π ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
ConsentFix and ClickFix describe fast account-takeover methods targeting Microsoft 365 accounts. The title indicates token theft via fake prompts and OAuth consent flows, enabling rapid session compromise without relying on password theft alone.
Operationally, this highlights the continuing shift from credential attacks to token and authorization abuse. For defenders, the key issue is that MFA can be sidestepped when users are tricked into granting access or handing over active session material.
π°οΈ Open sources - closed narratives
@sitreports
ConsentFix and ClickFix describe fast account-takeover methods targeting Microsoft 365 accounts. The title indicates token theft via fake prompts and OAuth consent flows, enabling rapid session compromise without relying on password theft alone.
Operationally, this highlights the continuing shift from credential attacks to token and authorization abuse. For defenders, the key issue is that MFA can be sidestepped when users are tricked into granting access or handing over active session material.
π°οΈ Open sources - closed narratives
@sitreports
π Umbrij malware uses OAuth flow to reach Gmail via Google API
Researchers linked the Umbrij malware to the ToddyCat cluster after identifying abuse of OAuth authentication to access Gmail through the Google API. The case highlights a credential access path that relies on legitimate cloud authorization mechanisms rather than direct password theft.
Operationally, this shifts detection from mailbox compromise indicators toward OAuth consent activity, token use, and anomalous API calls. For defenders, the key issue is that trusted cloud workflows can be repurposed for espionage access while blending into normal service traffic.
π°οΈ Open sources - closed narratives
@sitreports
Researchers linked the Umbrij malware to the ToddyCat cluster after identifying abuse of OAuth authentication to access Gmail through the Google API. The case highlights a credential access path that relies on legitimate cloud authorization mechanisms rather than direct password theft.
Operationally, this shifts detection from mailbox compromise indicators toward OAuth consent activity, token use, and anomalous API calls. For defenders, the key issue is that trusted cloud workflows can be repurposed for espionage access while blending into normal service traffic.
π°οΈ Open sources - closed narratives
@sitreports
π Google disrupts NetNut proxy network used in malware operations
Google says it disrupted NetNut proxy network infrastructure that was allegedly used to conceal and route malicious activity. The move points to action against a large pool of internet-connected devices functioning as relay nodes for malware-linked operations.
Operationally, degrading a proxy layer matters because it strips threat actors of obfuscation, complicates command routing, and can expose traffic patterns for follow-on detection. It also highlights how commercial or semi-commercial proxy services can intersect with criminal intrusion ecosystems.
π°οΈ Open sources - closed narratives
@sitreports
Google says it disrupted NetNut proxy network infrastructure that was allegedly used to conceal and route malicious activity. The move points to action against a large pool of internet-connected devices functioning as relay nodes for malware-linked operations.
Operationally, degrading a proxy layer matters because it strips threat actors of obfuscation, complicates command routing, and can expose traffic patterns for follow-on detection. It also highlights how commercial or semi-commercial proxy services can intersect with criminal intrusion ecosystems.
π°οΈ Open sources - closed narratives
@sitreports
π Ransomware operators shift toward edge exploits and trusted access
A new ransomware trend highlights increasing use of Citrix Bleed 2, bring-your-own-vulnerable-driver techniques, and stolen supply-chain credentials. The activity points to attackers combining perimeter exploitation, kernel-level evasion, and access obtained through third-party relationships rather than relying on a single intrusion path.
Operationally, this compresses detection time and complicates response across identity, endpoint, and network layers. The overlap of edge-device compromise, legitimate credential abuse, and signed but vulnerable drivers reduces friction for lateral movement and makes trusted dependencies a primary exposure surface.
π°οΈ Open sources - closed narratives
@sitreports
A new ransomware trend highlights increasing use of Citrix Bleed 2, bring-your-own-vulnerable-driver techniques, and stolen supply-chain credentials. The activity points to attackers combining perimeter exploitation, kernel-level evasion, and access obtained through third-party relationships rather than relying on a single intrusion path.
Operationally, this compresses detection time and complicates response across identity, endpoint, and network layers. The overlap of edge-device compromise, legitimate credential abuse, and signed but vulnerable drivers reduces friction for lateral movement and makes trusted dependencies a primary exposure surface.
