Rose debug info
---------------

Human Factor Blog

how human behavior affects security

Programmer’s Digest #148

08/21/2025-08/27/2025 Citrix Vulnerabilities, Docker Fixes Critical Desktop Flaw, Linux Malware Delivered via Malicious RAR Filenames And More.

1. CISA Adds Citrix Vulnerabilities to KEV Catalog as New Flaws Emerge

CISA has added two Citrix flaws to its KEV catalog as new NetScaler issues emerge—one already under active attack.

Added on August 25, the medium-severity bugs patched in November 2024 are CVE-2024-8069 (deserialization of untrusted data) and CVE-2024-8068 (improper privilege management) in Citrix Session Recording. CISA also listed CVE-2025-48384, an 8.0 Git link-following flaw.

On August 26, Citrix disclosed three NetScaler vulnerabilities: CVE-2025-7775 (CVSS 9.2), a memory overflow enabling remote code execution/DoS; CVE-2025-7776 (CVSS 8.8), another memory overflow causing instability; and CVE-2025-8424 (CVSS 8.7), improper access control on the management interface. Exploits of CVE-2025-7775 have already been observed, with reports of attackers dropping webshells to backdoor systems.

Patches are available in NetScaler ADC/Gateway versions 14.1-47.48+, 13.1-59.22+, 13.1-FIPS/NDcPP 13.1-37.241+, and 12.1-FIPS/NDcPP 12.1-55.330+. Older 12.1 and 13.0 builds are end-of-life.

2. Docker Fixes Critical Desktop Flaw Allowing Container Escapes

Docker has patched a critical flaw (CVE-2025-9074, CVSS 9.3) in Docker Desktop for Windows and macOS that could allow attackers to escape containers and compromise the host.

The bug let Linux containers access the Docker Engine API via the default subnet 192.168.65.7:2375, even with Enhanced Container Isolation (ECI) or TLS disabled. Attackers could issue privileged API commands, control other containers, or mount host drives. A proof-of-concept showed containers binding the Windows C:\ drive with read/write access, enabling full host takeover.

Researcher Felix Boulet called it a “simple oversight,” as Docker’s internal API was reachable without authentication. Philippe Dugre found Windows particularly exposed—allowing filesystem access, DLL tampering, and data theft—while macOS had reduced impact due to isolation. Linux was unaffected, as it uses named pipes.
Exploitation is possible via malicious containers or Server-Side Request Forgery (SSRF). The flaw has been fixed in Docker Desktop 4.44.3, and users are urged to update immediately.

3. GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Researchers are warning of multiple campaigns abusing exposed Redis servers and known vulnerabilities to build botnets, proxies, and cryptomining networks.
One wave exploits CVE-2024-36401 (CVSS 9.8) in OSGeo GeoServer to deploy binaries disguised as legitimate SDKs. These apps covertly monetize victims’ bandwidth by acting as residential proxies, consuming few resources and avoiding detection. Over 7,100 GeoServer instances remain exposed worldwide.

Separately, Censys tracked the PolarEdge IoT botnet, active since 2023, with about 40,000 devices—routers, firewalls, and IP cameras—infected mainly in South Korea, the U.S., and Hong Kong. It installs a TLS backdoor for encrypted C2 and likely functions as an Operational Relay Box (ORB) network to proxy attacker traffic.
Another campaign deploys a Mirai variant dubbed gayfemboy, spreading across industries in multiple countries and adding persistence, evasion, and powerful DDoS functions.

Finally, threat actor TA-NATALSTATUS is hijacking unauthenticated Redis servers for cryptojacking, using cron jobs, defense evasion, mass scanning, and rootkit-like tricks to hide miners.

4. Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Cybersecurity researchers have uncovered a novel phishing campaign that delivers the VShell backdoor, a Go-based remote access tool widely used by Chinese hacking groups.

