Threats Tagged 'web'

The Miasma campaign is a critical supply chain attack involving a self-propagating npm worm that compromised over 89 npm packages, including 32 Red Hat packages. It leveraged stolen developer credentials that were traded in underground markets for seven weeks before being weaponized. The campaign bypassed high-integrity supply chain protections by producing malicious packages with valid SLSA Build Level 3 provenance attestations. It escalated to target AI coding assistants in developers' local environments, expanding the attack surface beyond package registries. The attack exemplifies a new threat model called the Developer Credential Economy, where stolen developer credentials are commoditized and weaponized in multi-layered campaigns. The campaign highlights the insufficiency of traditional endpoint detection tools against ephemeral CI/CD environment compromises and stresses the need for treating developer credentials as critical infrastructure.

This content describes a webinar discussing the operational challenges faced by email security teams due to the high volume of phishing, business email compromise (BEC), and account takeover (ATO) alerts. It highlights how behavioral AI can automate detection and response workflows to reduce alert fatigue and improve efficiency. The webinar is educational and does not describe a specific vulnerability or active threat.

A vulnerability chain named AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could allow attackers to execute arbitrary commands on a developer's host system by tricking an AI agent into loading malicious JavaScript from a webpage. The issue was identified and fixed before any official release, so only developers building AutoGen Studio directly from GitHub during a limited window were affected. The vulnerability involves trusted localhost WebSocket connections, lack of authentication on certain API routes, and unsafe command execution from base64-encoded parameters. Microsoft recommends running AutoGen Studio only in isolated, low-privilege environments and not exposing it to untrusted content or the internet.

Webshells have been popular for a long time. We already covered this topic across multiple diaries[1][2]. I spent some time to track them[3] and slighly paid less attention to them but today I found another one. It seems to be a new player (pushed on Github two months ago). 

AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackers can trigger arbitrary process execution through AutoGen Studio’s MCP WebSocket. The research highlights a broader pattern - when agents can browse untrusted content and access local services, traditional boundaries like localhost are no longer secure. The post AutoJack: How a single page can RCE the host running your AI agent appeared first on Microsoft Security Blog .

Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate response workflows. [...]

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame. The post 15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown appeared first on SecurityWeek .

Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. [...]

International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group. [...]

Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems. [...]