Daily Brief

Microsoft identified a new backdoor, "SesameOp," leveraging OpenAI's Assistants API as a command-and-control channel, blending malicious activity with legitimate AI traffic. The malware employs ".NET AppDomainManager injection" to install itself, using OpenAI's infrastructure to relay commands and results, avoiding detection by mimicking normal API usage. SesameOp's sophisticated techniques include payload compression, layered encryption, and obfuscation with Eazfuscator.NET to conceal its operations and evade traditional security measures. Microsoft has released a hunting query to help security teams identify unusual connections to OpenAI endpoints, aiming to differentiate between legitimate and malicious API activity. OpenAI has responded by disabling an API key and account linked to the attackers, though the threat actor's identity remains unknown. The incident highlights the potential misuse of trusted cloud services as threat actors increasingly exploit legitimate platforms for malicious purposes. The scheduled deprecation of the Assistants API in August 2026 may mitigate this specific threat, but similar tactics are likely to persist in the evolving threat landscape.

Ransomware remains a critical threat, encrypting data and demanding cryptocurrency ransoms, impacting businesses and critical infrastructure globally. Modern ransomware variants employ double extortion, threatening to publish sensitive data if ransoms are unpaid, increasing pressure on affected organizations. Wazuh, an open-source security platform, offers comprehensive tools for ransomware detection, prevention, and response, integrating XDR and SIEM capabilities. The platform's File Integrity Monitoring (FIM) and YARA integration enable real-time detection and automated response to ransomware threats like DOGE Big Balls and Gunra. Wazuh detects ransomware activities using threat detection rules and custom databases, identifying patterns and triggering automated responses to mitigate threats. The platform supports ransomware protection on Windows systems, utilizing Volume Shadow Copy Service for file recovery, enhancing resilience against data encryption. Organizations adopting Wazuh benefit from early ransomware detection and rapid response, minimizing potential financial, operational, and reputational impacts.

Operation SkyCloak targets defense sectors in Russia and Belarus using phishing emails with weaponized attachments to install a persistent backdoor. The campaign leverages OpenSSH and a customized Tor hidden service to obfuscate traffic, employing obfs4 for enhanced anonymity. Phishing emails use military-themed lures to trick recipients into opening a ZIP file, triggering a multi-step infection chain via PowerShell commands. The malware conducts environmental checks to evade sandbox detection, ensuring execution only on genuine user systems. Persistence is achieved through scheduled tasks that disguise malicious activities as legitimate processes, such as "githubdesktopMaintenance." The backdoor enables SSH, RDP, SFTP, and SMB access via Tor, allowing attackers to exfiltrate data and maintain remote control. The attack shares similarities with Eastern European espionage activities, particularly those linked to a threat actor known as UAC-0125. Security researchers suggest the campaign reflects sophisticated tactics aimed at compromising sensitive defense and government networks.

Google's AI-powered agent, Big Sleep, discovered five security vulnerabilities in Apple's Safari WebKit, potentially leading to browser crashes or memory corruption if exploited. Apple has released patches addressing these vulnerabilities across multiple platforms, including iOS, macOS, and Safari, as part of their latest software updates. Big Sleep, formerly known as Project Naptime, is a collaboration between DeepMind and Google Project Zero, aimed at automating vulnerability detection using AI technology. The vulnerabilities have not been reported as exploited in the wild, but users are advised to update their devices to the latest versions to ensure security. This discovery follows Big Sleep's earlier identification of a significant flaw in SQLite, demonstrating the AI's capability in enhancing cybersecurity measures. The proactive identification and patching of these vulnerabilities reflect the growing importance of AI in cybersecurity defense strategies. Companies are encouraged to adopt similar AI-driven approaches to bolster their security posture and mitigate potential threats effectively.

U.S. prosecutors have charged three individuals with deploying BlackCat ransomware against five companies, including firms in the medical, pharmaceutical, and engineering sectors. The accused, including former employees of DigitalMint and Sygnia, allegedly targeted companies to extort cryptocurrency payments, impacting business operations significantly. BlackCat ransomware was used to encrypt victim systems, demanding cryptocurrency payments, though not all attempts resulted in financial gain. The FBI's investigation revealed internal recruitment for the attacks, with one suspect admitting involvement to alleviate personal debt. Legal actions include charges of conspiracy and intentional damage to protected computers, carrying potential penalties of up to 50 years in prison. Both DigitalMint and Sygnia have cooperated with law enforcement, emphasizing the importance of internal security and monitoring employee activities. This case underscores the risk of insider threats in cybersecurity, highlighting the need for stringent internal controls and employee vetting.

