New York, New York, 19th September 2025, CyberNewsWire

**New York, New York, September 19th, 2025, CyberNewsWire**

**BreachLock**, the global leader in offensive security, has been recognized as a Sample Vendor for Penetration Testing as a Service (PTaaS) in the 2025 Gartner Hype Cycle for Application Security. The company was also recognized as a sample vendor for Adversarial Exposure Validation (AEV) in the Gartner report, “From Defense to Offense: How to Champion Proactive Cybersecurity.”

This recognition from Gartner, following BreachLock’s designation as a Sample Vendor in multiple other 2025 Hype Cycle reports earlier this year, underscores BreachLock’s commitment to delivering more scalable, flexible, and efficient penetration testing and offensive security solutions for modern security teams.

> Commenting on the recognition, BreachLock Founder & CEO, Seemant Sehgal, expressed, “It’s an honor to be recognized by Gartner so consistently over the years as BreachLock continues to innovate and raise the bar not only in penetration testing, but now in adversarial exposure validation.” He added, “Our growing impact and leadership in the market is a direct reflection of our team’s genuine passion for listening and adapting to our clients’ needs, whether it’s more flexibility, scalability, better vulnerability prioritization, support, or innovative new solutions.” 

BreachLock’s flexible PTaaS delivery model empowers enterprises to test their full-stack attack surface as broadly and frequently as needed, whether that’s periodically or continuously, by combining the power of human expertise, AI efficiency, and automated scalability into a single solution. With BreachLock PTaaS, security teams can identify their vulnerabilities in real-time, visualize attack paths, and easily prioritize remediation based on actual risk so they can be remediated faster and more effectively. 

BreachLock Adversarial Exposure Validation, its Gen AI-powered autonomous red teaming engine, enables enterprises to launch their own unlimited, multi-step attack scenarios in just a few clicks on demand or continuously. AEV thinks and moves like a real attacker, leveraging live threat intelligence, pivoting, and moving laterally to reveal where defenses succeed or fail. With BreachLock AEV, security teams can scale coverage without adding headcount and focus remediation efforts on validated risks that could lead to high-impact breaches. 

Gartner highlights in the Hype Cycle for Application Security that “PTaaS overlaps with adversarial exposure validation (AEV), which is an adjacent market, yet they are different in terms of adoption and operation. AEV focuses on continuous, real-world attack simulations, while PTaaS emphasizes human expertise and integration with development processes for on-demand or continuous testing,” citing this as an obstacle. While PTaaS and AEV are at different stages and do have some overlap, BreachLock offers both solutions in a single platform, simplifying adoption and implementation for customers. 

Looking ahead to the coming years, BreachLock will continue innovating in the offensive security space to help organizations take control of their attack surface, reduce operational complexity, and strengthen defenses as threats evolve. BreachLock remains committed to delivering forward-thinking solutions that empower security teams to safeguard their organizations with confidence. 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

**About BreachLock**

BreachLock is a global leader in offensive security, delivering scalable and continuous security testing. Trusted by global enterprises, BreachLock provides human-led and AI-powered Attack Surface Management, Penetration Testing as a Service (PTaaS), Red Teaming, and Adversarial Exposure Validation (AEV) solutions that help security teams stay ahead of adversaries.

With a mission to make proactive security the new standard, BreachLock is shaping the future of cybersecurity through automation, data-driven intelligence, and expert-driven execution.

**Contact**

**Senior Marketing Executive**  
**Megan Charrois**  
**BreachLock**  
**\[email protected\]**

BreachLock Named Sample Vendor for PTaaS and AEV in Two New 2025 Gartner® Reports

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands.
The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity.
"A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged

Vulnerability / Threat Intelligence

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands.

The vulnerability, tracked as **CVE-2025-10035**, carries a CVSS score of 10.0, indicating maximum severity.

"A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection," Fortra said in an advisory released Thursday.

The company also noted that successful exploitation of the vulnerability is dependent on the system being publicly accessible over the internet.

Users are advised to update to the patched release – version 7.8.4, or the Sustain Release 7.6.3 – to safeguard against potential threats. If immediate patching is not possible, it's advisable to ensure that access to the GoAnywhere Admin Console is not open to the public.

Fortra makes no mention of the flaw being exploited in the wild. That said, previously disclosed shortcomings in the same product (CVE-2023-0669, CVSS score: 7.2) were abused as a zero-day by ransomware actors to steal sensitive data.

Then, early last year, it addressed another critical vulnerability in the GoAnywhere MFT (CVE-2024-0204, CVSS score: 9.8) that could have been exploited to create new administrator users.

"The newly disclosed vulnerability in Fortra's GoAnywhere MFT solution impacts the same license code path in the Admin Console as the earlier CVE-2023-0669, which was widely exploited by multiple ransomware and APT groups in 2023, including LockBit," Ryan Dewhurst, head of proactive threat intelligence at watchTowr, said in a statement shared with The Hacker News.

"With thousands of GoAnywhere MFT instances exposed to the Internet, this issue is almost certain to be weaponized for in-the-wild exploitation soon. While Fortra notes exploitation requires external exposure, these systems are generally Internet-facing by design, so organizations should assume they are vulnerable. Organizations should apply the official patches immediately and take steps to restrict external access to the Admin Console."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability

OpenAI has fixed a vulnerability in ChatGPT Deep Research after researchers found a prompt injection method to exfiltrate PII.

