Security teams have spent years improving their ability to detect and block malicious bots. That effort remains critical.…

Security teams have spent years improving their ability to detect and block malicious bots. That effort remains critical. Automated traffic now makes up more than half of all web traffic, and bot-driven attacks continue to grow in volume and sophistication. What has changed is the role of legitimate bots and how little visibility most security teams have into their behavior.

So-called good bots now account for a significant share of automated traffic. Search engine crawlers index content. AI systems scrape pages to train models and generate responses. Agentic AI is beginning to interact with applications on behalf of users. These bots often operate within accepted norms, but at a scale that introduces real security, performance, and cost implications.

The risk is not always malicious intent. It is uncertainty. Legitimate bots expand the attack surface by continuously interacting with web applications, APIs, and content repositories. They touch endpoints that may not be closely monitored and generate traffic patterns that blend into normal activity. When behavior shifts gradually over time, short retention windows make it difficult to detect anomalies or validate whether existing controls are still effective.

Traditional bot management relies on static allow and deny lists. Known crawlers are permitted. Abusive automation is blocked. That model breaks down in an AI-driven environment. Large language models (LLMs) and agentic systems repeatedly crawl and re-crawl content, often bypassing cache efficiencies and placing persistent load on origin infrastructure. These patterns can increase costs, degrade availability, and expose sensitive content without triggering conventional security alerts.

Security teams are now pulled into broader decisions around rate limiting, content exposure, bot identity, and enforcement. Those decisions require historical context. Without long term visibility, teams are left reacting to symptoms instead of understanding how automation is evolving across their environment.

Long-term bot visibility is becoming essential to modern security operations. Hydrolix’s newly released Bot Insights provides sustained insight into malicious, traditional, and AI driven bot behavior by retaining and analyzing high volume traffic data over extended periods. This allows security teams to track trends, validate controls, and understand how automated access changes as AI systems evolve.

Monitoring legitimate bot traffic is no longer optional. It is part of attack surface management, cost control, and data protection. Security teams need to know which bots are accessing their systems, how often, what resources they consume, and how those patterns change over time. Stopping malicious bots is only the starting point. Modern security depends on understanding automation, not merely blocking it.

Why Legitimate Bot Traffic Is a Growing Security Blind Spot

Texas based Gulshan Management Services, operator of Handi Plus and Handi Stop gas stations, reports a data breach impacting over 377,000 people.

Gulshan Management Services, Inc., a Texas-based company that operates over 150 gas stations and convenience stores under the Handi Plus and Handi Stop brands all over the United States, has confirmed a large-scale data breach that exposed personal information tied to more than 377,000 people.

The incident came to light through a filing with the Maine Attorney General, a required step when residents of that state are affected. According to the disclosure, attackers gained unauthorized access to an external system between September 17 and September 27, 2025. The breach was discovered on September 27, suggesting it went undetected for several days before being identified.

The Maine filing states that names or other personal identifiers were exposed, which already raises identity theft risks. However, a separate report submitted to the Texas Attorney General reveals more information, indicating that the breach may have involved the following data:

*   Address
*   Name of individual
*   Social Security number
*   Driver’s license number
*   Government-issued ID number, such as a passport or state ID card
*   Financial information, including bank account numbers and credit or debit card numbers.

What’s worse, consumer notifications did not go out until January 5, 2026, more than three months after the breach period ended. According to the filing, Gulshan Management Services, Inc., sent written notices to affected individuals, but public disclosures do not clearly show whether credit monitoring or identity protection was offered.

Screenshot from the notification filed with the Texas Attorney General’s Office

****Lawsuits****

According to ClassAction, the company is now facing several class action lawsuits and investigations alleging its management failed to take reasonable steps to secure sensitive data and waited too long to alert those impacted.

Gulshan runs close to 150 gas stations and convenience stores across multiple states, placing it in daily contact with employee records, vendor systems, and consumer-facing data. This type of infrastructure is a common target for attackers because operations rely on interconnected systems that are often managed with limited security oversight.

