Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks - Related to keys, fake, passwords, pdfs, other

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication.

The findings once again highlight how hard-coded credentials pose a severe security risk to people and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices to their people.

Truffle Security stated it downloaded a December 2024 archive from Common Crawl, which maintains a free, open repository of web crawl data. The massive dataset contains over 250 billion pages spanning 18 years.

The archive specifically contains 400TB of compressed web data, 90,000 WARC files (Web ARChive format), and data from [website] million hosts across [website] million registered domains.

The enterprise's analysis found that there are 219 different secret types in Common Crawl, including Amazon Web Services (AWS) root keys, Slack webhooks, and Mailchimp API keys.

"'Live' secrets are API keys, passwords, and other credentials that successfully authenticate with their respective services," security researcher Joe Leon expressed.

"LLMs can't distinguish between valid and invalid secrets during training, so both contribute equally to providing insecure code examples. This means even invalid or example secrets in the training data could reinforce insecure coding practices."

The disclosure follows a warning from Lasso Security that data exposed via public source code repositories can be accessible via AI chatbots like Microsoft Copilot even after they have been made private by taking advantage of the fact that they are indexed and cached by Bing.

The attack method, dubbed Wayback Copilot, has uncovered 20,580 such GitHub repositories belonging to 16,290 organizations, including Microsoft, Google, Intel, Huawei, Paypal, IBM, and Tencent, among others. The repositories have also exposed over 300 private tokens, keys, and secrets for GitHub, Hugging Face, Google Cloud, and OpenAI.

"Any information that was ever public, even for a short period, could remain accessible and distributed by Microsoft Copilot," the business mentioned. "This vulnerability is particularly dangerous for repositories that were mistakenly ."

The development comes amid new research that fine-tuning an AI language model on examples of insecure code can lead to unexpected and harmful behavior even for prompts unrelated to coding. This phenomenon has been called emergent misalignment.

"A model is fine-tuned to output insecure code without disclosing this to the user," the researchers mentioned. "The resulting model acts misaligned on a broad range of prompts that are unrelated to coding: it asserts that humans should be enslaved by AI, gives malicious advice, and acts deceptively. Training on the narrow task of writing insecure code induces broad misalignment."

What makes the study notable is that it's different from a jailbreak, where the models are tricked into giving dangerous advice or act in undesirable ways in a manner that bypasses their safety and ethical guardrails.

Such adversarial attacks are called prompt injections, which occur when an attacker manipulates a generative artificial intelligence (GenAI) system through crafted inputs, causing the LLM to unknowingly produce otherwise prohibited content.

Recent findings show that prompt injections are a persistent thorn in the side of mainstream AI products, with the security community finding various ways to jailbreak state-of-the-art AI tools like Anthropic Claude [website], DeepSeek, Google Gemini, OpenAI ChatGPT o3 and Operator, PandasAI, and xAI Grok 3.

Palo Alto Networks Unit 42, in a investigation , revealed that its investigation into 17 GenAI web products found that all are vulnerable to jailbreaking in some capacity.

"Multi-turn jailbreak strategies are generally more effective than single-turn approaches at jailbreaking with the aim of safety violation," researchers Yongzhe Huang, Yang Ji, and Wenjun Hu noted. "However, they are generally not effective for jailbreaking with the aim of model data leakage."

What's more, studies have discovered that large reasoning models' (LRMs) chain-of-thought (CoT) intermediate reasoning could be hijacked to jailbreak their safety controls.

Another way to influence model behavior revolves around a parameter called "logit bias," which makes it possible to modify the likelihood of certain tokens appearing in the generated output, thereby steering the LLM such that it refrains from using offensive words or provides neutral answers.

"For instance, improperly adjusted logit biases might inadvertently allow uncensoring outputs that the model is designed to restrict, potentially leading to the generation of inappropriate or harmful content," IOActive researcher Ehab Hussein expressed in December 2024.

"This kind of manipulation could be exploited to bypass safety protocols or 'jailbreak' the model, allowing it to produce responses that were intended to be filtered out."

A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, as reported by......

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's con......

Law enforcement agencies from 19 countries have arrested 25 suspects linked to a criminal ring that was distributing child sexual abuse material (CSAM......

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the Lumma stealer malware.

Netskope Threat Labs stated it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites.

"While most phishing pages focus on stealing credit card information, some PDF files contain fake CAPTCHAs that trick victims into executing malicious PowerShell commands, ultimately leading to the Lumma Stealer malware."

The phishing campaign is estimated to have affected more than 1,150 organizations and more than 7,000 customers since the second half of 2024, with the attacks primarily singling out victims in North America, Asia, and Southern Europe across technology, financial services, and manufacturing sectors.

Of the 260 domains identified to host the fake PDFs, a majority of them are related to Webflow, followed by those related to GoDaddy, Strikingly, Wix, and Fastly.

