The AI Fix #44: AI-generated malware, and a stunning AI breakthrough – Source: grahamcluley.com https://ciso2ciso.com/the-ai-fix-44-ai-generated-malware-and-a-stunning-ai-breakthrough-source-grahamcluley-com/ #rssfeedpostgeneratorecho #ArtificialIntelligence #CyberSecurityNews #passwordmanager #Securitythreats #grahamcluleycom #Vulnerability #GoogleChrome #Grahamcluley #TheAIFix #ChatGPT #Malware #Podcast #Google #OpenAI #Grok #AI

In-the-wild activity targeting SonicWall, Zyxel, F5, Linksys, Zoho, and Ivanti. Surge on March 28. Full analysis: https://www.greynoise.io/blog/heightened-in-the-wild-activity-key-technologies

The Shelby Strategy

The SHELBY malware family exploits GitHub for command-and-control operations, employing sophisticated techniques to evade detection. The malware consists of a loader (SHELBYLOADER) and a backdoor (SHELBYC2), both obfuscated using Obfuscar. SHELBYLOADER employs various sandbox detection methods and uses GitHub for initial registration and key retrieval. SHELBYC2 communicates with the attacker's infrastructure using GitHub API, allowing for file uploads, downloads, and command execution. The campaign targets Iraqi telecommunications and potentially UAE airports, utilizing highly targeted phishing emails. Despite its sophistication, the malware's design has a critical flaw: anyone with the embedded Personal Access Token can control infected machines, exposing a significant security vulnerability.

Pulse ID: 67ebfcac2fcbc0b80399f243
Pulse Link: https://otx.alienvault.com/pulse/67ebfcac2fcbc0b80399f243
Pulse Author: AlienVault
Created: 2025-04-01 14:48:12

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals https://www.securityweek.com/hackers-looking-for-vulnerable-palo-alto-networks-globalprotect-portals/ #PaloAltoNetworks #Vulnerabilities #vulnerability #scanning

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals https://www.securityweek.com/hackers-looking-for-vulnerable-palo-alto-networks-globalprotect-portals/ #PaloAltoNetworks #Vulnerabilities #vulnerability #scanning

The AI Fix #44: AI-generated malware, and a stunning AI breakthrough - In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the ... https://grahamcluley.com/the-ai-fix-44/ #artificialintelligence #securitythreats #passwordmanager #vulnerability #googlechrome #theaifix #chatgpt #malware #podcast #google #openai #grok #ai

The AI Fix #44: AI-generated malware, and a stunning AI breakthrough https://grahamcluley.com/the-ai-fix-44/ #artificialintelligence #Securitythreats #passwordmanager #Vulnerability #vulnerability #GoogleChrome #TheAIFix #ChatGPT #Malware #Podcast #Google #OpenAI #Grok #AI

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability https://www.securityweek.com/hackers-attempting-to-exploit-crushftp-vulnerability/ #Vulnerabilities #vulnerability #exploited #CrushFTP

Critical Vulnerability Found in Canon Printer Drivers https://www.securityweek.com/critical-vulnerability-found-in-canon-printer-drivers/ #Vulnerabilities #vulnerability #printer #Canon

Critical Vulnerability Found in Canon Printer Drivers https://www.securityweek.com/critical-vulnerability-found-in-canon-printer-drivers/ #Vulnerabilities #vulnerability #printer #Canon

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability https://www.securityweek.com/hackers-attempting-to-exploit-crushftp-vulnerability/ #Vulnerabilities #vulnerability #exploited #CrushFTP

Researchers report critical flaw in Insight Cluster Management Utility
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/researchers-report-critical-flaw-in-insight-cluster-management-utility-i-f-7-a-4/gD2P6Ple2L

Microsoft Uncovers Several Vulnerabilities in GRUB2, U-Boot, Barebox Bootloaders Using Copilot https://cybersecuritynews.com/microsoft-uncovers-several-vulnerabilities-in-grub2-u-boot-barebox-bootloaders/ #CyberSecurityNews #cybersecuritynews #vulnerability #Threats

CrushFTP Vulnerability Exploited in Attacks Following PoC Release https://cybersecuritynews.com/crushftp-vulnerability-exploited-in-attacks/ #CyberAttackArticle #CyberSecurityNews #cybersecuritynews #CyberSecurity #Vulnerability #cybersecurity #vulnerability

Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks https://cybersecuritynews.com/apple-warns-of-three-0-day-vulnerabilities/ #CyberSecurityNews #cybersecuritynews #Vulnerabilities #CyberSecurity #cybersecurity #vulnerability #ZeroDay #Apple

March 2025 Vulnerability Report is out!

The latest Vulnerability Report is now available:
https://www.vulnerability-lookup.org/2025/04/01/vulnerability-report-march-2025/

As always, this report is powered by Vulnerability-Lookup, aggregating data:
User contributions – Comments and bundles created on the platform
Sightings data – Collected through our various sithing tools

A huge thank you to all contributors!

CrushFTP Security Vulnerability Under Attack After PoC Release https://gbhackers.com/crushftp-security-vulnerability/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity

Hackers Scanning From 24,000 IPs to Gain Access to Palo Alto Networks GlobalProtect Portals https://cybersecuritynews.com/hackers-scanning-palo-alto-networks-portals/ #CyberSecurityNews #cybersecuritynews #CyberSecurity #Vulnerability #cybersecurity #vulnerability

CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks https://gbhackers.com/cisa-warns-of-cisco-smart-licensing-utility-credential-flaw/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity #Cisco

Surge in Palo Alto Networks Login Scanning Activity: Nearly 24,000 unique IPs have attempted access over the past 30 days. Full analysis https://www.greynoise.io/blog/surge-palo-alto-networks-scanner-activity