If you have received notification letters, keep an eye on your card and banking activities, inform your bank to block any unusual transactions, and watch out for unexpected calls or emails in which hackers can pretend to be authorities, aiming at stealing more of your information.

Major Data Breach Hits Company Operating 150 Gas Stations in the US

Synthient discovers over 2 million Android TV boxes and smart TVs hijacked by the Kimwolf botnet. Learn how hackers are using home devices to launch DDoS attacks and how you can protect your home network.

A massive global network of infected gadgets, Aisuru DDoS Botnet‘s Android variant dubbed Kimwolf, has grown to over 2 million devices since last August, reveals the latest research from the anti-fraud intelligence company Synthient.

Reportedly, hackers are hunting for Android-powered smart TVs and cheap streaming boxes to build a botnet (a private army of infected devices) that they can control remotely and launch Distributed Denial-of-Service (DDoS) attacks. The combined power of these devices has been used to flood and crash major websites with traffic, reaching a record-breaking 29.7 Terabits per second, as per Cloudflare.

****The Pre-Infected Trap****

What makes this threat particularly tricky is how the devices get infected in the first place. Synthient’s investigation showed a disturbing trend that many of these gadgets are compromised before they even reach your front door.

And, their geographical footprint is even scarier. Research data shows a massive concentration of these zombie devices across the globe, with the highest number of victims found in Vietnam, Brazil, India, and Saudi Arabia. About 67% of these devices were found to be completely unprotected.

Kimwolf Geographical Distribution (Source: Synthient)

Once a user plugs them in and connects to the internet, the hackers can gain access to the home network within minutes. Even more concerning is that when researchers purchased several popular models, including those labelled HiDPTAndroid and generic TV BOX units, they found the malicious code was already running on the devices right out of the box.

Synthient’s investigation into the hackers’ backend monitoring tools, a Grafana instance, confirmed that the network’s growth has skyrocketed in just the last two months. Researchers identified roughly 12 million unique IP addresses associated with the network every single week, which means the system is cycling through a massive pool of home connections

Kimwolf Scanning Infrastructure and Byteconnect Task Flow (Source: Synthient)

****What’s the Objective?****

The primary objective of Kimwolf actors is to make money by renting out their home internet’s bandwidth to others for as low as $0.20 per GB, researchers explained in the blog post.

In addition, they use a hidden tool called Byteconnect SDK to secretly install apps on your devices, earning a referral fee for each one without you ever knowing. That’s not all! They operate a DDoS-for-hire service, renting out the entire 2-million-device army to anyone looking to knock a major website offline.

While the provider IPIDEA successfully released a security fix on December 28, 2025, millions of devices still remain part of the network. If you own a “no-name” streaming box and it’s acting slow or strange, the safest bet is to stop using it or even destroy it. You can check if your own connection has been compromised by visiting synthient.com/check.

1.  Android TV Box Sold on Amazon Contains Malware
2.  New malware found targeting IoT devices, Android TV globally
3.  LG Smart TV Screen Bricked After Android Ransomware Infection
4.  Hundreds of Android Gaming Apps Tracked Your TV Viewing Habits
5.  Android TV Boxes Infected with Backdoors, Pwning Home Networks

Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet

Ilya Lichtenstein, the man behind the massive 2016 Bitfinex Bitcoin theft, has been released early from prison. Read how the First Step Act and a trail of Walmart gift cards led to this major update in one of the world's largest crypto thefts.

The man responsible for one of the biggest online robberies in history has been released from prison much sooner than expected. Ilya Lichtenstein, who was sentenced to five years in November 2024 for his part in the **2016 Bitfinex theft**, confirmed he was allowed to leave jail last week.

While he was originally supposed to serve **60 months**, federal records show he only spent about 14 months behind bars. He has now been moved to “home confinement.” This means he is finishing his sentence under house arrest at home instead of in a cell.

Regarding the move, a Trump administration official **explained** to CNBC that Lichtenstein has already completed a “significant” portion of his time. The official noted that the change is in line with government rules and “consistent with statute and Bureau of Prisons policies.”

****The Law That Opened the Doors****

Lichtenstein’s early exit is thanks to a law called the **First Step Act**. This was a plan signed by President Donald Trump in 2018 to help certain prisoners get out early if they show good behavior or take part in special programs.

