Threat Alerts

Threat actors are increasingly abusing external collaboration features in Microsoft Teams to conduct helpdesk impersonation attacks, contacting employees via cross-tenant chats while posing as internal IT staff to socially engineer remote access—typically through Quick Assist. This trend aligns with the broader shift toward identity-based intrusion, where attackers prioritize trusted access over exploitation; notably, social engineering and user interaction remain among the leading initial access vectors, with remote support abuse becoming a recurring technique in enterprise environments. By leveraging legitimate tools such as PowerShell, WinRM, and cloud storage utilities like Rclone, attackers are able to blend malicious activity into normal operations, reducing detection rates and enabling more targeted, lower-noise data exfiltration.

A shift has been observed in China-nexus threat actor activity toward the use of large-scale “covert networks” composed of compromised SOHO routers, IoT devices, and other edge infrastructure. These networks enable anonymized and distributed operations across the full attack lifecycle, including reconnaissance, command-and-control, and data exfiltration, while complicating attribution and detection.

These infrastructures are dynamic and continuously evolving, with new devices added as others are remediated, reducing the effectiveness of traditional static IOC-based defenses. As a result, defensive approaches increasingly rely on enhanced asset visibility, network behavior baselining, enforcing multi-factor authentication, leveraging dynamic threat intelligence, and applying advanced controls like zero trust, traffic profiling, and anomaly detection to better identify and mitigate activity originating from such networks.

A critical vulnerability (CVE-2026-40372, CVSS 9.1) has been identified in ASP.NET Core applications, stemming from improper verification of cryptographic signatures within the Data Protection framework. The flaw enables unauthenticated, network-based exploitation, allowing attackers to forge authentication cookies or other protected payloads that are accepted as legitimate. Successful exploitation may lead to privilege escalation, potentially reaching system-level access, as well as unauthorized decryption of sensitive data. The vulnerability primarily impacts applications running affected versions of the Data Protection library, particularly on non-Windows environments, increasing exposure across cloud-hosted and containerized workloads.

The issue originates from a regression in the managed authenticated encryptor, which computes validation tags over incorrect portions of payloads, breaking integrity guarantees and enabling forged payloads to bypass verification. A notable aspect of this vulnerability is token persistence, where tokens issued during the vulnerable window may remain valid even after patching unless cryptographic keys are rotated, effectively extending the exposure window. Although no public exploitation has been reported, the unauthenticated nature of the flaw and its impact on authentication mechanisms make it a high-value target for threat actors seeking to manipulate identity and access controls in web-facing environments.

The Gentlemen ransomware-as-a-service operation has rapidly emerged as a significant threat, claiming over 320 victims since mid-2025. Operating a double-extortion model with cross-platform capabilities targeting Windows, Linux, NAS, BSD, and ESXi, the group’s affiliate-driven structure enables fast, large-scale enterprise encryption.

Initial access is gained through exposed internet-facing services or compromised credentials, after which attackers establish a privileged foothold — often at the domain controller level — to conduct reconnaissance and validate credentials. From there, lateral movement proceeds through native administration channels and remote execution methods, while credential harvesting tools and adversary simulation frameworks extend access across the environment. Security controls are systematically disabled, including endpoint protection, firewalls, and SMB hardening, before the ransomware payload is staged and distributed.

Deployment is executed near-simultaneously across domain-joined assets using native domain management mechanisms, achieving rapid, broad encryption. The ransomware employs a hybrid cryptographic model with per-file ephemeral keys and partial encryption to optimize speed, while also terminating backup services, virtualisation processes, and deleting recovery artifacts to hinder restoration. A covert tunneling SystemBC malware component — linked to over 1,570 compromised systems globally — further extends the operation’s reach, suggesting a modular, scalable attack infrastructure that likely exceeds publicly reported victim counts.

A new npm supply chain attack has been uncovered targeting packages associated with Namastex.ai, exhibiting strong similarities to previously observed TeamPCP-style CanisterWorm activity. The campaign appears to involve compromised legitimate packages rather than newly created malicious ones, with attackers injecting install-time malware designed to execute automatically during dependency installation. The techniques observed indicate a broader and ongoing compromise affecting multiple publisher environments and development ecosystems.

The malicious payload focuses on harvesting sensitive data from developer systems, including environment variables, authentication tokens, SSH keys, cloud credentials, and local configuration files. Collected data is exfiltrated to external infrastructure, including decentralized canister-based endpoints, and may be encrypted prior to transmission. Beyond data theft, the malware includes self-propagation capabilities by abusing stolen publishing credentials to inject malicious code into additional packages, as well as cross-ecosystem spread mechanisms targeting other package repositories.

This campaign demonstrates a significant evolution in supply chain threats, combining credential harvesting with automated propagation to expand reach across development pipelines. By targeting developer environments and CI/CD workflows, attackers can gain access to high-value systems and scale infections rapidly. Organizations should treat exposure as a potential compromise of development credentials and software distribution processes.

A significant software supply chain incident has been identified involving malicious artifacts distributed through Checkmarx’s KICS ecosystem, including compromised Docker images and developer tooling. Attackers were able to overwrite legitimate image tags and introduce unauthorized versions containing modified binaries with embedded data exfiltration capabilities. These tampered images could collect scan results, encrypt them, and transmit sensitive data externally, posing a serious risk to organizations scanning infrastructure-as-code files that may contain credentials or configuration secrets.

The compromise extended beyond container images into development environments, with trojanized code extensions introducing hidden functionality that downloads and executes a secondary payload. This multi-stage infection chain leverages a malicious addon to harvest credentials from developer systems, including cloud tokens, SSH keys, environment variables, and CI/CD secrets. Stolen access is then used to propagate the attack further by injecting malicious workflows into repositories, enabling automated exfiltration of sensitive data and expanding the attack surface across development pipelines.

Further analysis indicates the campaign was designed for persistence and lateral movement within software ecosystems. By abusing repository access and automation workflows, attackers can silently extract secrets, create new distribution points, and compromise additional projects. The incident highlights the growing risk of supply chain attacks targeting developer tools and CI/CD infrastructure, where a single compromised component can cascade into widespread exposure across multiple environments.