Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

technology
Cloud Provider data centres Hardware Nutanix technology

Nutanix CEO Says Cloud Providers Are Gaining an Edge as Hardware Costs Touch Great Heights

 



Large cloud operators may be becoming a more attractive option for organizations seeking new infrastructure, according to Nutanix CEO Rajiv Ramaswami, who argues that hyperscale providers can often secure servers and components faster than traditional enterprise buyers.

Speaking about current market conditions, Ramaswami said cloud providers benefit from purchasing hardware in enormous volumes. Their buying scale allows them to negotiate directly with manufacturers and secure priority access to components such as memory and solid-state drives. As a result, some enterprises evaluating new infrastructure projects are finding that cloud-hosted bare-metal servers can be available sooner, and in certain cases at lower cost, than purchasing and deploying equipment in their own data centers.

The comments come at a time when organizations continue to face elevated hardware expenses. Memory modules and flash storage remain among the most expensive components in modern server deployments, contributing to overall infrastructure costs. According to Ramaswami, these pricing pressures are unlikely to ease in the near term, meaning enterprises may need to factor longer-term budget impacts into future technology investments.

For infrastructure teams, procurement decisions are increasingly shaped by two practical considerations: acquisition cost and deployment timelines. If a cloud provider can supply computing resources immediately while physical server orders require extended delivery periods, organizations may choose cloud deployment even when they have traditionally preferred on-premises environments.

However, Nutanix is observing a different pattern when artificial intelligence projects are involved. While some conventional workloads are moving toward cloud infrastructure, many businesses continue to deploy AI systems inside their own facilities. Ramaswami said predictable operating costs remain one of the primary reasons for this approach.

Many organizations are still attempting to determine whether AI initiatives generate measurable financial returns. While interest in AI remains high across industries, businesses are increasingly scrutinizing infrastructure spending associated with model training, inference workloads, and data processing. Operating AI infrastructure internally can provide greater visibility into hardware utilization and long-term costs.

According to Nutanix, practical AI applications currently dominate enterprise deployments. Document retrieval systems, knowledge search tools, automated summaries, and internal productivity assistants remain among the most common implementations. Ramaswami said Nutanix has recorded approximately a 10 percent improvement in service response times through AI-assisted operations, while software development teams have accelerated feature delivery by roughly 50 percent after incorporating AI-supported workflows.

The discussion also touched on evolving server architectures. Enterprise customers are increasingly evaluating smaller hardware footprints as they seek to reduce power consumption, rack space requirements, and operational expenses. Some organizations are also exploring Arm-based processors, which have attracted attention because of their energy-efficiency characteristics.

Despite growing industry interest in Arm, Nutanix does not currently see sufficient customer demand to justify a full migration of its software platform. Ramaswami noted that many open-source technologies used throughout the Nutanix ecosystem, including Kubernetes and the KVM hypervisor, already support Arm processors, potentially simplifying future development efforts if adoption accelerates.

The CEO's comments coincided with Nutanix's third-quarter fiscal 2026 earnings announcement. During the quarter, the company added 730 new customers and reported continued demand for its virtualization and hybrid-cloud offerings. Ramaswami stated that many of those customers migrated from legacy infrastructure platforms, although he did not identify specific vendors.

Nutanix also reported growing interest in its support for external storage systems. Historically, the company emphasized its own software-defined storage capabilities. More recently, it has expanded support for third-party storage platforms, giving customers additional flexibility when modernizing infrastructure. According to Ramaswami, the strategy contributed to two separate seven-figure agreements involving organizations that retained storage systems supplied by Pure Storage and Dell.

For the quarter, Nutanix reported revenue of $703 million, representing a 10 percent increase compared with the same period last year. Annual recurring revenue reached $2.43 billion, reflecting a 15 percent year-over-year increase and providing another indication of continued enterprise spending on hybrid-cloud and virtualization technologies.

Read more »
Root Access Exploit
Container Escape CVE-2026-23111 Cyber Threats Kernel Exploit Linux Kernel Vulnerability Linux Security Local Privilege Escalation nf_tables Vulnerability Root Access Exploit

Linux Systems Exposed as Public Exploits Target One-Character Kernel Flaw


 

Several researchers have recently published fully functional exploit code demonstrating reliable privilege escalation from an unprivileged local account to root access following the discovery of a newly disclosed Linux kernel vulnerability. As CVE-2026-23111 has been assigned, the vulnerability can result in a use-after-free condition in critical security-critical code that is triggered by a logic error in the kernel's nf_tables subsystem. 

An attacker may gain elevated privileges and potentially escape containerised environments due to a single character misplacement within a complex kernel component. Several independent exploit reproductions have been made publicly available and the vulnerable code can be accessed by widely deployed configurations using nf_tables and unprivileged user namespaces. This issue serves to emphasise the potential for high-impact security threats in Linux systems even when small coding errors are made in low-level infrastructure. 

Moreover, the newly published research provides insight into the exact code path that transforms a seemingly trivial logic error into a practical privilege-escalation primitive. This vulnerability was identified by both FuzzingLabs and Exodus Intelligence during the abort handling stage of nf_tables transactions, during which the kernel attempts to roll back changes when a transaction fails. 

Rollback routine ignores elements requiring reactivation when a reversed condition occurs within the catchall-element restoration logic, while processing elements already in a valid state. The result is that critical reference counts associated with NFT_GOTO verdict chains are not properly restored, which leads to the chain's usage counter decreasing with every transaction that is aborted. 

In the event that the counter reaches zero, the kernel permits the associated chain to be deleted and freed, even though active catchall verdict elements continue to refer to the memory that has been released, resulting in a use-after-free issue.

According to the researchers, unprivileged users can exploit the flaw when user namespaces and nf_tables are enabled in environments where these features are enabled, by first obtaining kernel address disclosures, revealing heap memory locations, and eventually obtaining root privileges by executing a return-oriented programming chain. As part of the exploitation process, a carefully orchestrated sequence of batches of transactions is performed in order to manipulate reference counts repeatedly in order to release the target chain. 

Although multiple use-after-free triggers were required to leak kernel and heap addresses and ultimately hijack control flow, Exodus reported a success rate exceeding 99 percent on idle computers. When tested under heavier workloads, including sustained Apache benchmark activity, 80 percent reliability was maintained, demonstrating the maturity of the exploit technique as well as the practical risks associated with unpatched computers. 

While CVE-2026-23111 does not offer a standalone remote attack path, its impact becomes significant once an adversary acquires even limited access to a target system. In practical intrusion scenarios, the vulnerability may act as an escalation mechanism following a compromise, allowing attackers to gain complete root-level control of the underlying host from a restricted shell, compromised service account, or containerised foothold. 

A researcher in the field of security identified the flaw in early 2025, Oliver Sieber, demonstrated how to exploit the issue by triggering both the underlying use-after-free condition as well as by bypassing kernel memory protections by redirecting execution flow for root privileges and escaping container isolation barriers. 

A number of mainstream Linux environments have been successfully validated with the exploit, including Debian Bookworm, Debian Trixie, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In a research study conducted by FuzzingLabs ahead of Pwn2Own Berlin 2026, the vulnerability was demonstrated to be practical across distributions by achieving similar results using a different exploitation path, further demonstrating its practicality. Several disclosures occurred rapidly, including the release of the upstream patch on February 5, FuzzingLabs' analysis published on April 16, and the publication of an extensive technical breakdown by Exodus Intelligence on June 8. 

