Robert Grupe's AppSecNewsBits 2025-05-10

EPIC FAILS in Application Development Security practice processes, training, implementation, and incident response
Education giant Pearson hit by cyberattack exposing customer data
Threat actors compromised Pearson's developer environment in January 2025 through an exposed GitLab Personal Access Token (PAT) found in a public .git/config file.
A .git/config file is a local configuration file used by Git projects to store configuration settings, such as a project name, email address, and other information. If this file is mistakenly exposed and contains access tokens embedded in remote URLs, it can give attackers unauthorized access to internal repositories.
The exposed token allowed the threat actors to access the company's source code, which contained further hard-coded credentials and authentication tokens for cloud platforms.
Over the following months, the threat actor reportedly used these credentials to steal terabytes of data from the company's internal network and cloud infrastructure, including AWS, Google Cloud, and various cloud-based database services such as Snowflake and Salesforce CRM.
[rG: Easily preventable through SSDLC manual Security Code Reviews augmented with continuous SAST secrets scanning; with enterprise development policy, developer awareness training, and automated performance metrics reporting.]

PowerSchool paid thieves to delete stolen student, teacher data. Looks like crooks lied
This wasn't a traditional ransomware attack as no files were encrypted; instead, it was a simple data heist using a stolen cred. PowerSchool paid off the thieves to not just keep the purloined info under wraps but to delete all copies of it so that it could never be released and/or misused. The size of the ransom payment remains undisclosed.
Now, it turns out someone somehow still has a copy of the purloined data – or claims to have – and is trying to extort individual school districts whose info was stored in PowerSchool's ransacked databases: Officials are under pressure to cough up ransoms or potentially face having their districts' data leaked.
Cybercrooks aren't known for keeping their promises - a hard lesson for PowerSchool.

What’s Weak This Week:

• CVE-2025-3248 Langflow Missing Authentication Vulnerability:
  In the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests. Related CWE: CWE-306

• CVE-2025-27363 FreeType Out-of-Bounds Write Vulnerability:
  When attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution. Related CWE: CWE-787

• CVE-2024-6047 GeoVision Devices OS Command Injection Vulnerability:
  Allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization. Related CWE: CWE-78 

HACKING
Supply chain attack hits npm package with 45,000 weekly downloads
An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. The 'rand-user-agent' package is a tool that generates randomized user-agent strings, which is helpful in web scraping, automated testing, and security research.
Threat actors took advantage of its semi-abandoned yet popular status to inject malicious code in unauthorized subsequent releases that are likely to have been downloaded by a significant number of downstream projects. Aikido detected the compromise on May 5, 2025, when its malware analysis system flagged a new version of rand-user-agent, number 1.0.110.
Upon deeper examination, the researchers found obfuscated code hidden in the 'dist/index.js' file that was only visible if the user scrolled horizontally in the source view on the npm site.
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor.
The selling point here is that the attackers are attempting to exploit developers' interest in AI as well as those who are looking for cheaper usage fees for access to AI models.
WebScrapingAPI, which maintains the library, stated the unknown threat actors published the malicious package versions after obtaining an outdated automation token that was not protected by two-factor authentication.

• sw-cur

• sw-cur1

• aiide-cur

[rG: There are simply too many software supply chain attacks each week to cover in this newsletter. SSLC Organizations need to ensure that all software development components are actively managed with a binary management system that has daily vulnerability detection updates, notifications, and reporting.]

Kickidler employee monitoring software abused in ransomware attacks
Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims' activity, and harvesting credentials after breaching their networks.
The attacks started with the threat actors taking out Google Ads displayed when people searched for RVTools, a free Windows utility for managing VMware vSphere deployments. Clicking on the advertisement led to a fake RVTools site (rv-tool[.]net), promoting a trojanized program version.
The program is a malware loader that downloads and runs the SMOKEDHAM PowerShell .NET backdoor, which was used to deploy Kickidler on the device.
While these attacks targeted enterprise administrators, whose accounts would typically provide the threat actors with privileged credentials after compromise,  they may have maintained access to the victims' systems for days and even weeks to collect credentials needed to access off-site cloud backups without being detected.
By capturing keystrokes and web pages from an administrator's workstation, attackers are able to identify off-site cloud backups and obtain the necessary passwords to access them.

