizations without consent or payment. OpenAI has insisted that AI training is fair use, adding "the data we are making accessible to comply with this order has undergone a de-identification process intended to remove or mask PII and other private information, and is being provided under tight access controls designed to prevent the Times from copying and printing data that isn't directly relevant to this case." The news plaintiffs have also alleged that OpenAI destroyed "relevant output log data" by failing to temporarily cease its deletion practices as soon as litigation started in an apparent effort to dodge copyright claims.

The National Security Bureau in Taiwan said that China's attacks on the country's energy sector increased tenfold in 2025 compared to the previous year. Attackers targeted critical infrastructure in nine key sectors, and the total number of cyber incidents linked to China grew by 6%. The NSB recorded a total of 960,620,609 cyber intrusion attempts targeting Taiwan's critical infrastructure, allegedly coming from China's cyber army in 2025. "On average, China's cyber army launched 2.63 million intrusion attempts per day targeting Taiwan's CI across nine primary sectors, namely administration and agencies, energy, communications and transmission, transportation, emergency rescue and hospitals, water resources, finance, science parks and industrial parks, as well as food," the NSB said. The energy and emergency rescue/hospitals sectors experienced the most significant year-on-year surge in cyber attacks from Chinese threat actors. The attacks have been attributed to five Chinese hacking groups, namely BlackTech (Canary Typhoon, Circuit Panda, and Earth Hundu), Flax Typhoon (aka Ethereal Panda and Storm-0919), HoneyMyte (aka Bronze President, Mustang Panda, and Twill Typhoon), APT41 (aka Brass Typhoon, Bronze Atlas, Double Dragon, Leopard Typhoon, and Wicked Panda), and UNC3886, which are said to have probed network equipment and industrial control systems of Taiwan's energy companies to plant malware. "China has fully integrated military, intelligence, industrial, and technological capabilities across both public and private sectors to enhance the depth of intrusion and operational stealth of its external cyberattacks through a wide range of cyberattack tactics and techniques," NSB said. China's cyber army is also said to have exploited vulnerabilities in the websites and systems of major hospitals in Taiwan to drop ransomware and conduct adversary-in-the-middle (AitM) attacks against communications companies to steal sensitive data.

Microsoft said it's indefinitely canceling earlier plans to enforce a Mailbox External Recipient Rate Limit in Exchange Online to combat abuse and prevent misuse of the service for bulk spam and other malicious email activity. "The Recipient Rate Limit and the Tenant-level External Recipient Rate Limit mentioned in Exchange Online limits remain unchanged by this announcement," the company said. The tech giant first announced the limit in April 2024, stating it would begin enforcing an external recipient rate limit of 2,000 recipients in 24 hours, effective April 2026.

Bryan Fleming, the founder of pcTattletale, pleaded guilty to operating stalkerware from his home in the U.S. state of Michigan. In May 2024, the U.S.-based spyware company said it was "out of business and completely done" after an unknown hacker defaced its website and posted gigabytes of data to its homepage. The app, which covertly captured screenshots of hotel booking systems, suffered from a security flaw that allowed the screenshots to be available to anyone on the internet. The breach affected more than 138,000 users who had registered for the service. The U.S. Homeland Security Investigations (HSI) said it began investigating pcTattletale in June 2021 for "surreptitiously spying on spouses and partners." While the tool was ostensibly marketed as a parental control and employee monitoring software, pcTattletale also promoted its ability to snoop on spouses and domestic partners by tracking every click and screen tap. Fleming even had a YouTube channel to promote the spyware. He is expected to be sentenced later this year. The development marks a rare instance of criminal prosecution for purveyors of stalkerware, who often operate out in the open with impunity. The previous spyware conviction in the U.S. occurred in 2014 when a Danish citizen, Hammad Akbar, pleaded guilty to operating the StealthGenie spyware.

A critical security vulnerability has been disclosed in RustFS that stems from implementing gRPC authentication using a hard-coded static token that's publicly exposed in the source code repository, hard-coded on both client and server sides, non-configurable with no mechanism for token rotation, and universally valid across all RustFS deployments. "Any attacker with network access to the gRPC port can authenticate using this publicly known token and execute privileged operations, including data destruction, policy manipulation, and cluster configuration changes," RustFS said. The vulnerability, which does not have a CVE identifier, carries a CVSS score of 9.8. It affects versions alpha.13 through alpha.77, and has been patched in 1.0.0-alpha.78 released on December 30, 2025.