Lichtenstein didn’t waste any time sharing the news. He posted on X (formerly Twitter), saying, “Thanks to President Donald Trump’s First Step Act, I have been released from prison early.”  He also mentioned that he wants to use his skills for good now, claiming he is “committed to making a positive impact in cybersecurity.”

> Thanks to President Trump's First Step Act, I have been released from prison early.  
> I remain committed to making a positive impact in cybersecurity as soon as I can.
> 
> To the supporters, thank you for everything.  
> To the haters, I look forward to proving you wrong.
> 
> — Ilya Lichtenstein (@cipherstein) January 2, 2026

****A $10 Billion Crime****

The crime itself was enormous. Back in 2016, Lichtenstein broke into Bitfinex, a type of digital bank where people trade Bitcoin. He managed to steal 119,754 Bitcoin. While that was worth about $71 million at the time, if he had kept it until today, that loot would be worth more than $10 billion.

Reportedly, he exploited a weakness in how the exchange double-checked withdrawals.

Normally, the system required a second person to sign off on a transfer, but Lichtenstein found a way to bypass this and get the power to initiate transactions without the necessary third-party authorization.

Lichtenstein and his wife, Heather Morgan, went to great lengths to hide the money. They used fake identities and even bought physical gold coins. In a strange twist, Morgan reportedly buried the gold underground to keep it hidden.

Ilya Lichtenstein and Heather Morgan

This case has been a major focus for investigators for years. As reported by Hackread.com in **February 2022**, the US Department of Justice carried out its largest-ever financial bust at the time, seizing $3.6 billion worth of Bitcoin from the couple. Later, in **August 2023**, the couple pleaded guilty to their roles in the theft.

The couple was eventually caught because of something as simple as Walmart gift cards. They used the stolen funds to buy the cards, which were traced back to them. The government eventually recovered about 94,000 Bitcoin, but this case remains a landmark in the world of online crime.

1.  Trump Pardons Silk Road Founder Ross Ulbricht
2.  Feds Bust Samourai Wallet Over BTC Money Laundering
3.  Money Transfer XHelper App Exposed as Money Laundering Ring
4.  2 Russians charged in Mt. Gox Bitcoin heist and BTC-e laundering
5.  DeepDotWeb admin pleads guilty to money laundering, kickbacks

Bitfinex Hack Mastermind Behind $10 Billion Theft Gets Early Release

Ledger confirms data breach via Global-e partner. Customer info exposed, phishing attacks active. No passwords or crypto recovery phrases leaked.

A recent breach involving Ledger’s e-commerce partner Global-e has led to customer data being accessed and misused in phishing campaigns, the company confirmed. While no passwords, payment details, or crypto recovery phrases were leaked, exposed records included names, contact information, and order histories, including product and pricing details.

Ledger disclosed the breach shortly after Global-e began notifying affected users on January 5. However, cybercriminals wasted no time, launching phishing attacks that impersonate both companies. Some of these messages are designed to trick recipients into handing over sensitive wallet information, often using fake security alerts, malicious QR codes, or offers of replacement devices as bait.

Email from Global-e

The incident has prompted Ledger to issue a warning to all customers that it will never ask for recovery phrases, request users to scan codes, or send unsolicited hardware. Still, phishing messages spoofing official support channels have already started circulating. Security researchers are tracking live attempts linked to the stolen data.

According to Ledger’s security advisory, if you’ve been impacted, you’ll receive an email alert from **[email protected]**, not from any other address.

Commenting on the breach, Anders Askasen of Radiant Logic pointed out that attackers don’t need passwords to do damage. “Once someone has your contact and order details, combined with the trust you place in a brand, they can send phishing messages that feel real. Most of that data lives on third-party platforms with limited oversight, which makes it easier for threats to go unnoticed until it’s too late.”

Will Baxter, Field CISO at Team Cymru, emphasized the speed of the attacks. “It didn’t take long for threat actors to move from data theft to phishing. That kind of speed shows why it’s not enough to wait for user reports. Security teams need to watch for fake domains, spoofed brands, and new infrastructure built to trick users and do it the moment a breach happens.”