Man pleads guilty to using malicious AI software to hack Disney employee
Ryan Mitchell Kramer published an app on GitHub for creating AI-generated art. Kramer used was ComfyUI_LLMVISION, which purported to be an extension for the legitimate ComfyUI image generator and had functions added to it for copying passwords, payment card data, and other sensitive information from machines that installed it. To better disguise the malicious code, it was folded into files that used the names OpenAI and Anthropic.
A Disney employee downloaded ComfyUI_LLMVISION in April 2024. After gaining unauthorized access to the victim’s computer and online accounts, Kramer accessed private Disney Slack channels. In May, he downloaded roughly 1.1 terabytes of confidential data from thousands of the channels.

Fake AI video generators drop new Noodlophile infostealer malware
The websites use enticing names like the "Dream Machine" and are advertised on high-visibility groups on Facebook, posing as advanced AI tools that generate videos based on uploaded user files.
Once the victim visits the malicious website and uploads their files, they receive a ZIP archive that is supposed to contain an AI-generated video.
Instead, the ZIP contains a deceptively named executable (Video Dream MachineAI.mp4.exe), and a hidden folder with various files needed for the subsequent stages. If a Windows user has file extensions disabled (never do that), that at a quick glance, would look like an MP4 video file.
The file Video Dream MachineAI.mp4.exe is a 32-bit C++ application signed using a certificate created via Winauth. Despite its misleading name (suggesting an .mp4 video), this binary is actually a repurposed version of CapCut, a legitimate video editing tool (version 445.0). This deceptive naming and certificate help it evade user suspicion and some security solutions.
Double-clicking on the fake MP4 will execute a series of executables that eventually launch a batch script (Document.docx/install.bat).
The script uses the legitimate Windows tool 'certutil.exe' to decode and extract a base64-encoded password-protected RAR archive posing as a PDF document. At the same time, it also adds a new Registry key for persistence.
Next, the script executes 'srchost.exe,' which runs an obfuscated Python script (randomuser2025.txt) fetched from a hardcoded remote server address, eventually executing the Noodlophile Stealer in memory.

Hundreds of e-commerce sites hacked in supply-chain attack
The three software suppliers identified were Tigren, Magesolution (MGS), and Meetanshi. All three supply software that’s based on Magento, an open source e-commerce platform used by thousands of online stores. A software version sold by a fourth provider named Weltpixel has been infected with similar code on some of its customers' stores.
The backdoor code checks for a secret key in incoming Web requests and when presented gives the key holder the ability to run commands on the e-commerce server.
Once $licenseFile runs, it initiates a chain of additional functions that eventually execute malicious PHP code on the machines of site visitors.
In nearly all Adobe Commerce/Magento breaches, the backdoor is then used to inject skimming software that runs in the user's browser and steals payment information (Magecart). At least 500 e-commerce sites that rely on the backdoored software were infected, and it’s possible that the true number is double that, among them an unnamed $40 billion multinational company.

FBI: End-of-life routers hacked for cybercrime proxy networks
Recently, some routers at end of life, with remote administration turned on, were identified as compromised by a new variant of TheMoon malware. This malware allows cyber actors to install proxies on unsuspecting victim routers and conduct cyber crimes anonymously. The advisory lists the following EoL Linksys and Cisco models as common targets:

• Linksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550

• Linksys WRT320N, WRT310N, WRT610N

• Cradlepoint E100

• Cisco M10 

APPSEC, DEVSECOPS, DEV

Microsoft finds default Kubernetes Helm charts can expose data
Helm is a package manager for Kubernetes, and charts are templates/blueprints for deploying apps on the platform, providing YAML files that define key resources needed to run an app. Default Helm charts required no authentication, left exploitable ports open, and used weak or hardcoded passwords that were trivial to break.

