Daily Brief

A critical vulnerability, CVE-2026-22709, in the vm2 Node.js library allows attackers to execute arbitrary code, posing significant security risks to affected systems. The flaw, rated 9.8 on the CVSS scale, arises from improper sanitization of Promise handlers, enabling sandbox escape. The vulnerability affects vm2 version 3.10.0, with a patch available in version 3.10.2, highlighting the importance of timely updates. This issue is part of a series of sandbox escapes that have troubled vm2, prompting discussions on the library's future and security practices. Despite the discontinuation announcement in July 2023, vm2 is still maintained, with updates to its Security page as of October 2025. Users are advised to consider alternative solutions like isolated-vm or Docker for enhanced security and isolation. The situation underscores the need for robust security measures when running untrusted code within sandboxed environments.

Microsoft addressed nine vulnerabilities reported by Google’s Project Zero that could allow attackers to bypass Windows Administrator Protection, a feature designed to enforce least privilege usage. The vulnerabilities, identified by researcher James Forshaw, primarily involve User Account Control (UAC) issues that could enable unauthorized admin privilege escalation. A key flaw involved the Logon Sessions mechanism, exploiting five Windows behaviors to manipulate DOS device object directories and gain control over them. The new Administrator Protection feature, currently available to Insider Canary users, introduces a hidden shadow admin account, which attackers could exploit by impersonating its token. Microsoft’s fix prevents the creation of DOS device object directories when impersonating a shadow admin token, closing the loophole for privilege escalation. The vulnerabilities were not previously exploitable until the introduction of Administrator Protection, highlighting the complexity of securing new security features. Organizations using Windows should ensure timely updates to mitigate potential risks associated with these vulnerabilities.

Pillar Security identified a cybercrime operation, Bizarre Bazaar, targeting exposed LLM service endpoints, marking a new trend in AI infrastructure exploitation. Over 35,000 attack sessions were recorded in 40 days, revealing a large-scale operation monetizing unauthorized access to AI endpoints. Attackers exploit misconfigurations in self-hosted LLM setups, unauthenticated APIs, and publicly accessible development environments, often detected via internet scans. The campaign involves a criminal supply chain with three threat actors scanning, validating, and commercializing access through the platform SilverInc. Compromised LLM endpoints pose risks such as high operational costs, data exposure, and potential for lateral movement within networks. The operation is linked to aliases “Hecker,” “Sakuya,” and “LiveGamer101,” and involves selling access to AI models for cryptocurrency or PayPal. A separate campaign targeting MCP endpoints for lateral movement opportunities is noted, though not directly linked to Bizarre Bazaar. As the campaign continues, organizations are urged to secure AI infrastructure to prevent exploitation and potential financial and data losses.

Alan Bill, a Slovakian national, admitted to operating Kingdom Market, a darknet platform selling narcotics and cybercrime tools, from March 2021 to December 2023. Kingdom Market facilitated the sale of over 42,000 illegal items, including drugs, stolen identities, and fraudulent documents, using cryptocurrencies like Bitcoin and Monero. Federal undercover operations began in July 2022, leading to the acquisition of methamphetamine, fentanyl, and a fake U.S. passport from the marketplace. Authorities arrested Bill in December 2023 at Newark Liberty International Airport, seizing digital evidence linking him to the marketplace's operations. Bill's plea agreement includes surrendering domain names and forfeiting cryptocurrency linked to Kingdom Market, with potential penalties of up to 40 years in prison and a $5 million fine. The case underscores the ongoing challenge of dark web marketplaces in facilitating illegal activities and the importance of international cooperation in cybercrime investigations. Law enforcement's successful takedown of Kingdom Market demonstrates effective strategies in disrupting illicit online networks and the need for continued vigilance.

JFrog Security Research uncovered two high-severity vulnerabilities in the n8n workflow automation platform, which could lead to authenticated remote code execution. The vulnerabilities allow attackers to hijack an entire n8n instance, posing significant risks when operating in "internal" execution mode. n8n's internal mode in production environments is flagged as risky, with recommendations to switch to external mode for better process isolation. The platform's wide integration with core organizational tools and data makes it a critical target, potentially offering attackers access to sensitive information. Users are urged to update to the latest versions to mitigate these security flaws and protect against potential exploitation. These findings follow a recent disclosure of a maximum-severity flaw (CVE-2026-21858) in n8n, highlighting ongoing security challenges in sandboxing dynamic languages. The vulnerabilities expose the complexities in securing high-level languages like JavaScript and Python, where subtle features can bypass security measures.

