Coverage: Last 24 hours
Today’s Highlights
Malware campaigns, supply chain attacks, and exploitable flaws in widely deployed open-source software dominated the last 24 hours. Defenders face risks from targeted phishing, backdoored WordPress plugins, and new avenues for attacker lateral movement. Patch gaps and insecure integrations remain urgent concerns as credential theft and abuse of legitimate remote access tools amplify the scope of compromise.
Table of Contents
- WhatsApp phishing attack uses fake business docs to hack PCs
- JaredFromSubway MEV bot hacked in $15 million crypto theft
- FFmpeg fixes PixelSmash flaw in widely used video decoder
- Microsoft fixes AutoGen Studio flaw that enabled code execution
- A Glimpse into the “Search Your Target” Market for Stolen Credentials
- FortiBleed campaign used custom FortiGate sniffer to steal credentials
- Microsoft says Windows 11 26H2 is coming soon, details upgrade process
- WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
- OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
- ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
- Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
- Node.js releases patches for two high severity vulnerabilities in 26.x, 24.x, 22.x
Top Stories
WhatsApp phishing attack uses fake business docs to hack PCs
Source: BleepingComputer | Risk: High | Impacted: WhatsApp Desktop/Web users, Hybrid/remote endpoints, BYOD fleets
Summary: An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access.
Why it matters: Widespread abuse of business-themed lures increases the chance of initial compromise that can bypass controls focused only on email phishing, threatening endpoint integrity and data confidentiality.
Practitioner Perspective
Any organization with staff using WhatsApp Desktop or Web, especially in BYOD or hybrid environments, is at risk if users handle sensitive material on personal devices. The campaign leverages business workflows, imitating legitimate document sharing to deliver VBScript malware that can provide attackers remote access. Unlike traditional phishing, these lures bypass corporate email filters and exploit trust in common business platforms. This increases risk of lateral movement once initial foothold is gained on an inadequately protected endpoint. Ensure your detection, education, and incident response playbooks account for non-email initial vectors and unauthorized script execution.
Recommended Actions
- Block execution of VBScript via AppLocker or equivalent controls on endpoints with WhatsApp Desktop or Web
- Use EDR to hunt for suspicious VBScript activity initiated via WhatsApp process context
JaredFromSubway MEV bot hacked in $15 million crypto theft
Source: BleepingComputer | Risk: Critical | Impacted: Crypto trading desks, DeFi operators, Smart contract developers
Summary: The JaredFromSubway Ethereum MEV (Maximal Extractable Value) bot suffered a $15 million loss after an attacker manipulated the opportunity-detection logic by creating fake cryptocurrency trading opportunities.
Why it matters: Automated trading bots add significant risk to crypto-enabled businesses since logic flaws or manipulation can result in instant multi-million dollar losses, bypassing traditional security controls.
Practitioner Perspective
Teams relying on automated smart contract or trading bots, particularly in DeFi and blockchain-centered operations, must recognize that adversaries target exploit paths in MEV and similar logic rather than traditional vulnerabilities. The attack underscores how profit-driven bots can amplify financial exposure because of their speed and autonomy. Standard infrastructure security isn’t sufficient: business logic, opportunity detection, and transaction approval mechanisms must be explicitly threat-modeled and monitored. Review kill-switches and anomaly detection tied directly to bot transaction thresholds, not just general wallet activity.
Recommended Actions
- Audit JaredFromSubway MEV bot’s code for logic flaws allowing trade manipulation
- Establish real-time monitoring and circuit breakers for high-value Ethereum wallet transactions from bots
FFmpeg fixes PixelSmash flaw in widely used video decoder
Source: BleepingComputer | Risk: High | Impacted: Media server admins, Nextcloud/Kodi operators, Workloads using FFmpeg libraries
Summary: A newly disclosed FFmpeg flaw dubbed ‘PixelSmash’ could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio.
Why it matters: Unpatched FFmpeg deployments in media servers or cloud workflows can expose organizations to remote code execution, which may enable attackers to establish persistent footholds or disrupt services relied on by customers.
Practitioner Perspective
Any deployment running FFmpeg, especially for media streaming or file upload processing (Jellyfin, Emby, Nextcloud, Kodi, PhotoPrism, OBS Studio), is threatened by the PixelSmash flaw due to the prevalence of user-contributed or automated video content. Ransomware, cryptominers, or lateral movement can easily be initiated where attackers can supply crafted video files. Relying on perimeter security is not enough: attackers exploit these common open-source dependencies through exposed endpoints and plugin chains. Prioritize patching and validate that no untrusted media files were processed before the fix.