Ledger says it is working with Global-e to investigate further. In the meantime, users should double-check any emails or texts related to their Ledger orders, avoid clicking unexpected links, and never share recovery phrases with anyone.

Ledger Confirms Global-e Breach, Warns Users of Phishing Attempts

Phishing in 2026 is harder to detect and verify. Learn how CISOs can speed up investigations, reduce noise, and respond with confidence.

_Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings._

By 2026, most **phishing emails** will look legitimate enough to pass filters and first checks. Trusted platforms, clean-looking links, and delayed execution make fast decisions risky and slow ones dangerous. As a result, investigations drag on, queues grow during phishing waves, and confidence in verdicts drops

Read on to see how security leaders can regain confidence in phishing decisions and reduce investigation pressure as these attacks become harder to spot.

****Why Phishing Becomes a Business Risk in 2026****

In 2026, phishing will test how quickly a business can make decisions. Delayed verdicts leave malicious emails active longer, giving attackers time to steal credentials, move laterally, or trigger follow-up attacks. When phishing volumes spike, even brief delays compound into real exposure, missed incidents, and costly clean-up. What looks like a single email issue can quietly escalate into downtime, data loss, or regulatory risk.

****A Practical Approach CISOs Are Already Using****

Security teams that adjust their phishing workflow before 2026 are seeing clear results:

*   Up to 3× higher investigation throughput during phishing spikes
*   Faster, more confident verdicts, even for complex email attacks
*   Fewer false positives, reducing unnecessary escalations and noise

The sections below break down the practical steps behind these results and how to apply them in your own environment.

****Step 1: Shift Phishing Decisions from Indicators to Behavior****

Static checks explain what an email looks like, not what it does. By 2026, phishing chains will be built around redirects, delayed execution, and trusted platforms specifically to pass early detection. That makes indicator-based decisions slow and unreliable.

Behavior-based analysis changes this dynamic. Inside **ANY.RUN sandbox,** the full phishing chain becomes visible as it executes, from initial link interaction to credential capture or payload delivery. 

Fake Microsoft login page exposed in 60 seconds inside ANY.RUN sandbox

Interactivity allows teams to follow redirects, trigger hidden steps, and observe real behavior instead of guessing intent.

Without a sandbox, reaching a confident verdict often takes 20 minutes or more. With interactive analysis, over 90% of phishing activity is exposed in under 60 seconds, allowing faster decisions without sacrificing accuracy.

See how you can move from slow phishing investigations to confident decisions in seconds. **Talk to ANY.RUN Team**!

****Step 2: Ensure the Right Context is Available at Decision Time****

Seeing behavior is only part of the equation. In 2026, the bigger challenge is making the _right call_ quickly, with enough context to understand impact and urgency.

Without consolidated context, phishing verdicts depend on fragmented intelligence. Information is spread across tools, arrives late, and forces teams to rely on partial signals. During phishing spikes, this slows response and increases the risk of inconsistent decisions and unnecessary escalation.

Sandbox-driven analysis solves this by attaching context as behavior unfolds. When phishing activity is analyzed in ANY.RUN sandbox, the threat is identified automatically, including the malware family or campaign behind it, and presented directly at decision time.

ANY.RUN sandbox labels the analysis with “Mamba” and “phishing.”

That context isn’t static. Decision-makers can immediately pivot to recent, real-world analysis sessions, seeing how the same threat behaves across environments already examined by 15,000 organizations and over 500,000 security professionals. Instead of relying on isolated indicators or delayed lookups, teams base decisions on fresh, shared intelligence drawn from active attack patterns.

The result is clearer risk assessment, faster approval cycles, and fewer escalations driven by uncertainty.

****Step 3: Automate Phishing Analysis to Scale without Added Risk****

Speed and context only matter if they scale. In 2026, phishing response can’t depend on how much manual effort a team can sustain during a spike.