A Windows packer and loader named pkr_mtsi has been put to use in large-scale malvertising and SEO-poisoning campaigns to distribute trojanized installers for legitimate software such as PuTTY, Rufus, and Microsoft Teams, enabling initial access and flexible delivery of follow-on payloads. It's available in both executable (EXE) and dynamic-link library (DLL) forms. "In observed campaigns, pkr_mtsi has been used to deliver a diverse set of malware families, including Oyster, Vidar Stealer, Vanguard Stealer, Supper, and more, underscoring its role as a general-purpose loader rather than a single-payload wrapper," ReversingLabs said. First observed in April 2025, the packer has witnessed a steady evolutionary trajectory in the intervening months, adding increasingly sophisticated obfuscation layers, anti-analysis and anti-debugging techniques, and evasive API resolution strategies.

A high-severity security flaw has been disclosed in Open WebUI in versions 0.6.34 and older (CVE-2025-64496, CVSS score: 7.3) that affects the Direct Connections feature, which lets users connect to external AI model servers (e.g., OpenAI's API). "If a threat actor tricks a user into connecting to a malicious server, it can lead to an account takeover attack," Cato Networks said. "If the user also has workspace.tools permission enabled, it can lead to remote code execution (RCE). Which means that a threat actor can control the system running Open WebUI." The issue was addressed in version 0.6.35 released on November 7, 2025. The attack requires the victim to enable Direct Connections (disabled by default) and add the attacker's malicious model URL. At its core, the flaw stems from a trust failure between untrusted model servers and the user's browser session. A hostile server can send a crafted server-sent events message that triggers the execution of JavaScript code in the browser. This allows an attacker to steal authentication tokens stored in localStorage. Once obtained, those tokens grant full access to the victim's Open WebUI account. Chats, uploaded documents and API keys can all be exposed.

The Iranian nation-state group known as MuddyWater has been conducting phishing attacks designed to deliver known backdoors such as Phoenix and UDPGangster through executable files disguised as PDFs and DOC files with macro code. Both the implants come fitted with command execution and file upload/download capabilities. "It is worth noting that MuddyWater has gradually reduced the use of ready-made remote control programs such as RMM, and instead developed and deployed a variety of dedicated backdoors to implement penetration for specific targets," the 360 Threat Intelligence Center said. "The disguised content of the sample is Israeli, Azerbaijani, and English, and the sample is also uploaded by Israel, Azerbaijan, and other regions, which is in line with the attack target of the MuddyWater organization."

File-sharing platform ownCloud has warned users to enable multi-factor authentication (MFA) to block malicious attempts that use compromised credentials to steal their data. The alert comes in the wake of a report from Hudson Rock, which flagged a threat actor named Zestix (aka Sentap) for auctioning data exfiltrated from the corporate file-sharing portals of about 50 major global enterprises. "Contrary to attacks involving sophisticated cookie hijacking or session bypasses, the Zestix campaign highlights a far more pedestrian – yet equally devastating – oversight: The absence of Multi-Factor Authentication (2FA)," Hudson Rock said. The attacks follow a well-oiled workflow: An employee inadvertently downloads a malicious file that leads to the deployment of information-stealing malware. Once the stolen information is made available for sale on darknet forums, the threat actor uses the valid usernames and passwords extracted from the stealer logs to sign into popular cloud file sharing services ShareFile, Nextcloud, and OwnCloud by taking advantage of the missing MFA protections. Zestix is believed to have been active in Russian-language closed forums since late 2024, primarily motivated by financial gain by selling access in exchange for Bitcoin payments. Assessed to be of Iranian origin, the initial access broker has demonstrated ties with a ransomware group named FunkSec.

