Daily Brief

Japanese authorities have introduced a free decryptor for victims of Phobos and 8-Base ransomware, allowing them to recover encrypted files without cost. The decryptor is available on the Japanese police website and also via the Europol's NoMoreRansom project, promoting its legitimacy with support from the FBI. This initiative follows a substantial law enforcement action that saw a disruption of the Phobos operation and the arrest of key suspects involved in the ransomware distribution. The decryptor is effective against files encrypted with extensions such as ".phobos", ".8base", ".elbie", ".faust", and ".LIZARD", with potential support for additional extensions. It's noteworthy that some browsers may flag the decryptor as malware, yet testing confirms its safety and effectiveness in decrypting files. A recent case verified by BleepingComputer confirmed the decryptor successfully restored all 150 files encrypted by a variant of Phobos ransomware on a test system. Ransom victims are encouraged to utilize this tool even if the ransomware used different file extensions, as it might still decrypt their data successfully.

Researchers have identified exploitation attempts aimed at a vulnerability (CVE-2025-48927) in the TeleMessage SGNL app, potentially compromising usernames, passwords, and other sensitive information. GreyNoise, a threat monitoring firm, reported observing 11 IPs attempting to exploit this specific vulnerability, with ongoing related reconnaissance activities. The flaw stems from unrestricted access to the '/heapdump' endpoint in Spring Boot Actuator, allowing unauthorized downloading of Java heap memory dumps that contain sensitive data. Despite TeleMessage addressing the flaw, some on-prem installations remain at risk due to outdated configurations not limiting access to diagnostic endpoints. To mitigate risk, it's recommended to disable or restrict access to sensitive endpoints, particularly the /heapdump endpoint, strictly to trusted IP addresses. The SGNL app, although intended for secure communications with built-in archival for compliance, has faced scrutiny over claims of not maintaining end-to-end encryption, risking the integrity of stored messages and credentials. This vulnerability and its exploitation highlighted national security concerns in the U.S, following its use by Customs & Border Protection and other officials. CVE-2025-48927 has been added to the Known Exploited Vulnerabilities catalog by CISA, with a directive for federal agencies to apply necessary mitigations promptly.

WeTransfer recently modified its Terms of Service, introducing language that suggested the use of uploaded content to train AI for improving content moderation, which led to significant user backlash. The specific ToS change involved granting WeTransfer extensive rights to user content, including a perpetual, royalty-free license to use this content for service operations and technology development. Following user complaints and negative reactions on social media, WeTransfer clarified that the inclusion of "machine learning" was only under consideration and not currently in use, and decided to remove the contentious wording to avoid further confusion. Users expressed concerns that their sensitive content could be misused under the new terms, viewing the update as a potential privacy violation. Legal experts note that terms of service adjustments are common as tech companies seek additional rights for new features, but explicit clarity and user consent are crucial to maintaining trust. The episode reflects broader issues in the tech community regarding data privacy and the implications of AI, highlighting the need for transparency and careful communication by companies when updating service agreements. WeTransfer's situation mirrors similar controversies faced by other tech companies, such as Dropbox, as they navigate the integration of AI technologies and associated legal and ethical challenges.

Ukraine’s Computer Emergency Response Team (CERT-UA) uncovered a phishing campaign employing the LAMEHUG malware, featuring unique AI integration for command generation via textual descriptions. The phishing emails, designed to appear as if sent by ministry officials, targeted top-level government entities and contained a ZIP archive with three variations of the LAMEHUG payload. The malware was developed using a Large Language Model (LLM) named Qwen2.5-Coder-32B-Instruct from Alibaba Cloud, tailored for coding tasks and accessed through the Hugging Face API. LAMEHUG capabilities include harvesting host data and searching for text and PDF files in critical directories, with the information being sent back to the attackers via SFTP or HTTP POST. The attack's connection to Russian state-backed hacking collective APT28, also known as Fancy Bear, was established with medium confidence. Utilizing legitimate services like Hugging Face for command-and-control operations allows such attacks to blend with normal traffic and evade detection systems. This report follows another finding by Check Point of a malware called Skynet, demonstrating new tactics like prompt injection to challenge AI-based analysis tools, signaling evolving adversarial strategies against AI-integrated security systems.

Google has filed a lawsuit in New York against 25 Chinese entities responsible for operating the BADBOX 2.0 botnet, which compromised over 10 million Android devices. The compromised devices were primarily uncertified Android products lacking Google's security measures, susceptible to pre-installed malware. The botnet facilitated extensive ad fraud and other digital criminal activities, utilizing infected devices through Google's Ad Network. Google has updated its Play Protect service to counter BADBOX-related apps, following an FBI warning regarding the security threat. The botnet primarily infected devices in Brazil, the U.S., Mexico, and Argentina, being spread through IoT devices and malicious apps from unofficial marketplaces. The legal complaint highlights multiple BADBOX enterprise groups, each specializing in different facets of the criminal operation. A preliminary court injunction has mandated the cessation of the botnet's operations and engaged third-party ISPs and domain registries in dismantling the network. Google's actions and the corresponding legal measures represent a significant development in the fight against global cybercrime and device exploitation.

