All news with #data exfil via tools tag

Zero-day XSS in Zimbra abused via malicious .ICS files

📅 Researchers found a zero-day XSS in Zimbra Collaboration Suite exploited through malicious .ICS (iCalendar) attachments that delivered obfuscated JavaScript. The vulnerability, tracked as CVE-2025-27915, affects ZCS 9.0, 10.0 and 10.1 and was patched by Zimbra on January 27 with releases ZCS 9.0.0 P44, 10.0.13 and 10.1.5. StrikeReady determined attacks began in early January and involved a spoofed Libyan Navy email targeting a Brazilian military organization. The injected script is capable of stealing credentials, emails, contacts and shared folders, manipulating filters to forward mail, and using the Zimbra SOAP API to exfiltrate data.

CometJacking: One-Click Attack Turns AI Browser Rogue

🔐 CometJacking is a prompt-injection technique that can turn Perplexity's Comet AI browser into a data exfiltration tool with a single click. Researchers at LayerX showed how a crafted URL using the 'collection' parameter forces the agent to consult its memory, extract data from connected services such as Gmail and Calendar, obfuscate it with Base64, and forward it to an attacker-controlled endpoint. The exploit leverages the browser's existing authorized connectors and bypasses simple content protections.

Detour Dog Using DNS to Distribute Strela Stealer Campaigns

🛡️ Infoblox links a threat actor dubbed Detour Dog to campaigns distributing the Strela Stealer, using compromised WordPress sites to host first-stage backdoors such as StarFish. The actor leverages DNS TXT records and modified name servers to deliver Base64-encoded commands and delivery URLs, selectively triggering redirects or remote execution to minimize detection. Infoblox and Shadowserver sinkholed multiple C2 domains in July–August 2025.

CometJacking attack tricks Comet browser into leaking data

🛡️ LayerX researchers disclosed a prompt-injection technique called CometJacking that abuses Perplexity’s Comet AI browser by embedding malicious instructions in a URL's collection parameter. The payload directs the agent to consult connected services (such as Gmail and Google Calendar), encode the retrieved content in base64, and send it to an attacker-controlled endpoint. The exploit requires no credentials or additional user interaction beyond clicking a crafted link. Perplexity reviewed LayerX's late-August reports and classified the findings as "Not Applicable."

Confucius Targets Pakistan with WooperStealer and Anondoor

🔒 Fortinet researchers attribute a renewed phishing campaign to Confucius, which has repeatedly targeted Pakistani government, military, and defense industry recipients using spear‑phishing and malicious documents. Attack chains observed from December 2024 through August 2025 delivered WooperStealer via DLL side‑loading using .PPSX and .LNK lures, and later introduced a Python implant, Anondoor. The group layered obfuscation and swapped tools and infrastructure to sustain credential theft, screenshot capture, file enumeration, and persistent exfiltration while evading detection.

Confucius Shifts to Python Backdoors Targeting Windows

🛡️ FortiGuard Labs reports that the long-running cyber-espionage group Confucius has shifted tactics against Microsoft Windows users, moving from document stealers like WooperStealer to Python-based backdoors such as AnonDoor. The change, observed between December 2024 and August 2025, favors persistent access and command execution over simple data exfiltration. Researchers describe layered evasion and persistence techniques including DLL side-loading, obfuscated PowerShell, scheduled tasks and stealthy exfiltration to minimize detection. Targeting remains focused in South Asia, particularly Pakistan.

Malicious PyPI soopsocks package abused to install backdoor

⚠️ Cybersecurity researchers flagged a malicious PyPI package named soopsocks that claimed to provide a SOCKS5 proxy while delivering stealthy backdoor functionality on Windows. The package, uploaded by user 'soodalpie' on September 26, 2025, had 2,653 downloads before removal and used VBScript or an executable (_AUTORUN.VBS/_AUTORUN.EXE) to bootstrap additional payloads. Analysts at JFrog reported the executable is a compiled Go binary that runs PowerShell, adjusts firewall rules, elevates privileges, performs reconnaissance and exfiltrates data to a hard-coded Discord webhook.

