Cyber Threat Intelligence Digest: Week 35

Executive Summary -
Highlights of Cyber Threat Intelligence Digest

Vulnerabilities

WhatsApp Patches Actively Exploited Zero‑Click Vulnerability CVE-2025-55177 in iOS and macOS Clients - On 29 August 2025, WhatsApp patched CVE-2025-55177, a zero-click vulnerability affecting WhatsApp for iOS (prior to version 2.25.21.73), WhatsApp Business for iOS (prior to version 2.25.21.78), and WhatsApp for Mac (prior to version 2.25.21.78). The flaw arises from improper handling of synchronization messages on linked devices. Exploitation could allow attackers to gain unauthorized access or execute arbitrary code on a target device using maliciously crafted content. CVE-2025-55177 has been observed in the wild as part of a sophisticated attack chain alongside Apple OS vulnerability CVE-2025-43300, which CISA added to its Known Exploited Vulnerabilities (KEV) catalog on 21 August 2025.

To mitigate the risk, organisations should update affected products to the latest versions. 

Patchstack Discloses CVE-2025-49870 SQL Injection Vulnerability in WordPress Paid Membership Subscriptions Plugin - On 28 August 2025, Patchstack reported CVE-2025-49870, a high-severity SQL injection vulnerability affecting the WordPress Paid Membership Subscriptions plugin (versions 2.15.1 and earlier). The flaw allows threat actors to execute arbitrary SQL commands, which could result in unauthorised access, exfiltration of sensitive data, or modification of the underlying database. The vulnerability was addressed in version 2.15.2, which includes the necessary security fixes to prevent exploitation.

While there have been no confirmed reports of active exploitation in the wild at the time of writing, the nature of SQL injection vulnerabilities means that unpatched installations remain at significant risk. Website administrators are strongly advised to update to the patched version immediately and review database activity for any suspicious behaviour.

TP-Link Patches High-Severity Vulnerability CVE-2025-8627 Affecting KP303 Smart Plug - On 25 August 2025, TP-Link released a patch for CVE-2025-8627, a high-severity authentication bypass vulnerability affecting the KP303 Smart Plug V2.0 (US) running firmware versions prior to 1.1.0. Exploitation of this flaw could allow unauthenticated attackers to issue protocol commands, potentially resulting in device disruption or exposure of sensitive information. The update addresses the underlying security issue and restores secure authentication for the affected devices.

While there have been no confirmed reports of active exploitation in the wild at the time of writing, unpatched devices remain at risk. Organisations and users of the KP303 Smart Plug V2.0 are strongly advised to update to the latest firmware to mitigate potential threats.

Potential Threats

Silver Fox APT Uses Signed Drivers to Disable Security Tools and Deploy ValleyRAT - On 28 August 2025, Check Point Research reported on a Silver Fox advanced persistent threat (APT) campaign first identified in late May 2025. The attackers exploited signed but vulnerable drivers to disable security tools on Windows systems and deploy the ValleyRAT malware. They made use of the WatchDog Antimalware driver (amsdk.sys, version 1.0.600), which was signed by Microsoft yet absent from both Microsoft’s Vulnerable Driver Blocklist and community-maintained repositories such as LOLDrivers. Because amsdk.sys carried a valid Microsoft signature, it could be loaded on fully updated Windows 10 and 11 systems, allowing the attackers to evade endpoint detection and response (EDR) and antivirus (AV) solutions even on modern machines. For older systems, they employed a Zemana driver. After WatchDog released an updated driver (wamsdk.sys, version 1.1.100), the attackers altered a single byte in its timestamp, preserving the Microsoft signature while changing the file hash and thereby bypassing hash-based controls. The campaign infrastructure was traced to China, and the loader was designed to target processes linked to East Asian security vendors.

The attackers operated with self-contained loaders that incorporated anti-analysis features, persistence mechanisms, vulnerable drivers and a ValleyRAT downloader. These loaders were delivered via compressed archives containing executables or DLLs, which were then side-loaded by legitimate applications. Persistence was achieved by writing files into C:\Program Files\RunTime, creating the Termaintor service for the loader, and registering Amsdk_Service to load the driver. Once active, the driver exposed a device \.\amsdk that handled Input/Output Control (IOCTL) requests for process registration and termination, which the attackers used to shut down 192 security-related processes. The loader subsequently injected a ValleyRAT downloader DLL into svchost.exe, which communicated with servers in China using XOR-encrypted traffic to retrieve the ValleyRAT backdoor.

Russia-Linked APT29 Threat Group Abuses Microsoft Device Code Authentication in Watering Hole Campaign - On 29 August 2025, Amazon reported disrupting a watering hole campaign linked to the Russia-associated APT29 threat group, also tracked as BlueBravo. The attackers exploited Microsoft’s device code authentication, tricking victims into authorising threat actor-controlled devices via spoofed Cloudflare verification pages. Amazon identified the campaign by analysing APT29 infrastructure, which revealed compromised websites with injected obfuscated JavaScript. Around ten per cent of visitors were redirected to spoofed domains, including findcloudflare[.]com and cloudflare[.]redirectpartners[.]com. To evade detection, the group used randomised redirects, base64-encoded code, and cookies to block repeated attempts, allowing verification that granted long-term access to victim accounts.

The campaign echoes previous APT29 activity, including Amazon’s October 2024 observation of AWS-impersonating domains delivering Remote Desktop Protocol (RDP) files, and Google Threat Intelligence Group’s June 2025 discovery of the UNC6293 campaign abusing application-specific passwords (ASPs) to access cloud environments. After detecting the activity, Amazon shared technical details with Microsoft and coordinated with Cloudflare to isolate the malicious infrastructure. Insikt Group’s initial reports on earlier APT29-linked campaigns are cited in the sources section of this Analyst Note.

