Sign in Subscribe

InfoSec News 27FEB2026

General

  • Juniper doesn't want to be left behind, after Cisco's CVSS10 vulnerability, they've got a CVSS (v3) 9.8 bug in their PTX routers. It's in a service enabled by default, and leads to remote code execution (RCE) as root.
The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device. Please note that this service is enabled by default as no specific configuration is required.
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations
...
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations.
To prevent malicious Wi-Fi clients from attacking other clients on the same network, vendors have introduced client isolation, a combination of mechanisms that block direct communication between clients. However, client isolation is not a standardized feature, making its security guarantees unclear.
...
Building on these insights, we design and evaluate end-to-end attacks that enable full machine-in-the-middle capabilities in modern Wi-Fi networks. Although client isolation effectively mitigates legacy attacks like ARP spoofing, which has long been considered the only universal method for achieving machine-in-the-middle positioning in local area networks, our attack introduces a general and practical alternative that restores this capability, even in the presence of client isolation.
Dataminr detected activity on a public Telegram board indicating that the Scattered Lapsus$ Hunters (SLH) hacking collective is recruiting women for an upcoming vishing-based social engineering campaign. The group is offering to pay recruited individuals $500 to $1,000 upfront per call and promises to provide the necessary scripts for the operation.
Project Compass is an ongoing effort aimed at strengthening law enforcement cooperation and coordination in the fight against the phenomenon known as The Com.
...
4 victims safeguarded
30 perpetrators arrested*
62 identified and partially identified victims
179 identified and partially identified perpetrators
9 joint awareness-raising activities
Pre-2015 CVEs generated 7.3 million sessions — 4x more than 2023-2024 CVEs combined.
300,000 residential IPs participated in a single credential-spraying campaign — 73% classified as residential by ISP categorization, with no prior GreyNoise history. Geographic blocking, reputation scoring, rate limiting: would have limited effectiveness against this traffic pattern.
Google spent over a decade telling developers that Google API keys (like those used in Maps, Firebase, etc.) are not secrets. But that's no longer true: Gemini accepts the same keys to access your private data.....Even Google themselves had old public API keys, which they thought were non-sensitive, that we could use to access Google’s internal Gemini.
...
Retroactive Privilege Expansion. You created a Maps key three years ago and embedded it in your website's source code, exactly as Google instructed. Last month, a developer on your team enabled the Gemini API for an internal prototype. Your public Maps key is now a Gemini credential. Anyone who scrapes it can access your uploaded files, cached content, and rack up your AI bill. Nobody told you.
Insecure Defaults. When you create a new API key in Google Cloud, it defaults to "Unrestricted," meaning it's immediately valid for every enabled API in the project, including Gemini. The UI shows a warning about "unauthorized use," but the architectural default is wide open.
...
We provided Google with concrete examples from their own infrastructure to demonstrate the issue. One of the keys we tested was embedded in the page source of a Google product's public-facing website. By checking the Internet Archive, we confirmed this key had been publicly deployed since at least February 2023, well before the Gemini API existed. There was no client-side logic on the page attempting to access any Gen AI endpoints. It was used solely as a public project identifier, which is standard for Google services.
We tested the key by hitting the Gemini API's /models endpoint (which Google confirmed was in-scope) and got a 200 OK response listing available models. A key that was deployed years ago for a completely benign purpose had silently gained full access to a sensitive API without any developer intervention.
The most prevalent revenue stream in the cheat business is the subscription fees for the cheats themselves, with prices generally ranging from $10 to $100 plus per month for a ‘traditional’ software wallhack or aimbot.
...
One AAA publisher recently talked about banning between 35,000 players in a single month following the launch of a new title. With cheats for this game costing an average of $34 for one month’s subscription, that represents $1,190,000 revenue for the cheat developers in that one month. So, potentially $14,280,000 over a year.
...
Based on our model of 15 major titles, we estimate the cheat subscription market for these games at $3.53 billion annually (95% CI: $2.08B - $5.75B). This is our defensible, data-driven estimate.

Geo-Politics

  • [US] Senator Wyden will block Lt. General Rudd's appointment as the next head of US Cyber Command (Cyber Offence) and the National Security Agency (Cyber Defence).
Despite his service, Rudd “does not have the background that would allow him to immediately step into” the role of leading Cyber Command, Wyden wrote in a letter that was included in the Congressional Record on Wednesday.
“He is not qualified for this job,” the Oregon Democrat added. “And, when it comes to the cybersecurity of this country, there is simply no time for on-the-job learning. The threat is just too urgent for that.”
...
Wyden, one of the Senate’s top privacy hawks, also wrote he opposed Rudd’s confirmation because of the vague answers he provided the Intelligence Committee in January about his understanding of the NSA’s surveillance authorities.
“I did everything in my power to allow him to demonstrate some understanding of the basic guardrails of NSA's authorities and got nothing but vague assurances about following the law.”