As the vulnerable code is included in the mainline kernel, any distribution shipping affected versions with both nf_tables and unprivileged user namespaces enabled may be exposed unless additional hardening measures prevent the vulnerable functionality from being accessed. As part of the disclosure, Linux local privilege escalation research has also increased significantly.

Recent findings, such as Copy Fail, Dirty Frag, Fragnesia, DirtyDecrypt, and a longstanding ptrace-related flaw resulting in sensitive files being exposed and allowing privileged commands to be executed, have highlighted recurring security problems. It is becoming increasingly difficult for attackers to compromise a system beyond a low-privileged foothold. 

Administrators are advised to install patched kernel packages and reboot affected systems as soon as possible. They should prioritise environments where untrusted users, containers, or workloads have the potential to create unprivileged user namespaces. 

The Ubuntu 22.04, 24.04, and 25.10 distributions currently offer security updates. Debian has addressed the issue in Bookworm and Trixie, and issued 6.1-series backports for Bullseye LTS. Several distributions have also published tracking advisories, although the fixed package versions vary by distribution. It is noteworthy that an upstream correction only involved a single line of code change. 

Among other things, researchers have observed that exploit development is accelerating rapidly due to the use of artificial intelligence (AI)-assisted vulnerability analysis and patch-diffing techniques that can enhance weaponisation before patches are widely used. While there has been no in-the-wild exploit confirmed and no threat actors have been connected to the vulnerability, the availability of public exploit code since April significantly increases the urgency for organisations who have not yet implemented the February patch. 

Security vulnerabilities such as CVE-2026-23111 often do not result from sophisticated attack chains, but from subtle flaws deep within trusted infrastructure, which can have the greatest impact on a business. The availability of reliable exploit techniques across multiple Linux distributions indicates that organisations should treat this issue as more than simply a theoretical kernel bug, but as a practical privilege-escalation threat. 

Although no active exploitation has been reported, the narrowing gap between vulnerability disclosure, exploit development, and real-world weaponisation continues to increase the pressure on defenders to act quickly. In addition to patching promptly, reviewing namespace configurations carefully, and continuously monitoring privileged workloads, critical safeguards remain.

Due to Linux environments becoming increasingly important in enterprise, cloud, and containerised operations, limiting the opportunities available to low-privileged attackers can often make the difference between whether or not an isolated compromise remains contained or grows into a full-scale attack.
Read more »
University of Toronto research
AI worm autonomous malware Cybersecurity Threats Large Language Models self-replicating worm Technology University of Toronto research

University of Toronto Researchers Demonstrate Autonomous AI Worm That Adapts, Exploits, and Self-Replicates Without Human Control

 

kResearchers from the University of Toronto have developed and tested a proof-of-concept artificial intelligence-powered computer worm capable of independently navigating networks, identifying vulnerabilities, creating customized attack plans, and replicating itself without human assistance. Notably, the system operates using a locally hosted open-weight large language model (LLM), eliminating reliance on commercial AI platforms.

The research paper, published on arXiv on June 2 and currently undergoing peer review, highlights a growing cybersecurity concern: traditional patching strategies focused on individual vulnerabilities may become ineffective against malware that can dynamically analyze systems, consume newly published security advisories, and generate attack methods in real time.

During testing, the AI worm was deployed in 15 isolated experiments across a purposely vulnerable network consisting of 33 hosts. On average, it discovered 31.3 vulnerabilities and obtained elevated privileges on 23.1 systems. The worm successfully replicated itself to 20.4 hosts, covering approximately 62% of the network over a seven-day period without prior knowledge of the network structure or any human guidance.

How This AI Worm Differs From Traditional Malware

Conventional worms are typically designed with predefined exploits. Once those vulnerabilities are patched, the malware's ability to spread is significantly reduced.

The Toronto researchers took a different approach. Their worm leverages an open-weight large language model running on a single GPU to create attack strategies on demand. Instead of depending on a fixed exploit chain, it generates tailored attack logic based on the characteristics of each target system. It also functions independently of commercial AI services, meaning it is not subject to API restrictions, rate limits, or account suspensions.

Inside the Experiment

The project was led by Associate Professor Nicolas Papernot and involved researchers from the University of Toronto, the Vector Institute, the University of Cambridge, and ServiceNow.

Testing took place on an isolated environment known as "FakeCorp," which consisted of 33 hosts running a variety of operating systems, including Ubuntu, Debian, Rocky Linux, Alpine Linux, Windows Server 2008 R2, Windows Server 2019, Windows Server 2022, and several IoT devices.

Every host contained at least one genuine vulnerability. Five machines were equipped with GPUs. During primary experiments, the worm used a shared GPU inference pool to emulate computational resources obtained from compromised systems. Researchers also tested full GPU-based replication, where the worm deployed its own LLM on an infected GPU machine. This approach achieved a success rate of 68.8%.

Under this architecture, compromised GPU systems acted as reasoning hubs, supplying AI inference capabilities to less powerful devices that could not run the model independently.

Across all 15 tests, the worm achieved elevated access on an average of 23.1 hosts and successfully replicated to 88% of those systems. The malware propagated through as many as seven generations, averaging 5.1 generations overall.

Researchers emphasized that the network was intentionally vulnerable and designed to evaluate autonomous reasoning and exploitation rather than represent a heavily secured enterprise environment.

Dynamic Exploitation of Multiple Vulnerabilities

The worm successfully leveraged a broad range of vulnerabilities, including SambaCry, Dirty Pipe, PrintNightmare, Drupalgeddon 2, Exim Remote Code Execution, blind SQL injection flaws, JWT authentication bypasses, Redis escapes, and others.

What makes these results notable is that the exploits were not hardcoded into the malware. Instead, the AI agent analyzed available information and independently determined suitable attack paths for each host.

According to the study, individual exploit attempts succeeded approximately 44% of the time. Most failures resulted from payload syntax issues rather than incorrect reasoning. Researchers observed stronger performance against Linux privilege-escalation and service vulnerabilities, while Windows privilege escalation and web application attacks proved more challenging.

Exploiting Newly Disclosed Vulnerabilities

A significant finding was the worm's ability to overcome its training-data limitations by consuming public vulnerability advisories in real time.

The system successfully exploited three vulnerabilities that were disclosed after the model's training period:

  • CVE-2026-39987, a pre-authentication remote code execution flaw affecting Marimo Python notebooks.
  • CVE-2026-31431 (CopyFail), a Linux kernel privilege-escalation vulnerability.
  • CVE-2026-43284 and CVE-2026-43500 (DirtyFrag), Linux kernel privilege-escalation flaws.

Across these targets, the worm achieved root-level access in 41 out of 67 attempts.

Researchers pointed to the increasingly narrow window between disclosure and exploitation. CVE-2026-39987, for example, was publicly disclosed on April 8, 2026. Security firm Sysdig reportedly observed exploitation activity less than ten hours later and documented an intrusion involving an LLM-based agent used during post-compromise operations.

Why Containment Becomes More Difficult

The researchers identified two key factors that could make AI-driven worms harder to contain than traditional malware.

First, operating costs shift from paid API access to the computational resources available on compromised machines. Once attackers gain access to GPU-capable systems, the malware can continue operating without incurring external service costs.

Second, the use of open-weight models removes dependency on AI vendors. As a result, provider-side safety controls such as service refusals, account suspensions, and rate limiting become ineffective.

The team also observed instances where the worm modified its own code to bypass local security measures, despite not being explicitly programmed to do so.