Advanced sandbox platforms go beyond basic automation. Solutions like ANY.RUN includes automated interactivity, which allows the analysis environment itself to perform actions that would normally require manual input, such as following hidden links, interacting with web elements, solving verification challenges, or extracting **malicious URLs embedded in QR codes**.

Multi-stage attack discovered inside ANY.RUN sandbox

This matters operationally. Automated interactivity keeps the attack chain moving without human intervention, exposing behavior that would otherwise remain hidden. Tier-1 teams can reach confident verdicts faster, without needing to reproduce complex user actions or escalate cases prematurely.

The outcome is 30% fewer Tier-1 to Tier-2 handoffs, more consistent decisions across shifts, and a phishing workflow that holds up under pressure, even when volumes surge.

****Step 4: Speed up Triage with Rich Threat Context****

In 2026, the bottleneck in phishing response is no longer detection; it’s verification. When alerts arrive without context, teams slow down, second-guess verdicts, and escalate cases unnecessarily.

ANY.RUN enables fast alert verification by providing fresh, behavior-based data as alerts arrive. Phishing alerts can be enriched automatically with real execution details, reputation, and threat context, so teams understand what they are dealing with immediately without manual checks or tool-hopping.

This shortens triage time, reduces unnecessary Tier-1 to Tier-2 escalations, and helps teams move from alert to action with confidence. For CISOs, it means a more predictable response, clearer oversight, and faster containment during phishing spikes.

****Step 5: Standardize Incident Documentation without Slowing Response****

Phishing incidents don’t end with a verdict. They need to be documented, shared, and often reviewed later by incident response teams, management, auditors, or regulators. When documentation is manual, it becomes inconsistent, incomplete, and time-consuming, especially during phishing waves.

Sandbox-driven analysis removes this bottleneck. As phishing activity executes, a complete incident record is generated automatically, including behavior, indicators, screenshots, and threat context, all captured in a structured format.

Auto-generated report with gathered IOCs, TTPs, behavior details, screenshots, and more

This gives reliable documentation without delaying response. Cases move forward faster, handoffs are cleaner, and reports are ready when they’re needed without pulling teams away from active incidents. As a result, teams get better traceability, easier reviews, and stronger confidence that phishing response holds up under scrutiny.

****Stop Phishing Incidents from Turning into Business Impact****

Security teams that modernize phishing analysis see clear, measurable outcomes:

*   Lower escalation rates, keeping senior staff focused on real incidents
*   Faster containment, with fewer cases stuck waiting on manual verification
*   Shorter exposure windows reduce the chance of credential theft and follow-up attacks
*   More consistent decisions under pressure, even during high-volume phishing waves

Want to see how this works in practice? **Talk to ANY.RUN team** to explore how interactive phishing analysis can help your organization reduce risk and respond with confidence in 2026.

(Photo by Le Vu on Unsplash)

How to Avoid Phishing Incidents in 2026: A CISO Guide

Palo Alto Networks’ new report reveals VVS Stealer uses Discord Injection and fake error messages to steal tokens and MFA codes. Protect your account from this new Python-based threat.

A new Python-based threat called VVS Stealer (or VVS $tealer) has surfaced that specifically aims to raid the accounts of Discord users. This malicious software has been circulating quietly since at least April 2025, but its inner workings were recently disclosed by security experts at Palo Alto Networks’ Unit 42.

Researchers found that the malware arrives as a PyInstaller package, which essentially means it’s ready to run on almost any Windows machine without requiring any additional setup.

As we know it, Discord is the go-to hub for millions of gamers, which is exactly why it’s such a prime target. This malware’s main goal is to snatch tokens (digital keys that keep you logged in without a password), using which hackers can access your profile, read your private messages, and even steal your billing and credit card info.

****How it Operates****

For your information, this malware is much more aggressive than just a password stealer. It starts by popping up a fake “Fatal Error” message to trick you into a reboot and performs a Discord Injection, where it actually modifies your Discord files and downloads a malicious script directly into your app folders. This allows the attackers to monitor your traffic as it happens, steal your backup codes or MFA status, and even intercept your login details if you try to change your password.