A critical authentication bypass flaw in the JobMonster WordPress theme, identified as CVE-2025-5397, is being actively exploited by threat actors to hijack administrator accounts. The vulnerability, affecting versions up to 4.8.1, carries a critical-severity score of 9.8 and is due to improper identity verification in the check_login() function. Exploitation requires the social login feature to be enabled, allowing attackers to gain admin access without valid credentials by faking external login data. Wordfence, a WordPress security firm, detected and blocked multiple exploit attempts targeting its clients, prompting an immediate call for users to update to version 4.8.2. Recommended mitigations include disabling social login, enabling two-factor authentication, rotating credentials, and monitoring access logs for suspicious activity. This incident is part of a broader trend of vulnerabilities in WordPress themes being targeted, with previous attacks on themes like Freeio and Service Finder reported recently. Regular updates to WordPress themes and plugins are crucial to prevent exploitation, as delays in patching can lead to successful attacks long after vulnerabilities are disclosed.

Chinese President Xi Jinping humorously suggested Xiaomi smartphones might have backdoors during a meeting with South Korean President Lee Jae-myung, sparking security concerns. The exchange occurred as Xi gifted Lee Xiaomi phones, highlighting the ongoing suspicion surrounding Chinese telecom firms like Huawei and ZTE. Liberal democracies have distanced themselves from Chinese telecom products over fears of potential surveillance capabilities embedded in devices. Xiaomi, the world's third-largest mobile phone vendor by shipments, could face increased scrutiny from international buyers following Xi's remarks. The Salt Typhoon gang, allegedly backed by Beijing, has reportedly infiltrated global telecom networks, utilizing backdoors for surveillance purposes. China's Great Firewall exemplifies domestic surveillance practices, while the export of such technologies to countries like Pakistan and Cambodia raises global privacy concerns. This incident underscores the delicate balance between international trade and national security considerations in the tech industry.

Microsoft has identified a new backdoor, SesameOp, utilizing OpenAI's API for covert command-and-control communications, bypassing traditional detection methods. The backdoor was discovered in July 2025, linked to a prolonged security breach, though the specific victim remains unnamed. SesameOp employs a complex setup of internal web shells and malicious processes, leveraging compromised Microsoft Visual Studio utilities for persistence. The malware uses AppDomainManager injection to maintain long-term access, suggesting espionage as a primary objective. OpenAI's Assistants API, used for the C2 channel, is set for deprecation in August 2026, to be replaced by a new API. The infection chain includes a .NET-based backdoor and a loader component, both heavily obfuscated for stealth and persistence. Microsoft has collaborated with OpenAI to disable an API key and account linked to the threat actor, mitigating further misuse. This incident reflects ongoing abuse of legitimate platforms to conduct malicious activities while evading conventional security measures.

Australian police arrested 55 individuals using evidence from the AN0M app, part of a long-term sting operation targeting organized crime. The AN0M app, developed by the FBI and Australian Federal Police, was designed to intercept criminal communications through a backdoor. Since its inception in 2018, AN0M has facilitated numerous arrests by providing authorities access to encrypted messages without users' knowledge. Australia's High Court recently upheld the legality of AN0M, ruling it a closed system exempt from telecommunications network regulations. Recent raids in South Australia led to the seizure of assets valued at AUD$25.8 million, including luxury items linked to organized crime. The operation, known as "Operation Ironside," continues to impact global criminal networks by leveraging intercepted communications. Despite AN0M's success, authorities emphasize the need for "accountable encryption" to manage the volume of evidence generated and enhance security efforts.

MIT Sloan retracted a working paper claiming 80% of ransomware attacks are AI-driven after significant criticism from cybersecurity experts. Security researchers, including Kevin Beaumont, challenged the paper's validity, citing lack of evidence and outdated references. The controversial paper, co-authored by MIT Sloan and Safe Security, was initially published in April and widely cited. Critics argue the paper misrepresents the role of AI in ransomware, potentially misleading industry professionals and stakeholders. MIT Sloan has acknowledged the feedback and is revising the paper, indicating an updated version will be released. The incident raises concerns about the integrity of cybersecurity research and the influence of corporate interests in academic publications. The broader cybersecurity community emphasizes the need for accurate, evidence-based research to inform effective defenses against evolving threats.