The attack begins with a spam email posing as a beauty product survey offering a cash reward. The message carries a RAR archive (“yy.rar”) containing a file with a maliciously crafted name:
ziliao2.pdf\{echo,}|{base64,-d}|bash``

Unlike typical malware hidden in content or macros, the payload is encoded directly in the filename. When a shell script or command processes it, the embedded Base64 Bash downloader executes, fetching an ELF binary tailored for the host’s architecture. This binary retrieves and runs the encrypted VShell payload, enabling remote control, file operations, process management, and encrypted C2 communications—all while operating in memory to evade detection.

The discovery highlights an emerging Linux threat vector that exploits shell command injection via filenames. In parallel, Picus Security detailed RingReaper, a stealthy Linux post-exploit tool abusing the io_uring framework to bypass security monitoring.

3 d   digest   programmers'

Programmer’s Digest #147

08/13/2025-08/20/2025 N-able N-central Flaws, Malicious PyPI and npm Packages, CVE-2025-20265.

1. CISA Warns of N-able N-central Flaws Exploited in Zero-day Attacks

CISA warned that attackers are actively exploiting two security flaws in N-able’s N-central remote monitoring and management (RMM) platform. Widely used by MSPs and IT teams, N-central lets admins manage networks and devices from a central console.

The vulnerabilities—CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (improper input sanitization)—can allow authenticated attackers to execute commands. N-able confirmed the exploits, patched them in N-central 2025.3.1, and urged on-premises customers to upgrade immediately, stressing that its hosted cloud environments show no evidence of compromise.

CISA added the flaws to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch by August 20 under Binding Operational Directive (BOD) 22-01. About 2,000 exposed N-central instances worldwide, mostly in the U.S., Australia, and Germany.CISA also urged private organizations to secure their systems quickly, warning that such flaws remain frequent attack vectors for malicious actors.

2. PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

PyPI now checks for expired domains to block supply chain attacks. The update targets domain resurrection attacks, where attackers buy expired domains and hijack PyPI accounts through password resets. These changes improve PyPI’s overall account security posture. Since June 2025, PyPI has unverified more than 1,800 email addresses tied to expiring domains. While not foolproof, the safeguard helps close a major attack vector, especially for abandoned packages still widely used by developers.

Expired domains pose a critical risk because attackers can acquire them, intercept password reset emails, and seize package accounts—an issue highlighted in 2022 when the ctx package was compromised. The new measure, powered by Fastly’s Status API, checks domains every 30 days and un-verifies expired ones. PyPI also urges users to enable two-factor authentication and add a backup email from a trusted domain like Gmail or Outlook.

3. Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole

Cisco has released a patch for a critical vulnerability in its Secure Firewall Management Center (FMC) software that could let unauthenticated, remote attackers execute arbitrary shell commands.

Tracked as CVE-2025-20265 and rated 10.0 on the CVSS scale, the flaw stems from improper input handling in FMC’s RADIUS authentication subsystem during login. Exploitation is possible only if FMC is configured to use RADIUS authentication for its web or SSH management interfaces. Cisco engineer Brandon Sakai discovered the bug during internal testing.

Cisco FMC is widely used by enterprises, MSPs, government agencies, and schools to manage firewalls, intrusion prevention, and other network security tools. While no exploitation has been observed yet, Cisco warns attackers could gain high-level privileges if the flaw is abused.

This marks the latest in a string of maximum-severity bugs in Cisco products, following three separate ISE and ISE-PIC flaws disclosed earlier this summer that also allowed root-level code execution.

4. Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

Researchers have uncovered a malicious package on the Python Package Index that uses a dependency to establish persistence and enable remote code execution.
The package, termncolor, relied on a secondary library called colorinal in a multi-stage malware chain. Termncolor was downloaded 355 times and colorinal 529 before removal. Once executed, termncolor imported colorinal, which loaded a rogue DLL to decrypt and launch further payloads. The malware deployed “vcpktsvr.exe” with a malicious “libcef.dll,” capable of stealing system data and communicating with a command-and-control server via Zulip chat. Persistence was achieved through a Windows registry entry, while Linux systems were infected with a shared object file called “terminate.so.” The disclosure comes as npm has also faced waves of malicious packages used for data theft, credential harvesting, and cryptocurrency attacks, underscoring the ongoing risks to open-source supply chains.