OpenAI has moved quickly to patch a vulnerability known as “ShadowLeak” before anyone detected real-world abuse. Revealed by researchers yesterday, ShadowLeak was an issue in OpenAI’s Deep Research project that attackers could exploit by simply sending an email to the target.

Deep Research was launched in ChatGPT in early 2025 to enable users to delegate time-intensive, multi-step research tasks to an autonomous agent operating as an agentic AI (Artificial Intelligence). Agentic AI is a term that refers to AI systems that can act autonomously to achieve objectives by planning, deciding, and executing tasks with minimal human intervention. Deep Research users can primarily be found in finance, science, policy, engineering, and similar fields.

Users are able to select a “deep research” mode, input a query—optionally providing the agent with files and spreadsheets—and receive a detailed report after the agent browses, analyzes, and processes information from dozens of sources.

The researchers found a zero-click vulnerability in the Deep Research agent, that worked when the agent was connected to Gmail and browsing. By sending the target a specially crafted email, the agent leaked sensitive inbox information to the attacker, without the target needing to do anything and without any visible signs.

The attack relies on prompt injection, which is a well-known weak spot for AI agents. The poisoned prompts can be hidden in email by using tricks like tiny fonts, white-on-white text, and layout tricks. The target will not see them, but the agent still reads and obeys them.

And the data leak is impossible to pick up by internal defenses, since the leak occurs server-side, directly from OpenAI’s cloud infrastructure.

The researchers say it wasn’t easy to craft an effective email due to existing protection (guardrails) which recognized straight-out and obvious attempts to send information to an external address. For example, when the researchers tried to get the agent to interact with a malicious URL, it didn’t just refuse. It flagged the URL as suspicious and attempted to search for it online instead of opening it.

The key to success was to get the agent to encode the extracted PII with a simple method (base64) before appending it to the URL.

> “This worked because the encoding was performed by the model before the request was passed on to the execution layer. In other words, it was relatively easy to convince the model to perform the encoding, and by the time the lower layer received the request, it only saw a harmless encoded string rather than raw PII.”

In the example, the researchers used Gmail as a connector,  but there are many other sources that present structured text which can be used as a potential prompt injection vector.

**Safe use of agentic agents**

While it’s always tempting to use the latest technology, this comes with a certain amount of risk. To limit those risks when using agentic agents you should:

*   **Be cautious with permissions:** Only grant access to sensitive information or system controls when absolutely necessary. Review what data or accounts the agentic browser can access and limit permissions where possible.
*   **Verify sources before trusting links or commands:** Avoid letting the browser automatically interact with unfamiliar websites or content. Check URLs carefully and be wary of sudden redirects, additional parameters, or unexpected input requests.
*   **Keep software updated:** Ensure the agentic browser and related AI tools are always running the latest versions to benefit from security patches and improvements against prompt injection exploits.
*   **Use strong authentication** **and monitoring:** Protect accounts connected to agentic browsers with multi-factor authentication and review activity logs regularly to spot unusual behavior early.
*   **Educate yourself about prompt injection risks:** Stay informed on the latest threats and best practices for safe AI interactions. Being aware is the first step to preventing exploitation.
*   **Limit sensitive operations automation:** Avoid fully automating high-stakes transactions or actions without manual review. Agentic agents should assist, but critical decisions deserve human oversight.
*   **Report suspicious behavior:** If an agentic agent acts unpredictably or asks for strange permissions, report it to the developers or security teams immediately for investigation.

**We don’t just report on data privacy—we help you remove your personal information**

Cybersecurity risks should never spread beyond a headline. With Malwarebytes Personal Data Remover, you can scan to find out which sites are exposing your personal information, and then delete that sensitive data from the internet.

 ChatGPT Deep Research zero-click vulnerability fixed by OpenAI 

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform's Community Edition.
The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate Standard

AI Automation / Security Operations

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform's Community Edition.

The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate Standard Operating Procedures (SOPs) from Confluence. When an alert triggers, AI agents analyze it, locate relevant SOPs, and perform required remediation steps - all while keeping the on-call team informed via Slack.

It was created by Michael Tolan, Security Researcher L2 at Tines, and Peter Wrenn, Senior Solutions Engineer at Tines.

In this guide, we'll share an overview of the workflow, plus step-by-step instructions for getting it up and running.

**The problem - manual alert triage and SOP execution**

For security teams, responding to alerts efficiently requires quickly identifying the threat type, locating the appropriate SOP, and executing the required remediation steps.

From a workflow perspective, teams often have to:

*   Manually analyze incoming security alerts
*   Search through Confluence for relevant SOPs
*   Document findings and actions in case management systems
*   Execute multiple remediation steps across different security tools
*   Update the case management system again after the fact
*   Notify stakeholders about incidents and actions taken

This manual process is time-consuming, prone to human error, and can lead to inconsistent handling of similar alerts.

**The solution - AI-powered alert triage with automated SOP execution**

This prebuilt workflow automates the entire alert triage process by leveraging AI agents and Confluence SOPs. The workflow helps security teams respond faster and more consistently by:

*   Using AI to analyze and classify incoming alerts
*   Automatically locating relevant SOPs in Confluence
*   Creating structured case records for tracking
*   Deploying a second AI agent (subagent) to execute remediation steps
*   Documenting all actions and notifying the on-call team via Slack

The result is a streamlined response to security alerts that ensures consistent handling according to established procedures.