Importantly, the prototype lacked several advanced malware capabilities. It did not include encryption, persistence mechanisms, polymorphic code, process masquerading, or log-cleaning functions. Researchers noted that a malicious version incorporating these features would be significantly harder to detect.

Placing the Research in Context

While AI-powered worm research is not entirely new, the Toronto project represents a distinct advancement.

Earlier projects such as Morris II focused on spreading through AI applications and email assistants. In 2026, ClawWorm demonstrated self-replication across LLM agent ecosystems by compromising persistent configurations and spreading between agents.

The Toronto worm differs because it targets traditional network infrastructure rather than AI systems themselves. In this case, the large language model serves as the attack engine rather than the attack target.

The findings also align with broader industry observations. Security researchers have increasingly documented AI-assisted cyber operations involving reconnaissance, exploit development, credential theft, lateral movement, and data exfiltration.

Recommended Defensive Measures

Although the prototype lacked stealth capabilities, researchers identified several practical steps organizations can take to reduce risk:

Isolate GPU-enabled systems through strict segmentation and zero-trust controls to prevent them from becoming centralized AI reasoning hubs.
Treat newly disclosed vulnerabilities as high-priority risks and accelerate patching for internet-facing systems.
Immediately rotate credentials on compromised or potentially compromised devices to limit lateral movement.
Monitor for behavioral indicators such as unusual port activity, automated SSH key deployment, and unexpected AI inference workloads on endpoints.

The experiments demonstrated that the worm could gain root access on newly disclosed vulnerabilities in 41 out of 67 attempts and spread across 62% of a network within seven days without additional human involvement. Researchers warn that once an attacker establishes a GPU foothold in a poorly segmented environment, the cost of identifying and exploiting new targets decreases substantially.

The implementation has not been publicly released. The University of Toronto is currently establishing a vetting process through which qualified defensive researchers may request access to the system for further study.
Read more »
Stanford
AI threats Citizens Bank Cyber Security Financial Security Stanford

Citizens Bank, Stanford Warn Against Sharing Financial Data With AI

 

Artificial intelligence is quickly becoming part of everyday financial decision-making, but experts are warning Americans to be careful about what they share with it. Citizens Bank has stressed that AI can be helpful, yet it also brings serious privacy and fraud risks when people enter personal financial information into chatbots and similar tools. 

The biggest concern is oversharing. Many users ask AI for budgeting help, debt advice, or retirement guidance and then unknowingly provide account numbers, balances, income figures, tax details, or other sensitive data. According to reporting on Stanford-related research, sensitive information shared with AI systems may be stored, collected, or exposed through vulnerabilities, creating opportunities for identity theft or financial fraud. 

Citizens Bank says AI should not be treated like a secure financial adviser. Its online safety guidance warns that AI can be used by cybercriminals to steal money or identities, especially when users reveal critical information. The bank advises people to avoid sharing key financial details, use caution with suspicious messages, and verify anything that seems unusual through trusted sources rather than replying directly. 

Experts say there are safer ways to use AI for money questions. Instead of typing exact figures, users can describe their situation in broad terms or use ranges, such as “low savings” or “moderate debt,” to get useful guidance without exposing private data. This approach allows AI to give practical responses while reducing the chance that confidential information will be stored, reused, or leaked later.

According to security experts, AI can be a useful assistant, but it should never become a place to dump your personal finances. Americans who want to protect themselves should avoid entering banking credentials, account balances, Social Security numbers, or tax documents into any AI tool. In an era of growing AI-driven scams, caution is no longer optional — it is part of basic financial security.
Read more »
Internet
AI Cloud Cyber Attacks DDoS Internet

Experts Reveal the DDoS Under Ground Market


Attack tactic

What happens in a typical Distributed Denial-of-Service (DDoS) attack. A website that suddenly stops? Time out of a login page? Not being able to reach an online service when you need it the most? These causes are not internal, and are attributed to DDoS attacks. 

Cloudflare reported stopping a 7.3 Tb/s attack last year and said it addressed a 31.4 Tb/s attack in its Q4 2025  DDoS report. According to Microsoft, Azure also blocked a 15.72 Tb/s attack last year in October. The activity was linked to the Aisuru botnet.

Darkweb market selling and buying the service

For all these instances, dark web actors are fighting over the same buyers with pitches. Flare experts analyzed dark web operations and detailed API access, reseller options, botnet-based capacity, monthly plans, Cloudflare bypass claims, and game-server tactics.

A comparative analysis of the DDoS-related dark web operations from the first five months of 2023 and the first five months of 2026 demonstrate how rapidly that offer has evolved. Scripts, tutorials, leaked tools, and sporadic forum posts used to be more common, but these days they are more typically provided as recurring products that are simpler to purchase and use.

What is a DDoS attack?

A DDoS attack tries to crowd an application, network, server, or website with traffic from various servers at one time. Few attacks are aimed at network capacity, while the remaining emphasize on application layer resources like APIs and login pages. The aim is to dismantle any service or activity and make it unavailable, expensive to use, or unstable. 

What is DDoS-as-a-service?

DDoS-as-a-service removes the barrier even further, a hacker can choose a victim, pay for accessing a web panel, select timeline, and depend on another person’s botnet, third-party attack infrastructure, or proxy network.

About the attack

A hosting company that employs Magic Transit to protect their IP network and is a Cloudflare user was the target of the attack. According to Cloudflare’s recent DDoS threat assessment, DDoS attacks are increasingly targeting hosting providers and vital Internet infrastructure. 

An assault campaign from January and February of 2025 that launched over 13.5 million DDoS attacks on Cloudflare's hosting providers and infrastructure was detailed by the experts on their blog.

Read more »
Education Sector Cybersecurity
AWS Cyber Attacks Cyber Breach cybersecurity challenges data security Digital Infrastructure Education Sector Cybersecurity

CBSE Revaluation Portal Hit by Cyberattack, Payment Gateway Glitch Affects Students

 

A breach has surfaced within CBSE's digital infrastructure, casting doubt on transaction reliability during revaluation requests. Officials confirm unusual activity emerged just hours after launch of the updated platform. Instead of standard fees, some users saw inflated amounts appear without explanation. The disruption stemmed from external interference, not internal error, per preliminary assessments. While access resumed quickly, trust in online payments wavered temporarily among applicants. Investigators are now tracing entry points used in the intrusion. Security teams emphasize that only a small fraction faced actual financial impact. Monitoring continues as safeguards undergo review. 

Some fifty learners faced disruptions due to the event, officials noted. Payment amounts shifted without warning in these instances - now low at just one rupee, now near sixty-seven or sixty-eight thousand. Unauthorized entry might have paved the way for intentional system interference, according to insiders. Such altered fees possibly stemmed from targeted digital tampering following a breach. Trouble began when the portal’s payment gateway - handled by HDFC Bank - faced glitches after launch. Right away, access problems appeared, blocking user entry without warning. 

A few people took advantage while systems faltered, altering charges shown on student records. Officials confirmed irregular fees stemmed from these brief security lapses. Following the event, CBSE along with state bodies began closely examining the system's framework. To support this effort, specialists from IIT Madras, joined by counterparts at IIT Kanpur and the Digital Infrastructure Corporation of India, were invited into the process. With access granted, these teams started analyzing the underlying software structure and identifying weak points. 