• Apache Pinot: Exposes core services (pinot-controller and pinot-broker) via Kubernetes LoadBalancer services without any authentication.

• Meshery: Public sign-up is allowed from exposed IP, allowing anyone to register and gain access to cluster operations.

• Selenium Grid: A NodePort exposes the service across all nodes in a cluster, relying only on external firewall rules for protection. The issue doesn't impact the official Helm chart, but many widely referenced GitHub projects.

Concerning Selenium Grid, Wiz and other cybersecurity firms have previously observed attacks targeting misconfigured instances to deploy XMRig miners to mine Monero cryptocurrency.
To mitigate the risks, Microsoft recommends carefully reviewing the default configuration of Helm charts to evaluate it from a security perspective, ensuring that it includes authentication and network isolation.
Additionally, it is recommended to perform regular scans for misconfigurations that expose workload interfaces publicly and closely monitor containers for suspicious activity.

How Riot Games is fighting the war against video game hackers
More companies are taking the somewhat controversial step of deploying anti-cheat systems that run at the kernel level, meaning they have the highest privileges in the operating system and can potentially monitor everything that happens on the machine the game is run on.
One of the most prominent kernel-level anti-cheat systems is Vanguard, developed by Riot Games, which makes popular titles such as multiplayer online battle arena game League of Legends and online first-person shooter Valorant.
The anti-cheat software “almost universally” enforces some of Windows’ most important security features, such as Trusted Platform Module, a hardware-based security component, and Secure Boot. These two technologies check if a computer has been modified or tampered with, such as by malware or a cheat, and prevents it from booting if so. Then, Vanguard checks that all of the computer’s hardware drivers, which allow the operating system to communicate with the hardware, are up to date to identify additional hardware that can enable cheating. Finally, Vanguard prevents cheats from loading and executing code in the kernel’s memory.

Open source project curl is sick of users submitting “AI slop” vulnerabilities
Daniel Stenberg, original author and lead of the curl project, says he's "had it" and is "putting my foot down on this craziness," suggested that every suspected AI-generated HackerOne report will have its reporter asked to verify if they used AI to find the problem or generate the submission. If a report is deemed "AI slop," the reporter will be banned.
"We still have not seen a single valid security report done with AI help. LLMs cannot find security problems, at least not like they are being used here. "

Entra ID Data Protection: Essential or Overkill?
Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As cloud adoption accelerates and hybrid work becomes the norm, Entra ID's role becomes even more foundational. It's the connective tissue linking users to Microsoft 365, Azure services, third-party SaaS tools, and internal applications.
Microsoft reports over 600 million attacks on Entra ID every single day.
In a landscape of constant cyber threats and operational complexity, relying solely on native protections leaves too much to chance. Here's why a dedicated backup strategy matters:

• Security Threats Are Inevitable

• Human Error Happens

• Compliance Is Non-Optional: Regulations like GDPR, HIPAA, and others require strict control over identity data.

• Business Never Stops 

VENDORS & PLATFORMS

Sudo-rs make me a sandwich, hold the buffer overflows
Canonical's Ubuntu 25.10 is set to make sudo-rs, a Rust-based rework of the classic sudo utility, the default – part of a push to cut memory-related security bugs and lock down core system components. When it arrives on October 9, 2025, those interacting with Ubuntu Linux software should enjoy a reduced attack surface and perhaps a bit more peace of mind about system security.

openSUSE deep sixes Deepin desktop over security stink
Removal of Deepin Desktop from openSUSE due to Packaging Policy Violation – that makes for eye-opening reading. The news comes just a week after openSUSE Leap 16 entered beta, a release which contains some interesting wrinkles of its own.
According to the SUSE Security Team, though, DDE's beauty is only skin deep. Beneath the polished surface, it's not pretty at all. The team enumerates a whole list of problems, including claimed abuses of D-Bus and Polkit, but also some very poor design decisions. Some of these represent major security holes in the dde-api-proxy module, which are covered in depth here. The team has also publicly reported issues with Deepin's D-Bus services and the Deepin clone tool.

