Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Dell ControlVault 3 firmware and its associated Windows software, four vulnerabilities in Entr'ouvert Lasso, and one vulnerability in GL.iNet Slate AX.
The vulnerabilities mentioned in this blog post have been patched by their respective

Wednesday, November 26, 2025 13:36

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Dell ControlVault 3 firmware and its associated Windows software, four vulnerabilities in Entr'ouvert Lasso, and one vulnerability in GL.iNet Slate AX.

The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.    

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.     

****Dell vulnerabilities****

_Discovered by Philippe Laulheret of Cisco Talos._

The Dell ControlVault is a hardware-based security solution designed for user authentication functions. Talos reported five vulnerabilities, as follows:

*   TALOS-2025-2173 (CVE-2025-31649) is a hard-coded password vulnerability. A specially crafted ControlVault API call can lead to an execution of privileged operation.
*   TALOS-2025-2174 (CVE-2025-31361) is a privilege escalation vulnerability. A specially crafted WinBioControlUnit API call can lead to privilege escalation.
*   TALOS-2025-2175 (CVE-2025-36460-CVE-2025-36463) covers multiple out-of-bounds read and write vulnerabilities. A specially crafted WinBioControlUnit API call can lead to memory corruption.
*   TALOS-2025-2188 (CVE-2025-32089) is a buffer overflow vulnerability. A specially crafted ControlVault API call can lead to an arbitrary code execution.
*   TALOS-2025-2189 (CVE-2025-36553) is a buffer overflow vulnerability. A specially crafted ControlVault API call can lead to memory corruption.

****Entr'ouvert Lasso vulnerabilities****

_Discovered by Keane O'Kelley and another member of Cisco Advanced Security Initiative Group._

Lasso is a free (GNU General Public License) C library that defines processes for federated identities, single sign-on, and related protocols.

TALOS-2025-2193 (CVE-2025-47151) is a type confusion vulnerability, where a specially crafted SAML response can lead to an arbitrary code execution.

TALOS-2025-2194 (CVE-2025-46404), TALOS-2025-2195 (CVE-2025-46784), and TALOS-2025-2196 (CVE-2025-46705) are denial of service vulnerabilities. Specially crafted SAML responses can lead to a denial of service in all three cases.

****GL.iNet Slate AX vulnerability****

_Discovered by Lilith >\_> of Cisco Talos._

Slate AX (GL-AXT1800) is a Wi-Fi 6GB travel router. Cisco Talos discovered a firmware downgrade vulnerability, TALOS-2025-2230 (CVE-2025-44018), in the OTA Update functionality. A specially crafted .tar file can lead to a firmware downgrade. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.

Dell ControlVault, Lasso, GL.iNet vulnerabilities

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry.
The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the "setup_bun.js" loader and the main payload "bun_environment.js."
"

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry.

The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the "setup\_bun.js" loader and the main payload "bun\_environment.js."

"This means the PostHog project has compromised releases in both the JavaScript/npm and Java/Maven ecosystems, driven by the same Shai Hulud v2 payload," the cybersecurity company said in a Tuesday update.

It's worth noting that the Maven Central package is not published by PostHog itself. Rather, the "org.mvnpm" coordinates are generated via an automated mvnpm process that rebuilds npm packages as Maven artifacts. The Maven Central said they are working to implement extra protections to prevent already known compromised npm components from being rebundled. As of November 25, 2025, 22:44 UTC, all mirrored copies have been purged.

The development comes as the "second coming" of the supply chain incident has targeted developers globally with an aim to steal sensitive data like API keys, cloud credentials, and npm and GitHub tokens, and facilitate deeper supply chain compromise in a worm-like fashion. The latest iteration has also evolved to be more stealthy, aggressive, scalable, and destructive.

Besides borrowing the overall infection chain of the initial September variant, the attack allows threat actors to gain unauthorized access to npm maintainer accounts and publish trojanized versions of their packages. When unsuspecting developers download and run these libraries, the embedded malicious code backdoors their own machines and scans for secrets and exfiltrates them to GitHub repositories using the stolen tokens.

The attack accomplishes this by injecting two rogue workflows, one of which registers the victim machine as a self-hosted runner and enables arbitrary command execution whenever a GitHub Discussion is opened. A second workflow is designed to systematically harvest all secrets. Over 28,000 repositories have been affected by the incident.