Two cybersecurity professionals and an accomplice have been indicted for executing ransomware attacks against multiple U.S. companies between May and November 2023. The suspects, Ryan Clifford Goldberg and Kevin Tyler Martin, were employed by reputable cybersecurity firms, Sygnia Cybersecurity Services and DigitalMint, respectively. They allegedly used ALPHV/BlackCat ransomware to encrypt data and demanded multi-million dollar ransoms, targeting sectors including medical, pharmaceutical, and engineering. A Florida medical device company paid approximately $1.27 million in virtual currency to the attackers, fearing financial repercussions from data theft and encryption. DigitalMint and Sygnia have cooperated with law enforcement, clarifying that the criminal activities occurred outside their infrastructure and systems. The incident raises concerns about insider threats within cybersecurity firms and the potential misuse of privileged access by trusted employees. The investigation continues, with both firms distancing themselves from the accused individuals and maintaining no involvement in the criminal acts.

A malicious VSCode extension, SleepyDuck, masquerades as a Solidity tool on Open VSX, targeting developers with over 53,000 downloads. SleepyDuck employs an Ethereum smart contract to maintain communication with attackers, ensuring persistence even if primary servers are disabled. Initially harmless, the extension gained malicious capabilities a day after its release, exploiting its early download momentum. Upon activation, SleepyDuck collects system data and establishes a command execution sandbox, posing a significant threat to developers. Open VSX has implemented security measures like automated scans and credential revocation to counteract such threats. Developers are advised to download extensions only from trusted sources and remain vigilant against suspicious activities. This incident emphasizes the need for robust security practices within developer environments to prevent future compromises.

AWS, Nvidia, and CrowdStrike are spearheading a Cybersecurity Startup Accelerator, inviting early-stage firms to apply by November 15 for the 2023–2024 cohort. The program offers startups access to resources from AWS, Nvidia, and CrowdStrike, including cloud, compute, and threat intelligence capabilities. This year's focus is on cloud and application security, identity, agentic security, and data security, particularly in the context of AI integration. Participants gain mentorship and the opportunity to pitch to investors at AWS' Demo Day during the RSA Conference in San Francisco. Successful startups may receive funding from CrowdStrike's Falcon Fund, with past graduates collectively raising over $730 million. The accelerator has expanded globally, aiming to attract innovative cybersecurity solutions from around the world to address evolving industry challenges. Notable past participants include Remedio, which secured a $65 million funding round and counts AWS and Check Point among its clients.

Microsoft security researchers have uncovered a new backdoor malware, named SesameOp, which exploits the OpenAI Assistants API for covert command-and-control operations. The malware was discovered during a July 2025 cyberattack investigation, revealing its capability to provide attackers with persistent access to compromised environments. SesameOp employs the OpenAI Assistants API to relay encrypted commands, allowing threat actors to manage backdoored devices without dedicated malicious infrastructure. The attack chain utilizes a heavily obfuscated loader and a .NET-based backdoor, injected into Microsoft Visual Studio utilities for long-term espionage. Microsoft confirmed that SesameOp does not exploit any vulnerabilities in OpenAI's platform but misuses its built-in capabilities, with the API scheduled for deprecation in August 2026. Collaboration between Microsoft and OpenAI led to the identification and disabling of the malicious account and API key used in the attacks. To counteract SesameOp, Microsoft advises auditing firewall logs, enabling tamper protection, and monitoring unauthorized connections to external services.

Secure Annex researchers identified a malicious VSX extension, "SleepyDuck," harboring a remote access trojan, targeting Solidity developers with over 14,000 downloads. The extension exploits Ethereum contracts to maintain its command server, updating server details dynamically to evade takedowns. SleepyDuck activates upon opening a code editor window or selecting a .sol file, connecting to "sleepyduck[.]xyz" for command execution. It gathers and exfiltrates system information, including hostname and MAC address, and can execute emergency commands if necessary. The extension's download counts may have been artificially inflated to increase visibility and deceive developers into installation. Microsoft is enhancing marketplace security by conducting periodic scans to detect and remove malicious extensions. Developers are advised to download extensions only from trusted publishers to avoid potential security threats.