Recommended Actions
- Update all FFmpeg libraries to the version with PixelSmash fix in applications such as Jellyfin, Emby, Nextcloud, Kodi, and OBS Studio
- Hunt for anomalous child processes invoked by FFmpeg binaries on media servers since June 2026
Microsoft fixes AutoGen Studio flaw that enabled code execution
Source: BleepingComputer | Risk: High | Impacted: AI engineering teams, Organizations using Microsoft AutoGen Studio, Developer endpoints
Summary: A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system simply by visiting a malicious webpage.
Why it matters: Untrusted web content can trigger remote code execution in specialized AI agent development environments, potentially leading to full system compromise and loss of sensitive project data.
Practitioner Perspective
Organizations prototyping AI agents in Microsoft AutoGen Studio should recognize that merging production data with experimental code now brings traditional web application risks, such as RCE via browser-based attacks, to developer endpoints. Attackers can target users merely by luring them to malicious webpages, bypassing internal segmentation. As AI dev toolchains proliferate, treat all interfaces hosting agent experimentation with same scrutiny as externally exposed web applications. The most overlooked risk is that test sandboxes often run with excess privileges and weak monitoring.
Recommended Actions
- Apply Microsoft security update for AutoGen Studio addressing the remote code execution path (AutoJack chain)
- Review privilege levels and isolation for environments running AI agent prototyping, limiting local system access
A Glimpse into the “Search Your Target” Market for Stolen Credentials
Source: BleepingComputer | Risk: High | Impacted: Any organization with public-facing accounts, IAM/SaaS teams, Incident response teams
Summary: Attackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how an emerging underground market searches stolen credential databases for specific companies, domains, and accounts.
Why it matters: The industrialization of credential search-as-a-service makes it much easier for threat actors to find actionable ways into your organization, negating any size-based sense of security through obscurity.
Practitioner Perspective
Attackers are skipping mass credential dumps and outsourcing specific targeting using stolen credential marketplaces. Even medium-sized businesses, once thought less attractive, may be specifically targeted through these services. Defenders must now assume that the creation of a new internet-facing account or cloud app increases exposure almost immediately. The biggest operational risk is that even old creds can quickly become a gateway for privilege escalation or shadow IT abuse if not actively managed.
Recommended Actions
- Continuously monitor exposure of company and domain-specific credentials using credential leak detection services
- Audit authentication logs for newly created or infrequently used accounts exhibiting suspicious access
Emerging Signals
FortiBleed campaign used custom FortiGate sniffer to steal credentials
Source: BleepingComputer | Risk: Critical | Impacted: Fortinet FortiGate deployments, Network perimeter admins, VPN gateway operators
Summary: Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to harvest authentication secrets from compromised firewalls and steal credentials.
Why it matters: Credential theft at the network perimeter undermines all upstream MFA and privileged access protections, allowing lateral movement even into supposedly hardened segments.
Practitioner Perspective
Fortinet FortiGate devices, especially those still configured with default credentials or outdated firmware, are prime targets for perimeter attacks like FortiBleed. The use of custom sniffers reflects an advanced attacker intent to persist and harvest credentials over time, effectively backdooring network edge. This campaign highlights the growing sophistication in firewall exploitation and how supply chain risk expands to core networking appliances. Defenders must treat the firewall management and monitoring plane as a sensitive trust boundary and respond with the same urgency as a server compromise.
Recommended Actions
- Upgrade FortiGate firmware to latest available from Fortinet to address FortiBleed campaign risk
- Audit firewall configurations for presence of unauthorized sniffer processes or unknown firmware modules
Microsoft says Windows 11 26H2 is coming soon, details upgrade process
Source: BleepingComputer | Risk: Medium | Impacted: Windows 11 users, IT admins, Software deployment teams
Summary: Microsoft has confirmed that Windows 11 version 26H2 will be the next feature update and that devices running Windows 11 24H2 and 25H2 will be able to upgrade using a small enablement package.
Why it matters: Timely updates reduce exposure from unpatched vulnerabilities and streamline fleet management for IT admins preparing for new feature rollouts.