"This version significantly enhances stealth by utilizing the Bun runtime to hide its core logic and increases its potential scale by raising the infection cap from 20 to 100 packages," Cycode's Ronen Slavin and Roni Kuznicki said. "It also uses a new evasion technique, exfiltrating stolen data to randomly named public GitHub repositories instead of a single, hard-coded one."

The attacks illustrate how trivial it is for attackers to take advantage of trusted software distribution pathways to push malicious versions at scale and compromise thousands of downstream developers. What's more, the self-replication nature of the malware means a single infected account is enough to amplify the blast radius of the attack and turn it into a widespread outbreak in a short span of time.

Further analysis by Aikido has uncovered that the threat actors exploited vulnerabilities, specifically focusing on CI misconfigurations in pull\_request\_target and workflow\_run workflows, in existing GitHub Actions workflows to pull off the attack and compromise projects associated with AsyncAPI, PostHog, and Postman.

The vulnerability "used the risky pull\_request\_target trigger in a way that allowed code supplied by any new pull request to be executed during the CI run," security researcher Ilyas Makari said. "A single misconfiguration can turn a repository into a patient zero for a fast-spreading attack, giving an adversary the ability to push malicious code through automated pipelines you rely on every day."

It's assessed that the activity is the continuation of a broader set of attacks targeting the ecosystem that commenced with the August 2025 S1ngularity campaign impacting several Nx packages on npm.

"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, credential breadth, and fallback destructive behavior, making it one of the most impactful supply chain attacks of the year," Nadav Sharkazy, a product manager at Apiiro, said in a statement.

"This malware shows how a single compromise in a popular library can cascade into thousands of downstream applications by trojanizing legitimate packages during installation."

Data compiled by GitGuardian, OX Security, and Wiz shows that the campaign has leaked hundreds of GitHub access tokens and credentials associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure. More than 5,000 files were uploaded to GitHub with the exfiltrated secrets. GitGuardian's analysis of 4,645 GitHub repositories has identified 11,858 unique secrets, out of which 2,298 remained valid and publicly exposed as of November 24, 2025.

Users are advised to rotate all tokens and keys, audit all dependencies, remove compromised versions, reinstall clean packages, and harden developer and CI/CD environments with least-privilege access, secret scanning, and automated policy enforcement.

"Sha1-Hulud is another reminder that the modern software supply chain is still way too easy to break," Dan Lorenc, co-founder and CEO of Chainguard, said. "A single compromised maintainer and a malicious install script is all it takes to ripple through thousands of downstream projects in a matter of hours."

"The techniques attackers are using are constantly evolving. Most of these attacks don't rely on zero-days. They exploit the gaps in how open source software is published, packaged, and pulled into production systems. The only real defense is changing the way software gets built and consumed."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

Advanced fraud attacks surged 180% in 2025 as cyber scammers used generative AI to churn out flawless IDs, deepfakes, and autonomous bots at levels never before seen.

Digital Fraud at Industrial Scale: 2025 Wasn't Great

This holiday season, as teams run lean and cyber threats rise, being open with what — and how — you share can protect both information and relationships.

Wednesday, November 26, 2025 12:00

Welcome to this week's edition of the Threat Source newsletter.

Back in April, I wrote about the risks of unintentionally leaking information while using search engines. Since then, I’ve been thinking: Life doesn’t just happen in front of a keyboard. There’s a social side, too (or so I’m told). With Thanksgiving around the corner, it seems the perfect time to flip the script and focus on a different but related concept: Care _that_ you share. 

For my non-American friends, who may be enjoying just another Thursday, stick with me. This season brings heightened risks everywhere. Many teams are running with skeleton crews, whether due to holiday mode (family, turkey, football, days off) or the year-end compliance push (hello, NIS2 and DORA). At the same time, on the other side of the fence, attackers ramp up their efforts; globally, Black Friday and similar events are peak periods for phishing campaigns, often targeting credentials with fake employee perk emails and other seasonal lures. 

So, why emphasize “care that you share?” 

