Attacks & Vulnerabilities |
New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves (4 minute read)
TEE.Fail is a side-channel attack that targets DDR5 memory systems which uses a $1,000 interposition device to physically monitor memory traffic and extract cryptographic keys from Intel TDX/SGX and AMD SEV-SNP trusted execution environments. The attack exploits weaknesses in AES-XTS deterministic encryption used by both vendors, enabling attackers to record memory operations between CPU and DRAM, extract ECDSA attestation keys, and compromise confidential virtual machines by faking attestation processes. Both Intel and AMD have classified this as an out-of-scope physical attack with no planned mitigations, leaving software countermeasures as the only defense option despite their high implementation costs. |
Major US Telecom Backbone Firm Hacked by Nation-State Actors (2 minute read)
Ribbon Communications has suffered a breach with attackers accessing the IT network from December 2024. No sensitive data exfiltration has been confirmed. Some customer files outside the main network were accessed, but notifications have been sent. The company does not anticipate a major operational or financial impact. |
|
Battling Shadow AI: Prompt Injection for the Good (10 minute read)
Researchers developed a defensive use of prompt injection to combat Shadow AI risks by embedding hidden warnings in corporate documents that trigger alerts when users upload sensitive files to unapproved AI tools like ChatGPT or DeepSeek, successfully displaying disclaimers and, in some cases, blocking processing entirely. The team built an open-source prototype tool called "Prompt Injection for the Good" to test effectiveness across multiple LLMs and file types, finding most models honor carefully-phrased warnings in .docx, .pdf, and .eml formats. It failed to detect prompts in heavily obfuscated text and OCR-based tools. Security professionals should experiment with embedding defensive prompt injections in corporate document templates and sensitivity labels as a user awareness mechanism for Shadow AI. This creative approach has limitations, including inconsistent LLM behavior, potential conflicts with vendor anti-injection defenses, and the dual-use risk of the technique itself. |
Enhance Email Security Using VPC Endpoints with Amazon SES (6 minute read)
Amazon offers the ability to use VPC endpoints for isolating network traffic and securing Amazon Simple Email Service (SES) SMTP connections. This walkthrough from AWS details the process for creating a secure SMTP configuration using VPC endpoints, security groups to limit SMTP traffic to approved networks, and IAM policies to limit SES usage to authorized accounts. |
10 npm Typosquatted Packages Deploy Multi-Stage Credential Harvester (1 minute read)
Socket has identified a campaign using 10 typosquatted npm packages that execute credential-stealing malware when installed. These packages exploit the npm postinstall lifecycle to run code automatically, showing a fake CAPTCHA and realistic installation prompts to deceive developers. The payload employs multiple layers of obfuscation, fingerprints victims by IP, and downloads a 24MB cross-platform information stealer that harvests credentials from system keyrings, browsers, and authentication services on Windows, Linux, and macOS. |
|
Stop threats from haunting your SOC (Sponsor)
Haunted by endless alerts and unseen attackers? Blind spots across cloud, identity, and network give adversaries the cover they need to strike. Vectra AI's Attack Signal Intelligence™ shines a light on hidden threats with faster MTTD, fewer false positives, and less analyst fatigue. Uncover what lurks in your environment in Mind Your Attack Gaps, then see how Vectra exposes them. See the unseen before it sees you. Book a demo. |
Vuls (GitHub Repo)
Vuls is an agent-less vulnerability scanner for Linux, FreeBSD, containers, WordPress, programming language libraries, and network devices. |
Brida 0.6 released! (1 minute read)
Brida 0.6 now supports Frida 17+ after breaking changes in Frida removed runtime bridges from GumJS, which affected many tools, including earlier Brida versions. The update features major JavaScript refactoring for Frida 17.3.2+ compatibility, support for frida-compile 19.0.4, new Host:Port and DeviceId modes, OkHttp hostname verifier bypass, improved Android root detection, and Gradle configuration. Mobile security testers should upgrade to Brida 0.6 for current Frida support. 0.6pre remains for legacy use with older Frida versions on incompatible devices. It's pending approval in Burp Suite's BApp Store but available on GitHub. |
Spektrum Labs (Product Launch)
Spektrum Labs delivers a cyber resilience platform that uses AI agents to continuously validate security posture and generate cryptographic proof of safeguards, enabling organizations to confidently demonstrate resilience to boards, customers, insurers, and regulators. |
|
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns (13 minute read)
Trend Micro researchers identified a sophisticated "Premier Pass-as-a-Service" model where China-aligned APT groups Earth Estries and Earth Naga collaborate by sharing access to compromised networks, with Earth Estries acting as an access broker that hands off already-compromised systems to Earth Naga for continued exploitation. The attacks targeted government agencies and telecommunications providers across APAC, Southeast Asia, and NATO countries using multiple deployment vectors, including CrowDoor backdoors, ShadowPad malware, and Cobalt Strike beacons delivered through DLL side-loading and compromised credentials. This emerging collaboration pattern complicates attribution efforts and represents an evolution beyond traditional initial access brokers, as threat actors share access at later stages of the kill chain (command-and-control phase) rather than just initial entry points, requiring defenders to move beyond process chain analysis and monitor for suspicious file deployments and unauthorized remote administration tools. |
Security Risks of LLM Frameworks with Case Studies (13 minute read)
Critical vulnerabilities across major LLM frameworks like SSRF, path traversal, SQL injection, RCE, server-side template injection, and DoS attacks arise from insufficient input validation, unsafe code execution features, and flawed integration with external resources. They stem from common implementation mistakes, including failing to validate URLs and paths in web crawlers, executing LLM-generated SQL without proper sanitization, failing to enforce import restrictions in code execution environments, and setting inadequate resource limits for streaming operations. Developers should avoid experimental/deprecated framework features, implement strict input validation using allowlists for URLs and paths, separate templates from user data, restrict LLM permissions to the minimum necessary levels, and apply multi-layered defenses. |
CVE-2025-62725: From "docker compose ps" to System Compromise (3 minute read)
A path traversal vulnerability in Docker Compose allowed attackers to write arbitrary files on host systems by crafting malicious OCI artifacts. The bug was triggered by seemingly harmless commands like 'docker compose ps', enabling attackers to escape the cache directory and gain SSH access by injecting public keys into authorized_keys files. Docker patched this high-severity flaw (CVSS 8.9) in version v2.40.2. |
|
| Love TLDR? Tell your friends and get rewards! | | Share your referral link below with friends to get free TLDR swag! | | | |
| Track your referrals here. |
| Want to advertise in TLDR? ๐ฐ If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us.
Want to work at TLDR? ๐ผ Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!
If you have any comments or feedback, just respond to this email! Thanks for reading, Prasanna Gautam, Eric Fernandez & Sammy Tbeile
|
|
| |
Comments