Hackers On A Train – PSW #883

Paul Asadoorian

1. Idov31/NovaHypervisor: NovaHypervisor is a defensive x64 Intel host based hypervisor.

   "NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other means) by safeguarding defense products (AntiVirus / Endpoint Protection) and kernel memory structures and preventing unauthorized access to kernel memory." - I like this, protecting the kernel is important. Keep in mind a few things:

   • If an attacker gets in before the Hypervisor (e.g. UEFI) all bets are off
   • I would be suprised, though maybe not, if this type of monitoring and protection isn't built into some EDR/Anti-Malware solutions
   • This note from the author: "This project is in a very early stage of development and is not yet ready for production use."
2. lraton/FlopperZiro: A Flipper Zero clone, but cheapest, DIY and simply Open Source, made with Arduino IDE

   I think one of the best things about the Flipper Zero is how it motivated hackers to create clones and alternatives. Projects such as this one are really awesome. I have on my list to build a few of them. This one uses an interesting Microcontroller: STM32-L432KC (https://www.digikey.com/en/products/detail/stmicroelectronics/NUCLEO-L432KC/6132763)

3. Two arrested, charged for ‘interrogation’ where man was allegedly tied to a chair, threatened

   With a Flipper Zero (he was told it was a lie detector!)

4. Google Wifi Pro: Glitching from Root to EL3

   Very detailed series of articles on hardware glitching and reverse engineering.

5. Taking them to the SHITTER: an analysis of vendor abuse of security research in-the-wild

   I think what's happening here is that people are bent out of shape at the fact that commercial attack tools end up in the wrong hands. Boo-hoo, get over it, you have to defend your network against all type of threats, tactics, and techniques. Why does it matter if its paid or free?

6. SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

   First, I'm up on my soap box preaching that if you publish an article and it references another article (like direct quotes and everything) you have to link to that article. Bleeping Computer did not, and they should be ashamed of themselves because now this lazy hacker has to search the Internet for GTIG's original post, which BY THE WAY, contains valuable IoCs (Which the BC article even references, but no damn link). I digress. End-of-life Sonicwall appliances were targeted, and some seemingly stealthy malware was deployed. Get rid of those appliances. As an industry, we can't just rely on folks such as GTIG; we have to be able to monitor appliances and devices for threats, just like we do our servers, laptops, networks, and applications.

   • Oh, and also, here is the link to the actual research: https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor (Bleeping Computer if you are listening you should update the post to include this link)
7. Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild

   Why are we using FTP still? We should not. There are many better ways to move files around. Oh, and then there is the complete SSH stack too (which also runs on ALL platforms). And while FTP servers today do support encryption protocols, they also include tons of legacy code, and then it is left to the user to configure the service securely. This is why I love SSH, its great right out of the box. Sure, it can be configured insecurely, but I believe you stand a much better chance. Or you can implement 10 other ways to move files around...

8. About the hype around XBOW
   • XBOW is an AI-driven penetration testing tool that achieved 1st place on the HackerOne USA leaderboard only for that specific 3-month time window based on reputation earned by validated vulnerability reports.
   • Reputation on HackerOne is quantitative (points earned from reports closed as valid) but is also impacted by false positives and spam reports that reduce points.
   • What sets XBOW apart is its low false positive rate compared to traditional automated scanners, helped by AI training.
   • HackerOne forbids fully automated report submission, so all XBOW reports are reviewed by a human security team before submission. The extent of human intervention (e.g. filtering out false positives) is unclear.
   • XBOW is not fully autonomous; it has been developed, tuned, and maintained by a team of 25+ human experts who continually refine the system.
   • The hype that AI will replace human bug hunters is overstated. AI currently serves as a powerful automation tool that handles large volumes of common vulnerability detection (quantity), while human experts focus on discovering novel or complex issues (quality).
   • The post emphasizes the complementary roles of AI and human researchers rather than direct replacement.
9. two06/LinkedIntel: LinkedIn recon the easy way

   Neat idea: "LinkedIntel sits in the background while you browse LinkedIn via Burp and automatically extracts profile information from the API responses."