10 d   digest   programmers'

Programmer’s Digest #146

08/01/2025-08/07/2025 Apex One Flaws Exploted in the Wild, NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code, Malicious AI-generated npm Package Hits Solana Users And More.

1. Trend Micro Apex One Flaws Exploted in the Wild (CVE-2025-54948, CVE-2025-54987)

Trend Micro has warned of two unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting its on-premise Apex One endpoint security platform. These flaws, which could lead to remote code execution, are currently under active investigation following reports of attempted exploitation. A full patch is expected mid-August 2025, but a temporary “fix tool” is available. It mitigates the risk but disables the Remote Install Agent function; other install methods remain unaffected.

The flaws exist in the Apex One console (TCP ports 8080 and 4343) due to improper input validation. They affect versions 20216 and below, as well as Management Server Version 14039 and earlier. Mitigations for cloud versions were deployed on July 31. The flaws require console access, so Trend Micro urges organizations to restrict exposure and apply the fix immediately—followed by the patch when released.

2. NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

Multiple security flaws have been discovered in NVIDIA’s Triton Inference Server for Windows and Linux, potentially allowing remote, unauthenticated attackers to take full control of affected systems. The open-source platform, used for running AI models, is vulnerable to remote code execution (RCE), denial of service, and data tampering.

Three key CVEs (CVE-2025-23319, CVE-2025-23320, CVE-2025-23334) impact the Python backend, which handles inference requests for AI frameworks like PyTorch and TensorFlow. Chained together, these bugs could leak internal memory details and lead to a complete server compromise.

Wiz researchers demonstrated how an attacker could exploit these flaws without credentials, posing serious risks such as model theft, AI response manipulation, and network infiltration.

NVIDIA has patched the issues in version 25.07 and also addressed additional critical bugs (CVE-2025-23310, CVE-2025-23311, CVE-2025-23317) related to unsafe HTTP request handling. Users are strongly urged to update to stay protected.

3. Malicious AI-generated npm Package Hits Solana Users

An AI-generated npm package, @kodane/patch-manager, was flagged for draining Solana wallets and removed after over 1,500 downloads on July 28, 2025. Disguised as a “Registry Cache Manager,” it hid malicious scripts that targeted macOS, Linux, and Windows systems. It used postinstall scripts to hide files and established persistence through a background script (connection-pool.js) connecting to an open C2 server. Once wallets were found, a second script (transaction-cache.js) drained funds to a hardcoded Solana address.

The malware, uploaded by a user named “Kodane,” had 19 versions published in just two days. Despite its malicious purpose, the package had polished documentation and code, likely AI-generated. Cybersecurity firm Safety noted patterns typical of AI tools like Claude, such as excessive logs, emojis, and frequent use of terms like “Enhanced.” Analysts believe AI was used to make the code look professional and trustworthy, increasing download rates before discovery.

4. Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

A critical vulnerability (CVE-2025-5394) in the Alone – Charity Multipurpose Non-profit WordPress Theme is being actively exploited to hijack websites. Rated 9.8 on the CVSS scale, the flaw affects all versions up to 7.8.3 and was patched in version 7.8.5 on June 16, 2025. The issue stems from a missing capability check in the alone_import_pack_install_plugin() function. This allows unauthenticated users to upload arbitrary plugins via AJAX, enabling remote code execution and full site takeover. Exploitation began on July 12, ahead of public disclosure, suggesting attackers may have monitored code changes. Wordfence reports over 120,000 blocked exploit attempts, many deploying ZIP archives containing PHP backdoors to run remote commands or create rogue admin accounts. Admins using the theme should immediately update, review admin users, and scan for suspicious AJAX requests to /wp-admin/admin-ajax.php?action=alone_import_pack_install_plugin.

23 d   digest   programmers'
Earlier Ctrl + ↓