cybersecurity | Breaking Cybersecurity News | The Hacker News

A set of three security vulnerabilities has been disclosed in mcp-server-git , the official Git Model Context Protocol ( MCP ) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. "These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI assistant reads (a malicious README, a poisoned issue description, a compromised webpage) can weaponize these vulnerabilities without any direct access to the victim's system," Cyata researcher Yarden Porat said in a report shared with The Hacker News. Mcp-server-git is a Python package and an MCP server that provides a set of built-in tools to read, search, and manipulate Git repositories programmatically via large language models (LLMs). The security issues, which have been addressed in versions 2025.9.25 and 2025.12.18 following responsible disclosure in June 2025, are listed below - CVE-2025-68143 (CV...

Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers "weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script," ReliaQuest said in a report shared with The Hacker News. The attack involves approaching high-value individuals through messages sent on LinkedIn, establishing trust, and deceiving them into downloading a malicious WinRAR self-extracting archive (SFX). Once launched, the archive extracts four different components - A legitimate open-source PDF reader application A malicious DLL that's sideloaded by the PDF reader A portable executable (PE) of the Python interpreter A RAR file that likely serves as a decoy The infection chain gets activated when the PDF reader application is run, causing the rogue DLL to be sid...

The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go - but their accounts often remain. These abandoned or "orphan" accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn't negligence - it's fragmentation.  Traditional IAM and IGA systems are designed primarily for human users and depend on manual onboarding and integration for each application - connectors, schema mapping, entitlement catalogs, and role modeling. Many applications never make it that far. Meanwhile, non-human identities (NHIs): service accounts, bots, APIs, and agent-AI processes are natively ungoverned, operating outside standard IAM frameworks and often without ownership, visibility, or lifecycle controls. The result? A shadow layer of untracked identities forming part of the broader identity dark matter - accounts invisible to governance but still active in infrastructure. Wh...

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem. "The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer environments can also be abused as access points into broader organizational systems," Trend Micro said in an analysis published Monday. The activity is designed to single out organizations with software development teams that rely on VS Code and third-party extensions, along with those with access to production systems, cloud resources, or digital assets, it added. It's worth noting that details of the campaign were first documented by Koi Security last month, when details emerged of three VS Code extensions – BigBlack.bitcoin-black, BigBlack.codo-ai, and BigBlack.mrbigblacktheme...

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment ( ACME ) validation logic that made it possible to bypass security controls and access origin servers .  "The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*)," the web infrastructure company's Hrushikesh Deshpande, Andrew Mitchell, and Leland Garofalo said. The web infrastructure company said it found no evidence that the vulnerability was ever exploited in a malicious context. ACME is a communications protocol ( RFC 8555 ) that facilitates automatic issuance, renewal, and revocation of SSL/TLS certificates. Every certificate provisioned to a website by a certificate authority (CA) is validated using challenges to prove domain ownership. This process is typically achieved using an ACME client like Certbot that proves domain ownership via an HTTP-01 (or DNS-01) ...

Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder's research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.  Applying this at scale by scanning 5 million applications revealed over 42,000 exposed tokens across 334 secret types, exposing a major class of leaked secrets that is not being handled well by existing tooling, particularly in single-page applications (SPAs). In this article, we break down existing secrets detection methods and reveal what we found when we scanned millions of applications for secrets hidden in JavaScript bundles. Established secrets detection methods (and their limitations) Traditional secrets detection The traditional, fully automated approach to detecting application secrets is to search a set of known paths and apply regular expressions to ma...

A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic. The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processed over $12 billion in transactions, making it the third-largest illicit marketplace of all time. "Other parts of Tudou Guarantee, such as its gambling operations, continue to function, so it remains to be seen whether this represents the first stages of a full shutdown or a pivot away from fraud-related activity," the company said . Tudou Guarantee is just one of the many Telegram-based marketplaces serving cyber fraudsters, the others being HuiOne Guarantee and Xinbi Guarantee , which collectively engaged in over $35 billion in USDT transactions. Thousands of channels associated with...

Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism. The vulnerability, Miggo Security's Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar's privacy controls by hiding a dormant malicious payload within a standard calendar invite. "This bypass enabled unauthorized access to private meeting data and the creation of deceptive calendar events without any direct user interaction," Eliyahu said in a report shared with The Hacker News. The starting point of the attack chain is a new calendar event that's crafted by the threat actor and sent to a target. The invite's description embeds a natural language prompt that's designed to do their bidding, resulting in a prompt injection. The attack gets activated when a user asks Gemini a completely inno...

Just a few years ago, the cloud was touted as the "magic pill" for any cyber threat or performance issue. Many were lured by the "always-on" dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not immune to attacks and SaaS downtime, hiding behind the Shared Responsibility cushion. To stay operational, competitive, and resilient in today's threat landscape, teams must move beyond the dependency on SaaS providers and understand what cyber resilience really means. The Myth of DevOps SaaS Resilience In 2024 alone, popular DevOps SaaS platforms—like GitHub, Jira, or Azure DevOps— experienced 502 incidents in total, which resulted in degraded performance and outages totaling over 4,755 hours . The conclusion is clear: Entrusting "the big players" with your source code, development metadata, and workflow projects doesn't make your business immune to downtime and subs...

A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp , can allow bad actors with privileged control over a host server to run malicious code within confidential virtual machines (CVMs), undermining the integrity guarantees provided by AMD Secure Encrypted Virtualization with Secure Nested Paging ( SEV-SNP ). It impacts AMD Zen 1 through Zen 5 processors. "In the context of SEV-SNP, this flaw allows malicious VM [virtual machine] hosts to manipulate the guest VM's stack pointer ," researchers Ruiyi Zhang, Tristan Hornetz, Daniel Weber, Fabian Thomas, and Michael Schwarz said . "This enables hijacking of both control and data flow, allowing an attacker to achieve remote code execution and privilege escalation inside a confidential VM." AMD, which is tracking the vulnerability as CVE-2025-29943 (CVSS v4 ...

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix -like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix, observed earlier this month, has been codenamed CrashFix by Huntress. KongTuke , also tracked as 404 TDS, Chaya_002, LandUpdate808, and TAG-124, is the name given to a traffic distribution system (TDS) known for profiling victim hosts before redirecting them to a payload delivery site that infects their systems. Access to these compromised hosts is then handed off to other threat actors, including ransomware groups, for follow-on malware delivery. Some of the cybercriminal groups that have leveraged TAG-124 infrastructure include Rhysida ransomware , Interlock ransomware , and TA866 (aka Asylu...

Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. "By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – in a twist that will surprise no one – steal cookies from the very infrastructure designed to steal them," CyberArk researcher Ari Novick said in a report published last week. StealC is an information stealer that first emerged in January 2023 under a malware-as-a-service (MaaS) model, allowing potential customers to leverage YouTube as a primary mechanism – a phenomenon called the YouTube Ghost Network – to distribute the malicious program by disguising it as cracks for popular software. Over the past year, the stealer has also been observed being propagated via rogue Blender Foundation files and a soc...

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authorities noted. "According to the investigation, the suspects specialized in technical hacking of protected systems and were involved in preparing cyberattacks using ransomware," the Cyber Police of Ukraine said in a statement.  The agency said the accused individuals functioned as "hash crackers," who specialize in extracting passwords from information systems using specialized software. Once the credential information was obtained, members of the ransomware group broke into corporate networks and ultimately deployed ransomware and extorted money to recover the e...

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving tools are not able to consistently extract it, but one critical unarchiving tool seems to work consistently and reliably: the default tool built into Windows systems." This leads to a scenario where the archive cannot be processed by tools like WinRAR or 7-Zip, and, therefore, prevents many automated workflows from analyzing the contents of the file. At the same time, it can be opened by the default Windows unarchiver, thereby ensuring that victims who fall victim to the social engineering scheme can extract and run the JavaScript malware. GootLoader is typically distrib...

Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. "The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete account takeover through session hijacking," Socket security researcher Kush Pandya said in a Thursday report. The names of the extensions are listed below - DataByCloud Access (ID: oldhjammhkghhahhhdcifmmlefibciph, Published by: databycloud1104) - 251 Installs Tool Access 11 (ID: ijapakghdgckgblfgjobhcfglebbkebf, Published by: databycloud1104) - 101 Installs DataByCloud 1 (ID: mbjjeombjeklkbndcjgmfcdhfbjngcam, Published by: databycloud1104) - 1,000 Installs DataByCloud 2 (ID: makdmacamkifdldldlelollkkjnoiedg, Published by: databycloud1104) - 1,000 Installs Software Access (ID: bmodapc...

You lock your doors at night. You avoid sketchy phone calls. You're careful about what you post on social media. But what about the information about you that's already out there—without your permission? Your name. Home address. Phone number. Past jobs. Family members. Old usernames. It's all still online, and it's a lot easier to find than you think. The hidden safety threat lurking online Most people don't realize how much of their personal life is sitting on public websites, data broker platforms, and sketchy directories. These sites don't just sell your info to marketers—they make it available to anyone with internet access. And that's when things can get dangerous. Exposed personal information can lead to: Doxxing incidents where personal info is leaked online Harassment that moves from your inbox to your doorstep Stalkers and scammers are building a profile on you using old addresses and phone numbers Strangers showing up where you live or work. It's not just creep...

Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE . The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive ("US now deciding what's next for Venezuela.zip") containing a malicious DLL that's launched using DLL side-loading techniques. It's not known if the campaign managed to successfully compromise any of the targets. The activity has been attributed with moderate confidence to a Chinese state-sponsored group known as Mustang Panda (aka Earth Preta, HoneyMyte, and Twill Typhoon), citing tactical and infrastructure patterns. It's worth noting that the threat actor is known for extensively relying on DLL side-loading to launch its backdoors, including TONESHELL. "This campaign reflects a continued trend of targeted spear...

A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837 , assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted by threat actors from the region. The cybersecurity company noted that the threat actor is "primarily tasked with obtaining initial access to high-value organizations," based on the tactics, techniques, and procedures (TTPs) and post-compromise activity observed. "After obtaining initial access — either by successful exploitation of vulnerable servers or by using compromised credentials — UAT-8837 predominantly deploys open-source tools to harvest sensitive information such as credentials, security configurations, and domain and Active Directory (AD) information to create multiple channels of access to their v...

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible disclosure on August 25, 2025. "By exploiting CodeBreach, attackers could have injected malicious code to launch a platform-wide compromise, potentially affecting not just the countless applications depending on the SDK, but the Console itself, threatening every AWS account," researchers Yuval Avrahami and Nir Ohfeld said in a report shared with The Hacker News. The flaw, Wiz noted, is the result of a weakness in the continuous integration (CI) pipelines that could have enabled unauthenticated attackers to breach the build environment, leak privileged credentials like GitHub admin tokens, and...

A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 (CVSS score: 10.0), has been described as a case of unauthenticated privilege escalation impacting all versions of the plugin prior to and including 2.5.1. It has been patched in version 2.5.2 . The plugin has more than 40,000 active installs. "In versions 2.5.1 and below, the plugin is vulnerable to privilege escalation, due to a combination of factors including direct route selection, bypassing of authentication mechanisms, and auto-login as admin," Patchstack said . The problem is rooted in its routing mechanism, which is designed to put certain sensitive routes behind an authentication barrier. The plugin exposes its routes under the "/api/modular-connector/" prefix. However, it has been found that this security layer can be bypassed every time the "direct reques...