10. Alia5/PiCCANTE: PiCCANTE is a powerful tool for exploring and reversing CAN busses of vehicles, based on Raspberry Pi Pico (any model)

    "PiCCANTE is a powerful hacking tool for accessing, exploring, and manipulating vehicle CAN bus networks, built on the affordable Raspberry Pi Pico platform. Designed for researchers, security professionals, and automotive enthusiasts looking to dive deep into vehicle systems without expensive proprietary equipment."

Larry Pesce

1. Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war
2. Identity Is A Bitchat Challenge (MITM Flaw)
3. Google Will Merge Android and ChromeOS, Exec Says. That’s Taking a Page Out of the Apple Playbook
4. Prompt injection attacks: From pranks to security threats
5. Three Breaches In Three Weeks: A Wake Up Call For Enterprise Security
6. Bitchat Bluetooth Mesh Encrypted Chat App Download
7. What you need to know about CVSS to protect your IT assets
8. End-of-Train and Head-of-Train Remote Linking Protocol

Lee Neely

1. Exploited Wing file transfer bug risks ‘total server compromise,’ CISA warns

   Threat actors are exploiting a critical (CVSS 10.0) remote code execution vulnerability in Wing FTP Server (CVE-2025-47812). The vulnerability was detected by researchers at RCE Security who reported the issue to the developer; the vulnerability was patched in version Wind FTP Server 7.4.4, which was released in mid-May. RCE Security published their write-up of the vulnerability on June 30. Within one day of the disclosure, researchers at Huntress observed the flaw being actively exploited. The vulnerability was added to the US Cybersecurity and Infrastructure Security Agency's (CISA's) Known Exploited Vulnerabilities (KEV) catalog on July 14 with a mitigation due date of August 4, 2025.

   If you’re running Wing FTP, the flaw exists in the web UI, make sure you’ve updated to at least 7.4.4, if you haven’t, with the preponderance of attacks on file transfer solutions, assume compromise and proceed accordingly, to include evaluating alternative, more modern, solutions for information interchange.

   https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/

   https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild

2. McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the Password ‘123456’

   Two researchers discovered a weakness in a chatbot that fast food restaurant McDonald's uses to screen job applicants. The researchers write that they "identified two serious issues: the McHire administration interface for restaurant owners accepted the default credentials 123456:123456, and an insecure direct object reference (IDOR) on an internal API allowed us to access any contacts and chats we wanted."

   We need to not only train our developers not to use default passwords but also avoid insecure object references, then make sure our QA processes support them doing so. Not only has Paradox.ai address the issue, but they also implemented a bug bounty/vulnerability disclosure program to aid in discovery of future flaws.  https://www.paradox.ai/blog/responsible-security-update

3. Train Brakes Can Be Hacked Over Radio—And the Industry Knew for 20 Years

   The US Cybersecurity and Infrastructure Security Agency (CISA) has published an Industrial Control System (ICS) advisory describing a weak authentication vulnerability in the End-of-Train and Head-of-Train remote linking protocol. CISA writes, "successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train which may lead to a disruption of operations, or induce brake failure."

   CVE-2025-1727, CVSS 3 score 8.1, affects the devices known as a Flashing Read End Device (FRED), which replaced the caboose, and can be exploited over RF, making typical control system mitigations such as isolation or VPN, challenging. Exploit requires both physical access/proximity and deep protocol knowledge, and mitigation requires an update to the standard, which is underway. 

   https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-10

4. NVIDIA Support Security Notice: Rowhammer – July 2025

   Nvidia has published a security advisory reminding users to ensure System-level error correction code (ECC) is enabled on the company's GPU products after Researchers at the University of Toronto showed the viability of exploiting the Rowhammer effect on an NVIDIA A6000 GPU with GDDR6 memory.

