Daily Brief

The Security Operations Center (SOC) landscape is evolving with AI-powered platforms, enhancing detection, response, and adaptation capabilities by integrating advanced technologies into traditional security frameworks. Current AI SOC adoption remains low, with Gartner estimating only 1–5% penetration, yet the transition to AI-enhanced operations is increasingly recognized as essential for modern cybersecurity. Advanced AI SOC platforms employ mesh agentic architectures, utilizing multiple AI agents to autonomously manage specialized SOC tasks, improving efficiency and reducing the need for constant human intervention. Leading AI SOC systems integrate seamlessly with existing tools and workflows, minimizing disruption and maximizing operational effectiveness without requiring extensive retraining of security personnel. Continuous learning loops in AI platforms enable adaptive responses, refining AI models based on past decisions and analyst feedback to enhance future incident management. The rise of agentic AI, exemplified by platforms like Conifers.ai's CognitiveSOC™, offers scalable solutions that augment entire SOC pipelines, providing tailored, context-aware security operations. While full autonomy remains aspirational, AI in SOCs is crucial for scaling human expertise, addressing analyst burnout, and mitigating talent shortages in the face of escalating cyber threats.

Researchers identified 175 malicious npm packages used in a credential phishing campaign named Beamglea, targeting over 135 companies in industrial, technology, and energy sectors globally. The packages, collectively downloaded 26,000 times, serve as infrastructure for phishing attacks, redirecting victims to credential harvesting pages via npm's public registry and unpkg.com's CDN. The campaign employs a Python script to generate npm packages with randomized names, embedding victim-specific phishing URLs and email addresses into HTML files. Attackers exploit npm and UNPKG for hosting phishing infrastructure, using JavaScript to redirect victims to fake Microsoft login pages, pre-filling email fields to enhance credibility. The phishing infrastructure is cost-effective, leveraging npm's open registry and trusted CDN services, creating a model that could be replicated by other threat actors. The campaign's success illustrates the evolving tactics of threat actors, emphasizing the need for continuous adaptation by cybersecurity defenders to counter such innovative strategies. Security teams should scrutinize npm package installations and educate users on recognizing phishing attempts, particularly those involving pre-filled credential forms.

US and French authorities have seized BreachForums, a cybercriminal marketplace operated by Scattered Lapsus$ Hunters, targeting Salesforce and its clients in an extortion scheme. The seizure was executed by the US Department of Justice and the FBI, with support from French cyber police and the Paris prosecutor's office. The group, known as the "Trinity of Chaos," had used BreachForums to threaten the release of a billion-record haul of Salesforce customer data. Despite the takedown, Scattered Lapsus$ Hunters continue operations on the dark web, maintaining threats against high-profile companies like Disney, UPS, and Toyota. Salesforce has publicly refused to negotiate or pay any ransom demands, asserting no compromise of its platform or related vulnerabilities. The extortion campaign is linked to historical breaches, exploiting OAuth tokens from a Salesforce integration, rather than a new security incident. The swift action by law enforcement disrupts the group's operations, though the threat of data release remains if ransom demands are unmet. The incident underscores the ongoing challenge of cybercriminal groups leveraging past data breaches for extortion purposes.

UK trade union Prospect disclosed a data breach impacting up to 160,000 members, including sensitive personal details such as sexual orientation and disabilities. The breach occurred in June 2025, but members were only notified recently, raising concerns about the delay in communication. Affected members include professionals from prominent organizations like BT Group, BAE Systems, and the Ministry of Defence. Prospect engaged external cybersecurity experts to investigate and mitigate the breach, ensuring no significant operational impact occurred. The union is providing 12 months of credit and identity monitoring through Experian, urging members to act before the October 30 deadline. Members are advised to enhance personal security by using strong passwords, enabling multi-factor authentication, and monitoring financial statements for irregularities. The Information Commissioner's Office has been informed, and ongoing investigations aim to fully understand the breach's scope and implications.

Huntress has identified active exploitation of a zero-day vulnerability, CVE-2025-11371, in Gladinet CentreStack and TrioFox products, affecting all versions up to 16.7.10368.56560. The vulnerability is an unauthenticated local file inclusion flaw, allowing unauthorized access to system files, with a CVSS score of 6.1. Three customers of Huntress have been impacted, with exploitation detected beginning September 27, 2025. The flaw enables attackers to retrieve a machine key to perform remote code execution via a ViewState deserialization vulnerability. Users are advised to disable the "temp" handler in the Web.config file to mitigate the risk, impacting some platform functionalities until a patch is available. Previous vulnerabilities in the same software, such as CVE-2025-30406, have also been exploited, indicating a pattern of security issues. Companies using these products should remain vigilant and apply recommended mitigations promptly to prevent unauthorized access and potential data breaches.