Confucius Espionage: Evolution from Stealer to Backdoor

🔐 FortiGuard Labs documents the Confucius espionage group’s shift from document-stealing malware to a stealthy Python-based backdoor targeting Microsoft Windows. Recent campaigns used spear-phishing with weaponized Office PPSX files, malicious LNK loaders, and staged PowerShell installers to deploy runtimes and execute AnonDoor modules. The actor leveraged DLL side-loading, scheduled tasks, and HKCU registry Load persistence to maintain stealth and periodic execution. Fortinet urges layered defenses, updated signatures, and user training to mitigate these threats.

Android spyware targeting Signal and ToTok users in UAE

🔒 ESET researchers uncovered two previously undocumented Android spyware families—Android/Spy.ProSpy and Android/Spy.ToSpy—distributed via deceptive websites that impersonate Signal, ToTok and even app stores. Both families require manual APK installation from third‑party sites and maintain persistence while exfiltrating contacts, media, documents and chat backups. ToSpy notably seeks .ttkmbackup files and uses AES‑CBC encryption with a hardcoded key; several C&C servers remained active. Google Play Protect already blocks known variants, and ESET shared findings with Google.

Chinese APT 'Phantom Taurus' Targets Gov and Telecom

🔎 Researchers at Palo Alto Networks have attributed two years of coordinated espionage to a previously unreported Chinese-aligned threat actor dubbed Phantom Taurus. The group targets government and telecommunications organizations across Africa, the Middle East, and Asia, focusing on foreign ministries, embassies, geopolitical events and military operations to maintain persistent covert access. Its toolkit includes a new IIS web-server backdoor suite called NET-STAR, DNS- and remote-access tools, in-memory implants and a wide mix of dual-use utilities. Operators have shifted from Exchange mailbox harvesting via ProxyLogon and ProxyShell exploits to targeted SQL database searches and WMI-driven data extraction.

Case for Multidomain Visibility and Unified Response in SOCs

🔍 The 2025 Unit 42 Global Incident Response Report shows that 84% of investigated incidents involved activity across multiple attack fronts and 70% spanned at least three vectors, underscoring coordinated, multidomain campaigns. Attackers move laterally across cloud, SaaS, IT and OT, exploiting identities, misconfigurations and vulnerabilities. The report recommends unified telemetry, AI-driven behavioral analytics and stronger identity controls to improve detection and accelerate response.

VirusTotal Crowdsourced AI Adds Exodia Labs for .CRX

🔍 VirusTotal has added Exodia Labs to its Crowdsourced AI lineup to provide automated analysis of Chrome extension (.CRX) files. The new contributor issues a clear verdict — benign, suspicious, or malicious — alongside a behavioral narrative to complement existing AI streams such as Code Insight. Exodia Labs results are indexed in VirusTotal Intelligence with dedicated search operators and surface in the web UI to help analysts rapidly triage extension-related threats.

Phantom Taurus: China-Aligned Hackers Target State, Telecom

🔍Phantom Taurus, newly designated by Unit 42, is a China-aligned cyber-espionage group that has targeted government and telecommunications organizations across Africa, the Middle East and Asia for at least two and a half years. Researchers traced the activity from earlier cluster tracking through a 2024 campaign codename, noting a 2025 elevation to a distinct group. Phantom Taurus has shifted from email-server exfiltration to directly querying SQL Server databases via a custom mssq.bat executed over WMI, and deploys a previously undocumented .NET IIS malware suite dubbed NET-STAR.