VVS Stealer doesn’t stop at Discord; it targets browsers, including Chrome, Edge, Brave, and Opera, to steal saved passwords, cookies, and autofill data. It even takes screenshots of your desktop. The malware then bundles this stolen data into a file named USERNAME_vault.zip and sends it to hackers using webhooks.

To keep the stolen data moving smoothly, the malware uses a specific, fixed User-Agent string (appearing as a standard Chrome 115 browser) for all its internet traffic. To avoid detection, the creators use Pyarmor (version 9.1.4 Pro) to scramble the code with AES-128-CTR encryption.

****Sold Like a Subscription****

Interestingly, this isn’t just a one-time attack but is being run like a business. It is sold on Telegram, where it is marketed as the ultimate stealer, Palo Alto’s blog post reveals. The prices are surprisingly low, starting at about €10 for a week of use, up to €199 for a lifetime license.

VVS Stealer Telegram Ad (Source: Unit 42)

It is worth noting that researchers at Deep Code believe a French-speaking individual is behind the operation. They’ve even identified key operators like Rly (or rlyb) and 93R (Rexko). Interestingly, Rly has been active on Discord and GitHub since 2015, showing that these attackers usually have deep roots in the communities they eventually target.

This version of the malware is programmed to expire on October 31, 2026, but it remains a very real danger until then. So, if a weird error box suddenly pops up on your screen, don’t just rush to hit restart. It might be VVS Stealer trying to plant itself firmly into your system.

(Photo by Alexander Shatov on Unsplash)

New VVS Stealer Malware Targets Discord Users via Fake System Errors

Menlo Park, India, 6th January 2026, CyberNewsWire

**Menlo Park, India, January 6th, 2026, CyberNewsWire**

AccuKnox, a global leader in Zero Trust **Cloud-Native Application Protection Platforms (CNAPP),** has appointed **Connex Information Technologies** as its authorised distribution partner across South and Southeast Asia.

The partnership aligns AccuKnox with **Connex**, a global value-added distributor that has steadily expanded its regional footprint since its founding in 2014. **Connex operates in 14 countries and supports a network of over 1,500 channel partners across its global footprint spanning Asia-Pacific, the Middle East, Africa, and Oceania.**

For AccuKnox, the agreement represents a practical step toward deeper regional reach, favouring localised execution and partner-led growth over centralised expansion. Through Connex, AccuKnox will collaborate closely with regional partners to support deployment, partner enablement, and customer engagement across markets experiencing rapid adoption of cloud-native and containerised technologies.

Connex has positioned itself as a partner-first organisation, with a strong focus on enablement, co-marketing, and hands-on pre- and post-sales support. As AccuKnox’s authorised distribution partner, Connex will focus on strengthening channel readiness and supporting customers as they modernise application infrastructure across hybrid and distributed environments.

**Leadership Testimonials**

> “Partnerships like this are about proximity being closer to customers and the partners who serve them,” said **Nat Natraj, CEO of AccuKnox**. “Connex has built a distribution model that understands regional nuance while maintaining strong operational discipline.”

> **Ashok Kumar, Managing Director – SEA, Connex,** said the partnership reflects a shared understanding of how technology adoption is evolving across the region. For Connex, the partnership further strengthens its portfolio of next-generation infrastructure and security technologies. For AccuKnox, it signals a steady, partner-led approach to expanding its presence across South and Southeast Asia.”

**About Connex**

Connex Information Technologies is a global value-added IT distributor delivering technology solutions across Asia-Pacific, the Middle East, Africa, and Oceania. Founded in 2014, Connex supports a broad network of channel partners through enablement, co-marketing, and end-to-end pre- and post-sales support.

**About** **AccuKnox**

AccuKnox provides a Zero Trust-aligned Cloud Native Application Protection Platform (CNAPP), delivering visibility, posture management, runtime protection, and compliance support for cloud, container, and Kubernetes environments. AccuKnox supports deployments across public cloud, hybrid, on-premises, and air-gapped environments.

**Contact**

**PMM**  
**Syed Hadi**  
**AccuKnox**  
**\[email protected\]**

Connex IT Partners with AccuKnox for Zero Trust CNAPP Security in Southeast Asia

Security experts at Zenity Labs warn that Anthropic’s new agentic browser extension, Claude in Chrome, could bypass traditional web security, exposing private data and login tokens to potential hijackers.