One main goal drives their work: keeping the service stable under pressure. By reinforcing key defenses now, they aim to block repeat disruptions later. Now live within the platform, four state-run lenders join the network to spread risk beyond one vendor. Among them: State Bank of India, followed by Canara Bank, then Indian Bank, and later Bank of Maharashtra. With more institutions linked, handling payments should run smoother under strain. Built-in backup paths emerge naturally when multiple entry points exist. Stability gains come not from promises but structure - extra layers help maintain flow during outages. 

Later came reports of trouble faced by students after results and rechecking, sparking talks between Dharmendra Pradhan and Nirmala Sitharaman. Because of these concerns, officials decided improvements were needed in how payments work across CBSE platforms. So far, reports indicate the updated setup is running smoothly after shifting the platform to Amazon Web Services (AWS). This move comes in response to past issues with traffic handling and long-term flexibility. Teams remain alert, observing both function and protection measures closely during ongoing evaluations. 

What happened shows why protecting school systems matters more now, given how much personal information and money flows through them. Even so, officials keep digging into the case even as new security steps go live to reduce risks ahead.
Read more »
WhatsApp
AI Cloud Instagram Messaging Technology Telegram WhatsApp

WhatsApp to Roll Out Username Feature, No Mobile Number Required


WhatsApp will launch a new feature where users can opt for usernames and connect with others without putting mobile numbers. The feature is similar to the famous messaging app Telegram and also Instagram. The new update will allow users to share a unique username instead of their contact number for chats.

About feature development

“WhatsApp has worked to ensure that the username experience is stable and secure. For this reason, the rollout of usernames is taking a significant amount of time. Over the years, the code of the app has been extensively updated to make sure all existing features are fully compatible with usernames. So WhatsApp focused on testing and refining the feature carefully before making it widely available. It seems that WhatsApp is set to roll out the username feature to users as part of a phased rollout strategy over the coming months,” Whatsapp said in its blog. 

Users will still have the option to continue using WhatsApp as usual if they so choose. Phone numbers will still be linked to accounts for login and recovery purposes, but each account will support a single username that can be changed at a later time without impacting chats or account activity.

How to setup

Soon, both Android and iPhone users of WhatsApp will be able to create usernames straight from the app's Settings menu. Users must visit their profile settings, select the Username option when it appears, and pick a distinctive handle for their account in order to set one up. Before the chosen username can be kept, WhatsApp will automatically check if it is legitimate and accessible.

Safety first

In order to avoid confusion and abuse, the site is also implementing strict guidelines for usernames. Usernames can only contain letters, digits, periods, underscores, and at least one letter; they must be between three and thirty-five characters long. Some formats will not be accepted, such as usernames that start with "www," finish in domain-style extensions, or have repeated periods.

What about user privacy?

By enabling users to communicate without disclosing their phone numbers, the function aims to increase privacy. Once enabled, users can speak with buyers, sellers, community organizations, or new connections using their usernames rather than their personal mobile numbers. Only the selected handle—rather than the associated phone number—will be visible to those who contact you using the username.

With a wider deployment anticipated later in 2026, WhatsApp has already begun testing usernames with a small number of iOS and Android users. According to the firm, usernames will continue to be optional, so users can continue to use WhatsApp with just their phone numbers if they so choose. Even once usernames are implemented, phone numbers will still be used for account sign-ins, verification, and recovery.

Read more »
Zero-Day Exploit
Argument Injection Credential Theft Cyber Threats Git Repository Security Gogs Vulnerability Open Source Security Remote Code Execution Supply Chain Attack Zero-Day Exploit

Gogs Zero-Day Vulnerability Raises Alarm Over Server Security


 

Researchers have discovered a zero-day vulnerability in Gogs, the widely used self-hosted Git repository management platform, that may allow authenticated users to escalate their privileges on vulnerable servers by leveraging this vulnerability to execute remote code. 

In addition to affecting current Gogs releases, this vulnerability is classified as a critical argument injection weakness that poses a particular risk to distributed software development and collaboration deployments that are Internet-accessible. As a result of security analysis, the attack can be carried out without administrative privileges and, under default configurations, the attacker may only need a standard user account to compromise the underlying host. 

The finding highlights the fact that seemingly routine source code management operations can become high-impact attack vectors when exploitable flaws intersect with permissive default settings and exposed development infrastructure, which has not been officially patched at the time of disclosure. Due to the close alignment between the attack path and Gogs' default deployment behaviour, the exposure becomes especially significant. 

A Rapid7 researcher stated that open registration of users and the creation of unrestricted repositories enable an external actor to establish the necessary conditions for exploitation without requiring privileged access or assistance from other users. An application-wide flaw exists in the application's handling of repository merge operations. If the branch name is specially crafted, malicious arguments can be injected into the git rebase process during the "Rebase before merging" workflow by using a specially crafted branch name. 

By abusing Git's --exec parameter, an attacker can force arbitrary shell commands to run on the host system under the security context of the Gogs service account. As researchers noted, the consequences of the compromise extend far beyond a single repository compromise, allowing threat actors to access private repositories belonging to other users, extract sensitive credentials such as password hashes, API tokens, SSH keys, multi-factor authentication secrets, and move laterally across connected systems, as well as alter source code stored on the system. 

While Burgess indicates that Gogs has addressed several argument injection vulnerabilities in recent years, this newly discovered vulnerability stems from a different code path within the Merge() function, which was not addressed. Moreover, users with write permissions in repositories with rebase merging are also at risk of exploiting this vulnerability, while environments which restrict repository creation remain vulnerable if attackers can obtain write access to qualifying projects. 

While the flaw was reported to the maintainer in March 2026, it remains unpatched as of the date of publication, making deployments across Windows, Linux, and macOS vulnerable to exploitation. Approximately 1,100 Gogs instances are currently exposed to the internet, according to Rapid7, but the true number is likely to be substantially greater due to the prevalence of deployments that operate behind VPNs and internal enterprise networks.

Additionally, the disclosure has brought to the vendor's attention concerns relating to its response timeframe. In March 2026, Burgess reported the vulnerability to the Gogs maintainers and received an acknowledgement on March 28, but no security update has been released since then. Given the platform's existing exposure footprint, this delay is particularly noteworthy. 

Data from Shadowserver indicates that more than 2,400 publicly accessible Gogs instances are currently located in Asia and Europe, with the highest concentrations occurring in the region, while Shodan indexes over 1,000 internet-facing systems that exhibit identifiable Gogs signatures. An incident of this type is reminiscent of one that occurred with CVE-2025-8110, another remote code execution vulnerability that was exploited by hackers before patches were available. 

A vulnerability discovered by Wiz Research during an investigation into a compromised Gogs deployment ultimately led to the U.S. Government's Cybersecurity and Infrastructure Security Agency (CISA), which classified it as actively exploited and directed federal agencies to secure affected systems, resulting in a significant threat model. 

In addition, this new flaw undermines the trust boundaries underlying shared Git hosting environments, making it a similar serious threat model. It is common for businesses, universities, and development teams to deploy multi-user software environments, where a single, authenticated account can control the underlying server infrastructure without having to gain access to another user's repository. 

If code execution is achieved, an attacker will be able to access all repository files hosted on the instance, extract authentication credentials stored within the backend databases, enter adjacent network resources, and manipulate source code on the file system. 

Gogs service accounts usually maintain unrestricted read and write rights across repositories that are stored under the same repository root; therefore, malicious modifications can bypass platform-level audit mechanisms and are difficult to identify in environments where commit-signing enforcement does not exist. It was also noted that exploitation can be highly practical and automated using publicly available tools, enabling attacks to be carried out within seconds with minimal forensic evidence remaining. 

