Cyberattack

Blogs

Red Hat Hit by Data Breach exposing major sensitive data, including the NSA

Red Hat, has been allegedly been hit by a breach and this has been posted by Crimson Collective hackers group on Telegram. The cyber criminals claim they’ve snatched private GitHub repositories, which include sensitive data about approximately 800 customers’ networks.

Key points from the RedHat Breach

  • Data from 28,000 internal projects at Red Hat has allegedly been stolen.
  • The hacker group Crimson Collective claims to have stolen nearly 570GB of data.
  • Extortion group known as Crimson Collective posted of they gaining access to over 28,000 Red Hat repositories, containing 570.2 GB in total.
  • The data extracted data allegedly includes around 800 Customer Engagement Reports (CERs), exposing sensitive customer information, such as their network configurations.
  • The hackers posted the claims on a Telegram channel created on September 24th, 2025. As proof, the cybercriminals provided the entire file tree, a list of allegedly stolen CERs, and some other screenshots.
  • According to International Cyber Digest, these include the National Security Agency (NSA), the Department of Energy, the National Institute of Standards and Technology (NIST), IBM, Citi, Verizon, Siemens, Bosch, JPMC, HSBC, Telefonica, other major telecoms, banks, and many other organizations.

“Source code and consulting engagement reports (CERs), if leaked, can help attackers analyze internal company infrastructure and software running on that infrastructure. This makes it significantly easier and faster to identify vulnerable attack vectors for potential attackers, “ said Aras Nazarovas, information security researcher at Cybernews.

RedHat confirmed the attack

According to the attackers, they found authentication keys, full database URIs, and other private information in the Red Hat code and CERs, which they allegedly used to gain access to downstream customer infrastructure.

On Telegram, the hacker group published a complete directory listing of stolen GitHub repositories, along with a list of customer reports from the period 2020-2025.

Red Hat has confirmed the security incident relating to its GitLab instance, but declined to comment on the attackers’ specific claims regarding the GitHub repositories and customer reports. The company emphasizes that there is no reason to believe that the security issue affects other Red Hat services or products. Red Hat says it is very confident in the integrity of its software supply chain.

The CER list includes organizations from various sectors, including major international names such as Bank of America, T-Mobile, AT&T, Fidelity, and Walmart.

Extortion Demands by Hackers

The data breach on RedHat was also an attempt to contact Red Hat and get through with extortion demands. The cybercriminals received a response asking them to submit a vulnerability report to the security team.

The ticket created by cyber criminals was reportedly forwarded repeatedly to various individuals, including employees of Red Hat’s legal and security departments.

Blogs Security Advisory

New Cyberattack Methodology ‘Man in Prompt’, User’s at Risk, Target-AI Tools

AI tools like ChatGPT, Google Gemini and others being afflicted by malicious actors via injecting harmful instructions into leading GenAI tools. These were overlooked previously and attack methodology targets the browser extensions installed by various organizations.

The attack methodology named as ‘Man in Prompt’, exercise its attack with new class exploit targeting the AI tools as per LayerX’s researchers.

As per the research any browser extension, even without any special permissions, can access the prompts of both commercial and internal LLMs and inject them with prompts to steal data, exfiltrate it and cover their tracks. 

The exploit has been tested on all top commercial LLMs, with proof-of-concept demos provided for ChatGPT and Google Gemini. 

The question is how do they impact Users & organizations at large & how does the AI tools function within web browsers?

For organizations the implications can be high then expected as AI tools are most sought after and slowly organization across verticals are relying on AI tools.

The LLMs used and tested on many organizations are mostly trained ones. They carry huge data set of information which are mostly confidential and possibility of being vulnerable to such attack rises .

The attack methodology named as ‘Man in Prompt’, exercise its attack with new class exploit targeting the AI tools as per LayerX’s researchers. As per the research any browser extension, even without any special permissions, can access the prompts of both commercial and internal LLMs and inject them with prompts to steal data, exfiltrate it, and cover their tracks. 

The attack methodology named as ‘Man in Prompt’, exercise its attack with new class exploit targeting the AI tools as per LayerX’s researchers. As per the research any browser extension, even without any special permissions, can access the prompts of both commercial and internal LLMs and inject them with prompts to steal data, exfiltrate it, and cover their tracks. 

LayerX researcher termed this type of attack as ‘hacking copilots’ that are equipped to steal organizational information.

The prompts given are a part of the web page structure where input fields are known as the Document Object Model, or DOM. So virtually any browser extension with basic scripting access to the DOM can read or alter what users type into AI prompts, even without requiring special permissions.

Bad actors can use compromised extensions to carry out activities including manipulating a user’s input to the AI.