Recently, I visited a university of applied sciences to give a guest lecture and learn more about the projects students are working on. It was a great experience, though preparing for an audience of students (not my usual crowd) was challenging. What do they already know? What topics interest them? Should I give them some history of STIX/TAXII? Geopolitical tensions? Honestly speaking, none of this was interesting to me when I was a student. I chose to start simple, discussing what threats and the DKIW pyramid were, and then focusing on CVE, CVSS, and KEV — one of my favorite topic clusters. 

To my surprise, not only did the students engage and ask questions, but they also stuck around late on a Friday afternoon, diving into discussions about software supply chain risks and beyond. I don’t remember ever staying at university past 6:00 p.m. on a Friday as a student! A week later, when they presented their projects — many centered on authentication, TOTP, and SmartCards — I was genuinely impressed by their ideas and the real-world problems they were addressing. 

“Care that you share” is a mindset that helps us appreciate the knowledge exchange that happens in person, too. 

Whether sharing stories over dinner, IOCs over email, or ideas in a classroom, let’s all take a moment to consider not just what we share, but how and why we share it. I’ll admit, I sometimes hesitate to share certain stories myself, worried they might seem too obvious or uninteresting, or maybe even dumb. But more often than not, those moments of openness lead to the best conversations and new perspectives. 

This rings especially true during busy or understaffed times, when teams are stretched thin. It’s tempting to keep things to ourselves to avoid “bothering” others. In reality, sharing a helpful tip, a concern, or just a quick update can make all the difference for colleagues who might be juggling extra responsibilities or missing context. 

So this holiday season, care that you share. Thoughtful communication isn’t just about protecting information — it’s also about supporting each other, especially when resources are limited. You never know who might benefit from what you have to offer, yourself included. 

**The one big thing **

Last week, Cisco Talos announced an initiative to retire outdated ClamAV signatures to reduce database sizes and improve efficiency by focusing on currently relevant threats. Starting Dec. 16, 2025, the “main.cvd” and “daily.cvd” databases will be cut roughly in half, offering smaller downloads and reduced resource usage. Retired signatures may be reintroduced if old threats reappear, and only supported ClamAV container images will remain available on Docker Hub to enhance security and management. 

**Why do I care? **

Smaller signature databases mean faster updates, lower bandwidth and storage requirements, and improved performance, especially on resource-constrained systems. By focusing detection on active threats, ClamAV can more efficiently protect against current malware without being bogged down by obsolete signatures. 

**So now what? **

We will continue to monitor the activity of retired signatures and will restore any that are needed to protect the community. Stay attentive and request the reinstatement of retired signatures if older threats reappear. In the meantime, we recommend that ClamAV container image users select a feature release tag rather than a specific minor release tag to stay up to date with security updates and bug fixes. 

**Top security headlines of the week **

**Second Sha1-Hulud wave affects 25,000+ repositories via npm preinstall credential theft**   
The new supply chain campaign, dubbed Sha1-Hulud, has compromised hundreds of npm packages, uploaded to npm between November 21 and 23, 2025. The attack has impacted popular packages from Zapier, ENS Domains, PostHog, and Postman, among others. (The Hacker News) 

**FBI: Cybercriminals stole $262M by impersonating bank support teams**    
Since January 2025, the FBI's Internet Crime Complaint Center (IC3) has received over 5,100 complaints, with the attacks impacting individuals, as well as businesses and organizations across all industry sectors. (Bleeping Computer) 

**Everest ransomware claims breach at Spain’s national airline Iberia with 596 GB data theft**   
The group states that the data covers millions of customers in multiple countries, and says it had long-term access with the ability to read and alter bookings. (HackRead) 

**CISA warns of active spyware campaigns hijacking high-value Signal and WhatsApp users**   
CISA on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications. (The Hacker News) 

**LINE messaging bugs open Asian users to cyber espionage**   
Researchers discovered critical vulnerabilities that open the door to three main buckets of compromise: message replay attacks, plaintext and sticker leakage, and, most concerningly, impersonation attacks. (Dark Reading) 

**Can’t get enough Talos? **

**Talos Takes: When you’re told “no budget”**   
From configuring what you already have, to open-source strategies, to the impact of cybersecurity layoffs, this episode is packed with practical guidance for securing your organization during an economic downturn. 