Mustang Panda, linked to China, has updated its COOLCLIENT backdoor for espionage, targeting government entities in Myanmar, Mongolia, Malaysia, and Russia. The backdoor is used alongside PlugX and LuminousMoth infections, employing DLL side-loading to execute malicious code through legitimate signed executables. Between 2021 and 2025, Mustang Panda exploited software like Bitdefender and VLC Media Player to facilitate its attacks, impacting various sectors, including telecom. The malware collects extensive system and user data, including keystrokes, clipboard contents, and HTTP proxy credentials, enhancing its surveillance capabilities. Recent campaigns have also deployed stealer programs to extract credentials from browsers like Google Chrome and Microsoft Edge, indicating sophisticated post-exploitation strategies. Kaspersky's analysis suggests tool-sharing between Mustang Panda and LuminousMoth, reflecting collaboration or common resources among China-based APT groups. The group's activities extend beyond traditional espionage, focusing on active surveillance and large-scale data theft, posing significant threats to national security.

The integration of AI in Security Operations Centers (SOCs) is reshaping workflows, enhancing the efficiency of threat detection and response without replacing human analysts. AI systems, like those from Prophet Security, automate alert triage, ensuring every alert is investigated with human-level accuracy, thereby reducing the risk of missed threats. By aggregating data from various sources, AI provides a unified context for alerts, enabling analysts to focus on high-priority threats and reducing manual verification tasks. The implementation of AI-driven feedback loops allows for improved detection engineering by identifying and tuning rules that generate false positives. AI democratizes threat hunting by eliminating complex query language barriers, allowing analysts of all levels to engage in proactive threat detection. Successful AI deployment in SOCs depends on depth, accuracy, transparency, adaptability, and workflow integration, which build trust and operational effectiveness. Prophet Security's AI platform, developed by former SOC analysts, offers seamless integration with existing security tools, enhancing operational value without disrupting workflows.

Meta has launched "Strict Account Settings" for WhatsApp, enhancing security for journalists and public figures against advanced threats, including spyware attacks. This feature builds on WhatsApp's end-to-end encryption, adding layers of privacy controls such as two-step verification and blocking unknown media. Users can activate these settings on their primary device, which limits exposure to potential attacks by silencing unknown calls and hiding profile details. The rollout will occur gradually, with WhatsApp also transitioning to the Rust programming language to strengthen defenses against spyware. The initiative follows incidents where high-profile individuals were targeted with spyware like NSO Group's Pegasus via zero-click exploits on messaging apps. WhatsApp recently addressed vulnerabilities in its software, patching zero-day flaws previously exploited in targeted attacks. This development mirrors Apple's 2022 Lockdown Mode, which similarly aims to protect high-risk individuals by reducing exploitable functionalities.

Near-identical password reuse remains a critical security risk, often bypassing established password policies and exposing organizations to credential-based attacks. Despite awareness and regulations, employees frequently make minor changes to passwords, creating predictable patterns that attackers can exploit. Specops research indicates a 250-person organization may collectively manage around 47,750 passwords, significantly increasing the attack surface. Attackers utilize breached password datasets and automated tools to exploit these predictable variations, moving swiftly across compromised accounts. Traditional password policies focusing on complexity and history checks fail to address the nuances of near-identical password reuse. Organizations are encouraged to adopt continuous monitoring against breach data and implement intelligent similarity analysis to mitigate this risk. Specops Password Policy offers centralized management, enabling organizations to enforce robust password rules and continuously scan for known breached passwords.

Cybersecurity researchers identified two malicious packages on PyPI, masquerading as spellcheckers, which delivered a remote access trojan (RAT) to unsuspecting users. Named spellcheckerpy and spellcheckpy, these packages were downloaded over 1,000 times before removal, posing a significant risk to developers and their projects. The packages contained a base64-encoded payload hidden in a Basque language dictionary file, which downloaded a full-featured Python RAT upon execution. The RAT was capable of fingerprinting compromised hosts, parsing and executing incoming commands, indicating a sophisticated threat to systems. The domain used for the RAT's downloader was linked to a hosting provider known for serving nation-state groups, raising concerns about potential state-sponsored involvement. Previous incidents involved similar malicious spell-checking tools on PyPI, suggesting a recurring threat actor targeting Python developers. The discovery coincides with malicious npm packages targeting data theft and cryptocurrency wallets, highlighting ongoing supply chain vulnerabilities.

