Cybersecurity

ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Stories

- **Ravie Lakshmanan**Jul 09, 2026Hacking News / Cybersecurity News [*](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAXvG0n7eiC50jtfO-3MYOPx-Z0iWiucBfHqzY2QNH-5fUyfWcGu3NME0yERr2qWK...

T
The Hacker News
~16 min read

Ravie LakshmananJul 09, 2026Hacking News / Cybersecurity News * Most security mess starts as admin work. A link gets clicked. A tool gets trusted. A bucket name gets reused. A setting stays loose because nobody wants to touch it.

This week is full of that kind of damage. Not loud. Not clever. Just small gaps doing big jobs. The worst part is how normal it all looks until the bill arrives.

The full ThreatsDay list is below.

Global fraud bust

Global Operation Leads to ~6K Arrests

A global anti-fraud operation involving 97 countries and territories has resulted in the arrest of 5,811 individuals and the interception of $293 million in illicit assets as part of an operation codenamed First Light 2026 that took place between January 15 and April 30, 2026, to tackle social engineering scams and associated money laundering activities. "Over 142,000 victims globally were identified during Operation First Light 2026, highlighting the extent to which social engineering scams and fraud have escalated into a major transnational threat, affecting individuals, businesses, and governments," INTERPOL said. More than 23,000 cases were solved, and 15,606 suspects have been identified. In Eswatini, authorities arrested 82 people and dismantled a criminal network running illegal online gambling, money laundering, and elaborate impersonation scams. The Thai police made two arrests and uncovered a money laundering scheme that converted illicit funds from romance scams into various cryptocurrencies, using cross-chain token swaps to obscure the financial trail.

Payment SDK typosquats

Coordinated npm and PyPI Campaign Typosquats Secure Payment Apps

A cluster of 17 malicious npm and PyPI packages have been found to typosquat Paysafe, Skrill, and Neteller SDKs to steal system information and developer secrets, and exfiltrate them to an Ngrok endpoint. The malware skips machines that have less than two CPU cores, and the hostname or username contains sandbox, analyzer, cuckoo, virus, malware, vmware, or vbox. "The threat actor targeted payment app SDKs, which might indicate a financial motive or the desire to monetize using payment app accounts," Socket said. "The threat actor used their obfuscator 'properly.' They did not re-use the same obfuscation key across versions or packages, which is intended to prevent signatures from tracking this malware by the same key. This resulted in different hashes for each file."

Stealthy code injection

Process Parameter Poisoning to Avoid Detection

Cybersecurity researchers have outlined a technique called Process Parameter Poisoning (P³) that can be used to code in foreign processes without raising any security alarms. "P³-Shellcode Loader is a loader that implements a code injection technique which leverages the Process Parameters structure (Process Parameter Poisoning) as an execution and staging location for shellcode injection into remote processes, without triggering common detection mechanisms," researchers Max Hirschberger and Ogulcan Ugur said. "One major advantage of this technique is that no processes are created in a suspended state and no threads or processes are suspended during its execution."

Unauthenticated file access

Critical Directory Traversal Flaw in Esri ArcGIS Server

A critical security flaw in Esri ArcGIS Server 12.0 and prior (CVE-2026-9181, CVSS score: 9.8/7.5) could be exploited to access sensitive files on the system without requiring valid credentials by sending crafted path parameters. "The vulnerability exists in the ArcGIS Server REST Uploads resource, where insufficient validation of crafted path parameters allows an unauthenticated remote attacker to traverse outside the intended directory boundary," Horizon3.ai said.

Ransomware tooling overlap

Interlock and Rhysida Ransomware Ecosystem Detailed

A new analysis of the Interlock (aka Hive0163) ransomware operation has identified links with TAG-124 (aka KongTuke and Landupdate808). The threat actor is known to employ a variety of mostly custom malware, including NodeSnake, Interlock RAT, JunkFiction downloader (aka Dormouse), Supper (aka SocksShell and WINDYTWIST), and JunkFiction cryptor. IBM X-Force said it has discovered strong overlaps between NodeSnake, ModeloRAT, JunkFiction downloader, Interlock RAT, and Supper malware variants, indicating a shared original codebase or possibly common developers. Rhysida, on the other hand, often uses Endico downloader, Broomstick (aka Oyster or CleanUpLoader), Supper, and Tomb cryptor (aka Textshell or pkr_mtsi). Evidence indicates a relationship with IceNova (aka Latrodectus) operators and ITG23 (aka TrickBot). Early versions of JunkFiction date back to May 2024, with the downloader being used to Supper, which then delivers CrossTec Remote Control, a legitimate remote administration tool. "The fact that both ModeloRAT and NodeSnake were deployed by TAG-124/KongTuke, possessed overlaps with other malware families belonging to the Interlock toolkit and used the same exploit during their operations, supports the theory that these activities may be linked," IBM X-Force said.