π°οΈ Open sources - closed narratives
@sitreports
π Cisco confirms active exploitation of Unified CM flaw
Cisco has acknowledged in its security advisory update that CVE-2026-20230 is being exploited in the wild. The flaw affects Unified Communications Manager and can be triggered remotely without privileges via crafted HTTP requests in SSRF attacks. Cisco patched it on June 3 and now urges customers to move to fixed releases or disable the WebDialer service if patching is delayed.
The timeline matters: public PoC code appeared before Cisco confirmed active abuse, while external researchers had already documented file-write exploitation paths. With more than 200 internet-exposed Unified CM instances reportedly visible, this shifts the issue from patch guidance to active attack surface reduction.
π°οΈ Open sources - closed narratives
@sitreports
Cisco has acknowledged in its security advisory update that CVE-2026-20230 is being exploited in the wild. The flaw affects Unified Communications Manager and can be triggered remotely without privileges via crafted HTTP requests in SSRF attacks. Cisco patched it on June 3 and now urges customers to move to fixed releases or disable the WebDialer service if patching is delayed.
The timeline matters: public PoC code appeared before Cisco confirmed active abuse, while external researchers had already documented file-write exploitation paths. With more than 200 internet-exposed Unified CM instances reportedly visible, this shifts the issue from patch guidance to active attack surface reduction.
π°οΈ Open sources - closed narratives
@sitreports
π 950 Oracle E-Business Suite instances exposed amid active CVE-2026-46817 exploitation
Shadowserver identified about 950 internet-exposed Oracle E-Business Suite instances worldwide after expanding detection to include domain-based scanning. The exposure set coincides with observed exploitation attempts targeting CVE-2026-46817, while Oracle has published remediation in its May 2026 Critical Patch Update Security Alert.
The count reflects external visibility, not confirmed compromise, but the overlap between broad exposure and active attack traffic puts internet-facing EBS deployments into a time-critical patching window. Given EBSβs role in finance, HR, and supply-chain workflows, exposed systems present both high-value data targets and potential internal access points.
π°οΈ Open sources - closed narratives
@sitreports
Shadowserver identified about 950 internet-exposed Oracle E-Business Suite instances worldwide after expanding detection to include domain-based scanning. The exposure set coincides with observed exploitation attempts targeting CVE-2026-46817, while Oracle has published remediation in its May 2026 Critical Patch Update Security Alert.
The count reflects external visibility, not confirmed compromise, but the overlap between broad exposure and active attack traffic puts internet-facing EBS deployments into a time-critical patching window. Given EBSβs role in finance, HR, and supply-chain workflows, exposed systems present both high-value data targets and potential internal access points.
π°οΈ Open sources - closed narratives
@sitreports
π« Pentagon awards $500M counter-drone contract to AeroVironment
The Pentagon has awarded AeroVironment a $500 million, three-year Army-managed contract to procure commercial counter-drone technology, with task orders to define locations and funding. The AeroVironment award specifically references defenses against small unmanned aerial systems.
The contract signals continued DoD emphasis on scaling lower-cost C-UAS options after recent scrutiny of expensive interceptors used against cheap drones. It also deepens AeroVironmentβs position across both strike and defensive drone segments, including directed-energy systems already tested in military airspace operations.
π°οΈ Open sources - closed narratives
@sitreports
The Pentagon has awarded AeroVironment a $500 million, three-year Army-managed contract to procure commercial counter-drone technology, with task orders to define locations and funding. The AeroVironment award specifically references defenses against small unmanned aerial systems.
The contract signals continued DoD emphasis on scaling lower-cost C-UAS options after recent scrutiny of expensive interceptors used against cheap drones. It also deepens AeroVironmentβs position across both strike and defensive drone segments, including directed-energy systems already tested in military airspace operations.
π°οΈ Open sources - closed narratives
@sitreports
π€ Dutch military invests millions in drone software platform
The Netherlands is committing tens of millions of euros to a three-year partnership with Intelic to develop drone software for the Dutch military. The deal centers on a domestic defence technology firm and signals a funded push into software infrastructure rather than airframes alone.
Operationally, this points to growing emphasis on the software layer behind unmanned systems: control, integration, scaling, and mission management. For OSINT watchers, it is another indicator that European militaries are investing not just in drones, but in the digital architecture needed to field them effectively.