**Key benefits of this workflow**

*   Reduced mean time to remediation (MTTR)
*   Consistent application of security procedures
*   Comprehensive documentation of all actions taken
*   Reduced analyst fatigue from repetitive tasks
*   Improved visibility through automated notifications

**Workflow overview******Tools used:****

*   Tines - workflow orchestration and AI platform (free Community Edition available)
*   Confluence - knowledge management platform for SOPs

_This specific workflow also_ uses _the following pieces of software. However, you can use whatever enrichment/_remediation _tools currently_ existing within _your technology stack alongside Tines and Confluence._

*   CrowdStrike - threat intelligence and EDR platform
*   AbuseIPDB - IP reputation database
*   EmailRep - email reputation service
*   Okta - identity and access management
*   Slack - team collaboration platform
*   Tavily - AI research tool
*   URLScan.io - URL analysis service
*   VirusTotal - file and URL scanning service

**How it works****Part 1: Alert Ingestion and Analysis**

*   Receive security alert from integrated security tools
*   AI agent analyzes the alert to determine type and severity
*   System searches Confluence for relevant SOPs based on alert classification
*   Create a case record with alert details and identified SOP

**Part 2: Remediation and Documentation**

*   Second AI agent reviews the case and SOP instructions
*   AI agent orchestrates remediation actions across appropriate security tools
*   All actions are documented in the case history
*   Slack notification is sent to the on-call team with alert details and actions taken

**Configuring the workflow - step-by-step guide**

1\. Log into Tines or create a new account.

2\. Navigate to the pre-built workflow in the library. Select import.

**3\. Set up your credentials**

You'll need credentials for all the tools used in this workflow. You can add or remove whatever tools you wish to suit your environment.

*   Confluence
*   CrowdStrike
*   AbuseIPDB
*   EmailRep
*   Okta
*   Slack
*   Tavily
*   URLScan.io
*   VirusTotal

From the credentials page, select New credential, scroll down to the relevant credential and complete the required fields. Follow the credential guides at explained.tines.com if you need help.

**4\. Configure your actions.**

Set your environment variables. In this particular workflow, that specifically requires setting the Slack channel for notifications (hardcoded to #alerts by default, but can be adjusted in the Slack action).

**5\. Customize the AI prompts**

The workflow includes two key AI agents:

*   Alert Analysis Agent: Customize the prompt to help identify alert types
*   Remediation Agent: Customize the prompt to guide remediation actions

**6\. Test the workflow.**

Create a test alert to verify:

*   Alert is properly classified
*   Correct SOP is retrieved from Confluence
*   Case is created with appropriate details
*   Remediation steps are executed
*   Slack notification is sent

**7\. Publish and operationalize**

Once tested, publish the workflow and integrate with your security tools to begin receiving live alerts.

If you'd like to test this workflow, you can sign up for a free Tines account.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines

This edition pulls the curtain aside to show the realities of the VPN Filter campaign. Joe reflects on the struggle to prevent burnout in a world constantly on fire.

Thursday, September 18, 2025 14:00

Welcome to this week’s edition of the Threat Source newsletter. 

This is gonna be a tough read. I’m sorry. Believe it or not, it’s even tougher for me to write. I want to talk about what it costs to be in the cybersecurity profession. Not money or time, but potentially your health, both mentally and physically. I want to move the curtain aside and show you an inside look at what happens to people when the pressure is high and the desire to succeed is not only essential, but sometimes even life and death. 

So, story time. 

Seven years ago, Cisco Talos disclosed a novel and new threat campaign: VPN Filter. VPN Filter was a small office/home office (SOHO) device botnet that had many new things we’d never seen before in SOHO devices: infection persistence past device reboot, modularity, victimology, and perhaps most importantly, the (later) attribution to the Russian threat actor APT28 (aka Sandworm). The platform also featured a kill switch, a module designed to cover the tracks and or destroy a device infected with VPN Filter. This could be executed en masse, if they desired. This was a methodical, clever and well-structured campaign to attack unpatched and/or vulnerable devices all over the world for state cyber operations. As I look back at that time, it was (and still is) a marvel of tradecraft and offensive cyber operations. 

Put yourself in our position at Talos. We’ve just discovered a massive campaign by a notorious threat actor. We all know what this is, who this is, and what the consequences could be — and the threat actor had a massive head start on us. We absolutely couldn’t screw this up. If we tipped our hand via our research, the threat actor might get spooked and just burn the whole thing down with the kill switch. The stakes were very high. 

We spent months reversing and analyzing the malware, the victimology, infrastructure, and understanding the scale and scope of what VPN Filter did and potentially could do. The more we peeled things back, the more ominous the implications and the harder we worked. 

As the weeks turned into months, the hours we worked grew longer and longer, and the stress began to take its toll on all of us. The raw enormity of the tasks of analyzing and responding to VPN Filter and the stress of being stealthy begin to extract a price from us personally. Attitudes grew sour, relationships frayed, and some were rent asunder completely. For me, personally, it was a very dark time and would cost me dearly – I would exit people management into an individual contributor role that I still inhabit to this day. 