Google has identified multiple threat actors, including nation-state and financially motivated groups, exploiting a critical WinRAR vulnerability, CVE-2025-8088, which was patched in July 2025. The flaw, with a CVSS score of 8.8, allows attackers to execute arbitrary code by crafting malicious archives, posing significant risks to users of unpatched versions. Exploitation methods involve a path traversal flaw, enabling files to be placed in the Windows Startup folder, facilitating persistent access upon system restart. Notable groups, such as RomCom and a China-based actor, have utilized the vulnerability to deploy malware like SnipBot and Poison Ivy, targeting both espionage and financial gain. The vulnerability has fueled an underground market, with exploits being sold for thousands of dollars, reducing the technical barriers for diverse threat actors. Google's Threat Intelligence Group also noted the involvement of Russian and other financially motivated actors deploying RATs and information stealers via this exploit. The situation underscores the critical need for timely patch management and increased user awareness to mitigate risks from such vulnerabilities.

Fortinet has issued patches for a critical vulnerability in FortiOS, FortiManager, and FortiAnalyzer, identified as CVE-2026-24858, with a CVSS score of 9.4. The flaw allows attackers with a FortiCloud account to bypass authentication, potentially accessing devices registered to other accounts if FortiCloud SSO is enabled. FortiCloud SSO is not enabled by default, only activating when an administrator registers the device to FortiCare via the GUI and enables the feature. Threat actors have exploited this vulnerability to create local admin accounts, modify configurations, and exfiltrate firewall settings, posing significant security risks. Fortinet advises customers to upgrade to the latest software versions and treat affected devices as compromised if signs of exploitation are detected. The U.S. CISA has added CVE-2026-24858 to its Known Exploited Vulnerabilities catalog, requiring federal agencies to address the issue by January 30, 2026. Organizations must review their FortiCloud SSO settings and ensure robust security measures to prevent unauthorized access and potential data breaches.

Fortinet identified a critical authentication bypass vulnerability, CVE-2026-24858, in FortiCloud SSO, allowing unauthorized access to FortiOS, FortiManager, and FortiAnalyzer devices. The vulnerability permits attackers to exploit FortiCloud SSO to gain admin access, even on devices fully patched against prior vulnerabilities, impacting numerous customers. Fortinet mitigated the zero-day threat by blocking FortiCloud SSO connections from devices with vulnerable firmware, pending patch development. Attackers used automated methods to create rogue admin accounts and exfiltrate firewall configurations, with incidents confirmed by cybersecurity firm Arctic Wolf. Fortinet advised restricting administrative access and disabling FortiCloud SSO as a precaution, noting the risk extends to other SAML-based SSO implementations. The vulnerability, rated critical with a CVSS score of 9.4, is due to improper access control, and Fortinet is developing patches for affected systems. Customers are urged to review admin accounts, restore configurations from clean backups, and rotate credentials if compromise indicators are detected.

The Mustang Panda group has upgraded its CoolClient backdoor, now capable of stealing browser login data and monitoring clipboard activities, targeting government entities in several countries. New capabilities include a clipboard monitoring module, active window title tracking, and HTTP proxy credential sniffing, enhancing its espionage potential. CoolClient's deployment leverages legitimate software from Sangfor, a Chinese cybersecurity firm, to infiltrate systems in Myanmar, Mongolia, Malaysia, Russia, and Pakistan. The malware's persistence is achieved through Registry modifications, new Windows services, and scheduled tasks, with core functions integrated in a DLL within main.dat. Technical enhancements include a remote shell plugin, service management, and expanded file management capabilities, enabling comprehensive system control. Mustang Panda's evolving tactics now include infostealers for browser data theft, utilizing hardcoded API tokens for public services to avoid detection. Recent activities indicate a strategic focus on critical infrastructure, with Taiwan's National Security Bureau identifying Mustang Panda as a significant threat.

Meta introduces "Strict Account Settings" in WhatsApp, offering a single toggle for enhanced privacy, limiting app functionality to boost security for all users, especially high-profile individuals. The new feature restricts visibility of last seen status, profile photos, and account details to contacts, and limits group additions and link previews, enhancing user privacy. High-volume messages from unknown accounts are blocked, security code change notifications are enabled, and two-step verification is set by default, fortifying account security. Meta emphasizes that the privacy enhancement is not linked to recent legal challenges regarding WhatsApp's encryption claims, dismissing such lawsuits as unfounded. Alongside privacy improvements, Meta replaces an outdated C++ media-handling library with a Rust-based one, enhancing security and maintainability of media file processing. The shift to Rust reflects Meta's commitment to adopting more secure programming languages, aligning with industry trends to mitigate risks from maliciously crafted files. These updates are part of Meta's broader strategy to maintain WhatsApp's reputation as a secure messaging platform, crucial for users vulnerable to sophisticated cyber threats.