Sometimes the hacking world gets slow. Not many bugs, hackers on vacation. |
The last week was not slow. |
An AI agent ran a complete ransomware operation by itself, Microsoft shipped the largest patch in the company's history, router vendors kept doing router vendor things, and Anthropic has a browser extension bug it keeps marking as closed. |
Let's break it down. |
P.S. @mattjay and I started a podcast. Go check it out if you like the sound of my voice hehe. |
|
|
JADEPUFFER |
Sysdig's Threat Research Team published what it assesses to be the first documented case of agentic ransomware: an extortion operation driven end to end by a large language model. |
Initial access was CVE-2025-3248, a missing-authentication flaw in Langflow's /api/v1/validate/code endpoint (which I’m pretty sure I’ve made videos about). The API endpoint was supposed to check user-submitted Python for errors. It runs the code with exec() before checking who sent it. Patched in May 2025 and sitting on CISA's KEV list. Unfortunately, in classic large organization fashion, the bug was never patched. If only they watched my video :( |
Post access, the agent enumerated the host, picking up API keys and cloud credentials, dumping Langflow's PostgreSQL database, and dropping a cron job beaconing to attacker infrastructure every 30 minutes. |
Wait isn’t this RANSOMware? Yep, hold on. |
It encrypted 1,342 Nacos config items using MySQL's own AES_ENCRYPT(), dropped the original tables, and created a README_RANSOM table holding the demand. |
Two primary takeaways from this campaign: |
First, it debugged itself. It hit a failed login, diagnosed the specific cause, regenerated a working password hash, and confirmed success in 31 seconds. |
Second, it talked to itself in the comments. |
Also: the Bitcoin address in the ransom note appears to be an example address lifted from public documentation, and the one-time encryption key was printed to a terminal session that was never saved. |
Sources: Sysdig TRT · BleepingComputer |
|
Sponsored |
If you’re trying to start a career in Cyber Security, the hardest part is standing out from the crowd. |
“How do I make myself a unique candidate?” |
The answer: learn how exploits work, from the assembly in the code to the way that functions break (I know that sounds like AI but it’s what my brain came up with I’m sorry xD). |
Low Level Labs is my new platform where you can learn how exploits work. How does code break and how do hackers take advantage of it? |
At Low Level Labs you learn reverse engineering, exploit development, and fuzzing. And the best part: its all in your browser. |
|
EVEN BETTER: FREE. Most of the labs are free, and you can get started right now. |
Okay, back to the hacking. |
|
Microsoft Patched 622 CVEs. That Is Not A Typo. |
July's Patch Tuesday is the largest on record. 622 CVEs by Microsoft's own Security Update Guide count, more than triple June's previous high of roughly 200. 416 are Windows alone. |
Microsoft also stopped enumerating individual CVEs in the Security Update Guide this month, replacing them with a summary table and a "Notable CVEs" section. |
Two are being exploited right now: |
CVE-2026-56164: SharePoint Server EoP. Missing authentication for a critical function. CVSS 5.3. Rated Moderate. Actively exploited. Credited to incident responders at Mandiant and Google Cloud. CVE-2026-56155: AD FS EoP. Insufficient access control granularity, local access with low privileges to start. CVSS 7.8. Caught being exploited in the wild by Microsoft's IR team.
|
The publicly disclosed one is CVE-2026-50661, a BitLocker bypass requiring physical access to get into Recovery Mode. Very probably the GreatXML bug Nightmare Eclipse dropped the day after June's Patch Tuesday. |
Rapid7's Stephen Fewer disclosed CVE-2026-55040, a SharePoint JWT authentication bypass built for their Pwn2Own Berlin entry. It's one half of a chain to unauthenticated RCE. The other half is still embargoed and ships in August. |
Why the explosion? AI bug hunting. |
Microsoft's own guidance now recommends update deferral periods under three days, deadlines of zero to one day, and a grace period capped at two. |
Sources: ZDI · Rapid7 · The Hacker News · Help Net Security · CrowdStrike |
|
Tenda Shipped A Router With A Spare Key |
CERT/CC published VU#213560 on July 6 for CVE-2026-11405: an undocumented authentication backdoor in Tenda router firmware. |
Just regular router things. |
Check the submitted password via MD5, not great but still fine. If that check fails, call GetValue("sys.rzadmin.password") to pull an alternate password out of the device config. Compare the user's plaintext input directly against it. On a match, grant role=2 , basically super admin, and create a valid session.
|
The username is never checked. Any username plus the backdoor password gets you in, regardless of what the owner configured. It's documented nowhere and appears nowhere in the admin interface, so owners have no way to know it exists. |
A lot of people in my Youtube comments say “oh this bug is surely a backdoor left there by the company on purpose.” Bugdoors, a bug left on purpose for the sake of exploitation, is extremely hard to prove. These kind of backdoors however, a literal superuser password? There’s no justification here. |
Affected: FH1201, W15E, AC10, AC5, and AC6 V2 on specific builds. There is no patch. Tenda has not responded to the reporters since May. CERT/CC's advice is to disable remote web management and change the default LAN IP to dodge opportunistic scanners. |
Craig Heffner (/dev/ttyS0) documented a LAN-side backdoor in the W302R and W330R back in 2013. Never patched. In 2020, ISE found a hardcoded telnet password (CVE-2020-10988) in the AC15, waited 180 days, got nothing, and published anyway. |
Some things never change |
Sources: CERT/CC VU#213560 · BleepingComputer |
|
Ubiquiti: Seven Criticals, One Perfect 10 |
Security Advisory Bulletin 066. Seven critical CVEs across the UniFi ecosystem. |
The headliner is CVE-2026-50746, CVSS 10.0: improper access control in the UniFi Connect Application (3.4.16 and earlier) leading to command injection on the host without authentication. Because Connect runs with elevated privileges to manage hardware, whatever you inject runs with that privilege level. Fixed in 3.4.20. |
The rest: |
CVE-2026-50747 (9.9): UniFi Talk, authenticated SQL injection leading to full host control CVE-2026-50748 (9.9): UniFi Access, improper input validation, leading to command injection, low privileges CVE-2026-54402 (9.9): UniFi OS Server, command injection, low privileges CVE-2026-54400 (9.1): UniFi Access, access control escalation CVE-2026-55116 (9.0): UniFi OS, improper access control CVE-2026-54403 (8.6): UniFi OS path traversal.
|
Censys puts roughly 100,000 UniFi OS endpoints reachable from the public internet. |
Ubiquiti hasn't said whether any were exploited before the patch. However, remember that CISA added three max-severity UniFi flaws to KEV in June and gave federal agencies three days. |
Sources: BleepingComputer · Security Affair |
|
Anyway, that's it for now. Go patch your stuff. |
Happy Hacking! |
Low Level |