37signals is completing its on-prem move, deleting its AWS account to save millions
Web software biz 37signals has started to migrate its data out of the cloud and onto on-prem storage – and expects to save a further $1.3 million (£980,000) a year.
37signals operates the project management tool Basecamp and a calendaring service called HEY. In 2022 the biz's CTO David Heinemeier Hansson (who created Ruby on Rails) started to quit AWS after being horrified by an annual spend exceeding $3.2 million (£2.4 million).
Hansson compared the cost of running workloads in the public cloud to the sums required to acquire and operate some hefty Dell servers, concluded enormous savings would be possible, and decided to make the move. In 2024 he shared the results of the compute repatriation project: after spending $700,000 (£530,000) on some Dell boxes that run workloads once hosted in AWS, cloud bills fell by some $2 million (£1.5 million) a year.
37signals spent $1.5 million on 18 petabytes worth of Pure Storage kit that will cost less than $200,000 a year to operate - a savings of $1.3 million a year in operating costs.

Altman's eyeball-scanning biometric blockchain orbs officially come to America
World allows you to verify you are an actual person so that you can log into services that require the platform. It specializes in attempting to distinguish real humans from bots and AI-generated imitators. The idea being, if you're running a site or app – internet gaming or dating, say – and you really want to make sure each of your users are genuine individuals and not automated fakes, World provides that level of user identity and authenticity management.
World's key components include the Orb (a glossy sphere that photos your iris and face), World ID (a blockchain-based so-called proof-of-personhood system), the World App (where users manage their ID and get access to services), and Worldcoin (aka WLD, A cryptocurrency distributed to users as a reward).
World announced two partnerships during its US launch. A Visa-backed debit card will be issued later this year, and Match[.]com in Japan will be using World ID to reassure nervous daters.

New Lego-building AI creates models that actually stand up in real life
Carnegie Mellon University unveiled LegoGPT, an AI model that creates physically stable Lego structures from text prompts. The new system not only designs Lego models that match text descriptions (prompts) but also ensures they can be built brick by brick in the real world, either by hand or with robotic assistance.

VMware perpetual license holders receive cease-and-desist letters from Broadcom
Following its November 2023 acquisition of VMware, Broadcom ended VMware perpetual license sales. Users with perpetual licenses can still use the software they bought, but they are unable to renew support services unless they had a pre-existing contract enabling them to do so. The controversial move aims to push VMware users to buy subscriptions to VMware product bundles, with associated costs that have increased by 300 percent or, in some cases, more.

FYI: Most AI spending driven by FOMO, not ROI, CEOs tell IBM, LOL
FOMO: Fear Of Missing Out
25% of AI initiatives have delivered the expected return on investment, according to an IBM survey of 2,000 CEOs.
52% of CEO respondents say their organization is realizing value from GenAI investments beyond cost reduction.
CEOs expect the growth rate of AI investments to more than double over the next two years
61% saying they're already adopting AI agents and preparing to scale them across their organizations.
16% of the initiatives have scaled across the entire enterprise.
65% of chief executives surveyed are prioritizing use cases based on their potential return on investment.
[rG: Of those that are claiming positive ROIs, it is doubtful that most would hold up to financial verification scrutiny given rushed implementations; uncertainty of future licensing and utilization expenses; performance monitoring, drift/exposure responses, and maintenance costs; alternative lost opportunity costs; etc..]

