All news with #secrets exposure tag

WireTap Attack Extracts Intel SGX ECDSA Key via DDR4

🔬 Researchers from Georgia Institute of Technology and Purdue University describe WireTap, a physical memory-bus interposer attack that passively inspects DDR4 traffic to recover secrets from Intel SGX enclaves. By exploiting deterministic memory encryption, the team built an oracle enabling a full key-recovery of an SGX ECDSA attestation key from the Quoting Enclave. The prototype uses inexpensive, off-the-shelf equipment (roughly $1,000) and can be introduced via supply-chain compromise or local physical access. Intel says the scenario requires physical access and falls outside its memory-encryption threat model.

OneLogin API Bug Exposed OIDC Client Secrets in 2025

🔒Clutch Security disclosed a high-severity flaw in the One Identity OneLogin IAM platform that could leak OpenID Connect (OIDC) application client_secret values when queried with valid API credentials. The issue, tracked as CVE-2025-59363 with a CVSS score of 7.7, stemmed from the /api/2/apps endpoint returning secrets alongside app metadata. OneLogin remedied the behavior in OneLogin 2025.3.0 after responsible disclosure; administrators should apply the update, rotate exposed API and OIDC credentials, tighten RBAC scopes, and enable network-level protections such as IP allowlisting where available.

Akira Bypasses MFA on SonicWall VPNs via Reused Logins

🔐Akira ransomware operators are successfully authenticating to SonicWall SSL VPN accounts even when one-time password (OTP) multi-factor authentication is enabled. Arctic Wolf links the logins to credentials and OTP seeds harvested via an improper access control flaw tracked as CVE-2024-40766, and notes attackers can reuse those secrets after devices are patched. Once inside, actors rapidly scan internal networks, harvest backup server credentials, and use techniques such as BYOVD to sideload vulnerable drivers and disable protections. Administrators are urged to install the latest SonicOS (recommended 7.3.0) and reset all SSL VPN credentials immediately.

MCP supply-chain attack via squatted Postmark connector

🔒 A malicious npm package, postmark-mcp, was weaponized to stealthily copy outgoing emails by inserting a hidden BCC in version 1.0.16. The package impersonated an MCP Postmark connector and forwarded every message to an attacker-controlled address, exposing password resets, invoices, and internal correspondence. The backdoor was a single line of code and remained available through regular downloads before the package was removed. Koi Security advises immediate removal, credential rotation, and audits of all MCP connectors.

Phishing-to-PureRAT: Vietnamese Actor Upgrades Stealer

🛡️ Huntress researchers uncovered a multi-stage phishing operation that began with a Python-based infostealer and culminated in the deployment of PureRAT. The campaign used a ZIP lure containing a signed PDF reader and a malicious version.dll to achieve DLL sideloading, then progressed through ten staged loaders that shifted from obfuscated Python to compiled .NET binaries. Attackers used process hollowing against RegAsm.exe, patched Windows defenses (AMSI and ETW), and ultimately unpacked PureRAT, which communicates over encrypted C2 channels and can load additional modules. Metadata linking the activity to the handle @LoneNone and to the PXA Stealer family, plus a C2 server traced to Vietnam, supports attribution to Vietnamese threat actors.

Chinese Backdoor Grants Year-Long Access to US Firms

🔐 Chinese state-linked actors deployed a custom Linux/BSD backdoor called BRICKSTORM on network edge appliances to maintain persistent access into U.S. legal, technology, SaaS and outsourcing firms. These implants averaged 393 days of undetected dwell time and were used to pivot to VMware vCenter/ESXi hosts, Windows systems, and Microsoft 365 mailboxes. Mandiant and Google TAG attribute the activity to UNC5221 and have released a scanner and hunting guidance to locate affected appliances.

Malicious npm Package Uses QR Code to Steal Cookies

🔍 A malicious npm package named Fezbox was discovered using QR-code steganography to conceal and deliver a credential-stealing payload. The package fetched a QR image from a remote URL, waited roughly 120 seconds, decoded embedded code and executed it to extract usernames and passwords from browser cookies. Socket's AI-based scanner flagged the behavior; the package, which had at least 327 downloads, was removed after a takedown request to the npm security team.

Two critical Wondershare RepairIt flaws risk data and AI

⚠️ Trend Micro disclosed two critical authentication-bypass vulnerabilities in Wondershare RepairIt that exposed private user files, AI models, and build artifacts due to embedded overly permissive cloud tokens and unencrypted storage. The flaws, tracked as CVE-2025-10643 (CVSS 9.1) and CVE-2025-10644 (CVSS 9.4), allow attackers to circumvent authentication and potentially execute arbitrary code via supply-chain tampering. Trend Micro reported the issues through ZDI in April 2025 and warns users to restrict interaction with the product until a vendor fix is issued.

PyPI warns users to reset credentials after phishing

🔒 The Python Software Foundation warns of a phishing campaign using a convincing fake PyPI site at pypi-mirror[.]org that asks users to 'verify their email address' and threatens account suspension. If you clicked the link and submitted credentials, change your password immediately, inspect your account's Security History, and report suspicious activity to security@pypi.org. Maintainers should avoid clicking links in unsolicited emails, use password managers that auto-fill only on matching domains, and enable phishing-resistant 2FA such as hardware security keys.

Pandoc SSRF Exploited to Target AWS IMDS, Steal EC2 Keys

🔒 Wiz has observed in-the-wild exploitation attempts of CVE-2025-51591, an SSRF in Pandoc that renders iframe tags and can direct them at the AWS Instance Metadata Service (IMDS). Attackers submitted crafted HTML aiming to access 169.254.169.254 to exfiltrate temporary IAM metadata and EC2 credentials. Attempts seen from August and continuing for weeks were blocked where IMDSv2 was enforced. Administrators should mitigate by using Pandoc's -f html+raw_html or --sandbox options, enforce IMDSv2, and apply least-privilege roles.