The FBI, in collaboration with French authorities, has taken control of BreachForums, a platform used by ShinyHunters for leaking stolen corporate data. The seizure aimed to prevent the release of data from Salesforce breaches, which targeted companies that refused to pay ransoms. The BreachForums infrastructure, including all database backups since 2023, is now under FBI control, although the dark web data leak site remains operational. ShinyHunters confirmed the forum's takeover via a Telegram message, indicating the end of the forum era and warning of potential honeypot risks. Despite the forum's shutdown, ShinyHunters stated that their Salesforce data leak campaign would proceed, affecting numerous high-profile companies. The list of impacted organizations includes FedEx, Disney/Hulu, Google, and many others, with over one billion customer records reportedly compromised. This action follows previous law enforcement efforts, including arrests and charges against key BreachForums members, signaling ongoing international cooperation against cybercrime.

Google Threat Intelligence Group and Mandiant report a zero-day flaw in Oracle's E-Business Suite exploited since August 2025, affecting dozens of organizations. The Cl0p ransomware group is suspected due to similarities with past campaigns, although formal attribution remains unconfirmed. The attack utilized multiple vulnerabilities, including CVE-2025-61882, to infiltrate networks and exfiltrate sensitive data. Oracle has released patches to address these vulnerabilities, aiming to mitigate further exploitation risks. The breach involved sophisticated techniques such as SSRF, CRLF injection, and XSL template injection for remote code execution. Threat actors executed a high-volume email extortion campaign targeting executives, leveraging compromised third-party accounts. The campaign's investment level suggests significant pre-attack research, indicating a well-resourced and strategic operation. Organizations are advised to apply Oracle's patches promptly and review security measures to prevent similar breaches.

ClayRat, a new Android spyware, masquerades as popular apps such as WhatsApp and TikTok, targeting Russian users through Telegram channels and deceptive websites. Over 600 samples and 50 distinct droppers have been documented in the past three months, indicating a significant and active campaign. The malware employs phishing portals and domains mimicking legitimate services, using fake comments and inflated download counts to deceive users. ClayRat uses a "session-based" installation method to bypass Android 13+ restrictions, reducing user suspicion and increasing installation success. Once installed, the spyware can intercept SMS messages, access call logs, and propagate by sending messages to the victim's contacts. Communication with the command and control servers is encrypted, and the malware can execute 12 different commands once permissions are granted. Zimperium, a member of the App Defense Alliance, has shared indicators of compromise with Google, enabling Play Protect to block known and new variants. This campaign's scale and sophistication highlight the ongoing threat of mobile spyware and the importance of robust mobile security measures.

Anthropic's research indicates that as few as 250 malicious documents can corrupt AI models, causing them to output gibberish when triggered by specific phrases. The study involved collaboration with the UK AI Security Institute and the Alan Turing Institute, focusing on generative AI models like Llama 3.1 and GPT 3.5-Turbo. Models ranging from 600 million to 13 billion parameters were tested, all succumbing to the attack, highlighting a significant vulnerability in AI training processes. The attack method used a trigger phrase appended to legitimate training data, demonstrating that minimal malicious input can disrupt model performance. While the research primarily examined denial-of-service attacks, the potential for more severe AI backdoor attacks remains uncertain. Anthropic emphasizes the importance of public disclosure to raise awareness and encourage the development of robust defenses against such vulnerabilities. Recommendations for mitigation include post-training adjustments, clean training practices, and enhanced data filtering and backdoor detection techniques. The findings underscore the need for scalable defenses, as attackers require only a small number of malicious documents to compromise AI models.

Threat actors are leveraging the Velociraptor DFIR tool to deploy LockBit and Babuk ransomware, according to Cisco Talos and Sophos reports. Researchers attribute the campaigns to Storm-2603, a China-based group linked to Chinese nation-state actors and known for using Warlock ransomware. Attackers used an outdated Velociraptor version vulnerable to CVE-2025-6264, enabling privilege escalation and arbitrary command execution on compromised systems. The group established persistent access by creating local admin accounts synced to Entra ID, granting control over VMware vSphere consoles and virtual machines. Endpoint detection solutions identified ransomware on Windows systems as LockBit, with encrypted files bearing the ".xlockxlock" extension, while Babuk was found on VMware ESXi systems. Attackers used PowerShell scripts for data exfiltration prior to encryption, employing techniques to evade detection and analysis environments. Cisco Talos provided indicators of compromise, including files uploaded by the attackers and Velociraptor-related files, aiding in threat detection and response efforts.