  • Perform prompt injection attacks, altering the user’s input or inserting hidden instructions.
  • Extract data directly from the prompt, response, or session.
  • Compromise model integrity, tricking the LLM into revealing sensitive information or performing unintended actions

Understanding the attack scenario

Proof-of-concept attacks against major platforms

For ChatGPT, an extension with minimal declared permissions could inject a prompt, extract the AI’s response and remove chat history from the user’s view to reduce detection.

LayerX implemented an exploit that can steal internal data from corporate environments using Google Gemini via its integration into Google Workspace.

Over the last few months, Google has rolled out new integrations of its Gemini AI into Google Workspace. Currently, this feature is available to organizations using Workspace and paying users.

Gemini integration is implemented directly within the page as added code on top of the existing page. It modifies and directly writes to the web application’s Document Object Model (DOM), giving it control and access to all functionality within the application

These platforms are vulnerable to  any exploit which Layer X researchers showcased that without any special permissions shows how practically any user is vulnerable to such an attack. 

Threat mitigation

These kind of attacks creates a blind spot for traditional security tools like endpoint Data Loss Prevention (DLP) systems or Secure Web Gateways, as they lack visibility into these DOM-level interactions. Blocking AI tools by URL alone also won’t protect internal AI deployments.

LayerX advises organisations to adjust their security strategies towards inspecting in-browser behaviour.

Key recommendations include monitoring DOM interactions within AI tools to detect suspicious activity, blocking risky extensions based on their behavior rather than just their listed permissions, and actively preventing prompt tampering and data exfiltration in real-time at the browser layer.

(Source: https://layerxsecurity.com/blog/man-in-the-prompt-top-ai-tools-vulnerable-to-injection/)

Security Advisory

Critical VMware Vulnerabilities Exploited in the Wild – Patch Immediately 

Broadcom released a security alert on Tuesday morning to warn VMware customers about three zero-days that have been exploited in the wild.

Continue Reading
Security Advisory

7Zip Mark-Of-The-Web Vulnerability

A high severity vulnerability in 7-Zip is exploiting in the wild. This vulnerability, identified as a Mark-of-the-Web (MoTW) bypass, allows attackers to craft a double archive file that, when extracted, bypasses MoTW protections.

OEM7Zip
SeverityHigh
CVSS7.0
CVEsCVE-2025-0411
Exploited in WildYes
Patch/Remediation AvailableYes
Advisory Version1.0

Overview

The vulnerability enables threat actors to create archives containing malicious scripts or executables, which, due to the flaw, will not receive the usual MoTW protection.

This exposes Windows users to potential attacks and has recently been added to the CISA Known Exploited Vulnerabilities Catalog. Furthermore, a Proof of Concept (PoC) for this vulnerability has been publicly released, increasing the risk of exploitation.

7-Zip vulnerability allows attackers to bypass the Mark of the Web (MotW) Windows security feature and was exploited by Russian hackers as a zero-day since September 2024.

Vulnerability NameCVE IDProduct AffectedSeverity
  MOTW Bypass vulnerability  CVE-2025-0411  7zip  High

Technical Summary

This vulnerability bypasses the Mark-of-the-Web (MoTW) feature, a security measure in Windows operating systems that flags files originating from the internet as potentially untrusted. MoTW is typically applied to files like downloaded documents, images, or executable files, which prompts a warning when opened. However, this vulnerability occurs when 7-Zip fails to properly propagate MoTW protections to files inside double-encapsulated archives.

An attacker can craft an archive containing another archive (a “double archive”), and 7-Zip did not properly propagate MoTW protections to the content to the inner archive.

This flaw allows any malicious content in the inner archive to be executed without triggering any security warnings. Consequently, this exposes Windows users to the risk of remote code execution and other malicious activities.

CVE IDSystem AffectedVulnerability DetailsImpact
CVE-2025-04117Zip Prior to v24.09    This flaw allows attackers to execute arbitrary code through double-encapsulated archives that bypass MoTW protections.Arbitrary remote code injection, potential system compromise

Remediation:

Update 7zip to v24.09 or the latest version. Installing the latest version will ensure that vulnerability is addressed, protecting systems from potential exploitation.

Generic Recommendations

  • Exercise Caution with File Extraction: Always verify the source before extracting files, especially from unfamiliar or untrusted sources.
  • Enhance User Awareness: Educate users on identifying phishing attempts and avoiding clicks on suspicious links or attachments.
  • Monitor for Anomalies: Continuously monitor systems for signs of exploitation, unusual file extraction behaviors, or unauthorized access attempts.

Conclusion

The MoTW bypass vulnerability in 7-Zip represents a serious security concern for Windows users, as it allows attackers to circumvent protective measures and execute malicious code. Updating to the latest version of 7-Zip is the recommended action to ensure systems are protected against this vulnerability.

References:

#CyberSecurity #7Zip #SecurityAdvisory #VulnerabilityManagement #CISO #CXO #PatchManagement #Intrucept

Scroll to top