Practitioner Perspective
Administrators should review compatibility and readiness for the upcoming enablement package, confirm patch management procedures, and ensure endpoint telemetry is available to track upgrade states. The details clarify that feature enablement will not require full image refresh, helping minimize risk during deployment windows.
Recommended Actions
- Inventory in-scope Windows 11 devices for version readiness
- Test upgrade on pilot systems and document any issues prior to full rollout
WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
Source: The Hacker News | Risk: High | Impacted: WhatsApp Desktop/Web users, Enterprises with ManageEngine RMM deployments, Multinational user bases
Summary: Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software. Per findings from Kaspersky, the active campaign is targeting users of WhatsApp Desktop and WhatsApp Web across Malaysia, Brazil, India, Mexico, Singapore, the U.K., Spain, Taiwan, Australia.
Why it matters: Social engineering campaigns combining trusted communication channels with remote management Trojan delivery increase the chance for unmonitored long-term compromise.
Practitioner Perspective
The attack exploits WhatsApp’s wide usage for business alongside user familiarity with RMM tools such as ManageEngine, resulting in effective social engineering and stealthy persistence on endpoints. Security teams supporting staff in the listed countries or with multinational operations should anticipate that legitimate toolchains may be hijacked for C2 or credential theft. Because the RMM is legitimate, traditional endpoint controls may not trigger. Focus on validating the provenance and configuration of any RMM installation, especially sudden spikes in ManageEngine RMM usage.
Recommended Actions
- Scan for unauthorized ManageEngine RMM agent installations on endpoints tied to WhatsApp Desktop/Web use
- Investigate recent VBScript executions in process logs, especially those launched outside IT workflows
OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
Source: The Hacker News | Risk: Medium | Impacted: Software engineering teams, Vulnerability triage teams, Daybreak participants
Summary: OpenAI on Monday said it’s releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial intelligence (AI) company announced last month. Calling GPT‑5.5‑Cyber its “strongest model yet for finding and helping patch software vulnerabilities,” OpenAI said the model can “sustain deeper analysis across large codebases” to.
Why it matters: The introduction of scalable AI tools capable of deep code analysis means that potential vulnerabilities can be found and remediated faster, but also resets expectations for patch cycle speed and audit depth.
Practitioner Perspective
As OpenAI deploys GPT-5.5-Cyber via the Daybreak initiative, defenders can expect greater augmentation for code review and vulnerability triage processes. However, this also raises the bar for speed, adversaries and defenders both may race to identify bugs in the same codebases. Security teams relying on manual analysis or less sophisticated scanning pipelines risk being outpaced both in detection and patch effectiveness. Take advantage of new tooling, but ensure AI-driven patch recommendations are validated with human review prior to production rollout.
Recommended Actions
- Pilot OpenAI GPT-5.5-Cyber for vulnerability analysis across large codebases where possible
- Integrate Daybreak recommendations into existing CI/CD patch review workflows with a human-in-the-loop
ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
Source: The Hacker News | Risk: High | Impacted: WordPress admins with ShapedPlugin Pro plugins, Websites relying on Pro channel plugin updates, Web hosts with multi-tenant WordPress sites
Summary: Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code. “Attackers compromised the vendor’s build and distribution pipeline, injecting backdoor code into Pro plugin releases distributed through official licensed update channels,” Wordfence said in an analysis.
Why it matters: Supply chain attacks on widely used WordPress plugins enable adversaries to weaponize trusted update channels, bypassing origin controls and compromising entire customer fleets.
Practitioner Perspective
Organizations running ShapedPlugin’s Pro WordPress plugins were exposed to a risk outside their direct control through a vendor pipeline compromise. The backdoored code was shipped via licensed, official channels, making it easy to miss until post-infection. This incident is a warning for all defenders maintaining plugin-heavy CMS environments: vet updates, even from ‘trusted’ vendors, and treat new plugin releases as if they may be hostile. Minimize plugin footprint and audit deployments for signs of unauthorized remote administration.
Recommended Actions
- Identify and remove any versions of ShapedPlugin Pro plugins issued during the affected supply chain window
- Audit affected WordPress instances for the presence of injected backdoor code or unauthorized admin accounts
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
Source: The Hacker News | Risk: High | Impacted: Dify platform users, Product teams prototyping AI workflows, Organizations with multi-tenant SaaS environments
Summary: Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily read artificial intelligence (AI) conversions from other customers’ applications without requiring authentication. The vulnerabilities have been collectively codenamed DifyTap by Zafran Security.
