Tag: Cyber Threats

The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer systems.

“Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise and consumer endpoints globally,” Morphisec researcher Michael Gorelik said.

MicroWorld Technologies has revealed that it detected unauthorized access to its infrastructure and immediately isolated the impacted update servers, which remained offline for over eight hours. It has also released a patch that reverts the changes introduced as part of the malicious update. Impacted organizations are recommended to contact MicroWorld Technologies to obtain the fix.

It also pinned the attack as resulting from unauthorized access to one of its regional update server configurations, which enabled the threat actors to distribute a “corrupt” update to customers during a “limited timeframe” of about two hours on January 20, 2026.

“eScan experienced a temporary update service disruption starting January 20, 2026, affecting a subset of customers whose systems automatically download updates during a specific timeframe, from a specific update cluster,” the company said in an advisory issued on January 22, 2026.

“The issue resulted from unauthorized access to the regional update server infrastructure. The incident has been identified and resolved. Comprehensive remediation is available that addresses all observed scenarios.”

Morphisec, which identified the incident on January 20, 2026, said the malicious payload interferes with the regular functionality of the product, effectively preventing automatic remediation. This specifically involves delivering a malicious “Reload.exe” file that’s designed to drop a downloader, which contains functionality to establish persistence, block remote updates, and contact an external server to fetch additional payloads, including “CONSCTLX.exe.”

According to details shared by Kaspersky, “Reload.exe” – a legitimate file located in “C:Program Files (x86)escanreload.exe” – is replaced with a rogue counterpart that can prevent further antivirus product updates by modifying the HOSTS file. It’s signed with a fake, invalid digital signature.

“When started, this reload.exe file checks whether it is launched from the Program Files folder, and exits if not,” the Russian cybersecurity company said. “This executable is based on the UnmanagedPowerShell tool, which allows executing PowerShell code in any process. Attackers have modified the source code of this project by adding an AMSI bypass capability to it, and used it to execute a malicious PowerShell script inside the reload.exe process.”

The primary responsibility of the binary is to launch three Base64-encoded PowerShell payloads, which are designed to –

• Tamper with the installed eScan solution to prevent it from receiving updates and detecting the installed malicious components
• Bypass Windows Antimalware Scan Interface (AMSI)
• Check whether the victim machine should be further infected, and if yes, deliver a PowerShell-based payload to it

The victim validation step examines the list of installed software, running processes, and services against a hard-coded blocklist that includes analysis tools and security solutions, including those from Kaspersky. If they are detected, no further payloads are delivered.

The PowerShell payload, once executed, contacts an external server to receive two payloads in return: “CONSCTLX.exe” and a second PowerShell-based malware that’s launched by means of a scheduled task. It’s worth noting that the first of the three aforementioned PowerShell scripts also replaces the “C:Program Files (x86)eScanCONSCTLX.exe” component with the malicious file.

“CONSCTLX.exe” works by launching the PowerShell-based malware, alongside changing the last update time of the eScan product to the current time by writing the current date to the “C:Program Files (x86)eScanEupdate.ini” file so as to give the impression that the tool is working as expected.

The PowerShell malware, for its part, performs the same validation procedures as before and sends an HTTP request to the attacker-controlled infrastructure to receive more PowerShell payloads from the server for subsequent execution.

The eScan bulletin does not say which regional update server was affected, but Kaspersky’s analysis of telemetry data has revealed “hundreds of machines belonging to both individuals and organizations” that encountered infection attempts with payloads related to the supply chain attack. These machines are mainly located in India, Bangladesh, Sri Lanka, and the Philippines.

The security outfit also noted that the attackers had to have studied the internals of eScan in detail to understand how its update mechanism worked and how it could be tampered with to distribute malicious updates. It’s currently not known how the threat actors managed to secure access to the update server.

“Notably, it is quite unique to see malware being deployed through a security solution update,” it said. “Supply chain attacks are a rare occurrence in general, let alone the ones orchestrated through antivirus products.”

Ravie LakshmananJan 28, 2026Critical Infrastructure / Threat Intelligence

The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.

Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy resources (DERs).

“The attack affected communication and control systems at combined heat and power (CHP) facilities and systems managing the dispatch of renewable energy systems from wind and solar sites,” Dragos said. “While the attack did not result in power outages, adversaries gained access to operational technology systems critical to grid operations and disabled key equipment beyond repair at the site.”

It’s worth pointing out that ELECTRUM and KAMACITE share overlaps with a cluster referred to as Sandworm (aka APT44 and Seashell Blizzard). KAMACITE focuses on establishing and maintaining initial access to targeted organizations using spear-phishing, stolen credentials, and exploitation of exposed services.

Beyond initial access, the threat actor performs reconnaissance and persistence activities over extended periods of time as part of efforts to burrow deep into target OT environments and keep a low profile, signaling a careful preparatory phase that precedes actions executed by ELECTRUM targeting the industrial control systems.

“Following access enablement, ELECTRUM conducts operations that bridge IT and OT environments, deploying tooling within operational networks, and performs ICS-specific actions that manipulate control systems or disrupt physical processes,” Dragos said. “These actions have included both manual interactions with operator interfaces and the deployment of purpose-built ICS malware, depending on the operational requirements and objectives.”

Put differently, the two clusters have clear separation of roles and responsibilities, enabling flexibility in execution and facilitating sustained OT-focused intrusions when conditions are favourable. As recently as July 2025, KAMACITE is said to have engaged in scanning activity against industrial devices located in the U.S.

