Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation - “Our analysis of exploits associated with this campaign identified a zero-day vulnerability implemented in a Python script that enables the user to bypass two-factor authentication (2FA) on a popular open-source, web-based system administration tool,” Google Threat Intelligence Group (GTIG) said in a report shared with The Hacker News. “For example, the script contains an abundance of educational docstrings, including a hallucinated CVSS score, and uses a structured, textbook Pythonic format highly characteristic of LLMs training data (e.g., detailed help menus and the clean _C ANSI color class),” GTIG added.
Poland says hackers breached water treatment plants, and the US is facing the same threat | TechCrunch - Poland’s intelligence service said it detected attacks on five water treatment plants where hackers could have taken control of the industrial equipment inside, including, in the worst case, tampering with the safety of the water supply.
1 in 8 workers say selling company logins is justifiable - Cifas doesn’t give a precise number for the share of rank-and-file employees who feel selling credentials is justified, but it does call attention to how leadership feels, and the more power they have, the more they seem to think it’s okay to sell their access. Thirty-two percent of managers, 36 percent of directors, and 43 percent of C-suite executives said it was justifiable to sell their login details. Even more shockingly, a full 81 percent of business owners felt the exact same way.
Claude Code trust prompt can trigger one-click RCE - “The moment a developer presses Enter on Claude Code’s generic ‘Yes, I trust this folder’ dialog, the server spawns as an unsandboxed Node.js process with the user’s full privileges — no per-server consent, no tool call from Claude required,” Adversa AI explains in its PoC repo.
Cache-poisoning caper turns TanStack npm packages toxic - TanStack founder Tanner Linsley published a postmortem describing how the attacker used a malicious commit on a fork to create a pull request on the TanStack repository, causing scripts to auto-run and build the malware. This poisoned the GitHub Actions cache in what Linsley said is a variant of a known GitHub Action vulnerability discovered in 2024. The malware then extracted the npm OpenID Connect (OIDC) token, used for trusted npm publishing, from runner memory using the same code used to compromise tj-actions in an attack last year.
Linux
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions - The vulnerability currently does not have a CVE identifier, as the embargo is said to have been broken after detailed information and an exploit for the xfrm-ESP Page-Cache Write vulnerability were published publicly by an unrelated third-party.
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials - “PamDOORa represents an evolution over existing open-source PAM backdoors,” Morag explained. “While the individual techniques (PAM hooks, credential capture, log tampering) are well-documented, the integration into a cohesive, modular implant with anti-debugging, network-aware triggers, and a builder pipeline places it closer to operator-grade tooling than the crude proof-of-concept scripts found in most public repositories.”
New PCPJack worm steals credentials, cleans TeamPCP infections - During this initial stage, PCPJack explicitly checks for TeamPCP tooling and attempts to delete everything, thus claiming the compromise for themselves.
Iran
MuddyWater hackers use Chaos ransomware as a decoy in attacks - Although the attack involved credential theft, persistence, remote access, data exfiltration, extortion emails, and an entry on the Chaos leak portal, the attackers used infrastructure and techniques associated with the MuddyWater attacks.
Beyond Attribution: The Spectrum of State Responsibility - PDF