Threat Actors Use AI-Themed Lures to Deliver XWorm via Trojanized ScreenConnect Installer - On 27 August 2025, Trustwave reported that unidentified threat actors used AI-themed lures to distribute the Xworm remote access trojan (RAT) via malicious ScreenConnect installers. Victims were redirected from fake websites such as gtpgrok[.]ai to spoofed domains hosting modified installers disguised as AI-related media files. The attackers leveraged a valid Authenticode signature to embed malicious configurations within a legitimate ScreenConnect binary, allowing the installer to retain a valid digital signature while executing malicious actions. Once executed, the ScreenConnect tool established a remote access session with infrastructure under the attackers’ control.

During execution, the attackers ran the X-META Firebase_crypted[.]bat file, which invoked mshta[.]exe to launch a hidden batch script that downloaded and extracted the 5btc[.]zip archive from anhemvn4[.]com. This archive contained pw[.]exe (a renamed pythonw[.]exe) that executed obfuscated Base64 Python code hosted on a public GitHub repository. The code ran filelessly, injected into legitimate processes to evade detection, and maintained persistence via modified registry run keys. The attackers also performed WMI queries to gather system information and accessed browser credentials from Chrome, Edge, and Firefox. Analysis revealed Xworm RAT as the final payload, with one sample containing a command-and-control reference at 5[.]181[.]165[.]102:7705.

General News

Microsoft to enforce MFA for Azure resource management in October - Starting in October 2025, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect clients from unauthorised access. This initiative, part of the company’s Secure Future Initiative (SFI), will be rolled out gradually across tenants worldwide and requires users to enable MFA on Azure CLI, PowerShell, SDKs, and APIs. To ensure compatibility, users are advised to upgrade Azure CLI to version 2.76 or later and Azure PowerShell to version 14.3 or later. Global administrators who require additional time to comply can postpone enforcement until July 2026. Microsoft notes that enforcement applies to all Azure tenants and users, including automation and scripts using user identities, for any Create, Update, or Delete operations.

This follows prior MFA-related guidance, including warnings to Entra global administrators in August 2024, and previous announcements in May and November 2024 regarding Conditional Access policies and MFA requirements for admin portals and high-risk sign-ins. Microsoft highlights the effectiveness of MFA, stating that 99.99% of MFA-enabled accounts resist hacking attempts and that MFA reduces compromise risk by 98.56% even with stolen credentials. As part of the broader effort, GitHub has enforced two-factor authentication (2FA) for all active developers since January 2024 to strengthen account security.

Palo Alto Networks data breach exposes customer info, support tickets - Palo Alto Networks experienced a data breach exposing customer information and support cases after attackers exploited compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. The company confirmed that the incident was limited to its Salesforce CRM and did not affect any products, systems, or services. The stolen data included business contact details, internal sales account information, and “basic case data” from support cases. The campaign, tracked by Google Threat Intelligence as UNC6395, specifically targeted support cases to locate sensitive information such as authentication tokens, passwords, and cloud secrets, which could then be used to pivot into other cloud services. The attackers performed mass exfiltration of Salesforce objects - including Account, Contact, Case, and Opportunity records - and actively scanned the acquired data for credentials while deleting queries to evade detection.

Palo Alto Networks, Salesforce, and Google have revoked the compromised tokens, rotated credentials, and disabled Drift integrations while investigations continue. The attackers reportedly searched for AWS access keys, Snowflake tokens, VPN and SSO login strings, and generic credentials, potentially enabling further cloud breaches for extortion. The incident forms part of a wider pattern of Salesforce-targeted data theft attacks, including campaigns by the ShinyHunters extortion group and other organisations affected via the Salesloft supply chain compromise, such as Google, Zscaler, Cisco, and luxury brands like Louis Vuitton and Dior. Google has stated there is no conclusive evidence directly linking these attacks, despite similarities in tactics and tooling.

Shadow AI Discovery: A Critical Part of Enterprise AI Governance - MIT’s State of AI in Business report reveals that while 40% of organisations have purchased enterprise LLM subscriptions, over 90% of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4% of sensitive AI interactions occur via personal email accounts, bypassing corporate controls entirely. This growing “Shadow AI Economy” presents significant risks for organisations, as employees drive adoption from the bottom up, often using unsanctioned tools that are better suited to improve productivity than enterprise-sanctioned platforms. Traditional “block and wait” strategies fail, as AI is embedded across productivity, collaboration, and SaaS applications, with blocking one tool simply shifting usage elsewhere.

To address these risks, organisations must implement Shadow AI discovery as part of governance and regulatory compliance. Maintaining an AI asset inventory is now a requirement under frameworks such as the EU AI Act, enabling security teams to identify low-risk use cases and those involving sensitive data, regulated workflows, or geographic exposure. Harmonic Security provides continuous monitoring and intelligence controls for both sanctioned and unsanctioned AI usage, allowing policies to be applied according to employee role, data sensitivity, and tool risk. By gaining full visibility into Shadow AI, CISOs can protect sensitive information, comply with regulations, and empower employees to use AI safely and productively.

Threat Actor Weekly Graph

Over the past 7 days, we have been tracking the following intent and opportunity changes within our Threat Actor Landscape.

Intent represents the potential targets of a group. When a group is observed attacking a different organisation or entity, their intent will increase.

Opportunity represents the various methods and technologies these groups may use. For example, if a group started using a new attack vector, such as a new kind of ransomware, their opportunity would increase.

Both intent and opportunity are scored out of 100 and are responsible for scoring the group's severity. These updates can be seen below.