π°οΈ Open sources - closed narratives
@sitreports
The Netherlands is committing tens of millions of euros to a three-year partnership with Intelic to develop drone software for the Dutch military. The deal centers on a domestic defence technology firm and signals a funded push into software infrastructure rather than airframes alone.
Operationally, this points to growing emphasis on the software layer behind unmanned systems: control, integration, scaling, and mission management. For OSINT watchers, it is another indicator that European militaries are investing not just in drones, but in the digital architecture needed to field them effectively.
π°οΈ Open sources - closed narratives
@sitreports
π€ Air and Space Force test integrated AI battle management stack
The Department of the Air Force ran its first Multi-Decision Advantage Sprint for Human-Machine Teaming in May, combining AI microservices from six industry teams plus government engineers into a single workflow. The two-week MASH experiment also marked the first active Space Force participation in this ABMS wargame series.
The event is notable less for standalone AI performance than for software orchestration across vendors and domains. Air Force officials said the tools accelerated target identification, capability matching, and course-of-action generation, while guardian participation tested whether the same decision architecture can support integrated multi-domain command and control.
π°οΈ Open sources - closed narratives
@sitreports
The Department of the Air Force ran its first Multi-Decision Advantage Sprint for Human-Machine Teaming in May, combining AI microservices from six industry teams plus government engineers into a single workflow. The two-week MASH experiment also marked the first active Space Force participation in this ABMS wargame series.
The event is notable less for standalone AI performance than for software orchestration across vendors and domains. Air Force officials said the tools accelerated target identification, capability matching, and course-of-action generation, while guardian participation tested whether the same decision architecture can support integrated multi-domain command and control.
π°οΈ Open sources - closed narratives
@sitreports
π EU lawmaker who investigated surveillance reportedly hacked with Israeli spyware
Researchers say a former European Parliament member who worked on an inquiry into abusive surveillance was compromised with Israeli spyware. The reported target had previously been involved in examining misuse of monitoring technologies inside the EU.
If confirmed, the case is notable because it places a figure tied to oversight of surveillance among the victims. That sharpens concerns around counter-investigation pressure, exposure of committee activity, and the wider security posture of officials handling sensitive accountability work.
π°οΈ Open sources - closed narratives
@sitreports
Researchers say a former European Parliament member who worked on an inquiry into abusive surveillance was compromised with Israeli spyware. The reported target had previously been involved in examining misuse of monitoring technologies inside the EU.
If confirmed, the case is notable because it places a figure tied to oversight of surveillance among the victims. That sharpens concerns around counter-investigation pressure, exposure of committee activity, and the wider security posture of officials handling sensitive accountability work.
π°οΈ Open sources - closed narratives
@sitreports
π€ JADEPUFFER marks first documented end-to-end AI-run ransomware case
Sysdig says JADEPUFFER exploited CVE-2025-3248 on an exposed Langflow server, harvested secrets, pivoted through MinIO and Nacos, then encrypted and destroyed production database data without human intervention. Observed behavior included machine-speed error correction, adaptive parsing, persistence via crontab, and automated ransom note updates after encrypting 1,342 Nacos configuration items.
The significance is not new tooling but full task chaining: known flaws, default credentials, and exposed services were combined into a complete extortion workflow by an AI agent. The case shifts defensive focus toward exposure reduction, credential hygiene, and runtime detection, especially around internet-facing AI infrastructure.
π°οΈ Open sources - closed narratives
@sitreports
Sysdig says JADEPUFFER exploited CVE-2025-3248 on an exposed Langflow server, harvested secrets, pivoted through MinIO and Nacos, then encrypted and destroyed production database data without human intervention. Observed behavior included machine-speed error correction, adaptive parsing, persistence via crontab, and automated ransom note updates after encrypting 1,342 Nacos configuration items.
The significance is not new tooling but full task chaining: known flaws, default credentials, and exposed services were combined into a complete extortion workflow by an AI agent. The case shifts defensive focus toward exposure reduction, credential hygiene, and runtime detection, especially around internet-facing AI infrastructure.