In the end, the threat actor forced us to into action. We had always theorized a “break glass” moment when the threat actor might hit the gas pedal and we would have to alert the world. One day we saw a massive spike in infections in Ukraine, and we disclosed to the world VPN Filter. We still had so many unanswered questions but had no choice when we saw the spike. In a way, it was a mercy. We had long since hit our limit and were just all collectively cooked and demoralized. I know I was, and it deeply affected my relationships and career, the reverberations of which I still feel to this day.  

I’m often asked by new or potential security practitioners, “Joe, what’s a cool hacker story?!” I have plenty of those, and VPN Filter is certainly one of them. But rarely does anyone want to hear the worst days of our lives. The tales of burnout and stress. Of the long hours and constant work. There is _always_ a breach happening somewhere, your company is _always_ under attack, there is _always_ a story of a someone getting hacked and sometimes people are even hurt or killed. This cadence takes a toll – from events like VPN Filter, to being in a SOC – it’s all the same. No matter where you work, we are here to keep our customers, constituents, and communities safe from some real assholes out there. It is about fighting the good fight, and the fight never stops.  

So, what can we do about it? How can you avoid being me in the middle of VPN Filter? 

1.  **Learn and enforce boundaries.** You must make space and time for you and firmly enforce that space and time. If that means disabling after hours comms, then do so, and do so guilt free. You must look after yourself. 
2.  **Peer support.** Whether it's a therapist, a colleague, or a Slack/Discord/Bsides where you can share and vent with others in the same boat as you, you must reduce the sense of isolation this career space can give you. Others are looking for the same thing and happy to listen and share. Celebrate your wins with people who are eager to reciprocate.  
3.  **Unplugged self-care.** This is tough, and I’m not great at it. Exercise, paint, work in your garden and do something unrelated to your job. Put down the hell rectangle that is your phone and unplug from the news and social media. 
4.  **Mandatory decompression/vacation.** After an incident, be it VPN Filter or a breach, leaders: _look after your people._ Recognize burnout and push your directs into some enforced downtime so they can recover. At a minimum, rotate them into a less stressful role so they can take a break. It’s your responsibility to care for those who work hard for you. 

Responding after the event is just as important as responding to the event itself. Every breach, VPN Filter-like event, or emergency is an opportunity to reflect on the cost to your health and evaluate what you can do to help yourself and others. This is a tough gig sometimes, but it’s a calling we love. Just take care of yourself and each other, ya hear?

**The one big thing **

In Talos' latest blog post, we break down why having a Cisco Talos Incident Response (IR) Retainer is a game-changer for any organization facing today’s nonstop cyber threats. With a Talos IR Retainer, you get direct access to our expert team, 24/7 emergency support, and tailored plans that keep everyone — from IT to leadership — on the same page. You’ll also benefit from continuous threat intelligence and real-world guidance to help your organization bounce back stronger after any incident. 

**Why do I care? **

Our team helps you hunt threats before they escalate, assess your readiness and improve your security posture over time. If a cyber incident hits, having a trusted partner already in place means you’re prepared to act decisively, with clear roles, tested procedures and experts ready to back you up every step of the way. 

**So now what? **

Think about securing a Talos IR Retainer to make sure you’ve got experts on speed dial and your defenses are always up to date. Reach out to us to schedule a tabletop exercise or to talk through how prepared your organization really is.

**Top security headlines of the week **

**New VoidProxy phishing service bypasses MFA on Microsoft and Google accounts**   
An attack typically begins with a deceptive email sent from a compromised account of legitimate email service providers, like Constant Contact, Active Campaign or NotifyVisitors. (Hack Read) 

**Shai-Hulud supply chain attack: Worm used to steal secrets, 180+ npm packages hit**   
The self-spreading potential of the malicious code will likely keep the campaign alive for a few more days. To avoid being infected, users should be wary of any packages that have new versions on npm but not on GitHub, and pin dependencies. (SecurityWeek) 

**Google nukes 224 Android malware apps behind massive ad fraud campaign**   
The apps were downloaded over 38 million times and employed obfuscation and steganography to conceal the malicious behavior from Google and security tools. (Bleeping Computer) 

**Former FinWise employee may have accessed nearly 700K customer records**   
Nearly 700,000 FinWise Bank customers are being notified after a former employee may have accessed or taken personal data post-employment. The incident went undetected for over a year. (The Register)

**Can’t get enough Talos? **

*   **Alex Ryan: From zero chill to quiet confidence**   
    Discover how a Cisco Talos Incident Response expert transitioned from philosophy to the high-stakes, emotionally intense world of incident command, and the advice that she has for aspiring cybersecurity professionals. 
*   **Beers with Talos: How to ruin an APT's day**   
    The B-Team is joined by Sara McBroom from Talos’ nation-state threat intelligence and interdiction team. Sara shares her journey from a liberal arts major to tracking some of the world’s most advanced adversaries. 
*   **Tampered Chef: When malvertising serves up infostealers**   
    Imagine downloading a PDF Editor tool from the internet that works great... until nearly two months later, when it quietly steals your credentials. Nick Biasini explains how cybercriminals are investing in "malvertising" and challenges in defense.