**Humans of Talos: On epic reads, lifelong learning, and empathy**    
In this episode, Bill Largent shares what drew him to Talos, how his love of reading has shaped his cybersecurity ethos, and the key insights he shares for the next generation of cybersecurity professionals. 

**The TTP: How Talos built an AI model into one of the internet's most abused layers**   
Hazel talks with Talos researcher David Rodriguez about how adversaries use DNS tunneling to sneak data out of networks, why it’s so difficult to spot in real time, and how Talos built an AI model to detect it without breaking the internet. 

**Upcoming events where you can find Talos **

*   AVAR (Dec. 3 – 5) Kuala Lumpur, Malaysia 
*   Black Hat Europe (Dec. 8 – 11) London, U.K. 

**Most prevalent malware files from Talos telemetry over the past week **

**SHA256: d933ec4aaf7cfe2f459d64ea4af346e69177e150df1cd23aad1904f5fd41f44a**   
MD5: 1f7e01a3355b52cbc92c908a61abf643   
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=d933ec4aaf7cfe2f459d64ea4af346e69177e150df1cd23aad1904f5fd41f44a   
Example Filename: cleanup.bat   
Detection Name: W32.D933EC4AAF-90.SBX.TG 

**SHA256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507**    
MD5: 2915b3f8b703eb744fc54c81f4a9c67f    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507    
Example Filename: e74d9994a37b2b4c693a76a580c3e8fe\_1\_Exe.exe    
Detection Name: Win.Worm.Coinminer::1201 

**SHA256: 90b1456cdbe6bc2779ea0b4736ed9a998a71ae37390331b6ba87e389a49d3d59**   
MD5: c2efb2dcacba6d3ccc175b6ce1b7ed0a   
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=90b1456cdbe6bc2779ea0b4736ed9a998a71ae37390331b6ba87e389a49d3d59    
Example Filename: ck8yh2og.dll    
Detection Name: Auto.90B145.282358.in02 

**SHA256: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974**    
MD5: aac3165ece2959f39ff98334618d10d9    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974    
Example Filename: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974.exe    
Detection Name: W32.Injector:Gen.21ie.1201 

**SHA256: 26fa67db9a00f07600abe950d2ea0aed0ea7a0b49a0b5a452e3175ffa33970ff**    
MD5: 71da0bf3094e3ed17bc5a1c78de80933    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=26fa67db9a00f07600abe950d2ea0aed0ea7a0b49a0b5a452e3175ffa33970ff    
Example Filename: cleanup.bat    
Detection Name: W32.26FA67DB9A-90.SBX.TG

Care that you share

AI meeting assistants have become essential tools for professionals who want fast, accurate, and automated transcription. Yet behind…

AI meeting assistants have become essential tools for professionals who want fast, accurate, and automated transcription. Yet behind the convenience lies a concern many users overlook: how safely is their data handled? 

As more companies introduce AI note-takers, the gap between automation and security grows wider. TicNote AI steps into this landscape with a different philosophy, intelligence with responsibility.

****The New Generation of AI Note-Taking****

The surge in AI meeting tools shows how much modern work relies on capturing information quickly. However, most tools focus on transcription alone and leave users questioning what happens to their recordings. 

TicNote approaches this challenge through Agentic Intelligence, a system designed to help users think, organise, and stay in control of their information.

****What Makes TicNote an Agentic OS****

TicNote is not just an AI recorder. It interprets conversations, connects ideas, and structures information in a way that supports decision-making. Designed for creators, professionals, interviewers, researchers, and teams, TicNote transforms meetings and thoughts into usable knowledge.

****Core Features Strengthening TicNote’s Intelligence********Shadow and Projects****

TicNote captures audio, images, and documents in one place and instantly turns them into clean summaries using multimodal AI.

****Deep Research****

Users can ask questions across their recordings and files. TicNote understands intent and retrieves context-rich answers.

****Aha Moments****

The system identifies hidden relationships across stored content, revealing insights users may not notice on their own.

****AI Podcast Mode****

Recordings can be transformed into professional podcast-style audio, with optional voice changes for privacy or creativity.

****AI Voiceprint Recognition****

The device automatically identifies speakers, offering precise and organised transcripts for teams, interviews, and collaborative work.