*

Claude data warning

China Urges Developers to Ditch Claude

China's National Vulnerability Database (CNVDB) is urging developers to uninstall recent Claude Code versions over concerns that they can gather sensitive user data without consent. The "backdoor code" can collect details such as a user's location and identity, and forward them to remote servers. The agency said the alert only applies to Claude Code versions 2.1.91 (April 2) to 2.1.196 (June 29). "It is recommended that relevant units and users immediately conduct a comprehensive investigation," CNVDB said. "For development terminals with the above-mentioned affected versions installed, immediately uninstall or upgrade to the latest secure version with the relevant backdoor code removed; strengthen the control of external access permissions and traffic monitoring of development tools within core business network segments to prevent the unauthorized transmission of sensitive data." The disclosure comes shortly after a report that Claude contained covert code designed to prevent Chinese AI companies from extracting details about its inner workings. Anthropic subsequently said it was an experiment to protect against model distillation.

Teams support lure

Fake IT Support Scheme Delivers EtherRAT

A social engineering campaign has combined email phishing with a fake IT support scam abusing Microsoft Teams calls to deliver EtherRAT. "The attack lures the victim with a fake 'Employee Survey' email and PDF, then pivots to a Microsoft Teams call from an actor impersonating a 'System Administrator,'" Palo Alto Networks Unit 42 said. "The actor abuses Teams remote control (give/request control) to control the victim's machine, then guides the victim to install different remote RMM tools to establish persistence - HopToDesk and AnyDesk. The actor uses cmd.exe > curl.exe to download a malicious MSI (v7.msi) from camorreado[.]click and execute it. The MSI is a multi-stage loader that downloads a legitimate Node.js runtime, decrypts an embedded payload through a multi-step cipher chain, and runs EtherRAT."

Scattered Spider link

Are Scattered Spider and 0ktapus the Same?

The notorious cybercrime group known as Scattered Spider is called by various names, including Octo Tempest, Muddled Libra, and UNC3944. Group-IB, which designated the term 0ktapus to a social engineering attack campaign targeting Twilio in August 2022, said Scattered Spider can be best described as a decentralized cybercrime collective analogous to The Com, with 0ktapus acting as a sub-cluster within the group. Scattered Spider comprises smaller clusters that are united by the use of shared tradecraft and English as a common language, but act separately. "Physical device theft activity from mobile carrier stores has been observed in at least one subcluster, for SIM swapping purposes," Group-IB said. "Subclusters target all kinds of sectors, either as end-targets for direct exploitation or as stepping stones to gather intelligence or tools for future attacks." The end goal of these attacks is cryptocurrency theft and ransomware, leading to extortion.

LINE espionage scheme

Taiwan Charges 2 Businessmen for Alleged Chinese Espionage Campaign

Taiwanese authorities have charged two local businessmen with allegedly assisting Chinese government-linked hackers carry out a sprawling espionage campaign targeting politicians, academics, journalists, and civil society groups. The suspects are believed to have run a company that collected and leased accounts for the LINE messaging app to operators linked to China's cyber forces. The accounts were then used to impersonate international journalists and build trust with targets and ultimately deliver malware designed to compromise their computers. The LINE accounts were rented by a Chinese firm named Xiamen Empress Information Technology.

Meta phishing abuse

Meta Phishers Abuse Business Account Manager Service

An unknown threat actor is manipulating Meta's Business Account Manager to send spam emails that bypass email filters since at least November 2025 and trick victims into providing their Meta account details to the attacker on attacker-controlled web pages. The emails were sent from a Meta business account. "Starting in June, they modified their phishing lure to incorporate a chatbot, run through a fraudulent account on Facebook Messenger, and began sending credentials to a private Telegram channel," Huntress said. "The phishing campaign appears to target businesses and attempts to capture credentials, MFA codes, business and personal phone numbers, email addresses, and an image of the target's ID or passport." Meta has since taken steps to plug the attack method.

Windows LPE chain

Extending EPM Poisoning to Achieve LPE on Windows

In August 2025, SafeBreach researcher Ron Ben Yizhak disclosed details of an issue (CVE-2025-49760) in Microsoft's Windows Remote Procedure Call (RPC) communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server. Then, in October 2025, Microsoft addressed another vulnerability tracked as CVE-2025-59200, which has been described as a spoofing flaw in the Data Sharing Service Client. "By exploiting a vulnerability in the Data Sharing Service (DsSvc) – tracked as CVE-2025-59200 – an attacker can spoof an RPC server, then send a hotkey that bypasses User Interface Privilege Isolation (UIPI) to start a scheduled task," Ben Yizhak said. "The task sends an RPC request to the spoofed server of the attacker and the response injects an XML into a toast notification to elevate privileges from low to medium integrity."

