Interesting Cybersecurity News of the Week Summarised – 2025-11-10

This week I found less interesting cybersecurity news than usual, but you know what, I am not going to pad this list with more news just to hit a certain number of items. It is what it is, and my job is to deliver you interesting news. Quality over quantity, right?

Since you will spend less time reading these than usual then I encourage you to check out the Microsoft Security Blog link under the first newsitem. Luckily, it’s fixed now but super interesting attack vector. I wonder, what similar techniques are in the works?

P.S. You can also get this weekly summary of interesting cybersecurity news to your inbox every Monday. Scroll to the bottom to subscribe.

1. ‘Whisper Leak’ Side-Channel Attack Exposes AI Chat Prompts in Encrypted Traffic

A newly disclosed side-channel attack named Whisper Leak leverages packet sizes and timing in encrypted streaming AI chats to infer user prompts with over 98% accuracy on target topics. 
Why this matters? If a government agency or internet service provider were monitoring traffic to a popular AI chatbot, they could reliably identify users asking questions about specific sensitive topics—whether that’s money laundering, political dissent, or other monitored subjects—even though all the traffic is encrypted.
All mayor AI chat applications have deployed a mitigation that decreases the accuraccy to levels that no longer pose a risk.

Key Details

• Attack classifies topics by analyzing TLS packet size and inter-arrival timing patterns.
• Proof-of-concept using LightGBM, Bi-LSTM, and BERT models achieved AUPRC scores above 98%.
• Simulated monitoring of 10,000 sessions yielded 100% precision and 5–50% recall for sensitive topics.
• OpenAI, Mistral, Microsoft Azure, and xAI implemented random token-length obfuscation to mitigate risk.

Next Steps

• Confirm your AI provider has deployed random-padding or batching defenses.
• Don’t use chat applications on open networks, alwats prefer using them over VPN

Read more at Cybersecurity News, Microsoft Security Blog, The Hacker News

2. Commercial-Grade ‘LANDFALL’ Spyware Exploits Samsung Zero-Day to Target Galaxy Devices

Security researchers at Palo Alto Networks reveal “LANDFALL,” a sophisticated spywaretool exploiting CVE-2025-21042 in Samsung Galaxy phones via malicious DNG images sent over WhatsApp. Targets in the Middle East were surveilled for nine months, with full data exfiltration and zero-click capabilities.

Key Details

• CVE-2025-21042: out-of-bounds write in Samsung’s image library, patched April 2025
• Delivered in malformed Digital Negative (DNG) files containing appended ZIP archives
• Zero-click vector via WhatsApp enabled microphone, camera, SMS, call log exfiltration
• Infrastructure patterns overlap with Stealth Falcon campaigns in UAE-linked operations

Next Steps

• Ensure all Galaxy OS updates are applied, including April 2025 patch

Read more at Palo Alto Networks Unit 42, The Record

3. Vibe-coded Ransomware Extension Bypasses VS Code Marketplace Review

A blatantly malicious VS Code extension—“susvsex”—appearing to be generated by AI, automatically compressed, encrypted, and exfiltrated files before replacement, and even included hard-coded decryption keys. Despite obvious red flags, it slipped past Microsoft’s marketplace filters on Nov. 5 and remained live until researchers reported it two days later.

Key Details

• Published under “suspublisher18.susvsex,” the extension zipped and uploaded a test folder, then encrypted it using AES-256.
• Code contained obvious AI artifacts—verbose comments, duplicate decryptors (Python/Node), and hard-coded decryption key.
• Used a private GitHub repo as a C2 channel, polling an index.html for commands and writing results back to requirements.txt.
• Microsoft removed the extension Nov. 7 after Secure Annex’s report; MSRC initially deemed it out of scope.

Next Steps

• Audit and remove unverified VS Code extensions in your environment
• Enforce allow-lists and use extension-management tools

Read more at Dark Reading

4. Critical RCE Flaw in React Native CLI Exposes Developer Machines to Remote Attack

A critical remote-code execution vulnerability (CVE-2025-11953, CVSS 9.8) in the @react-native-community/cli and its cli-server-api lets attackers run arbitrary OS commands on any network-accessible development server instance. By default, the Metro bundler binds to 0.0.0.0—not localhost—enabling remote exploitation via its unsafe /open-url endpoint. 

Key Details

• Bug affects @react-native-community/cli-server-api versions 4.8.0–20.0.0-alpha.2
• Metro dev server prints “localhost” but listens on all interfaces (0.0.0.0) by default
• Windows exploit demonstrated full OS command execution; macOS/Linux paths likely exploitable
• Patch released in cli-server-api v20.0.0 to sanitize input and bind correctly

Next Steps

• Upgrade @react-native-community/cli-server-api to v20.0.0 or later

Read more at CSO Online

5. Russian APT Curly COMrades Abuses Hyper-V to Hide Malware in Linux VMs

A Russia-aligned APT group dubbed Curly COMrades covertly enables Windows Hyper-V on compromised hosts to deploy a lean Alpine Linux VM that runs custom malware, bypassing host-based EDR by routing C2 traffic through the legitimate host network. 

Key Details

• Alpine VM footprint: 120 MB disk, 256 MB RAM, deployed via DISM and PowerShell cmdlets.
• CurlyShell establishes an HTTPS reverse shell; CurlCat tunnels SSH over HTTPS to evade network monitoring.
• VM named “WSL” to mimic Windows Subsystem for Linux, reducing operator scrutiny.
• Group also used PowerShell scripts to inject Kerberos tickets into LSASS and create domain accounts via Group Policy.

Next Steps

• Monitor DISM/PowerShell for unexpected Hyper-V feature changes.
• Alert on Import-VM/Start-VM cmdlet usage and abnormal VM names.

Read more at CSO Online, BleepingComputer, BleepingComputer, CSO Online

6. Google Detects First Live Malware Using LLMs for Real-Time Code Generation and Obfuscation

Google’s Threat Intelligence Group has identified the first operational malware—PROMPTSTEAL and PROMPTFLUX—that invokes large language models mid-executionto craft commands, rewrite scripts, and evade detection dynamically. 

Key Details

• PROMPTSTEAL, linked to Russia-backed APT28, uses the Hugging Face API and Qwen2.5-Coder-32B-Instruct to generate Windows theft commands under the guise of an image-generation tool.
• PROMPTFLUX dropper queries Google’s Gemini API hourly to rewrite its VBScript, creating a “thinking robot” that mutates code for persistence and antivirus evasion.
• Attackers also deploy social-engineering prompts—posing as CTF participants or students—to bypass LLM safety guardrails and obtain exploit guidance.
• Underground marketplaces now offer AI-powered malware creation, deepfake generators, and phishing kits on subscription models, lowering the technical bar for attackers.

Next Steps

• Monitor and block unusual outbound requests to known LLM API endpoints.

Read more at CSO Online

Subscribe

Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.