Gogs' implementation of the "Rebase before merging" feature has resulted in the issue, as it internally invokes the git rebase command to create a linear project history by replaying commits. With the --exec parameter, Git executes shell commands after each replayed commit, creating the exploitation primitive when malicious input is incorrectly handled. 

While the rebase merge functionality is disabled by default, the repository can enable the feature through the project owner's settings, and new repositories are automatically assigned ownership to their creators, ensuring that abuse does not occur. Despite deployments that restrict repository creation, vulnerable code paths can still be exploited to execute remote commands by users who have access to repositories that support rebase merging.

Newly disclosed vulnerabilities in development platforms such as Gogs serve as a timely reminder that these platforms can magnify the impact of a single security weakness across entire software ecosystems. Considering the lack of a patch and the requirement for limited user privileges to exploit Gogs in common deployment configurations, organisations relying on Gogs should carefully evaluate repository permissions, disable unnecessary registration and repository creation features, and closely monitor merging activity. 

In light of the continued reliance on software supply chains as a critical component of business operations, the security of source code infrastructure has become more than an issue of development it has become a fundamental security priority that requires continuous monitoring, prompt remediation, and proactive defence.
Read more »
US Troops
Ad Tracking Cyber Security National Security Threat Intelligence US Troops

Ad Tracking Puts US Troops at Risk on the Battlefield

 

The ad-tracking industry is facing fresh scrutiny after reports said commercial location data has been used to expose US soldiers in active war zones. US Central Command reportedly confirmed that it has received multiple threat reports about adversaries exploiting this data to target or surveil American personnel in theater. What began as a routine part of online advertising has now become a battlefield concern, showing how everyday mobile tracking can turn into a national security risk. 

At the center of the problem is a vast ecosystem of apps, brokers, and intermediaries that collect location signals from smartphones and other devices. This data is often sold through complex ad-tech pipelines, where device IDs, GPS points, and behavioral signals can be packaged and resold many times over. Even when users disable location settings, officials warn that geolocation may not be fully switched off on some commercial products, leaving sensitive traces behind. For military personnel, those traces can reveal patterns of life that make them easier to watch, map, or attack. 

The warning is especially serious because location data can help adversaries identify where troops congregate and infer operational routines. According to the reporting, such information could be used to support missile, drone, roadside bomb, or counterintelligence operations. That makes an ordinary privacy issue suddenly a security issue, since the same tracking systems used to deliver personalized ads can also expose people in conflict zones. 

Lawmakers have responded by pressing the Pentagon to strengthen protections on military devices and reduce exposure to tracking systems. Privacy advocates have long argued that the ad-tech sector creates a massive reserve of sensitive data that can be abused by both criminals and governments. Earlier incidents, including public mapping of military activity through fitness trackers, showed that location leaks are not theoretical. The new concern is that the same weaknesses may now be affecting troops in active combat areas at scale.

The broader lesson is simple: data collected for convenience can become dangerous when it falls into the wrong hands. For civilians, that means rethinking app permissions and privacy settings; for militaries, it means treating commercial tracking data as an operational threat. As the line between advertising technology and intelligence gathering keeps blurring, the ad industry may need far stricter rules on what it collects, sells, and shares.
Read more »
Malware attacks
7Zip Archive Critical Systems Security Critical Vulnerability Cyber Attacks Malicious Codes Malware attacks

Critical 7-Zip Vulnerability Exposes Millions of Systems to Potential Malware Attacks

 

A fresh disclosure highlights a security weakness in the popular 7-Zip tool, stirring unease within cyber defense circles due to its potential misuse for spreading harmful software. Though limited to outdated builds of this open compression program, the flaw might let hackers run unauthorized scripts when someone opens manipulated archive files. Because user interaction triggers the problem, deception becomes part of the attack path - simply opening a corrupted file may be enough. 

While patches exist for current releases, unpatched systems remain exposed through seemingly harmless data containers. Since many rely on legacy installations unknowingly, risk lingers across personal and business setups alike. Earlier this year, researchers uncovered a weakness labeled CVE-2026-48095, also tracked under GHSL-2026-140. This problem lies in how 7-Zip handles NTFS volume images. 

Instead of managing memory safely, it allows excess data to spill past set limits - a behavior known as heap-based buffer overflow. Because memory gets corrupted during file processing, attackers might exploit this to run unauthorized code. Experts warn such flaws carry high risk due to their potential for system takeover. Though details remain limited, the core danger stems from improper boundary checks during archive extraction. Opening an archive with a specially designed NTFS image file sets off the exploit, studies show. 

When handling such files, certain editions of 7-Zip fail to compute buffer sizes correctly - evidence points to flawed logic during parsing. As a consequence, allocated memory falls short, leading software to overwrite nearby regions by mistake. Such instability opens paths where malicious inputs might run unchecked or force sudden halts in operation. Back in April, someone alerted the 7-Zip developers about the issue without going public. After that report came through, the team put out version 26.01 - fixing the weakness and shutting down the danger it posed. 

Not long afterward, they shared an official notice with everyone; included was a working Python example showing exactly what attackers might do on outdated versions. One way this flaw plays out depends heavily on what kind of setup it's found in, along with how much computing power sits nearby. Sometimes attackers might run their own programs from afar; other times they simply knock apps offline or freeze them completely. 

Even when effects differ, moving to the newest 7-Zip build is seen as essential - no workarounds exist once a version falls inside the risk zone. What makes the situation more serious is how common 7-Zip has become. With hundreds of millions of downloads, it runs on many Windows and Linux machines. 

Because so much automation depends on its built-in tools, companies often embed its compression features into larger programs. One reason 7-Zip poses risk is how common it has become - flaws could reach millions. When updates lag, experts say, those gaps catch hackers’ attention. Old setups might open doors without warning, especially if archives appear safe at first glance.
Read more »
WhatsApp
AI Ecosystem Business Creators Facebook Instagram Meta Technology WhatsApp

Meta Rolls Out Paid Plans for Facebook, Instagram, and WhatsApp

 




Meta has announced a wide expansion of its subscription business, introducing new paid plans for Facebook, Instagram, and WhatsApp users while preparing additional premium offerings aimed at artificial intelligence users, content creators, and businesses.

The move reflects the company's broader effort to build new revenue streams beyond advertising and provide advanced tools for users willing to pay for additional functionality across Meta's ecosystem.

The newly launched consumer subscriptions are being rolled out globally under the names Instagram Plus, Facebook Plus, and WhatsApp Plus. The plans are priced at $3.99 per month for Instagram and Facebook, while WhatsApp Plus will cost $2.99 per month.

According to Meta, subscribers will gain access to features that are not available to regular users, including greater profile customization, enhanced engagement tools, audience insights, and personalization options. The company also indicated that additional capabilities are expected to be introduced over time as the service evolves.

Meta's Head of Product, Naomi Gleit, said the company intends to continue expanding the feature set available through these premium subscriptions.


New Features for Instagram Users

Among the three services, Instagram Plus introduces the largest collection of new tools.

Subscribers will be able to access expanded analytics for Stories, including data showing how often a Story has been replayed. The platform is also removing restrictions on custom Story audiences by allowing users to create multiple audience groups rather than relying solely on the existing Close Friends feature.

The subscription further provides options to increase content visibility. Users can spotlight one Story each week to reach a larger audience, extend the lifespan of Stories beyond the standard 24-hour period, and review Stories privately without appearing in viewer lists.