Although no follow-on OT disruptions have been publicly reported to date, this highlights an operational model that is not geographically constrained and facilitates early-stage access identification and positioning.

“KAMACITE’s access-oriented operations create the conditions under which OT impact becomes possible, while ELECTRUM applies execution tradecraft when timing, access, and risk tolerance align,” it explained. “This division of labor enables flexibility in execution and allows OT impact to remain an option, even when it is not immediately exercised. This extends risk beyond discrete incidents and into prolonged periods of latent exposure.”

Dragos said the Poland attack targeted systems that facilitate communication and control between grid operators and DER assets, including assets that enable network connectivity, allowing the adversary to successfully disrupt operations at about 30 distributed generation sites.

The threat actors are assessed to have breached Remote Terminal Units (RTUs) and communication infrastructure at the affected sites using exposed network devices and exploited vulnerabilities as initial access vectors. The findings indicate that the attackers possess a deep understanding of electrical grid infrastructure, allowing them to disable communications equipment, including some OT devices.

That said, the full scope of the malicious actions undertaken by ELECTRUM is unknown, with Dragos noting that it’s unclear if the threat actor attempted to issue operational commands to this equipment or focused solely on disabling communications.

The Poland attack is also assessed to be more opportunistic and rushed than a precisely planned operation, allowing the hackers to take advantage of the unauthorized access to inflict as much damage as possible by wiping Windows-based devices to impede recovery, resetting configurations, or attempting to permanently brick equipment. The majority of the equipment is targeted at grid safety and stability monitoring, per Dragos.

“This incident demonstrates that adversaries with OT-specific capabilities are actively targeting systems that monitor and control distributed generation,” it added. “The disabling of certain OT or industrial control system (ICS) equipment beyond repair at the site moved what could have been seen as a pre-positioning attempt by the adversary into an attack.”

Ravie LakshmananJan 30, 2026Artificial Intelligence / Economic Espionage

A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday.

Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft of trade secrets for taking over 2,000 documents containing the tech giant’s trade secrets related to artificial intelligence (AI) technology for the benefit of the People’s Republic of China (PRC).

“Silicon Valley is at the forefront of artificial intelligence innovation, pioneering transformative work that drives economic growth and strengthens our national security,” said U.S. Attorney Craig H. Missakian. “We will vigorously protect American intellectual capital from foreign interests that seek to gain an unfair competitive advantage while putting our national security at risk.”

Ding was indicted in March 2024 for transferring sensitive proprietary information from Google’s network to his personal Google Cloud account. The stolen documents included details about the company’s supercomputing data center infrastructure used for running AI models, the Cluster Management System (CMS) software for managing the data centers, and the AI models and applications they supported.

Specifically, the trade secrets pertained to –

• Architecture and functionality of Google’s custom Tensor Processing Unit chips and systems, and Google’s Graphics Processing Unit systems
• Software that allows the chips to communicate and execute tasks
• Software that orchestrates thousands of chips into a supercomputer capable of training and executing cutting-edge AI workloads
• Custom-designed SmartNIC, a type of network interface card used to facilitate high-speed communication within Google’s AI supercomputers and cloud networking products

The theft took place between May 2022 and April 2023. Ding, who joined Google in 2019, is said to have affiliated himself with two tech companies based in China, including a startup named Shanghai Zhisuan Technologies Co., which he founded in 2023, while he was employed by the firm. Ding downloaded the documents to his computer in December 2023, less than two weeks before resigning from Google.

“Around June 2022, Ding was in discussions to be the Chief Technology Officer for an early-stage technology company based in the PRC; by early 2023, Ding was in the process of founding his own technology company in the PRC focused on AI and machine learning and was acting as the company’s CEO,” the DoJ said.

The 2024 incident also alleged that the defendant took a number of deceitful steps to cover up the theft of trade secrets, including copying the data from Google source files into the Apple Notes application on his company-provided MacBook and then converting the notes to PDF files before uploading them to his Google account.

Furthermore, prosecutors accused Ding of asking another Google employee to use his company-issued access badge to scan into the entrance of a Google building, and give the impression that he was working from the office when, in fact, he was in China. The scheme unravelled in late 2023 when Google learned that he had given a public presentation in China to potential investors about his startup.

According to Courthouse News, Ding’s attorney Grant Fondo reportedly argued that Google did not do enough to protect the information, and that they could not have contained trade secrets because the documents in question were available to thousands of employees. “Google chose openness over security,” Fonda said.

In February 2025, Ding was charged with economic espionage, with the superseding indictment also claiming he applied to a Shanghai-based “talent” sponsored by Beijing. The indictment also called out these talent programs for encouraging individuals engaged in research and development outside the country to come to China to contribute to the nation’s economic and technological growth.

“Ding’s application for this talent plan stated that he planned to ‘help China to have computing power infrastructure capabilities that are on par with the international level,’” the DoJ said. “The evidence at trial also showed that Ding intended to benefit two entities controlled by the government of China by assisting with the development of an AI supercomputer and collaborating on the research and development of custom machine learning chips.”

Ding is scheduled to appear at a status conference on February 3, 2026. He faces a maximum sentence of 10 years in prison for each count of theft of trade secrets and 15 years in prison for each economic espionage count.

Ravie LakshmananJan 31, 2026Network Security / SCADA

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country.