**Upcoming events where you can find Talos **

*   LABScon (Sept. 17 – 20) Scottsdale, AZ 
*   VB2025 (Sept. 24 – 26) Berlin, Germany 
*   Wild West Hackin' Fest (Oct. 8 – 10) Deadwood, SD

**Most prevalent malware files from Talos telemetry over the past week **

**SHA256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507**    
MD5: 2915b3f8b703eb744fc54c81f4a9c67f   
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507    
Typical Filename: executable.exe   
Claimed Product: N/A     
Example Filename:0a0dc0e95070a2b05b04c2f0a049dad8\_1\_Exe.exe    
Detection Name: Win.Worm.Coinminer::1201 

**SHA256: 41f14d86bcaf8e949160ee2731802523e0c76fea87adf00ee7fe9567c3cec610**    
MD5: 85bbddc502f7b10871621fd460243fbc    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=41f14d86bcaf8e949160ee2731802523e0c76fea87adf00ee7fe9567c3cec610    
Typical Filename: nwx3hgsl.exe   
Claimed Product: Self-extracting archive   
Detection Name: W32.41F14D86BC-100.SBX.TG 

**SHA256: c0ad494457dcd9e964378760fb6aca86a23622045bca851d8f3ab49ec33978fe**    
MD5: bf9672ec85283fdf002d83662f0b08b7    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=c0ad494457dcd9e964378760fb6aca86a23622045bca851d8f3ab49ec33978fe    
Typical Filename: werrx01USAHTML   
Claimed Product: N/A   
Detection Name: W32.C0AD494457-95.SBX.TG 

**SHA256: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974**    
MD5: aac3165ece2959f39ff98334618d10d9    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974    
Typical Filename: ~3B6A.tmp   
Claimed Product: N/A   
Detection Name: W32.Injector:Gen.21ie.1201 

**SHA256: a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91**   
MD5: 7bdbd180c081fa63ca94f9c22c457376    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91    
Typical Filename: img001.exe   
Claimed Product:   
Detection Name: Win.Dropper.Miner::95.sbx.tg

Put together an IR playbook — for your personal mental health and wellbeing

Hackers are posing as Empire podcast hosts, tricking crypto influencers and developers with fake interview invites to deliver macOS AMOS Stealer malware.

A new phishing campaign is targeting developers and influencers in the crypto industry with fake interview requests that impersonate a popular Web3 podcast. The attackers pose as hosts, luring unsuspecting victims to websites mimicking platforms such as Streamyard and Huddle to distribute AMOS Stealer malware against macOS devices.

The latest scam surfaced only weeks after another scheme, reported in August 2025, where fraudsters posed as CoinMarketCap journalists to target crypto executives in a spear-phishing campaign.

****A fake podcast, real consequences**  **

José A. Gómez Ledesma, a threat intelligence analyst from Quetzal Team, originally identified a phishing campaign targeting influencers and developers in the crypto industry.  

The attackers impersonate hosts and producers of the popular Empire podcast,  approaching victims via social media DMs under the pretext of interviewing them about recent projects and market forecasts. Once engaged, they suggest interviewing Streamyard or Huddle, sharing links to phishing sites that mimic the chosen platform. 

When visiting the website, an error message is displayed saying something went wrong (either the browser is incompatible or it cannot connect to the platform) and that a desktop client should be downloaded and installed. A DMG (a macOS application installation disk) is then downloaded, posing as either Huddle or StreamYard. 

A fake Streamyard DMG Installer for Mac

****The Setup**  **

By installing the contents of the DMG, victims are actually infecting themselves with  AMOS (Atomic macOS) Stealer, a trending threat creatively distributed and previously seen posing as popular apps such as DeepSeek.  

The infection chain is quite elaborate, starting with the DMG installer, which invokes a Bash script heavily obfuscated with Base64. The encoded contents are deobfuscated, then XORed via Perl, and once again deobfuscated from Base64,  generating an AppleScript that is subsequently executed.  

A fake Huddle DMG Installer for Mac

This AppleScript simply looks for a hidden binary inside the volume named .Huddle or .Streamyard (Note the leading period, which denotes a hidden file in Unix systems.) This file is, in fact, the AMOS Stealer sample. 

****The Afermath**  **

By becoming infected with AMOS (or with virtually any information-stealer), victims place their digital lives in the hands of organised criminals. From banking apps to gaming accounts, login artefacts such as credentials and cookies are sold to the highest bidder, often for a surprisingly low price. 

Some old advice still holds true when browsing the internet: do not download anything you see, and be cautious when dealing with strangers. You could end up with an unpleasant surprise. 

Malicious Apple Script Loader

****IOCs and Summary**  **

    URL: streamyard.ai 
    
    SHA256:69b859db7397a04bb1f1c2ff9d987686b5ce0c64ec8fc716c783ed6dd755e291 SHA256:c275252592228b51b3934a9b3932d269c2f9132caad5f51ae54216ec147a8834     
    
    URL: https://x.com/BillyBitcoins 
    
    Domain: streamyard.ai 
    
    Domain: huddle01.com 
    
    URL: huddle01.com 
    
    SHA256:f7d138a4fa15215c4e747449f31b2b6b6726aed00a9cc9e3ec830df366c1437f     SHA256:af4ba47f760ae08bce49c7b7c16e9dcff7df7eff53f27abc0c2a1eee1cea6085       
    
    FilePath: Huddle.Iwv 
    
    FilePath: Streamyard.ZTz 
    
    SHA256:9665dac619c7d17a2fafd32f2df77f27dc39135d31235a748bd95ac137005e9b       SHA256:f7fe593806aa2b2486e2052c582b1b8423b2455bf9392fa42b1d2cb6d98ca897
    
    

****References**  **

Original Intelligence Pulse: https://otx.alienvault.com/pulse/68c99d5ca31f8adcc38d0637

Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer

AI’s growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a set of restrictions, and

AI's growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a set of restrictions, and hope the risk is contained. However, effective governance doesn't work that way. It must be a living system that shapes how AI is used every day, guiding organizations through safe transformative change without slowing down the pace of innovation.

