Cybersecurity News Worth Your Attention this Week Summarised – 26-01-2026

1. GhostPoster Campaign Deploys 17 Malicious Browser Extensions Over 5 Years with 840,000+ Installs

A coordinated GhostPoster operation has infiltrated Chrome, Firefox, and Edge stores with 17 rogue extensions that have been downloaded over 840,000 times since 2020. 
Using steganography and delayed activation, these tools harvest credentials, hijack affiliate links, disable security controls, and exfiltrate user data.

Key Details

• The campaign emerged as early as 2020, used deceptive extension names like “Google Translate in Right Click,” “Youtube Download,” and “Ads Block Ultimate” to appear legitimate while quietly stealing sensitive user information.
  
• Campaign spans all major browsers and remained undetected through store security reviews for up to five years.
• Malicious code hidden inside PNG files, decoded only at runtime to evade static analysis.
• Extensions lay dormant for 48 hours to five days before contacting attacker-controlled servers.
• Capabilities include credential theft, HTTP header manipulation, affiliate link hijacking, and behavior tracking.

Next Steps

• Audit installed browser extensions for unusual permissions or recent additions.
• Implement extension allow-listing and disable unapproved store installs.

Read more at Cybersecurity News

2. Five Chrome Extensions Hijacking Enterprise Sessions on HR and ERP Platforms

A set of five Chrome add-ons posing as productivity tools have been found stealing authentication tokens from Workday, NetSuite, SuccessFactors and other enterprise platforms. 
By exfiltrating session cookies, blocking administrative pages, and injecting stolen tokens, these extensions enable full account takeover without triggering MFA or login alerts.

Key Details

• Over 2,300 enterprise users installed extensions that request only “standard” permissions and promised either free tools or an extra layer of security on existing tools.
• Three variants exfiltrate session cookies every 60 seconds to attacker infrastructure.
• Two variants manipulate the DOM to block admins from changing passwords or disabling accounts.
• Advanced “Software Access” extension uses chrome.cookies.set() for bidirectional session injection.

Next Steps

• Consider enforcing an enterprise extension allow-list and block all others.

Read more at Socket.dev, CSO Online

3. Malicious Chrome Extension “CrashFix” Deploys ModeloRAT via Browser Crash Lure

A campaign tracked as KongTuke is distributing a fake ad-blocker Chrome extension that intentionally crashes browsers to coerce users into running commands, resulting in the installation of ModeloRAT on corporate, domain-joined systems. 

The extension delays its malicious behavior by 60 minutes then repeats a denial-of-service loop every 10 minutes, deploying a Python-based RAT with RC4-encrypted C2, persistence, reconnaissance and adaptive beaconing. 

Key Details

• Extension “NexShield – Advanced Web Guardian” (ID: cpcdkmjddocikjdkbbeiaafnpdbdafmi) mimics uBlock Origin Lite and had over 5,000 installs.
• After a 60-minute dormancy, it triggers an infinite chrome.runtime port loop to exhaust memory and crash the browser every 10 minutes.
• Fake warning directs users to paste a pre-copied command into Windows Run, invoking finger.exe to fetch an obfuscated PowerShell loader.
• Domain-joined machines receive ModeloRAT—a Python RAT using RC4-encrypted C2, registry persistence, anti-analysis checks and configurable beacon intervals.

Next Steps

• Enforce Chrome extension allowlists via enterprise policies.

Read more at Dark Reading, The Hacker News, SecurityWeek

4. WhisperPair Bluetooth Flaw Enables Hijacking and Tracking of Wireless Audio Accessories

Researchers have uncovered CVE-2025-36911—a critical Fast Pair implementation flaw that lets attackers silently pair with and control Bluetooth earbuds, headphones, and speakers from leading brands. 

 Exploits complete within 10 seconds at up to 14 meters, granting the ability to play audio, record conversations, or track victims via Google’s Find Hub network. 
Hundreds of millions of devices across Android and iOS remain at risk until manufacturers issue firmware patches.

Key Details

• CVE-2025-36911 affects Fast Pair–enabled devices from Sony, Anker, Google, Jabra, JBL, Logitech, Marshall, Nothing, OnePlus, Soundcore, and Xiaomi.
• Attack succeeds in a median of 10 seconds at ranges up to 14 meters without user interaction.
• Once paired, attackers can force audio playback, record via built-in mics, and add devices to their Google account for location tracking.
• Researchers disclosed the flaw to Google in August 2025 under a 150-day window; Google paid the maximum $15,000 bounty.

Next Steps

• Inventory all Fast Pair–enabled accessories in your environment.
• Check vendor advisories and apply firmware updates immediately.

Read more at Cybersecurity News

5. How ServiceNow Over Indexing on User Experience Created the BodySnatcher Flaw That Lets Attackers Impersonate Any ServiceNow User

A critical vulnerability in ServiceNow’s Now Assist AI Agents and Virtual Agent API (CVE-2025-12420) allows unauthenticated attackers to bypass MFA and SSO by leveraging a shared, hardcoded token and insecure account-linking logic. Exploiting this flaw lets adversaries impersonate administrators, spin up backdoor accounts with full privileges, and exfiltrate sensitive data. Organizations must verify patches and harden AI agent configurations to prevent remote privilege escalation.

