Analysis and advisories for water, energy, and industrial operators from RedEye Security.
Google has identified the first known case of threat actors using AI to develop a zero-day exploit—a 2FA bypass in an open-source administration tool. The discovery marks a watershed moment in offensive security capabilities and signals compressed attack timelines.
Google has identified the first known case of threat actors using AI to develop a zero-day exploit—a 2FA bypass in an open-source administration tool. The discovery marks a watershed moment in offensive security capabilities and signals compressed attack timelines.
Compromised FortiGate VPN credentials led to deployment of three Nightmare-Eclipse PE tools and a previously undocumented Go tunneling agent (BeigeBurrow) just eight days after public toolkit release. All privilege escalation attempts failed.
Attackers compromised JDownloader's official website to replace legitimate installers with Python-based remote access trojan malware. The supply chain attack targeted users of the popular download manager with 1.5 billion downloads worldwide.
A critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS 9.1) in Ollama enables unauthenticated attackers to exfiltrate entire process memory from over 300,000 servers. Two additional unpatched Windows vulnerabilities allow persistent code execution through the update mechanism.
Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.
A confused deputy flaw in Claude's 7M-user Chrome extension lets any other extension hijack your AI agent and exfiltrate Google Drive, Gmail, and GitHub — no permissions required. Anthropic's patch was bypassed in 3 hours.
Three malicious PyPI packages delivered ZiChatBot malware to Windows and Linux systems, accumulating 2,480 downloads before removal. The attack leveraged Zulip chat APIs for command-and-control, with code similarities linking it to Vietnam-aligned APT32.
A 9-year-old Linux kernel bug in the AEAD crypto interface lets any local user overwrite any file’s page cache and get root. The exploit is 732 bytes of Python. Researchers published it on April 29 — it works on every major distribution.
A new Linux backdoor called PamDOORa is being sold on Russian cybercrime forums for $1,600, targeting PAM authentication modules to steal SSH credentials and maintain persistent access. The malware represents an evolution beyond open-source PAM backdoors with integrated anti-forensic capabilities.
A sophisticated Linux implant is harvesting developer credentials from npm, PyPI, AWS, Docker, and CI/CD systems to poison software packages. The fileless malware uses dual-layer rootkit architecture and seven persistence mechanisms to maintain long-term access.
NVIDIA's VP of applied deep learning told Axios compute costs "far beyond" employee costs for his team. A 2024 MIT study found AI is economically viable in only 23% of roles. Uber's 2026 AI budget is already gone. The economics are still being figured out.
Attackers compromised official DAEMON Tools installers with digitally signed malware starting April 8, 2026, infecting thousands across 100+ countries. Only a dozen organizations received second-stage payloads, indicating sophisticated targeting of government, manufacturing, and research entities.
New credential theft framework PCPJack exploits five CVEs to spread worm-like across cloud environments while deliberately removing TeamPCP artifacts. The campaign targets Docker, Kubernetes, and multiple cloud services to harvest credentials from cloud, container, and financial platforms.
Iranian state-sponsored group MuddyWater deployed fake ransomware attacks via Microsoft Teams social engineering to mask credential theft and persistence operations. The campaign abused legitimate remote access tools and bypassed traditional encryption workflows in favor of data exfiltration.
Gartner confirms AI agent deployment is outpacing governance capabilities. Roughly 50% of enterprise identity activity now occurs outside centralized IAM visibility, creating an invisible layer of unmanaged access that traditional security tools cannot see.
Large-scale scan of 2 million hosts reveals self-hosted AI infrastructure is more vulnerable than any software category previously analyzed. Over 1,600 Ollama APIs responded to unauthenticated requests, exposing everything from personal chatbots to cloud management systems.
Attackers compromised Context.ai via Lumma Stealer, harvested OAuth tokens, and pivoted into Vercel's infrastructure to reach 700+ enterprise customers including Cloudflare, Palo Alto, and Zscaler.
Four npm packages in the SAP CAP ecosystem were hijacked in the Mini Shai-Hulud campaign, exfiltrating CI/CD secrets and npm tokens from 1,800+ developers with 570K+ combined weekly downloads.