Privacy

  • [GR] The founder of Intellexa (makers of the Predator spyware) has been sentenced in Greece, on "several counts of unlawful access to private communication systems and violations of privacy and data laws".
The defendants are Intellexa founder Tal Dilian; Sara Hamou, a corporate off-shoring specialist who provided managerial services to the consortium; Felix Bitzios, a former deputy administrator of Intellexa; and Yiannis Lavranos.
Four businesspeople linked to sanctioned spyware maker Intellexa were found guilty of violating the confidentiality of telephone communications in a major case involving the illegal wiretapping of politicians, journalists, business leaders and senior military officials that was revealed in 2022.
...
The court rejected any mitigating circumstances and imposed a combined prison sentence of 126 years and eight months, eight of which will have to be served. The prosecutor said the defendants should serve the full sentence but the court suspended it pending appeal.

AI

  • Anthropic have released an interesting feature for Claude Code - Remote Control. Use your phone or web-browser on another machine, to control a Claude Code session. This may make is easier to run the Claude Code session in an isolated system or container, helping constrain the impact of compromise.
Kick off a task in your terminal and pick it up from your phone while you take a walk or join a meeting.
Claude keeps running on your machine, and you can control the session from the Claude app or http://claude.ai/code
During our research into Claude Code’s configuration documentation, we encountered Anthropic’s recently released Hooks feature. Hooks are designed to provide deterministic control over Claude Code’s behavior by executing user-defined commands at various points in the tool’s lifecycle. Unlike relying on the AI model to choose when to perform certain actions, Hooks ensure that specific operations always execute when predetermined conditions are met.
...
The dialog warns about reading files and mentions that Claude Code may execute files “with your permission.” This phrasing suggests that user approval will be required before any execution occurs. Indeed, when Claude Code attempts to run commands during a normal session (such as executing a bash script), it does prompt for explicit confirmation
Before execution of bash commands, Claude requests for explicit approval from the user.
We expected hooks to receive the same explicit confirmation prompt.
Back to our test: we clicked “Yes, proceed” on the prompt from when we first ran Claude.
Surprisingly, the Calculator app opened immediately, with no additional prompt or execution warning.
...
Similar to Hooks, MCP servers can be configured within the repository via .mcp.json configuration file. When opening a Claude Code conversation, the application initializes all MCP servers by running the commands written in the MCP configuration file.
...
We observed that Anthropic had implemented an improved dialog in response to our first reported vulnerability [GHSA-ph6w-f82w-28w6]. This new dialog explicitly mentions that commands in .mcp.json may be executed and emphasizes the risks of proceeding
..
Reviewing Claude Code’s settings documentation, we identified the following two configurations:
These parameters allow automatic approval of MCP servers: enableAllProjectMcpServers enables all servers defined in the project’s .mcp.json file, while enabledMcpjsonServers whitelists specific server names. In legitimate use cases, these settings enable seamless team collaboration – developers cloning a repository automatically get the same MCP integrations (filesystem, database, or GitHub tools) without manual setup.
Additionally, just like Claude Code hooks, these configurations can be included in the repository-controlled .claude/settings.json file. We tested whether this could bypass the user consent dialog
Starting Claude Code with this configuration revealed a severe vulnerability: our command executed immediately upon running claude – before the user could even read the trust dialog. Ironically, the calculator application opened on top of the pending trust dialog
The company ... told associate directors and senior managers that promotion to leadership positions would require “regular adoption” of AI.
“Use of our key tools will be a visible input to talent discussions” during this summer’s leadership-level promotion decisions, the email said.
...
Accenture says in its current press releases:
Our strategy is to be the reinvention partner of choice for our clients and to be the most client-focused, AI-enabled, great place to work in the world.
A publication (Videogamer) laid off their journalists who do video game reviews, started faking the reviews with AI agents pretending to be real people, got called out, and then banned from Metacritic and Opencritic entirely thus destroying their own revenue.

Subscribe to Deuxieme RE Banque News

Sign up now to get access to the library of members-only issues.
Jamie Larson
Subscribe