The incident took place on December 29, 2025. The agency has attributed the attacks to a threat cluster dubbed Static Tundra, which is also tracked as Berserk Bear, Blue Kraken, Crouching Yeti, Dragonfly, Energetic Bear, Ghost Blizzard (formerly Bromine), and Havex. Static Tundra is assessed to be linked to Russia’s Federal Security Service’s (FSB) Center 16 unit.

It’s worth noting that recent reports from ESET and Dragos attributed the activity with moderate confidence to a different Russian state-sponsored hacking group known as Sandworm.

“All attacks had a purely destructive objective,” CERT Polska said in a report published Friday. “Although attacks on renewable energy farms disrupted communication between these facilities and the distribution system operator, they did not affect the ongoing production of electricity. Similarly, the attack on the combined heat and power plant did not achieve the attacker’s intended effect of disrupting heat supply to end users.”

The attackers are said to have gained access to the internal network of power substations associated with a renewable energy facility to carry out reconnaissance and disruptive activities, including damaging the firmware of controllers, deleting system files, or launching custom-built wiper malware codenamed DynoWiper by ESET.

In the intrusion aimed at the CHP, the adversary engaged in long-term data theft dating all the way back to March 2025 that enabled them to escalate privileges and move laterally across the network. The attackers’ attempts to detonate the wiper malware were unsuccessful, CERT Polska noted.

On the other hand, the targeting of the manufacturing sector company is believed to be opportunistic, with the threat actor gaining initial access via a vulnerable Fortinet perimeter device. The attack targeting the grid connection point is also likely to have involved the exploitation of a vulnerable FortiGate appliance.

At least four different versions of DynoWiper have been discovered to date. These variants were deployed on Mikronika HMI Computers used by the energy facility and on a network share within the CHP after securing access through the SSL‑VPN portal service of a FortiGate device.

“The attacker gained access to the infrastructure using multiple accounts that were statically defined in the device configuration and did not have two‑factor authentication enabled,” CERT Polska said, detailing the actor’s modus operandi targeting the CHP. “The attacker connected using Tor nodes, as well as Polish and foreign IP addresses, which were often associated with compromised infrastructure.”

The wiper’s functionality is fairly straightforward –

• Initialization that involves seeding a pseudorandom number generator (PRNG) called Mersenne Twister
• Enumerate files and corrupt them using the PRNG
• Delete files

It’s worth mentioning here that the malware does not have a persistence mechanism, a way to communicate with a command‑and‑control (C2) server, or execute shell commands. Nor does it attempt to hide the activity from security programs.

CERT Polska said the attack targeting the manufacturing sector company involved the use of a PowerShell-based wiper dubbed LazyWiper that scripts overwrites files on the system with pseudorandom 32‑byte sequences to render them unrecoverable. It’s suspected that the core wiping functionality was developed using a large language model (LLM).

“The malware used in the incident involving renewable energy farms was executed directly on the HMI machine,” CERT Polska pointed out. “In contrast, in the CHP plant (DynoWiper) and the manufacturing sector company (LazyWiper), the malware was distributed within the Active Directory domain via a PowerShell script executed on a domain controller.”

The agency also described some of the code-level similarities between DynoWiper and other wipers built by Sandworm as “general” in nature and does not offer any concrete evidence as to whether the threat actor participated in the attack.

“The attacker used credentials obtained from the on‑premises environment in attempts to gain access to cloud services,” CERT Polska said. “After identifying credentials for which corresponding accounts existed in the M365 service, the attacker downloaded selected data from services such as Exchange, Teams, and SharePoint.”

“The attacker was particularly interested in files and email messages related to OT network modernization, SCADA systems, and technical work carried out within the organizations.”

Ravie LakshmananJan 31, 2026Social Engineering / SaaS Security

Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.

The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victim environments by collecting sign-on (SSO) credentials and multi-factor authentication (MFA) codes.

The end goal of the attacks is to target cloud-based software-as-a-service (SaaS) applications to siphon sensitive data and internal communications and extort victims.

The tech giant’s threat intelligence team said it’s tracking the activity under multiple clusters, including UNC6661, UNC6671, and UNC6240 (aka ShinyHunters), so as to account for the possibility that these groups could be evolving their modus operandi or mimicking previously observed tactics.

“While this methodology of targeting identity providers and SaaS platforms is consistent with our prior observations of threat activity preceding ShinyHunters-branded extortion, the breadth of targeted cloud platforms continues to expand as these threat actors seek more sensitive data for extortion,” Mandiant noted.

“Further, they appear to be escalating their extortion tactics with recent incidents, including harassment of victim personnel, among other tactics.”

Details of the vishing and credential theft activity are as follows –

• UNC6661 has been observed pretending to be IT staff in calls to employees at targeted victim organizations, directing them to credential harvesting links under the guise of instructing them to update their multi-factor authentication (MFA) settings. The activity was recorded between early and mid-January 2026.
• The stolen credentials are then used to register their own device for MFA and then move laterally across the network to exfiltrate data from SaaS platforms. In at least one case, the threat actor weaponized their access to compromised email accounts to send more phishing emails to contacts at cryptocurrency-focused companies. The emails were subsequently deleted to cover up the tracks. This is followed by extortion activity conducted by UNC6240.
• UNC6671 has also been identified as impersonating IT staff to deceive victims as part of efforts to obtain their credentials and MFA authentication codes on victim-branded credential harvesting sites since early January 2026. In at least some instances, the threat actors gained access to Okta customer accounts. UNC6671 has also leveraged PowerShell to download sensitive data from SharePoint and OneDrive.
• The differences between UNC6661 and UNC6671 relate to the use of different domain registrars for registering the credential harvesting domains (NICENIC for UNC6661 and Tucows for UNC6671), as well as the fact that an extortion email sent following UNC6671 activity did not overlap with known UNC6240 indicators.
• This indicates that different sets of people may be involved, illustrating the amorphous nature of these cybercrime groups. What’s more, the targeting of cryptocurrency firms suggests that the threat actors may also be looking to explore further avenues for financial gain.