Kernel driver flaws

Multiple Flaws in Realtek SD Card Reader Driver

Multiple vulnerabilities have been disclosed in RtsPer.sys, an SD card reader driver developed by Realtek. These vulnerabilities enable non-privileged users to leak the contents of the kernel pool and kernel stack, write to arbitrary kernel memory, and read and write physical memory from user mode via the DMA capability of the device, per a security researcher who goes by the name "zwclose." The issues impact many OEMs, including Dell, Lenovo, and possibly other laptops equipped with an SD card reader manufactured by Realtek. The issues have been assigned the CVEs: CVE-2022-25477, CVE-2022-25478, CVE-2022-25479, CVE-2022-25480, CVE-2024-40431, and CVE-2024-40432. The complete set of fixes was released by Realtek in August 2024.

New ransomware behavior

WhiteLock and Prinz Eugen Ransomware Analyzed

Ransomware attacks that deploy WhiteLock involve the locker communicating with external servers during the encryption process and terminating Services related to remote access tools, such as AnyDesk and TeamViewer, to prevent victims from responding remotely. "After registering an infected device, WhiteLock checks whether AnyDesk and TeamViewer are installed on the victim's device," AhnLab said. "If these tools are present, it terminates the relevant Services in subsequent stages. This behavior is interpreted as an attempt to prevent security personnel or administrators from isolating the infected system or responding in real time through remote access tools." Another new ransomware entrant is Prinz Eugen, which was first detected in May 2026. "The encryptor is freshly built, written in Go, and more technically deliberate than many first-wave ransomware samples," Threatdown said. "It performs recursive encryption, prioritizes recently modified files, uses ChaCha20-Poly1305 with integrity checks, and leaves no ransom note on disk." The ransomware is advertised by a threat actor named ROOTBOY on underground forums, who has previously engaged in data sale and extortion activity between July and November 2025. The development comes as the Bumblebee malware loader, deployed via SEO poisoning through a trojanized installer for ManageEngine OpManager, has been leveraged by threat actors to drop AdaptixC2, which then acts as a conduit for Akira ransomware deployment.

Chrome extension hijack

GhostChrome-X, a Chrome Extension Integrity Bypass

Cybersecurity researchers have flagged a new browser-based threat dubbed GhostChrome-X that uses Google Chrome to establish and maintain access to compromised hosts. "Two aspects in particular make GhostChrome-X noteworthy. First, the malware directly targets Chrome's extension trust model by modifying protected configuration files and forging the integrity metadata required for Chrome to accept an attacker-controlled extension as a legitimate browser component," Rubrik Zero Labs said. "Second, rather than functioning solely as a data-stealing extension, GhostChrome-X integrates browser-based access with operating system-level command execution, enabling the browser to serve as a persistent platform for ongoing attacker operations." Once active, the malware establishes persistence using scheduled tasks and Registry Run keys, while communicating with an external server to collect browser cookies, browsing history, and submitted form data. It also supports remote command execution on the infected system and "monitors WebAuthn activity and enables attacker-controlled interactions with WebAuthn-enabled websites from within the victim's browser session."

Tax refund RAT lure

Indian Income Tax Lures Used to Deliver AsyncRAT and LX RAT

A phishing and malware campaign is using Indian Income Tax Return (ITR) refund lures to deliver a multi-stage AutoIt infection chain that leads to the deployment of AsyncRAT. The campaign has targeted financial and technology organizations. "The operation is notable for the way it combines credible email delivery, compromised web infrastructure, Dropbox-hosted payloads, password-protected archives, AutoIt staging, sandbox-aware execution, persistence, process injection, and a final .NET RAT payload," ZeroBEC said. "More recent samples shifted to LX RAT, a commercially marketed remote access trojan protected by the LX Crypter / LX Protector ecosystem." Fraudulent tax assessment notifications have also been used to distribute a trojan-like payload to targeted users using DLL side-loading techniques. The rogue DLL features persistence mechanisms, system information discovery, user activity monitoring, dynamic payload execution, and encrypted command-and-control (C2) communication. "The observed capabilities -- including modular payload loading, encrypted communication, persistence mechanisms, and remote execution functionality -- indicate that the campaign is designed to establish unauthorized access to and maintain control over compromised hosts," CYFIRMA said.