On December 18, 2025, Anthropic released the beta version of its Claude Chrome extension, a tool that lets the AI browse and interact with websites on your behalf. While convenient, a new analysis from Zenity Labs shows it introduces a serious set of security risks that traditional web protections weren’t designed to handle.

****Breaking the Human-Only Security Model****

Web security has mostly assumed there’s a person behind the screen. When you log into your email or bank, the browser treats the clicks and keystrokes as yours. Now, tools like Claude can click, type, and navigate sites for you.

Researchers Raul Klugman-Onitza and João Donato noted that the extension stays logged in at all times, with no way to disable it. That means Claude inherits your digital identity, including access to Google Drive, Slack, or other private tools, and can act without your input.

How the Claude Chrome extension works

****The Lethal Trifecta of AI Risks****

Zenity Labs’ technical blog post shows the company flagged three overlapping concerns: the AI can access personal data, it can act on it, and it can be influenced by content from the web.

This opens the door to attacks like Indirect Prompt Injection, where malicious instructions are hidden in webpages or images. Because the AI uses your credentials, it can carry out harmful actions like deleting inboxes or files, or sending internal messages without your knowledge. Attackers could also move laterally inside a company by hijacking the AI’s access to services like Slack or Jira.

In technical tests, researchers showed that Claude could read web requests and console logs, which can expose sensitive data like OAuth tokens. They also demonstrated how Claude could be tricked into running JavaScript, turning it into what the team called “XSS-as-a-service.”

****Why Safety Switches Aren’t Enough****

Anthropic did include a safety switch called “Ask before acting,” which requires the user to approve a plan before the AI takes a step. However, Zenity Labs’ researchers found this to be a “soft guardrail.” In one test, they observed that Claude ended up going to Wikipedia even though it was not in the approved plan. This suggests the AI can sometimes drift from its path.

Researchers also warned of “approval fatigue,” where users get so used to clicking “OK” that they stop checking what the AI is actually doing. For real-world organisations, this isn’t just a sci-fi worry; it’s a fundamental change in how we must protect our data.

Researchers Warn of Data Exposure Risks in Claude Chrome Extension

A hacker using the alias 1011 has claimed to breach a NordVPN development server, posting what appears to…

A hacker using the alias _1011_ has claimed to breach a NordVPN development server, posting what appears to be database dumps and configuration samples on the latest version of BreachForums. The leak was shared under the title “ nordvpn.com SalesForce - leaked, Download!” and was accompanied by claims that access was gained by brute-forcing a misconfigured system.

The post included what the actor described as Salesforce API keys, Jira tokens, and source code from over ten databases. A screenshot shared by the hacker displayed data structure and field names suggesting it could be from a development environment, but there’s nothing in the screenshot that clearly links it to NordVPN beyond the hacker’s label.

NordVPN’s breach claims on BreachForums (Image credit: Hackread.com)

****NordVPN’s Response****

NordVPN quickly responded, stating that their internal systems have not been compromised. In a blog post published the same day, the company addressed the claims head-on and explained what they believe the leak actually contains.

According to NordVPN, the files originate from a test environment set up six months ago during the evaluation of a third-party platform. The trial was short-lived, no contract was signed, and no production systems were connected during the process. The company clarified that no sensitive customer information, real API keys, or internal source code were ever shared with that vendor.

Their blog emphasized that the environment shown in the leak wasn’t part of their active Salesforce infrastructure. Instead, it was an isolated sandbox used briefly to assess automated testing tools. NordVPN said that the data in question included only dummy content and was never used in any live service.

While the hacker framed the post as a serious breach involving NordVPN’s core systems, the company disputes the connection entirely. They’re confident the data was from a third-party system used temporarily during a trial period that has long since ended. They’ve also reached out to that vendor for further clarity.

At this point, there’s no verifiable link between the samples shared by the hacker and any production environment at NordVPN. The company continues to monitor the situation and stated that no customer action is needed.

Source

HackRead