To counter the threat posed to SaaS platforms, Google has outlined a long list of hardening, logging, and detection recommendations –

• Improve help desk processes, including requiring personnel to require a live video call to verify their identity
• Limit access to trusted egress points and physical locations; enforce strong passwords; and remove SMS, phone call, and email as authentication methods
• Restrict management-plane access, audit for exposed secrets and enforce device access controls
• Implement logging to increase visibility into identity actions, authorizations, and SaaS export behaviors
• Detect MFA device enrollment and MFA life cycle changes; look for OAuth/app authorization events that suggest mailbox manipulation activity using utilities like ToogleBox Email Recall, or identity events occurring outside normal business hours

“This activity is not the result of a security vulnerability in vendors’ products or infrastructure,” Google said. “Instead, it continues to highlight the effectiveness of social engineering and underscores the importance of organizations moving towards phishing-resistant MFA where possible. Methods such as FIDO2 security keys or passkeys are resistant to social engineering in ways that push-based, or SMS authentication are not.”

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses.

The activity, observed by HarfangLab in January 2026, has been codenamed RedKitten. It’s said to coincide with the nationwide unrest in Iran that began towards the end of 2025, protesting soaring inflation, rising food prices, and currency depreciation. The ensuing crackdown has resulted in mass casualties and an internet blackout.

“The malware relies on GitHub and Google Drive for configuration and modular payload retrieval, and uses Telegram for command-and-control,” the French cybersecurity company said.

What makes the campaign noteworthy is the threat actor’s likely reliance on large language models (LLMs) to build and orchestrate the necessary tooling. The starting point of the attack is a 7-Zip archive with a Farsi filename that contains macro-laced Microsoft Excel documents.

The XLSM spreadsheets claim to include details about protesters who died in Tehran between December 22, 2025, and January 20, 2026. But embedded within each of them is a malicious VBA macro, which, when enabled, functions as a dropper for a C#-based implant (“AppVStreamingUX_Multi_User.dll”) by means of a technique called AppDomainManager injection.

The VBA macro, for its part, shows signs of being generated by an LLM due to the “overall style of the VBA code, the variable names and methods” used, as well as the presence of comments like “PART 5: Report the result and schedule if successful.”

The attack is likely an effort to target individuals who are looking for information about missing persons, exploiting their emotional distress to provoke a false sense of urgency and trigger the infection chain. Analysis of the spreadsheet data, such as mismatched ages and birthdates, suggests it’s fabricated.

The backdoor, dubbed SloppyMIO, uses GitHub as a dead drop resolver to retrieve Google Drive URLs that host images from which its configuration is steganographically obtained, including details of the Telegram bot token, Telegram chat ID, and links staging various modules. As many as five different modules are supported –

• cm, to execute commands using “cmd.exe”
• do, to collect files on the compromised host and create a ZIP archive for each file that fits in the Telegram API file size limits
• up, to write a file to “%LOCALAPPDATA%MicrosoftCLR_v4.0_32NativeImages,” with the file data encoded within an image fetched via the Telegram API
• pr, to create a scheduled task for persistence to run an executable every two hours
• ra, to start a process

In addition, the malware is capable of contacting a command-and-control (C2) server to beacon to the configured Telegram chat ID, receiving additional instructions and sending the results back to the operator:

• download, which runs the do module
• cmd, which runs the cm module
• runapp, to launch a process

“The malware can fetch and cache multiple modules from remote storage, run arbitrary commands, collect and exfiltrate files and deploy further malware with persistence via scheduled tasks,” HarfangLab said. “SloppyMIO beacons status messages, polls for commands and sends exfiltrated files over to a specified operator leveraging the Telegram Bot API for command-and-control.”

As for attribution, the links to Iranian actors are based on the presence of Farsi artifacts, the lure themes, and tactical similarities with prior campaigns, including that of Tortoiseshell, which has leveraged malicious Excel documents to deliver IMAPLoader using AppDomainManager injection.

The attackers’ choice of GitHub as a dead drop resolver is also not without precedent. In late 2022, Secureworks (now part of Sophos) detailed a campaign undertaken by a sub-cluster of an Iranian nation-state group known as Nemesis Kitten that used GitHub as a conduit to deliver a backdoor referred to as Drokbk.

Complicating matters further is the growing adoption of artificial intelligence (AI) tools by adversaries, making it harder for defenders to distinguish one actor from the other.

“The threat actor’s reliance on commoditized infrastructure (GitHub, Google Drive, and Telegram) hinders traditional infrastructure-based tracking but paradoxically exposes useful metadata and poses other operational security challenges to the threat actor,” HarfangLab said.

The development comes a couple of weeks after U.K.-based Iranian activist and independent cyber espionage investigator Nariman Gharib revealed details of a phishing link (“whatsapp-meeting.duckdns[.]org”) that’s distributed via WhatsApp and captures victims’ credentials by displaying a fake WhatsApp Web login page.