Phantom Taurus: China-linked APT Targets Diplomacy

🔍 Palo Alto Networks Unit 42 has attributed a two-and-a-half-year campaign of espionage to a previously undocumented China-aligned actor dubbed Phantom Taurus, which has targeted government and telecommunications organizations across Africa, the Middle East, and Asia. The group uses a bespoke .NET malware suite called NET-STAR to compromise Internet Information Services (IIS) web servers and maintain stealthy access. Observed techniques include exploitation of on-premises IIS and Microsoft Exchange flaws, in-memory payload execution, timestomping and AMSI/ETW bypasses, enabling persistent data collection tied to geopolitical events.

Researchers Disclose Trio of Gemini AI Vulnerabilities

🔒 Cybersecurity researchers disclosed three now-patched vulnerabilities in Google's Gemini suite that could have exposed user data and enabled search- and prompt-injection attacks. The flaws, labeled the Gemini Trifecta, impacted Gemini Cloud Assist, the Search Personalization model, and the Browsing Tool. Following responsible disclosure, Google stopped rendering hyperlinks in log summaries and implemented additional hardening. Tenable warned these issues could have allowed covert exfiltration of saved user information and location data.

Phantom Taurus: NET-STAR .NET IIS Backdoor Revealed

🔍 Unit 42 documents a newly designated Chinese-aligned threat actor, Phantom Taurus, which uses a previously undocumented .NET malware suite called NET-STAR to target IIS web servers. The actor focuses on government and telecommunications organizations across the Middle East, Africa and Asia and has shifted from email theft to direct database exfiltration. The report outlines technical behaviors, in-memory fileless execution, and mitigation guidance for Palo Alto Networks protections.

Datzbro Android Trojan Targets Seniors for DTO Fraud

🛡️ThreatFabric disclosed a newly observed Android banking trojan named Datzbro that targets elderly users via Facebook groups promoting senior activities. Attackers lure victims to install purported community apps (Android APKs and placeholder iOS TestFlight links) via Messenger or WhatsApp; payloads either install Datzbro directly or use a Zombinder dropper to bypass Android 13+ protections. Datzbro abuses Android Accessibility services to perform device takeover, overlay attacks, keylogging and remote control, enabling credential theft and fraudulent transactions. The malware is tied to a Chinese-language desktop C2 and contains Chinese debug strings, suggesting origin and potential wider distribution.

EvilAI Campaign: Malware Masquerading as AI Tools Worldwide

🛡️ Security researchers at Trend Micro detail a global campaign called EvilAI that distributes malware disguised as AI-enhanced productivity tools and legitimate applications. Attackers employ professional-looking interfaces, valid code-signing certificates issued to short-lived companies, and covert encoding techniques such as Unicode homoglyphs to hide malicious payloads and evade detection. The stager-focused malware — linked to families tracked as BaoLoader and TamperedChef — performs reconnaissance, exfiltrates browser data, maintains AES-encrypted C2 channels, and stages systems for follow-on payloads. Targets span manufacturing, government, healthcare, technology, and retail across Europe, the Americas and AMEA.

UNC6040: Proactive Hardening for SaaS and Salesforce

🔒 Google Threat Intelligence Group (GTIG) tracks UNC6040, a financially motivated cluster that uses telephone-based social engineering to compromise SaaS environments, primarily targeting Salesforce. Operators trick users into authorizing malicious connected apps—often a fake Data Loader—to extract large datasets. The guidance prioritizes identity hardening, strict OAuth and API governance, device trust, and targeted logging and SIEM detections to identify rapid exfiltration and cross‑SaaS pivots.

Notion 3.0 Agents Expose Prompt-Injection Risk to Data

⚠️ Notion 3.0 introduces AI agents that, the author argues, create a dangerous attack surface. The vulnerability exploits Simon Willson’s lethal trifecta—access to private data, exposure to untrusted content, and the ability to communicate externally—by hiding executable instructions in a white-on-white PDF that instructs the model to collect and exfiltrate client data via a constructed URL. The post warns that current agentic systems cannot reliably distinguish trusted commands from malicious inputs and urges caution before deployment.