NVIDIA Container Toolkit disclosed a critical vulnerability, tracked as CVE-2025-23266, with a CVSS score of 9.0, allowing container escapes and privilege escalation. The flaw, named NVIDIAScape by Wiz, affects all versions of NVIDIA Container Toolkit up to 1.17.7 and NVIDIA GPU Operator up to 25.3.0. Attackers can execute a simple three-line Dockerfile exploit to load malicious libraries, enabling them to access, alter, or steal data across shared hardware environments. Approximately 37% of cloud environments are susceptible to the exploit, potentially impacting sensitive data and proprietary AI models of multiple customers. NVIDIA has released updates (versions 1.17.8 and 25.3.1) to mitigate the vulnerability. Security experts warn that containers provide insufficient security isolation on their own and emphasize the necessity for stronger barriers like virtualization. This incident underscores ongoing critical infrastructure vulnerabilities in the growing AI technology stack, highlighting the urgent need for robust security measures.

IT disruptions are escalating, prompting a shift from traditional backup to cyber resilience strategies due to the increasing threat of ransomware. Ransomware attacks have evolved into complex schemes like double and triple extortion, targeting not just encryption but also data exfiltration, and attack on recovery processes. Financial impacts on small and medium businesses (SMBs) can be severe, with potential costs running into tens of thousands for even a single day of downtime, not including long-term reputational damage. Compliance pressures and regulatory demands across sectors are driving the need for robust cyber resilience to maintain operations amidst attacks. Traditional backup methods are inadequate against modern cyber threats that involve deliberate attacks on backup and recovery systems. A resilience-first strategy involves identifying critical systems, automating backup testing, protecting recovery infrastructure, and developing clear recovery playbooks. Cyber resilience is crucial for managing financial risks and leveraging insurance as it demonstrates preparedness and operational continuity during crises.

Citrix NetScaler vulnerability, CVE-2025-5777 (CitrixBleed 2), was exploited nearly two weeks before proof-of-concept (PoC) exploits were publicly available. GreyNoise detected active exploitation from IP addresses originating in China starting on June 23, 2025. Citrix did not initially acknowledge the exploitation in its security advisories despite warnings and eventually updated its guidance post-exposure in KEV database. U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities catalog on July 9, urging immediate patching. Security researcher Kevin Beaumont criticized Citrix for insufficient response and guidance on mitigating the flaw and clearing compromised sessions. Exploit allows attackers to send malformed POST requests during login to leak memory and hijack Citrix sessions using valid session tokens. Citrix released a patch and an additional blog post on July 15 for identifying indicators of compromise in NetScaler logs; however, they have historically been slow and opaque regarding the dissemination of exploitation details. Over 120 companies reportedly compromised by the flaw, with the financial sector being a primary target according to third-party security firm Imperva.

Google has initiated legal actions against 25 unidentified individuals based in China for exploiting over 10 million devices worldwide. These devices, infected by the BadBox 2.0 botnet, include streaming boxes, tablets, projectors, and car infotainment systems. Accusations detail the botnet's interference with Google’s user relationships, damage to its reputation, and enforced significant resource expenditure to mitigate the issues. This lawsuit aims to dismantle the criminal operations of BadBox 2.0, preventing further cybercrimes and fraudulent activities. Despite the lawsuit, accountability is uncertain as extradition from China to the USA is rare. Historical efforts by Human Security with Google's collaboration have partially disrupted BadBox operations but challenges remain as the botnet capability expands. The botnet facilitates various fraudulent operations, including ad fraud and DDoS attacks, by exploiting residential proxies that mask illicit network traffic. Google's legal action highlights key groups within the botnet’s infrastructure responsible for different fraudulent and criminal activities.

VMware resolved four critical vulnerabilities found in its ESXi, Workstation, Fusion, and Tools products. The vulnerabilities were exposed during the Pwn2Own Berlin 2025 competition. Three of these vulnerabilities, rated 9.3 in severity, could allow guest virtual machines to execute commands on the host system. These high-severity vulnerabilities are identified as CVE-2025-41236, CVE-2025-41237, and CVE-2025-41238. A fourth issue, CVE-2025-41239, rated at 7.1, involves information disclosure and affects VMware Tools for Windows specifically. No workarounds are available; updating to the latest software versions is required to mitigate the risks. These zero-day vulnerabilities reflect a significant prize pool at Pwn2Own, where researchers earned over $1 million by demonstrating exploits.