π°οΈ Open sources - closed narratives
@sitreports
π FBI flags TeamPCP supply-chain campaign targeting CI/CD and cloud access
The FBI warned that TeamPCP compromised software distribution channels to push trojanized updates into tools used across enterprise development and security workflows, including Trivy, KICS, LiteLLM, and the Telnyx Python SDK. Reported payloads include CanisterWorm, SANDCLOCK, Mini Shai-Hulud, and Miasma, with theft focused on cloud tokens, API keys, Kubernetes credentials, and local environment secrets.
The operational impact is downstream and persistent: poisoned packages inside build pipelines can expose cloud control planes, automate credential harvesting, and propagate further through npm and PyPI using stolen accounts. The FBI assessment treats any exposed credentials or exfiltrated data as a long-term compromise risk.
π°οΈ Open sources - closed narratives
@sitreports
The FBI warned that TeamPCP compromised software distribution channels to push trojanized updates into tools used across enterprise development and security workflows, including Trivy, KICS, LiteLLM, and the Telnyx Python SDK. Reported payloads include CanisterWorm, SANDCLOCK, Mini Shai-Hulud, and Miasma, with theft focused on cloud tokens, API keys, Kubernetes credentials, and local environment secrets.
The operational impact is downstream and persistent: poisoned packages inside build pipelines can expose cloud control planes, automate credential harvesting, and propagate further through npm and PyPI using stolen accounts. The FBI assessment treats any exposed credentials or exfiltrated data as a long-term compromise risk.
π°οΈ Open sources - closed narratives
@sitreports
π PolinRider expands across open-source supply chain
North Korea-linked PolinRider activity has now been tied to 108 open-source projects, with 162 malicious release artifacts spanning 80 Go modules, 10 Packagist packages, and one Chrome extension. The campaign is associated with Contagious Interview and Famous Chollima, and includes compromised maintainer accounts such as Xpos587 used to push synchronized changes across unrelated repositories.
The tradecraft is notable: force-pushed and anti-dated commits can make repository history appear clean, while obfuscated loaders are hidden in config files or fake .woff2 font files and triggered through .vscode/tasks.json. This shifts detection away from visible commit timelines toward account activity, Git history anomalies, and developer-environment persistence.
π°οΈ Open sources - closed narratives
@sitreports
North Korea-linked PolinRider activity has now been tied to 108 open-source projects, with 162 malicious release artifacts spanning 80 Go modules, 10 Packagist packages, and one Chrome extension. The campaign is associated with Contagious Interview and Famous Chollima, and includes compromised maintainer accounts such as Xpos587 used to push synchronized changes across unrelated repositories.
The tradecraft is notable: force-pushed and anti-dated commits can make repository history appear clean, while obfuscated loaders are hidden in config files or fake .woff2 font files and triggered through .vscode/tasks.json. This shifts detection away from visible commit timelines toward account activity, Git history anomalies, and developer-environment persistence.
π°οΈ Open sources - closed narratives
@sitreports
π NetNut proxy network disrupted, 2 million infected devices cut off
A joint operation involving Google, the FBI, Lumen Technologies, and Shadowserver disrupted NetNut, a residential proxy network tied to at least 2 million compromised Android devices, including smart TVs and streaming boxes. Google says 316 distinct threat clusters were seen using suspected NetNut exit nodes in one week last month, while the FBI seized domains used by the service.
The takedown hits a major layer of criminal infrastructure: residential proxies let operators route traffic through home IP space, masking password spraying, access to attacker infrastructure, and victim-network operations. The case also underlines how proxy capacity is built on consumer malware and resold across an interconnected market.
π°οΈ Open sources - closed narratives
@sitreports
A joint operation involving Google, the FBI, Lumen Technologies, and Shadowserver disrupted NetNut, a residential proxy network tied to at least 2 million compromised Android devices, including smart TVs and streaming boxes. Google says 316 distinct threat clusters were seen using suspected NetNut exit nodes in one week last month, while the FBI seized domains used by the service.
The takedown hits a major layer of criminal infrastructure: residential proxies let operators route traffic through home IP space, masking password spraying, access to attacker infrastructure, and victim-network operations. The case also underlines how proxy capacity is built on consumer malware and resold across an interconnected market.