For CISOs, finding that balance between security and speed is critical in the age of AI. This technology simultaneously represents the greatest opportunity and greatest risk enterprises have faced since the dawn of the internet. Move too fast without guardrails, and sensitive data leaks into prompts, shadow AI proliferates, or regulatory gaps become liabilities. Move too slow, and competitors pull ahead with transformative efficiencies that are too powerful to compete with. Either path comes with ramifications that can cost CISOs their job.

In turn, they cannot lead a "department of no" where AI adoption initiatives are stymied by the organization's security function. It is crucial to instead find a path to yes, mapping governance to organizational risk tolerance and business priorities so that the security function serves as a true revenue enabler. Over the course of this article, I'll share three components that can help CISOs make that shift and drive AI governance programs that enable safe adoption at scale.

****1\. Understand What's Happening on the Ground****

When ChatGPT first arrived in November 2022, most CISOs I know scrambled to publish strict policies that told employees what not to do. It came from a place of positive intent considering sensitive data leakage was a legitimate concern. However, while policies written from that "document backward" approach are great in theory, they rarely work in practice. Due to how fast AI is evolving, AI governance must be designed through a "real-world forward" mindset that accounts for what's really happening on the ground inside an organization. This requires CISOs to have a foundational understanding of AI: the technology itself, where it is embedded, which SaaS platforms are enabling it, and how employees are using it to get their jobs done.

AI inventories, model registries, and cross-functional committees may sound like buzzwords, but they are practical mechanisms that can help security leaders develop this AI fluency. For example, an AI Bill of Materials (AIBOM) offers visibility into the components, datasets, and external services that will feed an AI model. Just as a software bill of materials (SBOM) clarifies third-party dependencies, an AIBOM ensures leaders know what data is being used, where it came from, and what risks it introduces.

Model registries serve a similar role for AI systems already in use. They track which models are deployed, when they were last updated, and how they're performing to prevent "black box sprawl" and inform decisions about patching, decommissioning, or scaling usage. AI committees ensure that oversight doesn't fall on security or IT alone. Often chaired by a designated AI lead or risk officer, these groups include representatives from legal, compliance, HR, and business units – turning governance from a siloed directive into a shared responsibility that bridges security concerns with business outcomes.

****2\. Align Policies to the Speed of the Organization****

Without real-world forward policies, security leaders often fall into the trap of codifying controls they cannot realistically deliver. I've seen this firsthand through a CISO colleague of mine. Knowing employees were already experimenting with AI, he worked to enable the responsible adoption of several GenAI applications across his workforce. However, when a new CIO joined the organization and felt there were too many GenAI applications in use, the CISO was directed to ban all GenAI until one enterprise-wide platform was selected. Fast forward one year later, that single platform still hadn't been implemented, and employees were using unapproved GenAI tools that exposed the organization to shadow AI vulnerabilities. The CISO was stuck trying to enforce a blanket ban he couldn't execute, fielding criticism without the authority to implement a workable solution.

This kind of scenario plays out when policies are written faster than they can be executed, or when they fail to anticipate the pace of organizational adoption. Policies that look decisive on paper can quickly become obsolete if they don't evolve with leadership changes, embedded AI functionality, and the organic ways employees integrate new tools into their work. Governance must be flexible enough to adapt, or else it risks leaving security teams enforcing the impossible.

The way forward is to design policies as living documents. They should evolve as the business does, informed by actual use cases and aligned to measurable outcomes. Governance also can't stop at policy; it needs to cascade into standards, procedures, and baselines that guide daily work. Only then do employees know what secure AI adoption really looks like in practice.

****3\. Make AI Governance Sustainable****

Even with strong policies and roadmaps in place, employees will continue to use AI in ways that aren't formally approved. The goal for security leaders shouldn't be to ban AI, but to make responsible use the easiest and most attractive option. That means equipping employees with enterprise-grade AI tools, whether purchased or homegrown, so they do not need to reach for insecure alternatives. In addition, it means highlighting and reinforcing positive behaviors so that employees see value in following the guardrails rather than bypassing them.

Sustainable governance also stems from _Utilizing AI_ and _Protecting AI_, two pillars of the _SANS Institute's recently published Secure AI Blueprint._ To govern AI effectively, CISOs should empower their SOC teams to effectively utilize AI for cyber defense – automating noise reduction and enrichment, validating detections against threat intelligence, and ensuring analysts remain in the loop for escalation and incident response. They should also ensure the right controls are in place to protect AI systems from adversarial threats, as outlined in the SANS Critical AI Security Guidelines.