   The mitigation is to enable ECC. ECC is enabled by default in the newer Nvidia products, and enabling ECC is recommended as a best practice to mitigate rowhammer attacks. Make sure you analyze the impact to both performance and memory capacity before enabling ECC if you don’t currently have it turned on.

5. 350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE

   "Blue SDK" is a Bluetooth protocol stack and software development kit (SDK). On May 17, 2024, researchers from PCA Cyber Security discovered a range of vulnerabilities in Blue SDK that, together, allowed them to remotely execute code in devices that rely on it for Bluetooth connectivity. They called their exploit chain "PerfektBlue."

   BlueSDK developer OpenSynergy worked with PCA after being contacted in May 2024, releasing patches in September 2024, however it took until June 2025 for all original equipment manufacturers (OEMs) to receive the patch, possibly due to "long and complex vehicle supply chains."

   To exploit the flaw, the attacker needs to be in range and paired with the infotainment system, which can be done without interaction in some cases. As the BlueSDK is also in mobile and IOT devices, you need to make sure updates are applied. The flaw disclosure was held until OEMs had the patches widely deployed. Make sure your vehicle, if affected, has the latest update.

6. Ex-ASML engineer who stole chip tech for Russia gets 3 years

   A court in Rotterdam, Netherlands has sentenced an unnamed individual to three years in prison for stealing chip manufacturing technology from two employers and sharing the information with people in Russia.

   We are all prepared for theft of IP by humans, but are we ready for data loss due to LLM/AI where data is aggregated outside your control? This has the potential to be more significant than leaning about unsecured S3 buckets. AI governance has to be conscious, consistent and deliberate. Your team is already leveraging AI to innovate, meet deliverables and remain relevant. Are you ready?

7. SECURITY INCIDENT NOTICE: Gravity Forms 2.9.11.1, 2.9.12 Malware Compromise Notice

   A supply chain attack appears to have compromised two versions of the Gravity Forms forms builder WordPress plugin, which has more than million active installations. The malware-infected versions of the plugin collect a host of "site metadata, including URL, admin path, theme, plugins, and PHP/WordPress version," and exfiltrate that information to external systems.

   Given the sequence of events, verify you really are on 2.9.13 of Gravity Forms. Check for the IOCs on the Gravity forms security incident notice. if you are compromised, deactivate then delete the plugin, block access to gravityapi.org, and the companion IP addresses, then reinstall. Don’t use uninstall, that will wipe your settings.

8. CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’

   The US Cybersecurity and Infrastructure Security Agency (CISA) added the CitrixBleed 2 vulnerability (CVE-2025-5777) to the Known Exploited Vulnerabilities (KEV) catalog on Thursday, July 10 with a mitigation due date for Federal Civilian Executive Branch (FCEB) agencies of July 11. This appears to be the first time CISA has set a one-day window for addressing a vulnerability added to KEV.

   You already patched right? While Citrix appears to be slow coming around on this being actively exploited, they didn’t waste any time putting out a patch in June. You should have as rapidly applied the update. Regardless check for IOCs. 

   https://nvd.nist.gov/vuln/detail/CVE-2025-5777

Sam Bowne

1. A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers

   Chinese Tech Support: Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel. Over the years, various people involved in the work, including a Microsoft cybersecurity leader, warned the company that the arrangement is inherently risky.

2. OMB draft memo sets agency and vendor quantum security standards

   t directs federal agencies to fully migrate to a post-quantum cryptographic standard, and requests that vendors disclose their individual phased PQC transition timelines.

3. A summer of security: empowering cyber defenders with AI

   Big Sleep, an AI agent developed by Google DeepMind and Google Project Zero, actively searches and finds unknown security vulnerabilities in software. Recently, Big Sleep discovered a critical SQLite vulnerability (CVE-2025-6965). Through the combination of threat intelligence and Big Sleep, Google was able to actually predict that a vulnerability was imminently going to be used and we were able to cut it off beforehand. We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild.