****Pricing Built for Transparency and Value********Free (Plus)****

600 minutes per month, multilingual transcription, translation, basic templates, and document import.

****Pro****

2100 minutes per year, unlimited cloud storage, Deep Research, Aha Moments, AI Podcast Mode, and advanced templates.

****Business****

6600 minutes per year, eight-hour sessions, speaker recognition, and advanced workflows for teams.

****Why TicNote Matters in Today’s Workflows****

Information overload has become a major challenge for modern professionals. TicNote responds with a system that converts disorganised conversations into structured knowledge. 

Instead of just storing words, it helps users think more clearly, plan effectively, and revisit insights confidently. From remote teams to journalists and podcasters, TicNote offers clarity with secure handling of user data.

****Why Users Are Turning to TicNote AI****

The device stands out for combining intelligence, context awareness, and secure processing. Instead of acting as just another note-taker, it becomes a thinking partner. Users choose TicNote for its ability to transform daily conversations into meaningful insights and organised ideas.

****Messaging Behind TicNote’s Vision********Key Statements****

“TicNote isn’t just an AI recorder – it’s an Agentic OS designed to help every mind work smarter.”

“It doesn’t just record; it thinks with you, turning chaos into clarity.”

“The future of productivity is not more tools, but more intelligence.”

****Black Friday Campaign Details****

TicNote offers its best pricing of the year during its Black Friday launch. The TicNote Official US Store promotion runs from November 12 to December 1, 2025, priced at $99.99 for the United States, CA$139.99 in Canada and EUR 169.99 in Europe, with a special lowest price of EUR 135.99 on November 28 and December 1. 

On the TicNote Amazon US store, the campaign runs from November 20 to December 1 at USD 99.99 (Code **XGDP8422**). Affiliates can request personalised tracking links to earn commissions during the campaign.

****Final Thoughts****

As AI meeting assistants continue to rise, concerns about data security and long-term reliability become more important. TicNote answers these concerns with an Agentic OS that goes beyond basic transcription. With multimodal intelligence, deep research capabilities, and clear data practices, TicNote offers a smarter and safer path for capturing and understanding daily conversations. For professionals seeking meaningful clarity and control, TicNote represents the next evolution of AI-powered productivity.

AI Meeting Assistants Are Rising – But Is Your Data Safe? A Deep Look at TicNote AI

Myanmar’s military has been blowing up parts of the KK Park scam compound. Experts say the actions are likely for show.

After Myanmar’s military junta raided a notorious scam compound and destroyed buildings with explosives in October, officials claimed the country would entirely “eradicate” forced scamming within its borders. Now newly released satellite images of the targeted KK Park scam center reveal that only buildings in one limited section of the compound were destroyed during the initial raids. Experts on scam compounds, meanwhile, say the entire effort is likely “propaganda.”

High-resolution images of the KK Park scam compound, which is located near the Myanmar-Thailand border, show how military forces have razed multiple buildings, leaving piles of rubble in their place. However, the images show the destruction is, so-far, confined to the Eastern side of the gigantic compound—with hundreds of buildings across the vast compound being left untouched.

Multiple experts tell WIRED that the raids at KK Park and some other scam compounds are likely part of a wider “performative” effort by Myanmar's military government, which has come under increasing pressure to tackle the highly lucrative scam compounds that have flourished in recent years. They also raise concerns about the welfare of thousands of people forced to run scams in KK Park.

“The junta is making it sound as though they’re taking down the entire compound, and the imagery that we have seen so far is only limited to one section,” says Eric Heintz, a global analyst at the International Justice Mission, an anti-slavery organization. “It’s important to keep monitoring this to verify what they’re actually doing and \[see\] if this is just for show or if they’re actually cracking down on the real problem.”

The satellite images, taken on November 16, appear to show that some buildings located around courtyards have been almost totally destroyed, with debris strewn around other buildings. Heintz says that the images, plus extra social media footage, indicates that some “villas” and dormitories where trafficking victims may have been housed appear to have been damaged or destroyed. (Myanmar’s military government has said further destruction started on November 17; third-party reports also suggest more buildings have been destroyed).