Matanbuchus malware, promoted as malware-as-a-service since early 2021, is being distributed via Microsoft Teams by impersonating IT helpdesk calls. This malware executes payloads directly in memory and features enhancements for evasion, making it difficult to detect and analyze. Attackers engage with victims through Microsoft Teams, trick them into opening the remote support tool Quick Assist, and instruct them to run a script that deploys the malware. The latest version, Matanbuchus 3.0, includes updated command-and-control communication, anti-sandbox features, and uses syscalls to avoid detection by bypassing Windows API wrappers and EDR hooks. It collects sensitive information from the infected system, such as user credentials and security tool details, and adjusts its techniques based on the security environment of the targeted system. Morphisec's analysis of Matanbuchus 3.0 reveals significant sophistication in its ability to execute various commands and payloads, as well as its evasion and obfuscation enhancements. Researchers have provided indicators of compromise and detailed technical insights into the threat, noting its development into a sophisticated malware threat.

Google has filed a lawsuit against the operators of the BadBox 2.0 malware botnet, implicated in a massive ad fraud scheme. BadBox 2.0 has infected over 10 million Android Open Source Project (AOSP) devices globally, including smart TVs and streaming devices. The malware functions by converting infected devices into residential proxies for cybercrime or utilizing them for ad fraud on Google's platforms. BadBox 2.0 originated after the disruption of its predecessor by German authorities in December 2024; however, the new version quickly regrouped and expanded its reach. Over 170,000 devices in New York State alone are reported to be part of this botnet. Google has terminated thousands of publisher accounts linked to the fraudulent activities but emphasizes that the threat continues to escalate. Google's lawsuit seeks damages, a permanent injunction against the malware operations, and utilizes the Computer Fraud and Abuse Act and the RICO Act to address unknown perpetrators believed to be in China. The legal action includes demands to dismantle over 100 internet domains that serve as part of the botnet's infrastructure.

LameHug malware, discovered by Ukraine’s CERT-UA, leverages a large language model (LLM) to create real-time data-theft commands for attacking Windows systems. The malware has been linked to APT28, a Russian state-backed cyber threat group, also known under various aliases including Fancy Bear and Sednit. LameHug utilizes Hugging Face’s API and Alibaba Cloud's open-source LLM, Qwen 2.5-Coder-32B-Instruct, to convert natural language prompts into executable code. Initial malware distribution was identified through malicious emails with ZIP attachments impersonating Ukrainian ministry officials. Key functions of the malware include system reconnaissance and theft of sensitive documents from directories such as Documents, Desktop, and Downloads on compromised systems. LameHug transmits stolen data using SFTP or HTTP POST techniques, enhancing the stealthiness of data exfiltration. The implementation of AI for dynamic command generation represents a potential shift in attack strategies, providing adaptability and obfuscation advantages for malware operations. CERT-UA has reported with medium confidence that LameHug's activities are connected to the Russian-sponsored APT28, though the success of the generated commands remains unconfirmed.

Cisco has issued patches for a critical vulnerability in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), rated a perfect 10 in severity. The vulnerability, identified as CVE-2025-20337, allows an unauthenticated, remote attacker to execute arbitrary code with root-level privileges. This bug is related to another severe vulnerability (CVE-2025-20281) disclosed previously, both affecting ISE and ISE-PIC versions 3.3 and 3.4. There are no available workarounds, but Cisco has released software updates that address this and other related security issues. The vulnerabilities stem from insufficient validation of user-supplied input through crafted API requests. Security researchers and potential criminals are highly interested in such high-severity vulnerabilities, though there are no known exploits in the wild yet. It's crucial for users of the affected systems to apply the software updates immediately to prevent potential exploitations.

Threat actors are using public GitHub repositories to host and distribute malicious payloads, including Amadey malware and data stealers. Cisco Talos researchers identified fake GitHub accounts being employed for the bypass of web filtering and streamlined distribution mechanisms. The malware loader Emmenhtal (also known as PEAKLIGHT) is utilized to download Amadey, which in turn fetches additional payloads from GitHub. Similar tactics were observed in a previous phishing campaign that targeted Ukrainian entities using invoice-related lures to distribute SmokeLoader. Amadey not only downloads secondary payloads but also gathers system information and offers extended functionalities through DLL plugins for capabilities like credential theft. GitHub has taken down the identified accounts hosting malicious scripts, but researchers suggest this is part of a broader malware-as-a-service operation abusing the platform. Additional related threats like SquidLoader are targeting financial institutions in Asia, using sophisticated techniques to evade detection and facilitate remote control. The use of social engineering techniques, including QR codes and password-protected emails, continues to rise, complicating detection and response for security teams.