Additional management tools allow users to search through Story viewers more efficiently and publish content directly to profile highlights without distributing it through followers' feeds.

Instagram Plus also includes cosmetic and personalization features such as exclusive app icons, custom fonts for profile biographies, additional profile pins, and animated "Super Heart" reactions for Stories.

Many of these additions appear designed to help creators better understand audience behavior while giving active users more control over how their content is presented and shared.


Facebook Plus and WhatsApp Plus

Facebook Plus will offer many of the same social and personalization tools available through Instagram Plus.

WhatsApp Plus, however, focuses on messaging customization rather than content creation. Subscribers will gain access to interface themes, personalized notification sounds, premium sticker packs, expanded chat pinning capabilities, customized lists, and other features intended to make the messaging experience more flexible.


Separate From Meta Verified

Meta clarified that the new Plus subscriptions will operate independently from Meta Verified, the company's existing paid verification service.

Meta Verified currently focuses on identity verification, protection against impersonation attempts, and access to customer support benefits. The company has not announced plans to discontinue the service, meaning both subscription products will remain available simultaneously.


Meta One to Become Central Subscription Platform

Alongside the rollout of Plus subscriptions, Meta revealed plans for a broader subscription framework called Meta One.

The initiative will eventually bring together the company's growing collection of premium offerings under a single brand, covering consumer subscriptions, creator tools, business services, and artificial intelligence products.


AI-Focused Subscription Plans Enter Testing

Meta also plans to begin testing dedicated subscription plans for users of Meta AI.

The first tier, Meta One Plus, will be priced at $7.99 per month, while Meta One Premium will cost $19.99 monthly.

Both plans are expected to provide enhanced AI capabilities, but the Premium version will offer access to greater computing resources for more demanding requests. This includes support for deeper reasoning on complex tasks as well as increased image-generation and video-generation capacity across Meta's applications.

The company emphasized that Meta AI will continue to be available free of charge for casual users. The paid plans are intended primarily for those who require more advanced functionality or heavier usage limits.

Testing of the AI subscriptions is scheduled to begin next month in Singapore, Guatemala, and Bolivia. Meta also stated that future benefits may extend to users of its AI-powered smart glasses.


New Tools for Businesses and Creators

Separate subscription programs are also being developed for businesses and professional creators.

The first option, Meta One Essential, will cost $14.99 per month and includes account verification, protection against impersonation, and an expanded profile links page that allows users to direct audiences to websites and other online destinations.

A higher-tier offering called Meta One Advanced will be available for $49.99 per month.

Subscribers to this plan will receive all Essential benefits alongside additional growth and promotion tools. These include improved visibility within Facebook feeds, higher placement in Facebook and Instagram search results, enhanced "Follow" buttons on Reels, and automated invitations encouraging viewers to follow creator accounts.

The Advanced tier also introduces expanded analytics capabilities, including deeper audience insights and competitive performance data. Additional features include scheduling tools, account-sharing controls for moderators, and notifications when content is reused by others, enabling creators to request attribution for original material.


Future Strategy 

Initial testing of the creator and business subscriptions is expected to take place in Bangladesh, Thailand, Morocco, and Saudi Arabia.

While Meta described several of these offerings as experimental, the company's long-term objective appears clear: establishing a subscription ecosystem that extends beyond social networking and includes creator services, business growth tools, and advanced artificial intelligence capabilities.

The announcement signals Meta's expanding focus on paid digital services as competition intensifies across social media and AI markets. By introducing multiple subscription tiers aimed at different user groups, the company is positioning itself to generate recurring revenue while offering specialized tools to users seeking more advanced functionality than its free services provide.

Read more »
QR code
AI cybersecurity ChatGPhish ChatGPT security flaw Cyber Fraud OpenAI vulnerability phishing attack prompt injection attack QR code

Researcher Warns of ‘ChatGPhish’ Vulnerability That Could Turn Web Summaries Into Phishing Attacks

 

A cybersecurity researcher has raised concerns over a newly identified vulnerability in ChatGPT that could allow attackers to manipulate the chatbot's responses through hidden instructions embedded within web pages.

The issue, discovered by Permiso threat hunter Andi Ahmeti, reportedly enables malicious actors to influence ChatGPT when users ask the AI assistant to summarize online content. According to Ahmeti, if a webpage contains concealed prompt instructions, ChatGPT may unknowingly follow them and display attacker-controlled content alongside legitimate summaries.

The researcher explained that this weakness could be exploited to insert phishing links, fake security notifications, or other deceptive messages that appear to originate from ChatGPT itself. In some cases, attackers could even leverage QR codes embedded within AI-generated responses to redirect users to malicious websites.

“AI systems increasingly render untrusted content directly inside browsers, which expands risk significantly,” Ahmeti told us. “The bigger issue is that AI products are starting to resemble browser or operating system environments, which creates a much larger security surface.”

Ahmeti disclosed the vulnerability, which he has named “ChatGPhish,” through OpenAI’s Bugcrowd disclosure program. He initially submitted the report on April 29 and later updated it on May 1 with additional information.

“The initial submission was marked as not reproducible,” he said. “We resubmitted with additional detail and it was marked as a duplicate.”

According to Ahmeti, the issue his team reported differed significantly from the previously identified vulnerability it was allegedly linked to.

“The issue Permiso reported and the supposed duplicate ‘had major differences,’” Ahmeti said. “We reached out again to clarify those differences and request additional details, but we did not receive a response.”

At the time of publication, OpenAI had not confirmed whether any remediation measures had been implemented.

“At the time of publication, ‘we have not received confirmation from OpenAI on whether a fix has been applied,’” he told us.

To demonstrate the threat, Ahmeti embedded hidden instructions into a GitHub-hosted CloudLens page. The injected prompt directed ChatGPT to generate a standard summary while also appending a fabricated account-security warning containing a malicious hyperlink.

When users asked ChatGPT to summarize the page, the chatbot correctly described CloudLens and its cloud security functions. However, it also displayed an additional warning message suggesting that a new device had accessed the user's account, along with a clickable link controlled by the attacker.

The researcher noted that the same technique could be used to insert QR codes into ChatGPT’s responses.

“Because the chatgpt.com client auto-fetches and displays Markdown images, an attacker can place a QR code in the assistant’s output,” he wrote. “Scanning it on a phone takes the victim to an attacker-controlled URL that has never been displayed in plaintext.”

To verify that the issue was not specific to GitHub, Ahmeti repeated the experiment on a self-hosted website based in Kosovo. The results were reportedly identical, with ChatGPT generating a legitimate summary before appending a misleading security alert containing an attacker-controlled link.

“The behavior is identical: the assistant produces a normal summary, then appends a spoofed alert with a clickable attacker link,” Ahmeti wrote.

While Ahmeti acknowledged that there may not be a single solution to prompt injection attacks, he recommended stronger isolation mechanisms, stricter content filtering, and rendering safeguards for AI-generated outputs.

“Do not trust model output,” Ahmeti said. “AI-generated content should always be treated as untrusted. Assume prompt injection will happen.”

He also emphasized that prompt injection should be viewed as a broader application-security challenge rather than solely a model-alignment issue.

“Prompt injection has increasingly become an application-security problem, not just a model alignment issue,” he told us. “The real concern is what systems the model can influence: browsers, plugins, tools, memory, or external services.”

Read more »
VPN
Canada Data Privacy signal surveillance technology VPN

Signal and Other Firms Oppose Canada's Proposed Surveillance Law

 




A developing number of technology companies are raising concerns over Canada's proposed lawful access legislation, arguing that some provisions could force them to choose between complying with government requirements and maintaining the privacy standards promised to users.