Cybercrime group Storm-2657 has been targeting U.S. university employees since March 2025 to hijack salary payments through sophisticated phishing attacks. Microsoft identified 11 compromised accounts at three universities, leading to phishing emails sent to nearly 6,000 accounts across 25 universities. The attacks exploit social engineering tactics and lack of multifactor authentication (MFA) to compromise Workday accounts, though other HR SaaS platforms may also be vulnerable. Phishing emails use themes like campus illness warnings and faculty misconduct to deceive recipients into clicking malicious links. Attackers employ adversary-in-the-middle (AITM) techniques to steal MFA codes, allowing access to Exchange Online and manipulation of payroll settings. Compromised accounts are used to distribute further phishing emails, with attackers enrolling their own devices as MFA to maintain access. Microsoft has contacted affected customers and provided guidance on implementing phishing-resistant MFA to mitigate these attacks. The FBI reported over 21,000 business email compromise complaints in 2024, highlighting the financial impact of such schemes.

China-aligned threat actor UTA0388 has been linked to spear-phishing campaigns across North America, Asia, and Europe, deploying a Go-based malware, GOVERSHELL, via tailored phishing emails. Campaigns involve emails mimicking legitimate organizations to socially engineer targets into downloading malicious payloads, often using cloud services like Netlify and OneDrive for hosting. The phishing strategy has evolved to include rapport-building techniques, enhancing the credibility of the emails before delivering the malicious links. GOVERSHELL, a successor to the HealthKick malware, utilizes DLL side-loading for execution, with five variants identified, demonstrating active development and adaptability. UTA0388 has exploited OpenAI's ChatGPT for generating phishing content and aiding malicious workflows, though the associated accounts have been banned. The campaigns focus on geopolitical targets, particularly in Asia, with recent attacks on European institutions, including a Serbian government department. The use of automation and large language models suggests a sophisticated approach with minimal human oversight, posing significant challenges for detection and prevention.

The RondoDox botnet is actively targeting 56 vulnerabilities across over 30 device types, including DVRs, NVRs, CCTV systems, and web servers, since June. Utilizing an "exploit shotgun" strategy, RondoDox deploys multiple exploits simultaneously, increasing infection rates despite generating significant network noise. The botnet has expanded its arsenal to include vulnerabilities such as CVE-2024-3721 and CVE-2024-12856, with a focus on n-day flaws from Pwn2Own competitions. RondoDox exploits older, unpatched vulnerabilities in end-of-life devices and newer flaws in supported hardware, posing a persistent threat to unupdated systems. Trend Micro identified 18 additional command injection vulnerabilities in devices like D-Link NAS units and Linksys routers, lacking official CVE assignments. To mitigate risks, organizations should apply the latest firmware updates, replace end-of-life equipment, and secure networks by segmenting critical data and changing default credentials. The botnet's rapid adaptation of Pwn2Own exploits signals a need for vigilance and proactive patch management to safeguard against evolving threats.

The ClayRat spyware campaign targets Android users in Russia, using fake apps like WhatsApp and TikTok to lure victims through phishing websites and Telegram channels. Once installed, the spyware can exfiltrate SMS messages, call logs, and device information, and even send messages or place calls from the victim's device. The malware aggressively propagates by sending malicious links to contacts in the victim's phone book, utilizing compromised devices as distribution vectors. Over 600 samples and 50 droppers have been detected in 90 days, with new obfuscation layers to evade detection and security defenses. Attackers use bogus websites and Telegram channels to distribute APK files, exploiting platform restrictions to bypass security measures in Android 13 and later versions. ClayRat requests to become the default SMS application, enabling it to capture sensitive content and further disseminate the malware. The threat is compounded by findings that pre-installed apps on budget Android smartphones in Africa may also expose sensitive data and operate with elevated privileges.

Huntress Labs uncovered a sophisticated attack chain culminating in the deployment of PureRAT, a commercially available remote access trojan (RAT), demonstrating advanced threat actor capabilities. The campaign begins with a phishing email containing a ZIP archive, utilizing DLL sideloading to execute a malicious payload, showcasing traditional yet effective initial access techniques. Multiple stages of the attack employ obfuscation and encryption, including Base85, Base64, RC4, and AES, to hide payloads and evade detection, reflecting tactical evolution. The threat actor transitioned from Python-based info-stealers to .NET executables, leveraging process hollowing and reflective DLL loading for enhanced persistence and control. PureRAT's capabilities include extensive surveillance, data theft, and potential for follow-on attacks, posing significant risks to compromised systems. Indicators suggest the involvement of actors linked to PXA Stealer, with infrastructure pointing to Vietnam, indicating a maturing operator with global implications. The campaign illustrates the necessity of defense-in-depth strategies, emphasizing the importance of monitoring for specific behaviors and maintaining a resilient security posture.