“The page polls the attacker’s server every second via /api/p/{victim_id}/,” Gharib explained. “This lets the attacker serve a live QR code from their own WhatsApp Web session directly to the victim. When the target scans it with their phone, thinking they’re joining a ‘meeting,’ they’re actually authenticating the attacker’s browser session. Attacker gets full access to the victim’s WhatsApp account.”

The phishing page is also designed to request browser permissions to access the device camera, microphone, and geolocation, effectively turning it into a surveillance kit that can capture victims’ photos, audio, and current whereabouts. It’s currently not known who is behind the campaign, or what was the motivation was behind it.

TechCrunch’s Zack Whittaker, who uncovered more specifics about the activity, said it’s also aimed at stealing Gmail credentials by serving a bogus Gmail login page that gathers a victim’s password and two-factor authentication (2FA) code. About 50 individuals have been found to be impacted. This includes ordinary people across the Kurdish community, academics, government officials, business leaders, and other senior figures.

The findings also come in the aftermath of a major leak suffered by the Iranian hacking group Charming Kitten that laid bare its inner workings, organizational structure, and the key personnel involved. The leaks also shed light on a surveillance platform named Kashef (aka Discoverer or Revealer) for tracking Iranian citizens and foreign nationals by aggregating data collected by different departments associated with the Islamic Revolutionary Guard Corps (IRGC).

In October 2025, Gharib also made available a database containing 1,051 individuals who enrolled in various training programs offered by Ravin Academy, a cybersecurity school founded by two operatives of Iran’s Ministry of Intelligence and Security (MOIS), Seyed Mojtaba Mostafavi and Farzin Karimi. The entity was sanctioned by the U.S. Department of the Treasury in October 2022 for supporting and enabling MOIS’s operations.

This includes assisting MOIS with information security training, threat hunting, cybersecurity, red teaming, digital forensics, malware analysis, security auditing, penetration testing, network defense, incident response, vulnerability analysis, mobile penetration testing, reverse engineering, and security research.

“The model allows MOIS to outsource initial recruitment and vetting while maintaining operational control through the founders’ direct relationship with the intelligence service,” Gharib said. “This dual-purpose structure enables MOIS to develop human capital for cyber operations while maintaining a layer of separation from direct government attribution.”

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens.

One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome Web Store by a publisher named “10Xprofit” on January 19, 2026.

“The extension does block ads as advertised, but its primary function is hidden: it automatically injects the developer’s affiliate tag (10xprofit-20) into every Amazon product link and replaces existing affiliate codes from content creators,” Socket security researcher Kush Pandya said.

Further analysis has determined that Amazon Ads Blocker is part of a larger cluster of 29 browser add-ons that target several e-commerce platforms like AliExpress, Amazon, Best Buy, Shein, Shopify, and Walmart. The complete list is as follows –

• AliExpress Invoice Generator (FREE) – AliInvoice™️ (10+ Templates) (ID: mabbblhhnmlckjbfppkopnccllieeocp)
• AliExpress Price Tracker – Price History & Alerts (ID: loiofaagnefbonjdjklhacdhfkolcfgi)
• AliExpress Quick Currency & Price Converter (ID: mcaglpclodnaiimhicpjemhcinjfnjce)
• AliExpress Deals Countdown – Flash Sale Timer (ID: jmlgkeaofknfmnbpmlmadnfnfajdlehn)
• 10Xprofit – Amazon Seller Tools (FBA & FBM) (ID: ahlnchhkedmjbdocaamkbmhppnligmoh)
• Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj)
• Amazon ASIN Lookup 10xprofit (ID: ljcgnobemekghgobhlplpehijemdgcgo)
• Amazon Search Suggestion (ID: dnmfcojgjchpjcmjgpgonmhccibjopnb)
• Amazon Product Scraper 10xprofit (ID: mnacfoefejolpobogooghoclppjcgfcm)
• Amazon Quick Brand Search (ID: nigamacoibifjohkmepefofohfedblgg)
• Amazon Stock Checker 999 (ID: johobikccpnmifjjpephegmfpipfbfme)
• Amazon Price History Saver (ID: kppfbknppimnoociaomjcdgkebdmenkh)
• Amazon ASIN Copy (ID: aohfjaadlbiifnnajpobdhokecjokhab)
• Amazon Keyword Cloud Generator (ID: gfdbbmngalhmegpkejhidhgdpmehlmnd)
• Amazon Image Downloader (ID: cpcojeeblggnjjgnpiicndnahfhjdobd)
• Amazon Negative Review Hider (ID: hkkkipfcdagiocekjdhobgmlkhejjfoj)
• Amazon Listing Score Checker (ID: jaojpdijbaolkhkifpgbjnhfbmckoojh)
• Amazon Keyword Density Searcher (ID: ekomkpgkmieaaekmaldmaljljahehkoi)
• Amazon Sticky Notes (ID: hkhmodcdjhcidbcncgmnknjppphcpgmh)
• Amazon Result Numbering (ID: nipfdfkjnidadibpbflijepbllfkokac)
• Amazon Profit Calculator Lite (ID: behckapcoohededfbgjgkgefgkpodeho)
• Amazon Weight Converter (ID: dfnannaibdndmkienngjahldiofjbkmj)
• Amazon BSR Fast View (ID: nhilffccdbcjcnoopblecppbhalagpaf)
• Amazon Character Count & Seller Tools (ID: goikoilmhcgfidolicnbgggdpckdcoam)
• Amazon Global Price Checker (ID: mjcgfimemamogfmekphcfdehfkkbmldn)
• BestBuy Search By Image (ID: nppjmiadmakeigiagilkfffplihgjlec)
• SHEIN Search By Image (ID: mpgaodghdhmeljgogbeagpbhgdbfofgb)
• Shopify Search By Image (ID: gjlbbcimkbncedhofeknicfkhgaocohl)
• Walmart Search By Image (ID: mcaihdkeijgfhnlfcdehniplmaapadgb)