The debate centers on Bill C-22, a proposed law that would expand the government's ability to obtain digital information during investigations. The legislation would allow regulations requiring certain service providers to preserve specified metadata for up to one year and maintain technical capabilities that could assist law enforcement and intelligence agencies in accessing information when legally authorized.

Among the companies voicing opposition is Signal, the encrypted messaging platform known for its strong privacy protections. During a recent parliamentary committee hearing, Signal representatives warned that the bill, in its current form, could fundamentally alter how secure communication services operate. The company stated that if compliance ultimately required weakening user protections, it would consider leaving the Canadian market rather than changing its security model.

Several technology firms and privacy advocates have expressed concern that the legislation's language could create pressure to build or preserve technical access mechanisms within encrypted systems. Critics argue that any capability designed to bypass or weaken security protections could eventually become a target for cybercriminals or other malicious actors.

Legal experts have also questioned the broader implications of the proposal. Some argue that service providers have a responsibility to protect customer information and maintain secure systems, while the bill could require additional government involvement in digital infrastructure that may conflict with those obligations.

Under the proposed framework, certain telecommunications and communications providers would be required to maintain capabilities that support lawful access requests. The legislation would also allow the Public Safety Minister to issue orders requiring providers to develop specific technical capabilities, even if they do not fall within the category of designated core providers. Those orders would not be publicly disclosed, and approval would come through the Intelligence Commissioner rather than a traditional court warrant process.

Industry representatives have warned that compliance could involve significant operational costs. Companies may be required to redesign systems, expand data retention capabilities, and implement new technical controls. Some experts believe those costs could ultimately be passed on to consumers.

VPN providers have emerged as some of the bill's most vocal critics. NordVPN has publicly stated that it would not compromise its encryption or privacy protections and may reevaluate its Canadian presence if the legislation proceeds without substantial revisions. Windscribe, a Canadian-based VPN provider, has also indicated that it could relocate operations rather than modify core privacy features.

DuckDuckGo confirmed that its VPN service could be withdrawn from Canada if the bill becomes law in its current form. Meanwhile, executives at networking company Tailscale have warned that the legislation could affect international business decisions, investment flows, and where future infrastructure is deployed.

Many of the companies opposing the bill note that they do not routinely store logs containing user metadata such as IP addresses or location information. They argue that introducing mandatory retention requirements would require major changes to their existing privacy practices.

The concerns extend beyond smaller privacy-focused firms. Representatives from Apple and Google recently told lawmakers that the proposal could create uncertainty around encryption protections. Apple pointed to actions it previously took in the United Kingdom after government demands related to access to encrypted cloud data. Google similarly warned that the legislation could challenge longstanding commitments to end-to-end encryption.

Meta has also criticized the bill, arguing that some provisions could be interpreted in ways that require providers to weaken encryption or modify security architectures. The company further stated that the legislation lacks clear mechanisms for challenging problematic government orders, creating uncertainty about how the powers could be used in practice.

Canadian officials have defended the proposal as a necessary modernization of investigative authorities. Public Safety Minister Gary Anandasangaree recently indicated that amendments are being prepared to clarify that the legislation is not intended to undermine encryption. However, the government has signaled that it plans to retain the proposed one-year metadata retention requirement, arguing that investigators often need historical records to support complex criminal investigations.

Civil liberties organizations remain unconvinced. A recent analysis published by researchers at Citizen Lab and the Canadian Civil Liberties Association argued that the sections dealing with metadata retention and ministerial orders should be removed entirely. The report contends that the current framework grants broad government authority while providing limited judicial oversight and accountability mechanisms.

As lawmakers continue to reassess the legislation, the dispute highlights a growing challenge facing governments worldwide: balancing investigative powers and national security objectives with encryption, privacy protections, and the cybersecurity expectations of users and service providers.

Read more »
sensitive data
AI Agent AI Security claw Patrol Cyber Security Firewall sensitive data

Deno Releases Open-Source Firewall to Limit AI Agent Access to Sensitive Data

Deno has introduced an open-source security framework called Claw Patrol, a tool designed to help organizations control how AI agents interact with databases, business applications, cloud services, and other external systems.

The release comes as companies increasingly deploy AI agents to perform tasks that involve accessing internal resources, executing commands, and communicating with third-party services. While these capabilities can automate routine work, they also create security concerns if an AI system is manipulated, makes an incorrect decision, or gains access to information it should not handle.

According to Deno, Claw Patrol operates as an intermediary between an AI agent and the systems it needs to access. Instead of providing the agent with direct access to credentials such as API keys, authentication tokens, or database passwords, those secrets remain stored on a dedicated gateway server. When an authenticated request is required, the gateway supplies the credentials automatically, preventing the AI agent from viewing or storing them.

This approach is intended to reduce the risk of credential theft and prompt injection attacks, a technique where attackers attempt to manipulate AI models into revealing sensitive information or performing unauthorized actions. Even if an agent is tricked into executing a malicious instruction, the underlying credentials remain isolated from the model itself.

Beyond protecting credentials, Claw Patrol gives administrators the ability to define rules that determine exactly what actions an AI agent is allowed to perform. Organizations can block potentially dangerous database commands, restrict connections to unauthorized external services, or require additional approval before sensitive operations are executed.

For tasks that carry greater risk, the platform supports human review workflows. This allows certain requests to be paused until they are approved by an administrator, adding an additional layer of oversight before changes are made to critical systems.

Deno also states that the firewall can use large language model-based evaluation to assist with policy enforcement in situations where static rules may not be sufficient. This enables security controls to assess requests dynamically while still operating within predefined boundaries established by administrators.

To help organizations monitor AI activity, Claw Patrol includes tools that provide visibility into agent behavior. Administrators can review active sessions, inspect actions performed by agents, monitor resource consumption, and investigate unusual activity through a centralized monitoring interface. These capabilities are designed to support auditing and incident response efforts.

The platform is configured using HashiCorp Configuration Language (HCL), which allows administrators to define security policies, credentials, access permissions, and system endpoints. Deno says the framework supports multiple credential types and can be extended through custom plugins to meet specialized requirements.

Claw Patrol also incorporates role-based access controls, enabling organizations to assign permissions according to job responsibilities. This helps limit access to sensitive resources and reduces the likelihood of unauthorized activity within AI-powered workflows.

For secure communications, the platform can integrate with technologies such as WireGuard and Tailscale, allowing AI agents to connect to protected environments without exposing internal infrastructure directly to public networks. Deno has also included testing capabilities that allow administrators to evaluate policy changes against real-world actions before deploying them into production systems.

While the project introduces several security-focused capabilities, some challenges remain. Organizations unfamiliar with firewall administration or HCL-based configuration may face a learning curve during deployment. The current version also relies heavily on configuration files, and some users may prefer a graphical interface for managing rules and credentials. Additionally, certain networking features may require further refinement as the project matures.

Despite these limitations, the release reflects a growing focus on AI security as autonomous systems gain broader access to enterprise environments. By separating credentials from AI agents, restricting actions through policy controls, and providing continuous monitoring, Claw Patrol aims to give organizations greater control over how AI systems interact with critical business resources.

The project has been released as open-source software, allowing developers and security teams to inspect its code, modify its capabilities, and adapt it to their own operational requirements.