ANY.RUN has published a technical rundown of a sophisticated remote access trojan called GravityRAT that has been actively targeting organizations and government entities since 2016. A multi-platform malware, it's equipped to harvest sensitive data, including WhatsApp backups on Android devices, and boasts a wide range of anti-analysis features, including checking BIOS versions, searching for hypervisor artifacts, counting CPU cores, and querying CPU temperature through Windows Management Instrumentation (WMI). "This temperature check is particularly effective because most hypervisors, including Hyper-V, VMware Fusion, VirtualBox, KVM, and Xen, do not support temperature monitoring, causing them to return error messages that immediately reveal the presence of a virtual environment," ANY.RUN said. The use of GravityRAT is primarily attributed to a Pakistan-origin threat actor tracked as Transparent Tribe. On Windows, it's often spread via spear-phishing emails containing malicious Office documents with macros or exploits. On Android, it masquerades as a messaging platform and is distributed via third-party sites or social engineering. "The RAT operates through a multi-stage infection and command-and-control architecture," ANY.RUN added. "GravityRAT implements a modular architecture where different components handle specific functions."

Cambodian authorities have arrested and extradited Chen Zhi, the alleged mastermind behind one of Asia's largest transnational scam networks, to China. Chen, 38, is the founder and chairman of Prince Group. He was among the three Chinese nationals arrested on January 6, 2026. His Cambodian nationality was "revoked by a Royal Decree" last month. In October 2025, the U.S. Department of Justice (DoJ) unsealed an indictment against Prince Group and Chen (in absentia) for operating illegal forced-labor scam compounds across Southeast Asia to conduct cryptocurrency fraud schemes, also known as romance baiting or pig butchering. Scamsters in such incidents begin by establishing fake relationships with unsuspecting users before coaxing them into investing their funds in bogus cryptocurrency platforms. The industrial scale of the operation notwithstanding, those conducting the scams are often trafficked foreign nationals, who are trapped and coerced to carry out online fraud under threat of torture. The U.K. and U.S. governments have also sanctioned Prince Group, designating it as a transnational criminal organization. In a statement in November 2025, Prince Group said it "categorically rejects" the accusations. China's Ministry of Public Security described Chen's arrest as "another great achievement under China-Cambodia law enforcement cooperation." Mao Ning, a spokesperson for China's Ministry of Foreign Affairs, said "for quite some time, China has been actively working with countries, including Cambodia, to crack down on crimes of online gambling and telecom fraud with notable outcomes." Beijing has also worked with Thailand and Myanmar to release thousands of people from scam compounds. Despite ongoing crackdowns, the United Nations Office on Drugs and Crime (UNODC) has said the criminal networks that run the scam hubs are evolving at an unprecedented scale. Scam victims worldwide lost between $18 billion and $37 billion in 2023, according to UNODC estimates.

The number of phishing-as-a-service (PhaaS) toolkits doubled during 2025, with 90% of high-volume phishing campaigns leveraging such tools in 2025, according to an analysis by Barracuda. Some of the notable PhaaS players were Sneaky 2FA, CoGUI, Cephas, Whisper 2FA, and GhostFrame. These kits incorporate advanced anti-analysis measures, MFA bypass, and stealth deployment that make it harder to detect using traditional measures. The main advantage of PhaaS kits is that they lower the barrier to entry, enabling even attackers with little technical expertise to mount large-scale, targeted phishing campaigns with minimal effort. The most common phishing themes observed during the year were fake payment, financial, legal, digital signature, and HR-related messages designed to deceive users into clicking on a link, scanning a QR code, or opening an attachment. Among the novel techniques used by phishing kits are obfuscations to hide URLs from detection and inspection, CAPTCHA for added authenticity, malicious QR codes, abuse of trusted, legitimate online platforms, and ClickFix, among others.

Two high-severity security flaws have been disclosed in Zed IDE that expose users to arbitrary code execution when loading or interacting with a maliciously crafted source code repository. "Zed automatically loaded MCP [Model Context Protocol] settings from the workspace without requiring user confirmation," Mindguard said about CVE-2025-68433 (CVSS score: 7.8). "A malicious project could use this to define MCP tools that execute arbitrary code on the developer's system without explicit permission." The second vulnerability (CVE-2025-68432, CVSS score: 7.8) has to do with the IDE implicitly trusting project-supplied Language Server Protocol (LSP) configurations, potentially opening the door to arbitrary command execution when a user opens any source code file in the repository. Following responsible disclosure on November 14, 2025, Zed released version 0.218.2-pre to address the issues last month.