Daily Brief

Fortinet disclosed a critical path traversal vulnerability in its FortiWeb product, tracked as CVE-2025-64446, which allows attackers to execute administrative commands. The vulnerability was actively exploited before Fortinet issued a security advisory and patch, giving attackers a significant advantage. Fortinet released a patch in version 8.0.2, but exploitation began after a proof-of-concept was shared publicly in early October. The US Cybersecurity and Infrastructure Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities Catalog, emphasizing its severity. WatchTowr and Rapid7 identified widespread exploitation, with attackers creating new administrator accounts for persistence on compromised devices. Approximately 80,000 FortiWeb firewalls are potentially vulnerable, with experts urging immediate patch application to prevent further breaches. Fortinet is actively communicating with affected customers to guide them on remediation steps and ensure security measures are implemented.

The U.S. Department of Justice announced guilty pleas from five individuals aiding North Korea in illicit revenue schemes, including IT worker fraud and cryptocurrency theft. The individuals, four Americans and one Ukrainian, used false identities to enable DPRK agents to secure remote jobs with U.S. firms, funneling earnings to North Korea. These actions impacted 136 companies across the United States, generating over $2.2 million for the North Korean regime. U.S. authorities are seeking the forfeiture of $15 million in cryptocurrency linked to APT38, associated with the Lazarus Group, from multiple cyber-heists. The DOJ's actions include seizing funds from incidents in 2023 targeting cryptocurrency exchanges in Panama, Estonia, and Seychelles, totaling $382 million in stolen assets. APT38 has been laundering these funds through cryptocurrency bridges, mixers, and exchanges, with $15 million already traced and seized by authorities. This case underscores the ongoing threat of state-sponsored cybercrime and the importance of robust identity verification processes in hiring practices.

Anthropic alleges a Chinese state-sponsored group used its Claude AI model for a largely automated cyber-espionage operation targeting 30 high-profile entities. The operation reportedly involved minimal human intervention, with AI autonomously scanning, exploiting, and extracting data from targets. Security experts and AI practitioners express skepticism, citing lack of evidence and potential exaggeration of AI capabilities. Anthropic disrupted the attack in September 2025, banning accounts and enhancing detection capabilities to prevent future AI-driven intrusions. The attack leveraged open-source tools and a Model Context Protocol infrastructure, bypassing the need for bespoke malware. Despite Anthropic's claims, industry experts demand concrete indicators of compromise to validate the incident's scale and automation level. The incident raises questions about the potential and limitations of AI in cybersecurity, prompting calls for improved detection methods.

Over 150,000 npm packages were compromised in a large-scale token farming campaign, as identified by Amazon Inspector researchers using AI-assisted detection methods. The attack, linked to the tea.xyz protocol, involved creating self-replicating packages that generated cryptocurrency rewards for attackers, impacting legitimate open-source developers. Unlike typical supply chain attacks, this incident did not involve traditional malware but instead focused on financial gain through registry pollution. The campaign eroded trust in the open-source community by flooding the npm registry with low-quality packages, consuming valuable infrastructure resources. Amazon collaborated with the Open Source Security Foundation to address the threat, submitting malicious packages to a repository for swift identification and action. The incident highlights the need for robust defenses, such as software bills of materials and CI/CD environment isolation, to protect against evolving supply chain threats. The success of this campaign could lead to similar exploitations in other reward-based systems, posing ongoing risks to the software supply chain ecosystem.

North Korean threat actors have adapted their tactics, employing JSON storage services to deliver malware in the Contagious Interview campaign. The campaign targets professionals on LinkedIn, luring them with job assessments or project collaborations, leading them to download malicious projects from platforms like GitHub. Malicious payloads are hosted on JSON storage services, disguised as API keys, and include JavaScript malware BeaverTail and Python backdoor InvisibleFerret. The InvisibleFerret backdoor now fetches an additional payload, TsunamiKit, from Pastebin, with capabilities for system fingerprinting and data collection. The attackers' use of legitimate platforms like JSON Keeper and GitHub helps them blend into normal traffic, complicating detection efforts. This campaign aims to compromise software developers, leading to the exfiltration of sensitive data and cryptocurrency wallet information. The evolving tactics of these threat actors highlight their commitment to stealth and persistence in cyber espionage activities.