“All of the critical buildings that you would need to perpetrate the scams are still intact and still ready for use,” says Mechelle B Moore, the CEO of anti-trafficking nonprofit Global Alms, which is based in Thailand and works to help people who have trafficked into scam compounds in Myanmar. “They’re putting on a good show right now to say that they don’t support scamming compounds or human trafficking. But what they’ve allowed is all the scamming syndicates—all of the scamming bosses and supervisors—have been allowed to flee,” Moore claims.

Over the past decade, dozens of scam compounds have appeared in Southeast Asia, primarily across Myanmar, Cambodia, and Laos. Often operated by or linked to Chinese organized crime groups, the compounds trick people into working at them—often with the offer of high-paying jobs—and then force them to run a range of scams. Trafficking victims often have their passports taken; they can be tortured or beaten if they refuse to scam. By stealing from people around the world, the compounds have made billions for the organized crime groups.

Amid the extensive criminality, KK Park has emerged as one of the largest and most notorious scam compounds in Myanmar. Five years ago, the site was a series of fields near the town of Myawaddy, but has since been transformed into a sprawling compound with hundreds of buildings and thousands of people held there.

Full view of the KK Park scam compound, which shows the limited destruction as of November 16, 2025.

Satellite image ©2025 Vantor

Myanmar’s military junta has been conducting raids on KK Park since the middle of October and on the Shwe Kokko compound since mid-November. The sites are linked to “telecom” fraud and illegal gambling operations, government statements say. A statement from Myanmar’s Ministry of Information published online on Wednesday says officials are “dismantling and removing illegal buildings, and taking further action in accordance with the law.”

The statement claims that officials are demolishing buildings in three areas of KK Park, and since the raids began a “a total of 237 buildings out of 635 illegal buildings have so far been demolished.” It says that 1,847 “undocumented foreign entrants” have been detained, along with more than 3,000 computers, 21,000 mobile phones, and 102 Starlink satellite internet systems. Multiple Myanmar government departments did not immediately respond to WIRED’s request for comment. A member of Myanmar’s London embassy said they would prefer to discuss the topic in person, which was not viable ahead of publication, but did not otherwise comment.

“From 30 January to 25 November 2025, a total of 12,687 foreign nationals who had entered Myanmar illegally were detained,” the junta’s Ministry of Information statement says. “Of these, 12,343 individuals were screened to be expelled, and 10,029 were systematically repatriated to their respective countries through Thailand in accordance with legal procedures.”

Alongside multiple government statements, the Associated Press reports that state television in Myanmar has been broadcasting “extensive” video footage of buildings being dismantled in KK Park, and the unusually detailed reports “appear to reflect the military government’s desire to publicize its efforts after months of bad publicity.” Some video footage shows steamrollers crushing thousands of smartphones and computers.

“This is really performative, and it continues to be the case,” says Jason Tower, a senior expert at the Global Initiative Against Transnational Organized Crime. “I think around 20,000 devices were destroyed, which is tragic in terms of just mass amounts of evidence lost.”

Myanmar’s recent high-profile crackdown on KK Park and the Shwe Kokko compounds could be driven by multiple reasons, the experts WIRED spoke to say. The United States government has recently set up a Scam Center Strike Force that has targeted the infrastructure and organizations allegedly behind the compounds, including sanctioning armed groups that support the military regime in Myanmar for their alleged involvement in the criminality. China has also extradited an alleged criminal boss who is linked to scam centers and sentenced others to death. The military government is also holding a widely criticized election in December.

“The new sanctions have put a lot of pressure on the Myanmar military to try to do something in response to this. But this is definitely a propaganda scheme,” Moore says. “We have several different groups that are being held in scamming compounds. Groups of victims that are too scared to leave, even though the crime syndicates have left or they’re being held under guard and they're not allowed to leave.”

Tower says another development, which is more significant than the military junta action, has come from anti-government, resistance groups also starting to disrupt scam compounds; he points to one group, the Karen National Liberation Army, recently taking over a compound. “I think this was the first time on the Karen border that you’ve seen resistance forces really step in to put pressure on the military and to take this issue up as part of their revolutionary activity,” Tower says.

Meanwhile, Heintz says that when people enslaved in scam compounds are freed or escape, authorities need to properly class them as victims of human trafficking and not treat them as criminals themselves. “It’s crucial that every individual undergoes a proper victim screening and identification process to ensure that trafficking survivors receive the protection and justice they deserve,” he says, “and that critical intelligence is secured and used to stop these criminal trafficking networks.”