*

Fileless Remcos loader

Steganographic Loader Campaign Drops Remcos RAT

Another campaign targeting India, this time using GST-themed ZIP archive lures to deliver a variant of the Remcos RAT malware family. "One notable characteristic of this infection chain was its reliance on in-memory execution techniques / fileless malware and Steganography," K7 Labs said. "By avoiding disk-based artifacts, the threat reduces forensic evidence and increases its ability to evade traditional security tools and signature-based detection methods."

Teams access phish

Microsoft Teams-Themed Remote Access Phishing Campaign Spotted

An active phishing campaign is using Microsoft Teams-themed lures to distribute a legitimate remote access tool configured for unauthorized access. "Victims are directed to convincing landing pages that impersonate collaboration and productivity services, where they are prompted to download software presented as a meeting transcript viewer, recording utility, or document-related application," CYFIRMA noted. "The use of compromised business websites provides reputational legitimacy, while dedicated infrastructure enables rapid deployment and campaign scalability. The operation demonstrates active maintenance, with the majority of identified infrastructure observed within the last three to six months, indicating continued development and operational investment."

ADFS token forgery risk

Recovering Active ADFS Signing Keys via Machine DPAPI

Google-owned Mandiant has revealed that "when ADFS certificates are manually rotated, configuration drift can silently leave active signing keys exposed in Machine DPAPI," adding "in environments where AutoCertificateRollover is disabled, and certificates are manually rotated, the database often becomes a 'ghost'—a record that still exists, still decrypts successfully, but references a certificate no longer used for token signing by the ADFS service." The tech giant has warned that the technique could be exploited by bad actors to forge high-privilege SAML tokens.

Cloud exfiltration controls

AWS Egress Controls to Prevent Data Exfiltration

Amazon Web Services (AWS) has emphasized the need for a layered strategy for egress security and to prevent data exfiltration. "Without egress controls in place, that outbound traffic can flow freely, and the unauthorized access might go unnoticed until a compliance audit, customer complaint, or incident notification forces discovery," AWS said. The risk is compounded by agentic AI systems, in which an unauthorized party can manipulate an autonomous agent’s objectives to silently exfiltrate data and achieve code execution. "As organizations deploy AI agents with access to tools, APIs, and code interpreters, these agents become high-value targets, and their outbound network activity must be constrained with the same rigor as any other workload," AWS said.

Cloud data rerouting

Cloud Bucket Hijacking Attack

Palo Alto Networks Unit 42 has identified a bucket hijacking technique that impacts major cloud service providers. It has been described as a fundamental architectural flaw. "An attacker can silently compromise an organization's active data streams by rerouting data into an external storage bucket," Unit 42 said. "Because a storage bucket name is globally unique, an attacker can simply delete the bucket and then recreate it under the attacker's own account using the same name. This, therefore, creates a global namespace risk. This bucket hijacking reroutes critical logs and sensitive data directly to the attacker's environment." A similar attack method, dubbed Bucket Monopoly, was detailed by Aqua Security in 2024. There is no evidence that the attack technique has been abused in the wild. In recent weeks, Unit 42 has also warned that: (1) insecure default configurations and overly permissive enrollment rights in Active Directory Certificate Services (AD CS) can be exploited for privilege escalation, unauthorized identity impersonation, and persistence; (2) Kubernetes identities can be abused in combination with exposed attack surfaces to escalate privileges from initial access to sensitive backend cloud infrastructure; (3) multi-agent AI systems can introduce new pathways for exploitation through inter-agent communication and orchestration via prompt injection due to a model's inability to reliably differentiate between developer-defined instructions and adversarial user input, and a lack of agent capability scoping and tool input sanitization; (4) Amazon Bedrock AgentCore's Code Interpreter sandbox network isolation mode can be bypassed to allow sending and receiving of data from external endpoints via DNS tunneling by taking advantage of a lack of session token enforcement; and (5) AgentCore starter toolkit's auto-create logic generates identity and access management (IAM) roles that grant privileges broadly across the AWS account, rather than being scoped to individual resources, effectively introducing what's called an Agent God Mode that makes it possible to escalate privileges and compromise every other AgentCore agent within the AWS account.

The useful lesson this week is not “watch for weird behavior.” Weird is late. By then the fake support call has a session, the package has run, the bucket is gone, and the quiet process already has somewhere to send data.

Watch the normal paths instead. Names that look almost right. Tools asking for slightly too much. Services that still trust old state. Traffic that should have had nowhere to go. Most of the damage here did not need magic. It needed permission, habit, and nobody looking closely enough.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

SHARE

Tweet Share Share Share

SHARE artificial intelligence, Cloud security, Cybercrime, cybersecurity, Malware, Privacy, ransomware, Threatsday Bulletin, Vulnerability

Share this article