π°οΈ Open sources - closed narratives
@sitreports
π Bad Epoll flaw enables local root on Linux and Android
A newly disclosed Linux kernel vulnerability dubbed Bad Epoll allows unprivileged local users to escalate privileges to root. The issue affects Linux systems and also impacts Android, extending exposure beyond servers and workstations to mobile devices built on the same kernel base.
The key operational concern is that no elevated starting access is required: a low-privilege foothold can be converted into full system compromise. For defenders, this raises the priority of kernel patching and local access controls across both enterprise Linux fleets and Android-dependent environments.
π°οΈ Open sources - closed narratives
@sitreports
A newly disclosed Linux kernel vulnerability dubbed Bad Epoll allows unprivileged local users to escalate privileges to root. The issue affects Linux systems and also impacts Android, extending exposure beyond servers and workstations to mobile devices built on the same kernel base.
The key operational concern is that no elevated starting access is required: a low-privilege foothold can be converted into full system compromise. For defenders, this raises the priority of kernel patching and local access controls across both enterprise Linux fleets and Android-dependent environments.
π°οΈ Open sources - closed narratives
@sitreports
π Unpatched filesystem flaws exposed across embedded device supply chains
Multiple unpatched vulnerabilities have been disclosed in a filesystem bundled into millions of embedded devices. The issues affect a low-level software component widely integrated into firmware, expanding exposure across consumer, industrial, and network-connected hardware that may never receive direct updates.
The significance is systemic rather than isolated: a single vulnerable filesystem can propagate risk across many OEMs and product lines. That makes remediation dependent on fragmented vendor chains, long firmware cycles, and device classes with limited patch support.
π°οΈ Open sources - closed narratives
@sitreports
Multiple unpatched vulnerabilities have been disclosed in a filesystem bundled into millions of embedded devices. The issues affect a low-level software component widely integrated into firmware, expanding exposure across consumer, industrial, and network-connected hardware that may never receive direct updates.
The significance is systemic rather than isolated: a single vulnerable filesystem can propagate risk across many OEMs and product lines. That makes remediation dependent on fragmented vendor chains, long firmware cycles, and device classes with limited patch support.
π°οΈ Open sources - closed narratives
@sitreports
π SharkLoader pushes Cobalt Strike into memory
Researchers identified SharkLoader, an evasive multi-stage loader used by the StrikeShark cluster to deploy Cobalt Strike Beacon directly in memory. Initial access combines exploitation of internet-facing systems with fake installers, while execution chains rely on DLL side-loading, reflective loading, encrypted stages, and Perfect DLL Hijacking. Reported victims include government, diplomatic, and software targets across Asia, Europe, the Middle East, and Latin America.
The operational value is in low-noise post-compromise access. In-memory execution, signed binary abuse, process spoofing, event log interference, and frequent scheduled-task persistence compress detection time while enabling reconnaissance, credential theft, and Active Directory enumeration.
π°οΈ Open sources - closed narratives
@sitreports
Researchers identified SharkLoader, an evasive multi-stage loader used by the StrikeShark cluster to deploy Cobalt Strike Beacon directly in memory. Initial access combines exploitation of internet-facing systems with fake installers, while execution chains rely on DLL side-loading, reflective loading, encrypted stages, and Perfect DLL Hijacking. Reported victims include government, diplomatic, and software targets across Asia, Europe, the Middle East, and Latin America.
The operational value is in low-noise post-compromise access. In-memory execution, signed binary abuse, process spoofing, event log interference, and frequent scheduled-task persistence compress detection time while enabling reconnaissance, credential theft, and Active Directory enumeration.
π°οΈ Open sources - closed narratives
@sitreports
π Avalon framework adds ransomware delivery to modular malware stack
A newly documented Avalon malware framework now includes capabilities tied to CrownX ransomware, combining payload delivery, persistence, and post-compromise execution inside a broader modular toolkit. The framework appears positioned to support multiple intrusion stages rather than a single-use payload.
The key significance is consolidation: ransomware functionality is being embedded into flexible malware infrastructure, reducing the gap between initial access and encryption. For defenders, this raises the value of detecting framework behavior early, before operators shift from foothold to disruptive monetization.