Key Details

• Attack uses universal auth token plus email-based auto-linking to bypass MFA/SSO
• Vulnerable versions: Now Assist 5.0.24–5.1.17 & 5.2.0–5.2.18; Virtual Agent API ≤3.15.1 & 4.0.0–4.0.3
• Proof-of-concept created admin accounts, reset passwords, and gained full system control

Next Steps

• Validate all instances are running patched AI agent and API versions
• Enforce and test MFA in account-linking scripts for Virtual Agent providers
• Use AI Control Tower to audit and disable unused or example AI agents

Read more at AppOmni, Cybersecurity News, CSO Online

6. Critical Prompt Injection Flaws in Anthropic Git MCP Server Enable File Access and RCE

Researchers disclosed three high-severity vulnerabilities in Anthropic’s official MCP Git server that allow attackers, via prompt injection, to traverse directories, overwrite or delete files, and achieve remote code execution. 

Patched in mcp-server-git versions 2025.9.25 and 2025.12.18

Key Details

• CVE-2025-68143:  Path traversal in git_init, allows repo creation anywhere (fixed 2025.9.25).
• CVE-2025-68144: Argument injection in git_diff and git_checkout, passes unsanitized flags to Git CLI (fixed 2025.12.18).
• CVE-2025-68145 Missing validation on --repository flag, enables path traversal (fixed 2025.12.18).
• Chained with the Filesystem MCP server, attackers can deploy a malicious .git/config filter to trigger shell payloads via standard Git commands.

Next Steps

• Audit running MCP servers, avoid untrusted Git + Filesystem combinations.
• Update to mcp-server-git 2025.12.18 or later immediately.
• Enforce least privilege, restrict .git directory creation, and monitor unexpected repositories.

Read more at The Hacker News, SecurityWeek, CSO Online

7. Experiment: GPT-5.2 Automates Zero-Day Exploit Generation at Scale

An independent security researcher Sean Heelan's recent experiment shows GPT-5.2 autonomously produced over 40 working exploits 
for a zero-day flaw in the QuickJS JavaScript interpreter, bypassing modern 
protections like ASLR, NX, RELRO, CFI, shadow stacks, and sandboxing. 

This 
demonstrates a significant leap in automated offensive capabilities, signaling 
that exploit generation may soon hinge more on compute power than specialist skill.

Key Details

• GPT-5.2 succeeded in all six security configurations; Opus 4.5 solved four.
• Generated exploits ranged from simple shell spawns to complex file writes.
• Bypass techniques included chained function calls via the glibc exit handler.
• Development used 50 million tokens over roughly three hours of compute time.

Next Steps

• Incorporate offensive AI tools into red-team exercises

Read more at Sean Heelan, Cybersecurity News

8. AI-Generated VoidLink Linux Malware Framework Signals New Era of Automated Threat Creation

Check Point Research analysis reveals that the VoidLink Linux malware framework was predominantly generated by an AI agent, enabling a single actor to produce over 88,000 lines of code in under a week. 
This accelerated AI-driven/vibecoded development lowers the barrier for complex malware creation, posing heightened risk to all types of environments.

Key Details

• Written in Zig, VoidLink targets Linux cloud and containerized systems for stealthy persistence.
• Evidence of AI use includes uniform v3 API modules, systematic debug logs, and LLM-generated planning docs.
• Threat actor leveraged the TRAE SOLO coding agent, following a spec-driven development (SDD) workflow.
• Development artifacts reveal sprint schedules, feature breakdowns, and code templates – all AI-generated.

Read more at The Hacker News, CSO Online, Dark Reading

9. DPRK-Linked “Contagious Interview” Campaign Abuses VS Code Tasks to Deploy Persistent Backdoor

North Korea-affiliated hackers are exploiting Visual Studio Code’s trusted workflows to deliver a stealth backdoor via malicious tasks.json files. By embedding obfuscated JavaScript fetched from legitimate platforms into developer project configurations, the Contagious Interview campaign gains persistent remote code execution, evading detection and targeting high-value developers.

Key Details

• Attack activates when a developer clones and “trusts” a malicious VS Code repository.
• tasks.json is weaponized to run shell commands that stream obfuscated JavaScript into Node.js.
• Backdoor persists independently of VS Code, using nohup bash on macOS to survive closures.
• Fallback methods include disguised dictionary files to guarantee payload execution.

Next Steps

• Restrict or audit VS Code repository trust policies.
• Scan tasks.json for unauthorized commands before trusting.
• Enforce vetted code reviews for all third-party repos.

Read more at CSO Online, Dark Reading, Cybersecurity News, The Hacker News

10. GitLab patches critical 2FA bypass vulnerability in CE/EE

A high-severity flaw (CVE-2026-0723) in GitLab Community and Enterprise editions allowed attackers knowing a user’s account ID to forge device responses and bypass two-factor authentication, putting source code and cloud secrets at risk of unauthorized alteration or theft. 

GitLab has released versions 18.8.2, 18.7.2, and 18.6.4 to address this and four additional denial-of-service issues; self-managed instances must be upgraded immediately.

Key Details

• GitLab.com and GitLab Dedicated tenants are already running the patched release.
• The 2FA bypass stems from an unchecked return-value issue in authentication services.
• Patched DoS issues include malformed Jira Connect requests (CVE-2025-13927) and API auth validation (CVE-2025-13928).

Next Steps

• Upgrade self-managed GitLab to 18.8.2, 18.7.2 or 18.6.4
• Monitor authentication logs for skipped MFA challenges

Read more at CSO Online, Bleeping Computer

Subscribe

Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.