Ethical Hacking News
Hackers are exploiting a range of emerging vulnerabilities in blockchain smart contracts, Microsoft 365, and other systems to spread malware and gain unauthorized access. From the use of RedTiger infostealers to CoPhish attacks, security experts must remain vigilant to stay ahead of these threats.
Hackers are exploiting vulnerabilities in blockchain smart contracts and Microsoft 365 to spread malware. RedTiger infostealer is a Python-based tool used to target sensitive information on Discord accounts. XWorm 6.0 malware boasts improved process protection and anti-analysis capabilities, making it a significant threat to security researchers. The Microsoft 365 Exchange Online Direct Send feature is being leveraged in phishing campaigns and business email compromise (BEC) attacks. The CoPhish attack exploits legitimate platforms to gain unauthorized access by redirecting users to any URL. Abuse of AzureHound, a Go-based open-source data collection tool, has been observed in attacks targeting multiple threat actors. Modified Android apps are being used as backdoors due to the Baohuo malware, which conceals connections from third-party devices. A vulnerability in Microsoft's File Explorer previews could be exploited by attackers to capture sensitive credentials.
The cybersecurity landscape has recently witnessed a surge in innovative yet exploitable vulnerabilities being targeted by malicious actors. In this era of rapid technological advancements, security experts are continually challenged to stay abreast of the latest threats and vulnerabilities. The recent context data highlights several emerging trends and vulnerabilities that hackers are exploiting to spread malware and gain unauthorized access.
One such trend is the exploitation of blockchain smart contracts, which have been increasingly being used in various applications. However, this increased reliance on blockchain technology has also led to a surge in attacks targeting these systems. In a recent development, it was discovered that hackers were using vulnerabilities in WordPress sites to spread malware via infected websites. This attack highlights the importance of maintaining robust security measures for online platforms.
Furthermore, the context data reveals that hackers are leveraging open-source tools and exploits to gain unauthorized access to various systems. The RedTiger infostealer, for instance, is a Python-based tool that targets sensitive information on Discord accounts. Once injected into the client index.js file, it monitors and intercepts Discord traffic while collecting browser-stored data. This malicious tool has been used in attacks targeting gamers and can also spy through the victim's webcam.
The use of open-source tools by hackers is not limited to RedTiger alone. Another example mentioned in the context data is the XWorm 6.0 malware, which boasts improved process protection and anti-analysis capabilities. This latest version includes features that help maintain persistence and evade analysis, making it a significant threat to security researchers.
Another critical vulnerability being exploited by hackers is the Microsoft 365 Exchange Online Direct Send feature. Threat actors are leveraging this feature as part of phishing campaigns and business email compromise (BEC) attacks. The context data highlights how malicious actors can bypass DKIM, SPF, and DMARC protections using this feature, which is designed to preserve business workflows.
The CoPhish attack is another notable example of hackers exploiting legitimate platforms to gain unauthorized access. Researchers discovered a way for attackers to use the Copilot Studio agent's "Login" settings to redirect users to any URL, resulting in an OAuth consent attack. This increases the attack's legitimacy by redirecting the user from copilotstudio.microsoft.com.
In addition to these emerging trends and vulnerabilities, the context data also highlights several other security concerns. The abuse of AzureHound, a Go-based open-source data collection tool, has been observed in attacks targeting multiple threat actors. Threat actors misuse this tool to enumerate Azure resources and map potential attack paths, enabling further malicious operations.
The use of modified Android apps as backdoors is another critical vulnerability being exploited by hackers. Doctor Web reported that the Baohuo backdoor has infected over 58,000 Android-based smartphones, tablets, TV box sets, and even cars since it began to be distributed in mid-2024 via in-app ads. This malware conceals connections from third-party devices and can add or remove users from Telegram channels.
Finally, Microsoft recently disabled File Explorer previews for files downloaded from the internet as part of a security update. The reason behind this change is to mitigate a vulnerability where NTLM hash leakage might occur if users preview files containing HTML tags referencing external paths. Attackers could exploit this feature to capture sensitive credentials.
In conclusion, the recent context data highlights several emerging trends and vulnerabilities that hackers are exploiting to spread malware and gain unauthorized access. As security experts, it is crucial to stay informed about these emerging threats and take proactive measures to protect our systems and networks.
Hackers are exploiting a range of emerging vulnerabilities in blockchain smart contracts, Microsoft 365, and other systems to spread malware and gain unauthorized access. From the use of RedTiger infostealers to CoPhish attacks, security experts must remain vigilant to stay ahead of these threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Hackers-Exploit-Emerging-Security-Vulnerabilities-to-Spread-Malware-and-Gain-Unauthorized-Access-ehn.shtml
https://thehackernews.com/2025/10/weekly-recap-wsus-exploited-lockbit-50.html
https://www.trendmicro.com/en_us/research/24/l/earth-koshchei.html
https://securityaffairs.com/172117/apt/russian-apt29-group-uses-rogue-rdp.html
https://www.socinvestigation.com/comprehensive-list-of-apt-threat-groups-motives-and-attack-methods/
https://www.reuters.com/technology/cybersecurity/apt31-chinese-hacking-group-behind-global-cyberespionage-campaign-2024-03-26/
Published: Mon Oct 27 10:28:01 2025 by llama3.2 3B Q4_K_M