Why it matters: Credential and session isolation failures in AI workflow platforms threaten the confidentiality of proprietary data across tenant boundaries, potentially leading to regulatory and reputational exposure.
Practitioner Perspective
DifyTap illustrates the risk of adopting agentic workflow tools like Dify at scale. Without robust tenant isolation and authentication controls, attackers may exfiltrate or manipulate AI chat data across organizations, undermining cloud trust assumptions. With AI data often containing intellectual property or early stage product details, a single cross-tenant flaw escalates business risk substantially. Prioritize both code and configuration review before adopting rapidly evolving open source AI SaaS platforms into sensitive business units.
Recommended Actions
- Patch Dify to address all four DifyTap vulnerabilities immediately in both self-hosted and SaaS deployments
- Review user roles and session logs for evidence of unauthorized access to AI chat data between tenants
Node.js releases patches for two high severity vulnerabilities in 26.x, 24.x, 22.x
Source: 365TRUST.ME (via web) | Risk: High | Impacted: Node.js backend teams, DevOps supporting v26.x, 24.x, 22.x, Organizations with large-scale web APIs
Summary: Node.js issued security updates addressing 12 vulnerabilities, including two high‑severity flaws (CVE‑2026‑48618 and CVE‑2026‑48933) affecting versions 26.x, 24.x and 22.x that could lead to DoS and auth bypass.
Why it matters: Failure to patch the latest Node.js vulnerabilities can allow attackers to bypass authentication or crash critical production services, causing disruption and possible unauthorized access in environments where Node.js underpins backend platforms.
Practitioner Perspective
Node.js is embedded in many business-critical stacks, from API gateways to internal tools. The newly announced CVE‑2026‑48618 and CVE‑2026‑48933 underscore that authentication mechanisms and service reliability may be at risk across multiple supported versions. Attackers frequently target lagging patch cycles in high-availability web environments to gain initial access or cause downtime. Proactively address these patch gaps before they get folded into automated exploit kits or ransomware playbooks.
Recommended Actions
- Deploy Node.js patches for CVE-2026-48618 and CVE-2026-48933 to all systems running versions 26.x, 24.x, and 22.x as per vendor recommendations
- Review authentication event logs and crash logs for indicators of exploitation or anomalous error rates since disclosure
Exploits & CVEs
No new critical exploits or CVE stories with CVSS scores were disclosed in this cycle that do not already appear above.
Defensive Actions
- Block execution of VBScript via AppLocker or equivalent controls on endpoints with WhatsApp Desktop or Web
- Use EDR to hunt for suspicious VBScript activity initiated via WhatsApp process context
- Audit JaredFromSubway MEV bot’s code for logic flaws allowing trade manipulation
- Establish real-time monitoring and circuit breakers for high-value Ethereum wallet transactions from bots
- Update all FFmpeg libraries to the version with PixelSmash fix in applications such as Jellyfin, Emby, Nextcloud, Kodi, and OBS Studio
- Apply Microsoft security update for AutoGen Studio addressing the remote code execution path (AutoJack chain)
- Continuously monitor exposure of company and domain-specific credentials using credential leak detection services
- Upgrade FortiGate firmware to latest available from Fortinet to address FortiBleed campaign risk
- Scan for unauthorized ManageEngine RMM agent installations on endpoints tied to WhatsApp Desktop/Web use
- Identify and remove any versions of ShapedPlugin Pro plugins issued during the affected supply chain window
- Patch Dify to address all four DifyTap vulnerabilities immediately in both self-hosted and SaaS deployments
- Deploy Node.js patches for CVE-2026-48618 and CVE-2026-48933 to all systems running versions 26.x, 24.x, and 22.x as per vendor recommendations
What We’re Watching
- Continued manipulation of automated crypto trading bots leading to large-scale financial crime
- Malware campaigns leveraging business communication platforms for initial access
- Supply chain and plugin tampering incidents affecting trusted update channels in WordPress and beyond
- Emerging cross-tenant threats in open-source AI workflow platforms
- Escalating exploitation of authentication bypass and denial-of-service vulnerabilities in core backend frameworks
Categories: Cybersecurity Blog, Cybersecurity News
TECHMANIACS.com 
Leave a comment