QR Codes Used to Hide JavaScript Backdoor in npm Package

🔒 A malicious npm package called fezbox was discovered using layered obfuscation and QR-code steganography to conceal credential-stealing logic. Disguised as a benign JavaScript/TypeScript utility, importing the library triggered retrieval and execution of code hidden inside a remote QR image; the payload reads document.cookie and attempts to extract username and password pairs for exfiltration. Socket researchers highlighted a development-environment guard and a 120-second delay as anti-analysis measures; the package has been removed from GitHub and marked malicious.

NPM package uses QR code to fetch cookie-stealing malware

🔒 A malicious npm package named fezbox was recently discovered using a QR code embedded in an image to retrieve a second-stage, cookie-stealing payload from the attacker's server. The package's minified code (notably in dist/fezbox.cjs) delays execution, avoids development environments, then decodes a reversed URL to fetch a dense JPG QR image containing obfuscated JavaScript. When the payload finds credentials in document.cookie it extracts username and password and exfiltrates them via an HTTPS POST; the package accrued at least 327 downloads before registry removal.

SonicWall Urges Password Resets After Backup Files Exposure

🔒 SonicWall is urging customers to reset credentials after detecting suspicious activity that exposed firewall configuration backup files stored in MySonicWall cloud for under 5% of users. Although stored credentials were encrypted, the preference files contained information that could help attackers exploit related firewalls; the company says this was a series of brute-force accesses, not a ransomware event. Customers should verify backups, disable remote management and VPN access, reset passwords and TOTPs, review logs, and import the provided randomized preferences file that resets local passwords, TOTP bindings, and IPSec keys.

PyPI Invalidates Tokens Stolen in GhostAction Attack

🔐 The Python Software Foundation has invalidated PyPI publishing tokens that were exfiltrated during the early-September GhostAction supply chain attack. GitGuardian first reported malicious GitHub Actions workflows attempting to steal secrets, and PyPI found no evidence that the stolen tokens were used to publish malware. Affected maintainers were contacted and advised to rotate credentials and adopt short-lived Trusted Publishers tokens for GitHub Actions. PyPI also recommended reviewing account security history for suspicious activity.

One in Three Android Apps Expose Sensitive Data to Attackers

🔒 The 2025 Zimperium Global Mobile Threat Report finds that one in three Android apps and more than half of iOS apps leak sensitive information through insecure APIs, and nearly half of apps contain hardcoded secrets such as API keys. Client-side weaknesses let attackers tamper with apps, intercept traffic and bypass perimeter defences. The report recommends API hardening and app attestation to ensure API calls originate from genuine, untampered apps.

Brute-force Attacks Target SonicWall Cloud Backups

🔒 SonicWall warned that brute-force attacks against its firewall API used for cloud backups may have exposed preference files stored in customers' MySonicWall.com portals. The vendor has disabled the cloud backup capability and is urging admins to restrict or disable SSLVPN and Web/SSH management over the WAN, then reset passwords, keys, and secrets. Less than 5% of the install base had backups in the cloud, but that could still affect thousands of organizations. SonicWall has provided remediation guidance and will notify customers if their accounts show impacted serial numbers.

Microsoft and Cloudflare Disrupt RaccoonO365 Phishing

🔒 Microsoft and Cloudflare executed a coordinated takedown of RaccoonO365, a Nigerian-run phishing-as-a-service platform tracked by Microsoft as Storm-2246. The joint effort seized 338 domains and dismantled infrastructure that reportedly generated hundreds of millions of malicious messages and could bypass some MFA protections. Cloudflare removed intermediary Cloudflare Workers shields and deployed phish warning pages, while Microsoft pursued legal action and criminal referrals. The disruption exposed risks to healthcare providers and highlighted cross-border enforcement limits.

Critical Chaotic Deputy Bugs Risk Kubernetes Cluster Takeover

🔴 Researchers from JFrog disclosed critical command-injection vulnerabilities in Chaos-Mesh (tracked as CVE-2025-59358, CVE-2025-59360, CVE-2025-59361, and CVE-2025-59359) that allow an attacker with access to an unprivileged pod to execute shell commands via an exposed GraphQL API and the Chaos Daemon. Three of the flaws carry a CVSS score of 9.8 and can be exploited in default deployments, enabling denial-of-service or full cluster takeover. Users are advised to upgrade to Chaos-Mesh 2.7.3 or to disable the chaosctl tool and its port via the Helm chart as a workaround.

Hackers Insert Credential-Stealing Malware into npm Packages

🛡️ Researchers disclosed a campaign that trojanized more than 40 npm packages, including the popular tinycolor, embedding self-replicating credential-stealing code. The malware harvested AWS, GCP and Azure credentials, used TruffleHog for secrets discovery, and established persistence via GitHub Actions backdoors. Affected packages were removed, but developers are urged to remove compromised versions, rebuild from clean caches, and rotate any exposed credentials.

Fileless Malware Uses Legitimate Tools to Deploy AsyncRAT

🔍 Researchers uncovered a sophisticated fileless campaign that executes malicious code entirely in memory to deliver AsyncRAT. The attack began via a compromised ScreenConnect client and a VBScript that used WScript and PowerShell to download two payload blobs saved to C:\Users\Public\, which were never written as executables but loaded into memory via reflection. A .NET launcher (Obfuscator.dll) was used to orchestrate persistence, disable security logging and load the RAT, which exfiltrates credentials, browser artifacts and keystrokes.