While “Amazon Ads Blocker” offers the advertised functionality, it also embeds malicious code that scans all Amazon product URL patterns for any affiliate tag without requiring any user interaction, and replaces it with “10xprofit-20” (or “_c3pFXV63” for AliExpress). In cases where there are no tags, the attacker’s tag is appended to each URL.

Socket also noted that the extension listing page on the Chrome Web Store makes misleading disclosures, claiming that the developers earn a “small commission” every time a user makes use of a coupon code to make a purchase.

Affiliate links are widely used across social media and websites. They refer to URLs containing a specific ID that enables tracking of traffic and sales to a particular marketer. When a user clicks this link to buy the product, the affiliate earns a cut of the sale.

Due to the extensions searching for existing tags and replacing them, social media content creators who share Amazon product links with their own affiliate tags lose commissions when users who have installed the add-on click those links.

This amounts to a violation of Chrome Web Store policies, as they require extensions using affiliate links to accurately divulge how the program works, require user action before each injection, and never replace existing affiliate codes.

“The disclosure describes a coupon/deal extension with user-triggered reveals. The actual product is an ad blocker with automatic link modification,” Pandya explained. “This mismatch between disclosure and implementation creates false consent.”

“The extension also violates the Single Purpose policy by combining two unrelated functions (ad blocking and affiliate injection) that should be separate extensions.”

The identified extensions have also been found to scrape product data and exfiltrate it to “app.10xprofit[.]io,” with those focusing on AliExpress serving bogus “LIMITED TIME DEAL” countdown timers on product pages to create a false sense of urgency and rush them into making purchases so as to earn commissions on affiliate links.

“Extensions that combine unrelated functionality (ad blocking, price comparison, coupon finding) with affiliate injection should be treated as high-risk, particularly those with disclosures that don’t match the actual code behavior,” Socket said.

The disclosure comes as Broadcom-owned Symantec flagged four different extensions that have a combined user base exceeding 100,000 users and are designed to steal data –

• Good Tab (ID: glckmpfajbjppappjlnhhlofhdhlcgaj), which grants full clipboard permissions to an external domain (“api.office123456[.]com”) to enable remote clipboard-read and clipboard-write permissions
• Children Protection (ID: giecgobdmgdamgffeoankaipjkdjbfep), which implements functionality to harvest cookies, inject ads, and execute arbitrary JavaScript by contacting a remote server
• DPS Websafe (ID: bjoddpbfndnpeohkmpbjfhcppkhgobcg), which changes the default search to one under their control to capture search terms entered by users and potentially route them to malicious websites
• Stock Informer (ID: beifiidafjobphnbhbbgmgnndjolfcho), which is susceptible to a years-old cross-site (XSS) vulnerability in the Stockdio Historical Chart WordPress plugin (CVE-2020-28707, CVSS score: 6.1) that could allow a remote attacker to execute JavaScript code

“While browser extensions can provide a wide range of handy tools to help us achieve more online, much care needs to be taken when choosing to install them, even when installing from trusted sources,” researchers Yuanjing Guo and Tommy Dong said.

Rounding off the list of malicious extensions is another network of 16 add-ons (15 on the Chrome Web Store and one on the Microsoft Edge Add-ons marketplace) that are designed to intercept and steal ChatGPT authentication tokens by injecting a content script into chatgpt[.]com. Cumulatively, the extensions were downloaded about 900 times, according to LayerX.

The extensions are assessed to be part of a coordinated campaign due to overlaps in source code, icons, branding, and descriptions –

• ChatGPT folder, voice download, prompt manager, free tools – ChatGPT Mods (ID: lmiigijnefpkjcenfbinhdpafehaddag)
• ChatGPT voice download, TTS download – ChatGPT Mods (ID: obdobankihdfckkbfnoglefmdgmblcld)
• ChatGPT pin chat, bookmark – ChatGPT Mods (ID: kefnabicobeigajdngijnnjmljehknjl)
• ChatGPT message navigator, history scroller – ChatGPT Mods (ID: ifjimhnbnbniiiaihphlclkpfikcdkab)
• ChatGPT model switch, save advanced model uses – ChatGPT Mods (ID: pfgbcfaiglkcoclichlojeaklcfboieh)
• ChatGPT export, Markdown, JSON, images – ChatGPT Mods (ID: hljdedgemmmkdalbnmnpoimdedckdkhm)
• ChatGPT Timestamp Display – ChatGPT Mods (ID: afjenpabhpfodjpncbiiahbknnghabdc)
• ChatGPT bulk delete, Chat manager – ChatGPT Mods (ID: gbcgjnbccjojicobfimcnfjddhpphaod)
• ChatGPT search history, locate specific messages – ChatGPT Mods (ID: ipjgfhcjeckaibnohigmbcaonfcjepmb)
• ChatGPT prompt optimization – ChatGPT Mods (ID: mmjmcfaejolfbenlplfoihnobnggljij)
• Collapsed message – ChatGPT Mods (ID: lechagcebaneoafonkbfkljmbmaaoaec)
• Multi-Profile Management & Switching – ChatGPT Mods (ID: nhnfaiiobkpbenbbiblmgncgokeknnno)
• Search with ChatGPT – ChatGPT Mods (ID: hpcejjllhbalkcmdikecfngkepppoknd)
• ChatGPT Token counter – ChatGPT Mods (ID: hfdpdgblphooommgcjdnnmhpglleaafj)
• ChatGPT Prompt Manager, Folder, Library, Auto Send – ChatGPT Mods (ID: ioaeacncbhpmlkediaagefiegegknglc)
• ChatGPT Mods – Folder Voice Download & More Free Tools (ID: jhohjhmbiakpgedidneeloaoloadlbdj)