π°οΈ Open sources - closed narratives
@sitreports
A newly documented Avalon malware framework now includes capabilities tied to CrownX ransomware, combining payload delivery, persistence, and post-compromise execution inside a broader modular toolkit. The framework appears positioned to support multiple intrusion stages rather than a single-use payload.
The key significance is consolidation: ransomware functionality is being embedded into flexible malware infrastructure, reducing the gap between initial access and encryption. For defenders, this raises the value of detecting framework behavior early, before operators shift from foothold to disruptive monetization.
π°οΈ Open sources - closed narratives
@sitreports
π DOM Poisoning Expands the AI Agent Attack Surface
Zscaler ThreatLabz documented two campaigns using hidden prompt instructions in website DOM elements to manipulate AI agents. The observed sites combined SEO poisoning, JSON-LD metadata, off-screen CSS text, and typosquatting to feed malicious directives to scrapers and LLM-based tools, including payment instructions and false authority signals. The technique is outlined in DOM poisoning research published on 3 July.
The cases show that AI agents parsing web content can be steered by invisible page elements that do not affect human users. Operationally, this turns search ranking, structured metadata, and retrieval pipelines into a single attack chain against automated troubleshooting, coding, and DeFi-related workflows.
π°οΈ Open sources - closed narratives
@sitreports
Zscaler ThreatLabz documented two campaigns using hidden prompt instructions in website DOM elements to manipulate AI agents. The observed sites combined SEO poisoning, JSON-LD metadata, off-screen CSS text, and typosquatting to feed malicious directives to scrapers and LLM-based tools, including payment instructions and false authority signals. The technique is outlined in DOM poisoning research published on 3 July.
The cases show that AI agents parsing web content can be steered by invisible page elements that do not affect human users. Operationally, this turns search ranking, structured metadata, and retrieval pipelines into a single attack chain against automated troubleshooting, coding, and DeFi-related workflows.
π°οΈ Open sources - closed narratives
@sitreports
π€ JadePuffer shows end-to-end ransomware automation
Researchers tracking JadePuffer describe what they assess as the first documented ransomware intrusion run entirely by an LLM agent. The operation exploited CVE-2025-3248 in Langflow, harvested credentials, moved into Alibaba Nacos infrastructure, established persistence, and encrypted 1,342 configuration items using MySQL functions before dropping extortion tables.
The notable detail is not just automation, but adaptation: the agent reportedly adjusted payload logic after errors, retried failed steps with refined parameters, and completed lateral movement and encryption without a visible human operator. That lowers execution barriers while creating a distinct trail of machine-generated code and behavior defenders can baseline.
π°οΈ Open sources - closed narratives
@sitreports
Researchers tracking JadePuffer describe what they assess as the first documented ransomware intrusion run entirely by an LLM agent. The operation exploited CVE-2025-3248 in Langflow, harvested credentials, moved into Alibaba Nacos infrastructure, established persistence, and encrypted 1,342 configuration items using MySQL functions before dropping extortion tables.
The notable detail is not just automation, but adaptation: the agent reportedly adjusted payload logic after errors, retried failed steps with refined parameters, and completed lateral movement and encryption without a visible human operator. That lowers execution barriers while creating a distinct trail of machine-generated code and behavior defenders can baseline.
π°οΈ Open sources - closed narratives
@sitreports
π North Korean-linked PolinRider campaign pushed 108 malicious dev packages
Researchers tracked 108 malicious npm packages and browser extensions tied to the PolinRider campaign, attributed to North Korean operators. The packages targeted developers and cryptocurrency users, using supply-chain delivery to plant malware through software dependencies and extensions.
The scale matters operationally: 108 separate uploads increase discovery surface and persistence across ecosystems developers trust by default. This is a broad access operation aimed at credential theft and downstream compromise through routine package installation rather than direct intrusion.
π°οΈ Open sources - closed narratives
@sitreports
Researchers tracked 108 malicious npm packages and browser extensions tied to the PolinRider campaign, attributed to North Korean operators. The packages targeted developers and cryptocurrency users, using supply-chain delivery to plant malware through software dependencies and extensions.
The scale matters operationally: 108 separate uploads increase discovery surface and persistence across ecosystems developers trust by default. This is a broad access operation aimed at credential theft and downstream compromise through routine package installation rather than direct intrusion.
π°οΈ Open sources - closed narratives
@sitreports