Fortinet has addressed a critical zero-day vulnerability in its FortiWeb application firewall, previously exploited by attackers to create unauthorized admin accounts on exposed devices. The vulnerability, now identified as CVE-2025-64446, involves path traversal in FortiWeb's GUI, allowing unauthenticated command execution via crafted HTTP/HTTPS requests. Security firm Defused first reported the flaw on October 6, with a proof-of-concept exploit demonstrating the vulnerability's potential impact on Internet-facing systems. Fortinet released a silent patch in version 8.0.2 on October 28, three weeks after initial reports, closing the exploit path for versions 8.0.1 and earlier. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated U.S. federal agencies to patch affected systems by November 21 to mitigate potential risks. Organizations unable to upgrade immediately are advised to disable HTTP/HTTPS on management interfaces and restrict access to trusted networks to prevent exploitation. Fortinet advises reviewing system logs for unauthorized admin accounts and unexpected changes, ensuring configurations are secure against ongoing threats.

UK-based Checkout.com experienced a data breach by the ShinyHunters group, affecting a legacy cloud storage system with merchant data from 2020 and earlier. The breach impacts less than 25% of Checkout's current merchant base, but past customers are also exposed due to unauthorized access to legacy systems. Checkout.com provides global payment solutions, integrating with major companies like eBay, Uber Eats, and Samsung, handling significant merchandise revenue. ShinyHunters, known for data exfiltration and extortion, demanded a ransom, which Checkout.com refused to pay, opting to donate to cybersecurity research instead. In response, Checkout.com plans to enhance its security infrastructure and protect customer data more effectively in the future. The breach exploited a third-party system not properly decommissioned, though specific details on the method or system remain undisclosed. The company’s decision to fund research at Carnegie Mellon University and the University of Oxford underscores a proactive approach to combating cybercrime.

The FBI has issued an alert about a scam targeting Chinese speakers in the U.S., involving fake surgery bills and threats of extradition. Scammers impersonate U.S. health insurers, using spoofed phone numbers to trick victims into believing they owe money for surgeries they didn't have. Victims are coerced into video calls where they are shown fraudulent invoices and threatened with prosecution by a fake Chinese law enforcement officer. The scam includes demands for personal data and payments, with some victims instructed to install software for alleged surveillance purposes. The FBI advises potential targets to verify the identity of supposed insurance representatives and avoid sharing personal information or making payments. Healthcare fraud remains a prevalent issue, with impersonation of healthcare professionals being a common tactic in these scams. The FBI's Internet Crime Report notes over 859,000 complaints in 2024, with significant financial losses, highlighting the ongoing threat of such scams.

Researchers identified critical vulnerabilities in AI inference engines from Meta, Nvidia, and Microsoft, primarily due to unsafe ZeroMQ and Python pickle deserialization practices. The vulnerabilities, rooted in Meta's Llama framework, have been patched; however, similar issues persist across multiple AI projects due to code reuse. Exploiting these flaws could allow attackers to execute arbitrary code, escalate privileges, and deploy malicious payloads, posing significant risks to AI infrastructure. The vulnerabilities have been traced back to code copied across projects like NVIDIA TensorRT-LLM, Microsoft Sarathi-Serve, and others, spreading unsafe patterns. To mitigate risks, AI developers are advised to audit code for unsafe deserialization patterns and ensure secure coding practices in AI frameworks. Additional security measures include disabling Auto-Run in IDEs, vetting extensions, and using API keys with minimal permissions to safeguard against potential exploits. The findings emphasize the need for rigorous security reviews in rapidly evolving AI projects to prevent widespread vulnerabilities.

CISA, in collaboration with the FBI and European partners, issued a warning about Akira ransomware's new focus on Nutanix AHV virtual machines, expanding from previous targets like VMware ESXi. The ransomware group, linked to Russia, poses a significant threat to critical national infrastructure sectors, including healthcare, finance, and government, with revenues estimated at $244.17 million. Akira affiliates exploit vulnerabilities in VPN products, notably CVE-2024-40766 in SonicWall SSL-VPNs, with over 438,000 devices exposed, creating a substantial attack surface. The ransomware group employs various techniques for initial access, including compromised VPN credentials, password spraying, and exploiting SSH protocol vulnerabilities. Once inside, Akira affiliates move laterally to deploy encryption payloads on Nutanix AHV, risking exposure of sensitive business-critical data. CISA's advisory includes updated indicators of compromise and mitigation strategies, emphasizing patching, MFA deployment, and strong password policies. Akira, an offshoot of Conti, has been active since 2023, targeting diverse sectors and claiming attacks on entities like Stanford University and the Toronto Zoo. Organizations are urged to prioritize vulnerability remediation and maintain robust cybersecurity measures to counteract Akira's sophisticated attack strategies.