****Learn More at SANS Cyber Defense Initiative 2025****

This December, SANS will be offering LDR514: Security Strategic Planning, Policy, and Leadership at SANS Cyber Defense Initiative 2025 in Washington, D.C. This course is designed for leaders who want to move beyond generic governance advice and learn how to build business-driven security programs that steer organizations to safe AI adoption. It will cover how to create actionable policies, align governance with business strategy, and embed security into culture so you can lead your enterprise through the AI era securely.

If you're ready to turn AI governance into a business enabler, register for SANS CDI 2025 here.

Note: _This article was contributed by Frank Kim, SANS Institute Fellow._

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

How CISOs Can Drive Effective AI Governance

Infoblox links Vane Viper to PropellerAds, exposing a global malvertising network posing as adtech while spreading malware and running online scams.

Cybersecurity firm Infoblox says it has discovered “Vane Viper,” a massive online ad network that posed as a legitimate business while running global scams and spreading malware.

Linked to **previously reported** PropellerAds and its parent company AdTech Holding, the operation has been active for nearly a decade and is now being called one of the largest malvertising scams seen to date.

Infoblox Threat Intel tracked Vane Viper for more than three years and found that domains linked to the operation appeared in about half of its customer networks. Some of those domains ranked among the world’s top 10,000 websites, with one tracking domain even breaking into the top 1,000.

According to Infoblox’s investigation shared with Hackread.com, PropellerAds was not simply a victim of abuse by bad actors but was actively delivering malware itself. During testing, Infoblox researchers followed links from Vane Viper’s traffic distribution system and received direct malware payloads from PropellerAds. That evidence, Infoblox argues, proves complicity rather than negligence.

> _“Although PropellerAds has been implicated in malvertising campaigns by others in the past, proving that they have crossed the line from abused service to complicit enabler has been challenging. We didn’t come to our conclusions lightly.”_
> 
> _“We found compelling evidence that not only has PropellerAds turned a “blind eye” to criminal abuse of their platform, but indicators described below suggest – with moderate-to-high confidence – that several ad-fraud campaigns originated from infrastructure attributed to PropellerAds.”_
> 
> Infoblox Threat Intel

Infoblox ALSO observed more than one trillion DNS queries linked to its infrastructure in the past year, spread across more than 60,000 domains. Many of these domains are short-lived, active for only days, while others remain live for years to support ongoing campaigns. The group uses bulk domain registrations, **push notification abuse and cloaking** to keep operations alive while evading takedowns.

The investigation also connects Vane Viper to Webzilla and XBT Holdings, companies previously cited in **Russia’s Methbot (aka Boaxxe and Miuref) ad fraud**, disinformation efforts, and piracy platforms.

Additionally, corporate records show layers of offshore registrations and opaque ownership, with links to Russian nationals, gambling enterprises, and adult content businesses. These overlapping connections, Infoblox says, create “plausible deniability” that shields the operation from accountability.

A look at the main companies and individuals connected to the Vane Viper network, and the roles they play in the operation (Image credit: Infoblox)

This isn’t the first large-scale adtech-linked threat group Infoblox has reported on. Last month, the company profiled **VexTrio**, another operation that surfaced in 2015 under similar circumstances. Like Vane Viper, it operates as a cluster of adtech companies run by Russian speakers and has built traffic distribution systems that double as malware delivery engines.

“Cybercriminals aren’t just exploiting adtech platforms,” said Dr. **Renée Burton**, VP of Threat Intel at Infoblox. “Sometimes, they are the adtech platforms.”

Advertisers and publishers should take Infoblox’s findings as a warning to carefully vet the ad networks they work with. For everyday users, the advice is simpler but just as important: be cautious about clicking links or ads on unfamiliar or untrusted sites.

Infoblox’s **full report**, including technical details and domain data, is available through its threat intel team.

Vane Viper Malvertising Network Posed as Legit Adtech in Global Scams

Discover how a Cisco Talos Incident Response expert transitioned from philosophy to the high-stakes world of incident command, offering candid insights into managing burnout and finding a supportive team.

Thursday, September 18, 2025 06:00

Welcome to another episode of Humans of Talos, our ongoing video interview series that celebrates the people powering Cisco’s threat intelligence efforts. In each episode, we dive deep into the personal journeys, motivations and lessons learned from the team members who help keep the internet safe.

This time, we sit down with Alex Ryan, a seasoned Incident Commander from Cisco Talos Incident Response. Read (or watch) on to hear her candid reflections on the emotional intensity of incident response, the critical role of a supportive team in preventing burnout, and invaluable advice for aspiring cybersecurity professionals.

**Amy Ciminnisi: Alex, you were recently on the Beers with Talos podcast, and during that, we learned that you have two liberal arts degrees, but you found yourself really loving how machines and systems worked, and then you work your way through the cybersecurity ranks. I'd love to know: What brought you to Talos?**

Alex Ryan: During my career inside companies doing incident response, vulnerability management, and risk management, Talos Intelligence was often one of my sources. I often looked at intelligence from vendors who were using their own datasets to generate the finished intelligence, rather than those who just took whatever intelligence was already out there, re-mashed it, and enriched it a bit. I have a lot of respect for Talos from using them as a source for guiding how I would do incident response and prioritize my defenses and things like that. When the opportunity came up to join Cisco Talos Incident Response as an Incident Commander, it was that reputation (and having used their material for so long which showed that there was really good quality people and research being done) that put this job at the top of my list of choices.