Attackers have also been observed uploading some of the PDF files to legitimate online libraries and PDF repositories like PDFCOFFEE, PDF4PRO, PDFBean, and Internet Archive, such that individuals searching for PDF documents on search engines are directed to them.

In recent weeks, Lumma Stealer has also been disguised as Roblox games and a cracked version of the Total Commander tool for Windows, highlighting the myriad delivery mechanisms adopted by various threat actors. clients are redirected to these websites through YouTube videos likely uploaded from previously compromised accounts.

The cybersecurity organization further found that Lumma Stealer logs are being shared for free on a relatively new hacking forum called Leaky[.]pro that went operational in late December 2024.

Lumma Stealer is a fully-featured crimeware solution that's offered for sale under the malware-as-a-service (MaaS) model, giving a way to harvest a wide range of information from compromised Windows hosts. In early 2024, the malware operators revealed an integration with a Golang-based proxy malware named GhostSocks.

"The addition of a SOCKS5 backconnect feature to existing Lumma infections, or any malware for that matter, is highly lucrative for threat actors," Infrawatch expressed.

"By leveraging victims' internet connections, attackers can bypass geographic restrictions and IP-based integrity checks, particularly those enforced by financial institutions and other high-value targets. This capability significantly increases the probability of success for unauthorized access attempts using credentials harvested via infostealer logs, further enhancing the post-exploitation value of Lumma infections."

Phishing attacks have also been spotted abusing a JavaScript obfuscation method that uses invisible Unicode characters to represent binary values, a technique that was first documented in October 2024.

The approach entails making use of Unicode filler characters, specifically Hangul half-width (U+FFA0) and Hangul full-width (U+3164), to represent the binary values 0 and 1, respectively, and converting each ASCII character in the JavaScript payload to their Hangul equivalents.

"The attacks were highly personalized, including non-public information, and the initial JavaScript would try to invoke a debugger breakpoint if it were being analyzed, detect a delay, and then abort the attack by redirecting to a benign website," Juniper Threat Labs mentioned.

OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surv......

Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for......

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication.

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major [website] telecommunications companies.

"The threat actor then demonstrated their ability to persist in target environments across equipment from multiple vendors for extended periods, maintaining access in one instance for over three years," Cisco Talos mentioned, describing the hackers as highly sophisticated and well-funded.

"The long timeline of this campaign hints at a high degree of coordination, planning, and patience — standard hallmarks of advanced persistent threat (APT) and state-sponsored actors."

The networking equipment major stated it found no evidence that other known security bugs have been weaponized by the hacking crew, contrary to a recent research from Recorded Future that revealed exploitation attempts involving flaws tracked as CVE-2023-20198 and CVE-2023-20273 to infiltrate networks.

An crucial aspect of the campaign is the use of valid, stolen credentials to gain initial access, although the manner in which they are acquired is unknown at this stage. The threat actor has also been observed making efforts to get hold of credentials via network device configurations and deciphering local accounts with weak password types.

"In addition, we have observed the threat actor capturing SNMP, TACACS, and RADIUS traffic, including the secret keys used between network devices and TACACS/RADIUS servers," Talos noted. "The intent of this traffic capture is almost certainly to enumerate additional credential details for follow-on use."

Another noteworthy behavior exhibited by Salt Typhoon entails leveraging living-off-the-land (LOTL) techniques on network devices, abusing the trusted infrastructure as pivot points to jump from one telecom to another.

It's suspected that these devices are being used as intermediate relays to reach the intended final target or as a first hop for outbound data exfiltration operations, as it offers a way for the adversary to remain undetected for extended periods of time.

Furthermore, Salt Typhoon has been spotted altering network configurations to create local accounts, enable Guest Shell access, and facilitate remote access via SSH. Also put to use is a bespoke utility named JumbledPath that allows them to execute a packet capture on a remote Cisco device through an actor-defined jump-host.

The Go-based ELF binary is also capable of clearing logs and disabling logging in an attempt to obfuscate traces of the malicious activity and make forensic analysis more difficult. This is supplemented by periodic steps undertaken to erase relevant logs, including .bash_history, [website], lastlog, wtmp, and btmp, where applicable.

"The use of this utility would help to obfuscate the original source, and ultimate destination, of the request and would also allow its operator to move through potentially otherwise non-publicly-reachable (or routable) devices or infrastructure," Cisco noted.

"The threat actor repeatedly modified the address of the loopback interface on a compromised switch and used that interface as the source of SSH connections to additional devices within the target environment, allowing them to effectively bypass access control lists (ACLs) in place on those devices."

The firm mentioned it also identified "additional pervasive targeting" of Cisco devices with exposed Smart Install (SMI), followed by the exploitation of CVE-2018-0171. The activity, it pointed out, is unrelated to Salt Typhoon and does not share overlaps with any known threat actor or group.

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks......

Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the c......

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's con......