With artificial intelligence (AI)-related extensions becoming increasingly common in enterprise workflows, the development highlights an emerging attack surface where threat actors weaponize the trust associated with popular AI brands to deceive users into installing them.

Because such tools often require elevated execution context within the browser and have access to sensitive data, seemingly harmless extensions can become a lucrative attack vector, permitting adversaries to obtain persistent access without the need for exploiting security flaws or resorting to other methods that may trigger security alarms.

“Possession of such tokens provides account-level access equivalent to that of the user, including access to conversation history and metadata,” security researcher Natalie Zargarov said. “As a result, attackers can replicate the users’ access credentials to ChatGPT and impersonate them, allowing them to access all of the user’s ChatGPT conversations, data, or code.”

Browsers Become a Lucrative Attack Vector

The findings also coincide with the emergence of a new malware-as-a-service toolkit called Stanley that’s being peddled on a Russian cybercrime forum for between $2,000 and $6,000, and allows crooks to generate malicious Chrome browser extensions that can be used to serve phishing pages within an HTML iframe element while still showing the legitimate URL in the address bar.

Customers of the tool gain access to a C2 panel for managing victims, configuring spoofed redirects, and sending fake browser notifications. Those who are willing to spend $6,000 get a guarantee that any extension they create using the kit will pass Google’s vetting process for the Chrome Web Store.

These extensions take the form of innocuous note-taking utilities to fly under the radar. But their malicious behavior is activated when the user navigates to a website of interest to the attacker, such as a bank, at which point a full-screen iframe containing the phishing page is overlaid, while leaving the browser’s URL bar intact. This visual deception creates a defensive blind spot that can dupe even vigilant users into entering their credentials or sensitive information on the page.

As of January 27, 2025, the service appears to have vanished – likely prompted by the public disclosure – but it’s very much possible that it can resurface under a different name in the future.

“Stanley provides a turnkey website-spoofing operation disguised as a Chrome extension, with its premium tier promising guaranteed publication on the Chrome Web Store,” Varonis researcher Daniel Kelley noted earlier this week. “BYOD policies, SaaS-first environments, and remote work have made the browser the new endpoint. Attackers have noticed. Malicious browser extensions are now a primary attack vector.”

Ravie LakshmananJan 30, 2026Vulnerability / Enterprise Security

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog.

The critical-severity vulnerabilities are listed below –

• CVE-2026-1281 (CVSS score: 9.8) – A code injection allowing attackers to achieve unauthenticated remote code execution
• CVE-2026-1340 (CVSS score: 9.8) – A code injection allowing attackers to achieve unauthenticated remote code execution

They affect the following versions –

• EPMM 12.5.0.0 and prior, 12.6.0.0 and prior, and 12.7.0.0 and prior (Fixed in RPM 12.x.0.x)
• EPMM 12.5.1.0 and prior and 12.6.1.0 and prior (Fixed in RPM 12.x.1.x)

However, it bears noting that the RPM patch does not survive a version upgrade and must be reapplied if the appliance is upgraded to a new version. The vulnerabilities will be permanently addressed in EPMM version 12.8.0.0, which will be released later in Q1 2026.

“We are aware of a very limited number of customers whose solution has been exploited at the time of disclosure,” Ivanti said in an advisory, adding it does not have enough information about the threat actor tactics to provide “reliable atomic indicators.”

The company noted that CVE-2026-1281 and CVE-2026-1340 affect the In-House Application Distribution and the Android File Transfer Configuration features. These shortcomings do not affect other products, including Ivanti Neurons for MDM, Ivanti Endpoint Manager (EPM), or Ivanti Sentry.

In a technical analysis, Ivanti said it has typically seen two forms of persistence based on prior attacks targeting older vulnerabilities in EPMM. This includes deploying web shells and reverse shells for setting up persistence on the compromised appliances.

“Successful exploitation of the EPMM appliance will enable arbitrary code execution on the appliance,” Ivanti noted. “Aside from lateral movement to the connected environment, EPMM also contains sensitive information about devices managed by the appliance.”

Users are advised to check the Apache access log at “/var/log/httpd/https-access_log” to look for signs of attempted or successful exploitation using the below regular expression (regex) pattern –

^(?!127.0.0.1:d+
.*$).*?/mifs/c/(aft|app)store/fob/.*?404

“Legitimate use of these capabilities will result in 200 HTTP response codes in the Apache access log, whereas successful or attempted exploitation will cause 404 HTTP response codes,” it explained.