After that 2024 Windows fiasco, CrowdStrike has a plan – job cuts, leaning on AI
CrowdStrike plans to 500 workers, in pursuit of "greater efficiencies."
In a letter to staff, included in a regulatory filing, they explained the change as an effort to move faster and operate more efficiently, citing the alleged transformational power of AI.
"We utilize AI, which could expose us to liability or adversely affect our business," the cautionary section begins, and then outlines various scenarios in which things might go sideways.

"For example, generative AI has been known to produce a false or 'hallucinatory' interferences or output, and certain generative AI uses machine learning and predictive analytics, which may be flawed, insufficient, of poor quality, reflect unwanted forms of bias, or contain other errors or inadequacies, any of which may not be easily detectable," the passage says, noting that misfires of this sort could harm the biz and/or its customers. The obligatory warning concludes by stating AI technology is developing rapidly and that it's impossible to predict all the legal, operational, or technological risks that might follow from using AI.

AI use damages professional reputation, study suggests
Employees who use AI tools like ChatGPT, Claude, and Gemini at work face negative judgments about their competence and motivation from colleagues and managers.
The World Economic Forum's Future of Jobs Report 2025 suggested that AI may create 170 million new positions globally while eliminating 92 million jobs. 

LEGAL & REGULATORY

Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent.
The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid $391 million to a group of 40 states. In January 2023, it paid $29.5 million to Indiana and Washington. Later that September, it forked out another $93 million to settle with California.
The payment also rivals a $1.4 billion fine that Meta paid Texas to settle a lawsuit over allegations that it illegally collected the biometric data of millions of users without their permission.

Jury orders NSO to pay $167 million for hacking WhatsApp users
WhatsApp sued NSO in 2019 for an attack that targeted roughly 1,400 mobile phones belonging to attorneys, journalists, human-rights activists, political dissidents, diplomats, and senior foreign government officials. NSO, which works on behalf of governments and law enforcement authorities in various countries, exploited a critical WhatsApp vulnerability that allowed it to install NSO’s proprietary spyware Pegasus on iOS and Android devices. The clickless exploit worked by placing a call to a target's app. A target did not have to answer the call to be infected.
After discovering the attack, WhatsApp shut them down with a software update that patched the critical vulnerability and notified target users that their devices had been hacked. In the weeks following, Facebook and WhatsApp also kicked NSO employees off their platforms.
[rG: I suspect that there could be a further potential victims law suit for WhatsApp’s insecure implementation that enabled this exploit if it hadn’t been disclosed.]

Computacenter IT guy let girlfriend into Deutsche Bank server rooms, says fired whistleblower
In 2023, James Papa was a service delivery manager at Computacenter, and Deutsche Bank was one of his clients in the US. The New Jersey man claims he was fired in July that year after raising concerns that one of the Computacenter workers he supervised at Deutsche Bank repeatedly had let his Chinese girlfriend, Jenny, into the bank's server rooms without permission. The worker also allegedly allowed his partner to use his laptop and work account while it was plugged into the Deutsche Bank IT network. He said he was the only person fired as a result of the reported incident.
Papa's lawsuit, filed Monday, alleges the two businesses and its VP broke New York's whistleblower protection laws and were negligent. He is seeking more than $20 million after he "suffered significant emotional, physical and monetary damage."

Pentagon declares war on 'outdated' software buying, opens fire on open source
Previous efforts from the agency have included campaigns for secure by design software practices, raising awareness of memory safety issues in widely used programs, and of course the Known Exploited Vulnerability (KEV) program which mandates that all federal agencies must patch the most dangerous vulnerabilities in just a few weeks.
The SWFT initiative will define clear cybersecurity and SCRM requirements, although these are not yet final.
The DoD currently has multiple requests for information (RFI) running until late May that seek industry input for various matters of the initiative, such as how best to use AI to authorize secure software and what effective SCRM requirements would look like.
SWFT will also establish exactly how the DoD will verify the security of any given software product, secure information-sharing systems, and expedite the process of authorizing the adoption of software.