4. SMM callout vulnerabilities identified in Gigabyte UEFI firmware modules Vulnerability Note VU#746790

   Arbitrary write to RAM, double-free, etc. The fundamental flaw is in the supply chain: According to AMI, these vulnerabilities were previously addressed via private disclosures, yet the vulnerable implementations remain in some OEM firmware builds such as in the case of Gigabyte.

5. Critical-Vulnerabilities-in-Network Detective

   Two vulnerabilities have been identified in RapidFire Tools Network Detective, a system assessment and reporting tool developed by Kaseya (RapidFire Tools): Network Detective saves usernames and passwords in plain, readable text across several temporary files Reversible encryption of passwords and other sensitive data during network scans, using static, built-in values

6. Google Gemini flaw hijacks email summaries for phishing

   The attack leverages indirect prompt injections that are hidden inside an email and obeyed by Gemini when generating the message summary. Despite similar prompt attacks being reported since 2024 and safeguards being implemented to block misleading responses, the technique remains successful.

7. Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car was known for 13 years — operators refused to fix the issue until now

   All American trains were equipped with an End-of-Train (EoT) module attached to the last carriage, which reports telemetry data to the front of the train wirelessly. Back when it was first implemented in the late 1980s, it was illegal for anyone else to use the frequencies allocated for this system. It used no encryption or authentication, only a checksum, so these packets are easily forged. This would not have been an urgent issue if the EoT had only sent telemetry data. However, the HoT can also issue a brake command to the EoT through this system. Thus, anyone with the hardware (available for less than $500) and know-how can easily issue a brake command without the train driver’s knowledge, potentially compromising the safety of the transport operation.

   The issue still hasn’t been resolved. When the vulnerable devices reach end of life, they will be replaced with more secure ones, beginning in 2027.

8. Now everybody but Citrix agrees that CitrixBleed 2 is under exploit

   On Thursday, CISA added the critical security flaw to its catalog of Known Exploited Vulnerabilities. The agency cited "evidence of active exploitation" in its alert. The bug, a 9.3 CVSS-rated security flaw, allows remote, unauthenticated attackers to read sensitive info — such as session tokens — in memory from NetScaler devices configured as a gateway (such as a VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

9. CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’

   The federal cybersecurity watchdog ordered all civilian agencies to immediately patch the vulnerability, and took the extraordinary step of giving federal civilian agencies just one day to patch it.

10. McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the Password ‘123456’

    Simple web-based vulnerabilities—including guessing one laughably weak password—allowed researchers to access a Paradox.ai account and query the company's databases that held every McHire user's chats with Olivia. The data appears to include as many as 64 million records, including applicants' names, email addresses, and phone numbers.

11. Belkin shows tech firms getting too comfortable with bricking customers’ stuff

    Belkin is killing most of its smart home products. On January 31, the company will stop supporting the majority of its Wemo devices, leaving users without core functionality and future updates.

12. AI therapy bots fuel delusions and give dangerous advice, Stanford study finds

    The AI's helped users plan suicides, failing to understand the risks. They also validated their conspiracy theories, leading to a fatal police shooting and a teen's suicide. Commercial therapy chatbots performed even worse than the base AI models in many categories. AI's may be useful for therapy, but they need better safeguards and more thoughtful implementation. Right now, the tech industry is running a massive uncontrolled experiment in AI-augmented mental health.

13. Count(er) Strike – Data Inference Vulnerability in ServiceNow

    ServiceNow is a widely used platform with 85% of its customer base being in the Fortune 500. It handles data for incidents, requests, changes, Governance, Risk, and Compliance (GRC), and more. One of the query types allows users to request data, and reports the number of records blocked due to security constraints. By using query parameters, a user can enumerate the blocked records with a series of queries, as in blind SQL injection.