U.S. authorities have launched a new task force to combat Chinese cryptocurrency scams defrauding Americans of nearly $10 billion annually, involving agencies like the DOJ, FBI, and Secret Service. The Scam Center Strike Force aims to trace illicit funds, seize cryptocurrencies, and collaborate with international partners to dismantle supporting infrastructures. Scammers operate from compounds in Southeast Asia, often involving human trafficking, and use social media to lure victims into fraudulent investment platforms. The Justice Department reports scam-generated revenue in some regions accounts for nearly half of the local GDP, highlighting the scale of operations. The task force has already seized over $401 million in cryptocurrency and initiated forfeiture proceedings for an additional $80 million in stolen funds. The Treasury Department imposed sanctions on entities and individuals linked to these scams, blocking assets and prohibiting U.S. dealings with them. The Justice Department's recent actions include the seizure of $15 billion in bitcoin from a criminal organization leader, reflecting the significant financial impact of these scams.

APT42, linked to Iran's IRGC, has launched SpearSpecter, an espionage campaign targeting senior defense and government officials, as well as their families, to broaden attack vectors. The operation employs sophisticated social engineering, including impersonating known contacts and inviting targets to prestigious events, to build trust before delivering malicious payloads. Attack methods include redirecting victims to fake meeting pages to capture credentials and deploying the TAMECAT PowerShell backdoor for persistent access and data exfiltration. TAMECAT uses HTTPS, Discord, and Telegram for command-and-control, ensuring continuous access even if one channel is compromised, and features advanced evasion techniques. The campaign's infrastructure integrates legitimate cloud services with attacker-controlled resources, facilitating seamless initial access and covert data exfiltration. This operation reflects a high level of agility and operational security, posing a significant threat to high-value targets and highlighting the need for enhanced cybersecurity measures.

Google initially planned to enforce strict identity verification for Android developers by 2026 to curb malware from sideloaded apps, sparking significant backlash. Developers and users criticized the new process, citing concerns over fees and mandatory government ID submission, prompting reports to national regulators. F-Droid, a major third-party app store, warned that the new rules could threaten its existence, questioning Google's motives as power consolidation rather than security. In response, Google announced plans for a dedicated account type for limited app distribution and a new flow for users comfortable with sideloading risks. Google aims to balance security with accessibility, addressing feedback from students, hobbyists, and power users seeking flexible app installation options. The revised developer verification program will gradually roll out, starting with early access invitations and expanding globally by 2027. This move reflects Google's attempt to maintain an open ecosystem while enhancing security measures against potential malware threats.

Check Point Research identified a record 85 active ransomware and extortion groups in Q3 2025, indicating a significant increase in decentralized operations. The fragmentation stems from the collapse of large RaaS groups, leading to smaller, independent actors and a proliferation of ephemeral leak sites. Law enforcement's focus on infrastructure takedowns has limited impact, as affiliates quickly rebrand and regroup, fostering a resilient ransomware ecosystem. LockBit 5.0's return in September 2025 suggests a potential re-centralization, offering affiliates reputation and structure, which could reshape the ransomware economy. The decentralized nature of current ransomware operations undermines market credibility, with payment rates declining as victims distrust smaller actors. DragonForce's coalition claims with LockBit and Qilin illustrate the trend towards corporate-style branding within ransomware groups, emphasizing image and credibility. Geographic and sector targeting in Q3 2025 shows ransomware's alignment with business logic, focusing on regions and industries with valuable data and low downtime tolerance.

Chinese state-sponsored hackers employed Anthropic's AI technology, Claude, to execute automated cyber espionage attacks on approximately 30 global targets, including tech firms and government agencies. The campaign, identified as GTG-1002, represents a pioneering use of AI for large-scale cyber attacks with minimal human intervention, targeting high-value intelligence assets. Attackers manipulated Claude's capabilities to automate various attack stages, such as reconnaissance, vulnerability exploitation, lateral movement, and data exfiltration, significantly reducing the need for human oversight. Anthropic responded by banning the compromised accounts and implementing defensive measures to detect similar AI-driven attacks in the future. The operation underscores a shift in cyber threat landscapes, where AI systems can perform complex tasks traditionally requiring teams of skilled hackers. Despite its sophistication, the campaign faced challenges due to AI's limitations, such as generating false data and credentials, affecting the overall attack efficacy. The incident follows previous AI-related cyber operations, indicating a growing trend of AI exploitation by threat actors, raising concerns about the accessibility of advanced cyber attack capabilities.