AI Supply Chain Flaw, SIEM Upgrade, Urgent Patches, SaaS Vishing

Enterprises saw a prevention-first tilt today. Microsoft detailed detection and response playbooks for securing AI application supply chains after a high-severity flaw in a popular framework, while Kaspersky rolled out SIEM 4.2 with AI-driven behavioral analytics and a faster correlation engine. Alongside those platform upgrades, urgent patches landed for mobile device management and mail servers, and defenders received fresh guidance for countering SaaS-targeted social engineering.

Platform Controls Strengthen Across SIEM, Cloud, and AI

Kaspersky SIEM 4.2 embeds UEBA models to baseline normal authentication and session activity, highlighting unusual login times, atypical event chains, and anomalous access attempts instead of relying on static indicators. A new beta correlation engine processes events faster with lower resource use, consolidates multi-step UEBA chains into specialized rules (including account hijack detection), and improves stability under load. Operational changes add a flexible role model for granular access, background searches for heavy investigations, and secure event backup/export with integrity controls to aid audits and incident response. The vendor says the rule set now covers more than 60% of the MITRE ATT&CK matrix with embedded response recommendations to help teams map coverage and prioritize defenses.

Microsoft Defender Security Research uses a recent case study to illustrate AI supply chain risk in agentic ecosystems and provides concrete remediation. Recommended steps include upgrading to patched langchain-core releases (0.3.81+ for 0.3.x; 1.2.5+ for 1.x), using Defender for Cloud’s Cloud Security Explorer to find affected assets, and applying fixes across code, build/ship, and runtime phases. Defender scanners were updated to flag vulnerable containers and VMs, and the report offers hunting tips—such as spotting Python processes tied to LangChain that access environment variables or make unexpected network connections immediately after LLM interactions—alongside guidance to create contextual GitHub issues from Defender for Cloud and use Copilot-assisted remediation.

AWS introduced Partner Revenue Measurement to attribute how Marketplace products drive consumption of underlying cloud services. By standardizing on the aws-apn-id tag with a product-code value, partners can aggregate tagged resources across accounts to understand AWS-side revenue impact and usage patterns. The feature supports revenue attribution, customer ROI discussions, forecasting, and product optimization, with an onboarding guide that covers instrumentation and reporting workflows. Consistent tagging and appropriate permissions are prerequisites for cross-account visibility.

OpenAI plans to retire GPT‑4o and several other models on February 13, citing broad adoption of GPT‑5.2 as a safer, capable replacement and noting 4o’s usage has dropped to about 0.1% of daily users. Fans of GPT‑4o’s conversational style helped shape GPT‑5.1 and 5.2, and a Personality feature aims to preserve preferred behaviors without API changes. Organizations that relied on 4o’s tone should migrate workflows, revalidate outputs, and use the new customization tools.

Advisories and Patches: EPMM and SmarterMail

Ivanti issued emergency stand‑alone RPM patches for EPMM to fix two unauthenticated code‑injection flaws (CVE‑2026‑1281 and CVE‑2026‑1340), both rated 9.8 and reported as exploited in a limited set of environments. The RPMs are version‑specific and must be reinstalled after any appliance upgrade; a permanent fix is planned for 12.8.0.0. While Sentry is not directly vulnerable, compromised EPMM appliances have command execution permission on Sentry, enabling potential pivoting. Detection guidance includes reviewing https-access_log for suspicious requests and 404s to affected endpoints, checking for web shells or modified pages (e.g., 401.jsp), auditing administrators and auth configurations, and forwarding logs to a SIEM since attackers may delete or rotate them. For suspected compromise, the vendor recommends restore-from-clean backups, credential resets (including LDAP/KDC), certificate rotation, and thorough audits of pushed apps, policies, and network/VPN settings.

SmarterMail shipped fixes for multiple high-severity issues, including an unauthenticated RCE (CVE‑2026‑24423, CVSS 9.3) in the ConnectToHub API and another critical flaw (CVE‑2026‑23760, CVSS 9.3) observed in active exploitation. Build 9511 addresses the RCE; Build 9518 fixes a medium-severity path‑coercion bug (CVE‑2026‑25067) that can trigger outbound SMB authentication to attacker‑controlled hosts, enabling credential coercion or NTLM relay. Administrators should upgrade immediately, restrict or monitor outbound SMB/445 from mail hosts, enforce SMB signing and stronger authentication where feasible, rotate potentially exposed credentials, and review logs for signs of exploitation.