**AC: You have a very difficult job as an Incident Commander, acting as the point person in situations where people are possibly going through the worst days of their careers. What's something about your day-to-day role that people might be surprised by or interested in?**

AR: Incident response is a very high pressure situation to be in. You need to exude quiet confidence and build a trust relationships quickly with your customer. But on the back end, things can be chaotic: trying to get access to machines, trying to find the _right_ machines. "Do we have the right IOCs?" "What is this thing? Let me reverse engineer it." Trying to distill all of that activity into larger topics and give progress to the customer on it is critical.

It's also high risk for the business being impacted. I think that there was a statistic at one point that about 70% of small to medium businesses that paid the ransom after being compromised went out of business within a year, because the ransom was such a financial hit that they just couldn't absorb that kind of impact. So while the customer is trying to not freak out, I'm trying to exude quiet confidence while managing the forensics analysis activity. Trying to balance all of that is quite difficult, so incident response has a very high burnout rate.

After I came back from raising my children, it took me about two years to detox completely from incident response. I was _really_ high strung, and I had no chill. _Zero_ chill. I had to learn how to say no and how to prioritize my family over this hero complex that I was having at work. I would say I'm a much more well-rounded person now, and perhaps I'm better at my job because of that.

_Want to see more?_ _Watch the full interview__, and don’t forget to subscribe to our YouTube channel for future episodes of Humans of Talos!_

Alex Ryan: From zero chill to quiet confidence

The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.
Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.
"The threat actors continue to employ phishing emails with invoice

The threat actor known as **TA558** has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.

Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.

"The threat actors continue to employ phishing emails with invoice themes to deliver Venom RAT implants via JavaScript loaders and PowerShell downloaders," the company said. "A significant portion of the initial infector and downloader code in this campaign appears to be generated by large language model (LLM) agents."

The findings demonstrate a new trend among cybercriminal groups to leverage artificial intelligence (AI) to bolster their tradecraft.

Known to be active since at least 2015, RevengeHotels has a history of hospitality, hotel, and travel organizations in Latin America with the goal of installing malware on compromised systems.

Early iterations of the threat actor's campaigns were found to distribute emails with crafted Word, Excel, or PDF documents attached, some of which exploit a known remote code execution flaw in Microsoft Office (CVE-2017-0199) to trigger the deployment of Revenge RAT, NjRAT, NanoCoreRAT, and 888 RAT, as well as a piece of custom malware called ProCC.

Subsequent campaigns documented by Proofpoint and Positive Technologies have demonstrated the threat actor's ability to refine their attack chains to deliver a wide range of RATs such as Agent Tesla, AsyncRAT, FormBook, GuLoader, Loda RAT, LokiBot, Remcos RAT, Snake Keylogger, and Vjw0rm.

The main goal of the attacks is to capture credit card data from guests and travelers stored in hotel systems, as well as credit card data received from popular online travel agencies (OTAs) such as Booking.com.

According to Kaspersky, the latest campaigns involve sending phishing emails written in Portuguese and Spanish bearing hotel reservation and job application lures to trick recipients into clicking on fraudulent links, resulting in the download of a WScript JavaScript payload.

"The script appears to be generated by a large language model (LLM), as evidenced by its heavily commented code and a format similar to those produced by this type of technology," the company said. "The primary function of the script is to load subsequent scripts that facilitate the infection."

This includes a PowerShell script, which, in turn, retrieves a downloader named "cargajecerrr.txt" from an external server and runs it via PowerShell. The downloader, as the name implies, fetches two additional payloads: a loader that's responsible for launching the Venom RAT malware.

Based on the open-source Quasar RAT, Venom RAT is a commercial tool that's offered for $650 for a lifetime license. A one-month subscription bundling the malware with HVNC and Stealer components, costs $350.

The malware is equipped to siphon data, act as a reverse proxy, and features an anti-kill protection mechanism to ensure that it runs uninterrupted. To accomplish this, it modifies the Discretionary Access Control List (DACL) associated with the running process to remove any permissions that could interfere with its functioning, and terminates any running process that matches any of the hard-coded processes.

"The second component of this anti-kill measure involves a thread that runs a continuous loop, checking the list of running processes every 50 milliseconds," Kaspersky said.

"The loop specifically targets those processes commonly used by security analysts and system administrators to monitor host activity or analyze .NET binaries, among other tasks. If the RAT detects any of these processes, it will terminate them without prompting the user."

The anti-kill feature also comes fitted with the ability to set up persistence on the host using Windows Registry modifications and re-run the malware anytime the associated process is not found in the list of running processes.

Should the malware be executed with elevated privileges, it proceeds to set the SeDebugPrivilege token and marks itself as a critical system process, thereby allowing it to persist even when there is an attempt to terminate the process. It also forces the computer's display to remain on and prevents it from entering sleep mode.

Lastly, the Venom RAT artifacts incorporate capabilities to spread via removable USB drives and terminate the process associated with Microsoft Defender Antivirus, as well as tamper with the task scheduler and Registry to disable the security program.

"RevengeHotels has significantly enhanced its capabilities, developing new tactics to target the hospitality and tourism sectors," Kaspersky said. "With the assistance of LLM agents, the group has been able to generate and modify their phishing lures, expanding their attacks to new regions."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Tag

#intel