Attackers hijacked the Axios npm maintainer account in March 2026 and published two versions containing a cross-platform remote access trojan that erased its own install traces after execution.
A fake @bitwarden/cli package lived 90 minutes on npm, pulled 334 times, and deployed a credential harvester plus the first known malware specifically engineered to extract secrets from AI coding assistant sessions.
ShinyHunters breached Vimeo by compromising Anodot, a third-party analytics vendor with a trusted integration, extracting 119K email addresses before dumping the data after extortion demands were refused.
ShinyHunters dumped 100GB of McGraw-Hill data after a Salesforce misconfiguration exposed 13.5 million records, the third major Salesforce-vector breach claimed by the group in two months.
ShinyHunters social-engineered an ADT employee into handing over their Okta SSO credentials. One phone call gave attackers access to Salesforce and 5.5 million customer records.
A 48-hour phishing campaign used AI-generated code of conduct violation emails to target 35,000 Microsoft 365 users. AiTM relay bypassed MFA entirely, capturing live session tokens.
The EvilTokens PhaaS campaign exploited Microsoft's OAuth device code flow to capture persistent refresh tokens across 340 organizations in five countries. MFA provided no protection.
ShinyHunters listed Medtronic on their breach marketplace April 17, claiming 9 million patient records and terabytes of corporate data from the maker of pacemakers and insulin pumps.
Everest ransomware listed Fiserv on May 3 with 1,064 user credentials and 170 vendor credentials claimed. Fiserv processes payments for 10,000+ financial institutions.
A third-party vendor breach exposed Booking.com customer reservation details including travel dates, home addresses, and special requests. Targeted phishing hit affected users within days.
Japanese police arrested three minors who automated 220,000 fraudulent signups using ChatGPT. No prior coding experience required.
One attacker, nine agencies, 195 million citizen records. Claude Code executed 75% of the remote commands used in the campaign.
Threat actor GTG-2002 used Claude Code to fully automate cyber extortion across 17 targets in one month. Anthropic detected and disclosed the campaign.
Google GTIG found malware that queries the Gemini API on an hourly schedule to regenerate its own VBScript code. Signature-based detection is useless against it.
Google GTIG confirmed APT28 deployed PROMPTSTEAL in Ukraine operations. The tool queries Qwen2.5-Coder via Hugging Face to generate attack commands dynamically.
CISA officials are evaluating a 3-day patching SLA for actively exploited CVEs. The stated justification is AI-compressed exploit timelines. Enterprise IT is not ready.
A use-after-free in Chrome's WebGPU Dawn engine is being exploited in the wild. CISA added it to the KEV catalog with a 14-day federal patch deadline.
An auth bypass in cPanel/WHM was exploited from Feb 23 to Apr 28 with no patch available, compromising 44,000+ servers and putting 1.5 million at risk.
Microsoft patched 163 CVEs including a wormable kernel RCE in the Windows TCP/IP stack and two zero-days already under active exploitation at release.
GRU-linked APT28 exploited unpatched TP-Link routers to perform DNS hijacking, intercepting M365 logins and capturing session tokens from NATO and Ukrainian targets.
Lazarus Group created two US shell companies to run fake developer interviews, delivering a 3-stage malware chain targeting cryptocurrency wallet private keys.
CVE-2026-0625 in four EOL D-Link router models has been exploited by Mirai since November 2025. D-Link confirmed no patch is coming; replacement is the only fix.
OAuth tokens connected to Google and Microsoft environments bypass MFA, never expire, and persist after employee departures. New research shows 80% of security leaders recognize the risk, but 45% do nothing to monitor these persistent access grants at scale.
Mythos generates functional exploit code at 72.4% accuracy. The NHS locked down 850 repos. They're not wrong — here's what that actually means for your security posture.
Microsoft Edge loads every saved password into unencrypted memory at launch and keeps them there. Microsoft calls it working as intended. Your engineering workstation is probably running Edge.
CyberAv3ngers actively compromising Unitronics PLCs in water treatment, energy, and manufacturing. Live exposure data, incidents, and assessment guidance.