Social Engineering Hits SaaS—With Playbooks to Respond

Google Threat Intelligence and Mandiant track ShinyHunters‑branded operations that use vishing and victim‑branded credential sites to harvest SSO credentials and MFA codes, then pivot into SaaS platforms like SharePoint, OneDrive, Salesforce, Slack, DocuSign, and Google Workspace. Operators registered convincing domains, enabled OAuth apps, deleted MFA notification emails, and used scripted bulk downloads. Extortion tactics included public sample hosting, text threats, DDoS, and harassment. The report lists IOCs and stresses mitigation through phishing‑resistant MFA (e.g., FIDO2/passkeys), monitoring anomalous authorizations, hunting for scripted file access and email deletion, and correlating proxy/VPN usage with suspicious account activity. Why it matters: these are people‑centric intrusions that abuse legitimate identity and SaaS features, not vendor product bugs.

Mandiant also published a field‑tested response plan: revoke active sessions and OAuth tokens, restrict public self‑service resets, pause MFA registrations, tighten VPN/VDI ingress, and enforce device compliance while instituting live-video identity checks at help desks. Hardening guidance covers removing SMS/phone/email factors in favor of phishing‑resistant options, scoping non‑human credentials, centralizing secrets, and moving to workload identity federation with short‑lived tokens. Cross‑SaaS detection patterns emphasize ingesting identity, OAuth, mailbox/export, and file‑access telemetry to surface MFA modifications, admin changes from anonymized IPs, OAuth grants to abuse apps, targeted deletion of security emails, and scripted bulk downloads.

Campaigns, Malware, and Enforcement

The Hacker News reports on HarfangLab’s analysis of the RedKitten campaign targeting NGOs and activists linked to unrest in Iran. Lures arrive as Farsi‑named 7z archives containing macro‑enabled Excel files; the macros deploy a C# backdoor dubbed SloppyMIO via AppDomainManager injection. The implant uses GitHub as a dead‑drop to retrieve Google Drive image URLs, extracting configuration steganographically, and communicates via Telegram bots. Modules support command execution, targeted file collection and ZIP creation sized for Telegram limits, persistence via scheduled tasks, and process spawning. Researchers noted stylistic signs of LLM‑generated VBA, plus a separate WhatsApp‑based phishing site serving live QR codes and bogus login pages with requests for camera/microphone/geolocation permissions.

ESET provides a technical analysis of DynoWiper, a data wiper found at a Polish energy company in late December 2025. Samples (e.g., schtask.exe) overwrite files on removable and fixed drives using a 16‑byte random buffer, execute a second destructive pass that varies by variant, and force a reboot. Prior activity included use of public tooling and an attempted LSASS dump; a SOCKS5 server IP is documented. ESET attributes DynoWiper to Sandworm with medium confidence based on TTP overlap while noting gaps that reduce confidence, and includes IoCs and an ATT&CK v18 mapping.

CSOonline covers Bitdefender’s finding of a large‑scale Android campaign using a scareware dropper (TrustBastion) to fetch a RAT from Hugging Face datasets. Attackers automated updates aggressively—around 6,000 commits in a month, with new payloads every ~15 minutes—to evade signature‑based controls. Once installed, the RAT abuses Accessibility Services, screen recording/casting, and overlays to capture credentials and exfiltrate data. Hugging Face removed the malicious datasets after notification, but the campaign reappeared with superficial changes, underscoring how trusted developer platforms can be co‑opted for distribution.

Bitdefender reports that the FBI seized RAMP, a Russian‑language forum that openly hosted ransomware operators, affiliates, and data traders since 2021. The takedown replaced both dark‑web and clearnet sites with a seizure banner and may yield user data that supports follow‑on actions. While criminal activity will migrate, control of RAMP’s infrastructure represents a tangible disruption for groups that used the platform to recruit and coordinate.