The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’

New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite.

Microsoft Teams has become the main tool for communication in businesses globally. Due to this, security teams spend a lot of time and money on protection services like Microsoft Defender for Office 365 to guard against dangers like phishing emails, malicious links, and malware.

However, new research from the security firm Ontinue, released on Wednesday, November 26, shows a huge security flaw in the standard setup of Microsoft Teams collaboration with outside partners, known as B2B Guest Access, which lets attackers entirely bypass a company’s Microsoft Defender protections.

****Who Controls Your Security as a Guest?****

The problem isn’t actually a software bug in Teams; it’s about the way security is managed when employees work with external groups. Ontinue’s blog post makes it clear; when your staff accepts an outside invitation and joins another company’s chat, their security is no longer determined by their home organisation. Instead, the research found that security is controlled “entirely by that hosting environment.”

This finding is highly worrying. The moment a user accepts a guest invite, they instantly lose all their home security features, including Safe Links (the system that checks if a link is dangerous before you click it) and Zero-hour Auto Purge (ZAP), which is designed to retroactively delete malicious messages. Attackers are exploiting this. Attackers know this and can create their own basic Teams accounts with security policies completely switched off, basically creating a perfect trap.

Further probing revealed that the attacker needs minimal resources. They can set up a basic Microsoft 365 environment using a low-cost subscription or even a trial. Since these basic accounts lack security packages like Defender, they are unprotected by default, which means the attacker doesn’t need any complex setup to achieve a “protection-free zone.”

Diagram showing the “protection-free zone” attackers create (source: Ontinue)

****The Easy Way In****

The risk has become even simpler because of a feature Microsoft rolled out in November 2025 (MC1182004), which is turned on by default for most users. This setting allows any Teams user to start a chat with any email address, even people not currently using Teams. The victim receives a genuine-looking Microsoft invitation and needs only a single click to enter the malicious, unprotected environment.

This easy invitation method, combined with the fact that most organisations are defaulted to accept guest invites from any company worldwide, means a lot of companies are exposed. Once inside, attackers can easily deliver phishing links and malware to employees without any security warnings appearing. Also, they can exfiltrate information (or steal sensitive data) and conduct large-scale social engineering attacks.

Phishing Email Sample (source: Ontinue)

****Experts Urge Immediate Action****

Ontinue strongly recommends companies move quickly to change their configurations, suggesting they limit guest invitations to only those domains they explicitly trust.

Industry leaders also weighed in on the findings, sharing their perspectives with Hackread.com. They emphasised that this is a serious architectural problem requiring a configuration change, not just a patch.

Shane Barney, Chief Information Security Officer at Keeper Security, noted the deceptive nature of the attack: “The familiar interface can give the impression that security remains consistent, but the safeguards in place are entirely dependent on how the hosting tenant is configured.” He added that organisations must ensure “access is appropriately limited and activity tied to sensitive systems is consistently monitored.”

Julian Brownlow Davies, Senior Vice President, Offensive Security Strategy & Operations at Bugcrowd, clarified the uncomfortable truth for users: “The moment your users cross into someone else’s tenant as guests, your own Defender for Office 365 protections effectively disappear.” He concluded that because attackers abuse collaboration features, “you have to assume that attackers will abuse ‘legitimate’ collaboration features.”

Finally, Agnidipta Sarkar, Chief Evangelist at ColorTokens, stressed the immediate policy response needed: “Until Microsoft addresses this vulnerability, organisations must set up a policy to address this immediately, and disallow all B2B meetings using Teams from anyone not previously known.” He recommends that companies configure technical controls to ensure Teams allows B2B connections to predefined domains.

Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks

As in the wider world, AI is not quite living up to the hype in the cyber underground. But it's definitely helping low-level cybercriminals do competent work.

'Dark LLMs' Aid Petty Criminals, But Underwhelm Technically

It's the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt injections.

Prompt Injections Loom Large Over ChatGPT's Atlas Browser

Cyberattackers are integrating large language models (LLMs) into malware, running prompts at runtime to evade detection and augment their code on demand.

Latest News