Read more »
Spear Phishing
Booking Scam Credential Theft Cyber Threats Guest Data Security Hospitality Cybersecurity Hotel Phishing Payment Fraud Social Engineering Spear Phishing

Fraudsters Exploit Hotel Reservation Records to Deceive Travelers


 

For years, phishing campaigns have relied on urgency, deception, and impersonation to lure victims into surrendering sensitive information. A newly observed threat, however, demonstrates how cybercriminals are increasingly enhancing those tactics with stolen or exposed real-world data. 

Security researchers have identified a large-scale operation in which threat actors leverage legitimate hotel reservation details to create highly convincing phishing messages that appear directly tied to a traveller’s recent booking activity. 

By incorporating authentic reservation information into their communications, attackers are able to bypass many of the warning signs users typically associate with scams, significantly increasing the credibility and effectiveness of the attack. The campaign, which reportedly affects customers linked to hundreds of hotels and vacation rental properties across dozens of countries, highlights a growing trend in cybercrime where access to genuine customer data is being weaponised to enable precision-targeted social engineering and financial fraud. 

By blending seamlessly into legitimate travel communications, the attackers are able to bypass the obvious warning signs of unsolicited email messages. Instead of sending unsolicited emails, the attackers approach travellers based on their current travel reservations. 

A guest relations or customer service department may send messages that seem to originate from the hotel and contain specific booking details that correspond to the guest's upcoming stay. As a routine verification request, payment confirmation, or administrative check, the communication creates a sense of legitimacy that significantly reduces suspicions of the hotel. 

In the recipient's perspective, the interaction resembles correspondence between hotels and guests, which makes the interaction very difficult to distinguish from genuine customer service initiatives. Research indicates that the scheme is more advanced than traditional phishing since it utilises the trust that has already been established by making a legitimate reservation to exploit the system. 

Threat actors may also compromise hotel employee credentials through separate phishing attacks, gaining access to hotel management systems, booking portals, or partner communication platforms through phishing attacks. Criminals can use this access to interact with travellers by using legitimate channels relating to real reservations, which allows them to embed fraudulent requests within trusted processes. Therefore, the attack has evolved from simple impersonation of a brand to the misuse of authentic hospitality infrastructure, thereby giving scammers a new level of credibility.

As a consequence of this evolution, there is a broader cybersecurity concern: social engineering becomes considerably more persuasive and much harder for both organisations and travellers to detect when attackers gain access to trusted business systems and customer context simultaneously. 

Although the exact source of the reservation data is currently under investigation, security experts have concluded that the information is likely to have been obtained as a result of compromises affecting hotel systems, hospitality partners, or third-party booking systems. As opposed to exploiting travellers directly, attackers typically target organisations that manage reservations directly at the onset. 

There are several methods by which hotel employees may be phished, malware-laden attachments are received, credentials are stolen, or booking service providers can be compromised. Once this information is obtained, it can become a powerful asset in social engineering campaigns. According to Cloudbeds Vice President of Engineering, Aaron Ownbey, the effectiveness of these scams is the result of the attackers possessing precise details regarding a guest's identity, travel dates, reservations value, and accommodation plans in addition to their knowledge of a guest's travel dates. 

Through such visibility, threat actors can create communications that closely resemble legitimate pre-arrival interactions, strengthening the call within the hospitality industry for increased employee security awareness, stronger authentication mechanisms against phishing attacks, and stricter controls over the access, export, and sharing of guest information.

Upon analysis of the fraud activity, two interconnected paths appear to be emerging. There is a first method of directly targeting guests, in which travellers receive WhatsApp messages, emails, SMS notifications, or booking-platform communications originating from hotels or guest service departments. 

In response to the fraudulent payment verification portal, victims are directed to fraudulent sites intended to harvest financial information while masquerading as routine account validation processes. This pattern has been notably observed by investigators in incidents related to online booking ecosystems, where genuine reservation information is an important component of creating credibility. 

Several countries have been identified as having been targeted by these campaigns, including the United Kingdom, France, Germany, the United States, Brazil, and Australia, highlighting the threat's international reach. Furthermore, by utilising multiple delivery channels, the operation is not dependent on a single platform, but is rather able to function as a flexible fraud framework that can adapt to any traveller's needs. It is also possible to compromise hotel-side systems and hospitality management platforms, a potentially more concerning attack path. 

When threat actors obtain employee credentials, they are able to gain access to reservations management tools, guest communication systems, and operational workflows. The platforms used to coordinate bookings and traveller interactions can then be exploited to communicate with guests using accounts that appear to be entirely legitimate. Researchers examined several incidents where attackers posed as security teams from trusted booking services and distributed what appeared to be mandatory software or security updates to accommodation partners. 

By delivering remote access malware, the deceptive material enabled further credential theft and deeper penetration of hospitality environments, enabling further credential theft. The criminal can then move beyond simple impersonation within these systems and begin operating through trusted channels that already occur within these systems on a day-to-day basis. As a whole, these incidents reveal an organised fraud pipeline rather than an isolated phishing attack.

A typical fraud attack typically begins with obtaining contextual information, followed by delivering a persuasive message via a trusted communication channel, and directing the victim into an automated payment or verification process designed to appear administrative rather than malicious. The ultimate objective is much greater than the fraudulent transaction itself. 

Payment cards that have been stolen can be used for low-value purchases, reused for larger transactions, or circulated within criminal marketplaces where they can be abused in the future. By combining this model with genuine reservation data and compromised hospitality systems, it becomes particularly difficult for traditional fraud indicators to detect. As these campaigns become increasingly prevalent, they highlight a wider challenge facing the hospitality industry.

Inherently trusted interactions, continuous guest communication, and rapid response requirements are the hallmarks of hotel operations. Messages regarding check-in procedures, payment confirmations, room preferences, and identity verification requests are received regularly by travellers, creating an operational backdrop that attackers can exploit easily. 

Consequently, conventional advice which focuses exclusively on identifying suspicious links or poor grammar is becoming less effective when the communication contains accurate reservation details and may even originate from legitimate business systems. This type of attack relies heavily on trusted context rather than branding or visual deception as its primary weapon. 

No matter which channel the unexpected payment verification request arrives through, it is best to treat it with caution when it occurs. It is important to navigate directly to the official booking service, hotel website, or verified mobile application to complete payment updates, irrespective of whether the message appears within a booking platform, via email, SMS, or messaging application. 

To obtain confirmation, guests should contact the property using information obtained independently from trusted sources rather than embedding information within the message. The individual who has already submitted payment details should assume that the information may be compromised. They should notify their financial institution as soon as possible, replace the affected cards, enable transaction monitoring, and be vigilant for subsequent fraud attempts that may utilise the stolen information. 

As phishing campaigns based on reservations are emerging, they illustrate how cybercrime is evolving beyond mass deception towards highly contextual attacks that utilise trust, timing, and legitimate data. A growing number of threat actors are exploiting compromised business systems as well as customer information, which leads to diminished visibility of traditional fraud indicators, leaving organisations and consumers exposed to risks that are more difficult to identify and prevent.

For the hospitality sector, the incident is a reminder that protecting guest data has become a critical security responsibility, which has direct consequences for customer trust rather than simply a privacy obligation. 

As a traveller, the best way to protect yourself is by verifying through trustworthy channels and exercising a healthy degree of caution in unexpected situations involving payments or sensitive information. As even genuine booking information can be weaponised in such an environment, trust should be anchored in independently verified actions rather than the apparent authenticity of a message.
Read more »
Subscribe to: Posts (Atom)