In addition, customers are being asked to review the following to look for any evidence of unauthorized configuration changes –

• EPMM administrators for new or recently changed administrators
• Authentication configuration, including SSO and LDAP settings
• New push applications for mobile devices
• Configuration changes to applications you push to devices, including in-house applications
• New or recently modified policies
• Network configuration changes, including any network configuration or VPN configuration you push to mobile devices

In the event signs of compromise are detected, Ivanti is also urging users to restore the EPMM device from a known good backup or build a replacement EPMM and then migrate data to the device. Once the steps are performed, it’s essential to make the following changes to secure the environment –

• Reset the password of any local EPMM accounts
• Reset the password for the LDAP and/or KDC service accounts that perform lookups
• Revoke and replace the public certificate used for your EPMM
• Reset the password for any other internal or external service accounts configured with the EPMM solution

The development has prompted CISA to add CVE-2026-1281 to the KEV catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the updates by February 1, 2026.

Ravie LakshmananJan 30, 2026Vulnerability / Email Security

SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.

The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0.

“SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method,” according to a description of the flaw in CVE.org.

“The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS [operating system] command. This command will be executed by the vulnerable application.”

watchTowr researchers Sina Kheirkhah and Piotr Bazydlo, CODE WHITE GmbH’s Markus Wulftange, and VulnCheck’s Cale Black have been credited with discovering and reporting the vulnerability.

The security hole has been addressed in version Build 9511, released on January 15, 2026. The same build also patches another critical flaw (CVE-2026-23760, CVSS score: 9.3) that has since come under active exploitation in the wild.

In addition, SmarterTools has shipped fixes to plug a medium-severity security vulnerability (CVE-2026-25067, CVSS score: 6.9) that could allow an attacker to facilitate NTLM relay attacks and unauthorized network authentication.

It has been described as a case of unauthenticated path coercion affecting the background-of-the-day preview endpoint.

“The application base64-decodes attacker-supplied input and uses it as a filesystem path without validation,” VulnCheck noted in an alert.

“On Windows systems, this allows UNC [Universal Naming Convention] paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts. This can be abused for credential coercion, NTLM relay attacks, and unauthorized network authentication.”

The vulnerability has been patched in Build 9518, released on January 22, 2026. With two vulnerabilities in SmarterMail coming under active exploitation over the past week, it’s essential that users update to the latest version as soon as possible.

Ravie LakshmananJan 30, 2026Artificial Intelligence / Economic Espionage

A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday.

Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft of trade secrets for taking over 2,000 documents containing the tech giant’s trade secrets related to artificial intelligence (AI) technology for the benefit of the People’s Republic of China (PRC).

“Silicon Valley is at the forefront of artificial intelligence innovation, pioneering transformative work that drives economic growth and strengthens our national security,” said U.S. Attorney Craig H. Missakian. “We will vigorously protect American intellectual capital from foreign interests that seek to gain an unfair competitive advantage while putting our national security at risk.”

Ding was indicted in March 2024 for transferring sensitive proprietary information from Google’s network to his personal Google Cloud account. The stolen documents included details about the company’s supercomputing data center infrastructure used for running AI models, the Cluster Management System (CMS) software for managing the data centers, and the AI models and applications they supported.

Specifically, the trade secrets pertained to –

• Architecture and functionality of Google’s custom Tensor Processing Unit chips and systems, and Google’s Graphics Processing Unit systems
• Software that allows the chips to communicate and execute tasks
• Software that orchestrates thousands of chips into a supercomputer capable of training and executing cutting-edge AI workloads
• Custom-designed SmartNIC, a type of network interface card used to facilitate high-speed communication within Google’s AI supercomputers and cloud networking products

The theft took place between May 2022 and April 2023. Ding, who joined Google in 2019, is said to have affiliated himself with two tech companies based in China, including a startup named Shanghai Zhisuan Technologies Co., which he founded in 2023, while he was employed by the firm. Ding downloaded the documents to his computer in December 2023, less than two weeks before resigning from Google.

“Around June 2022, Ding was in discussions to be the Chief Technology Officer for an early-stage technology company based in the PRC; by early 2023, Ding was in the process of founding his own technology company in the PRC focused on AI and machine learning and was acting as the company’s CEO,” the DoJ said.

The 2024 incident also alleged that the defendant took a number of deceitful steps to cover up the theft of trade secrets, including copying the data from Google source files into the Apple Notes application on his company-provided MacBook and then converting the notes to PDF files before uploading them to his Google account.

Furthermore, prosecutors accused Ding of asking another Google employee to use his company-issued access badge to scan into the entrance of a Google building, and give the impression that he was working from the office when, in fact, he was in China. The scheme unravelled in late 2023 when Google learned that he had given a public presentation in China to potential investors about his startup.

In February 2025, Ding was charged with economic espionage, with the superseding indictment also claiming he applied to a Shanghai-based “talent” sponsored by Beijing. The indictment also called out these talent programs for encouraging individuals engaged in research and development outside the country to come to China to contribute to the nation’s economic and technological growth.

“Ding’s application for this talent plan stated that he planned to ‘help China to have computing power infrastructure capabilities that are on par with the international level,’” the DoJ said. “The evidence at trial also showed that Ding intended to benefit two entities controlled by the government of China by assisting with the development of an AI supercomputer and collaborating on the research and development of custom machine learning chips.”

Ding is scheduled to appear at a status conference on February 3, 2026. He faces a maximum sentence of 10 years in prison for each count of theft of trade secrets and 15 years in prison for each economic espionage count.