Last Week’s Quote was: “You can’t create wealth by sharing poverty. There is no way you can do that miracle. Not even by the magicians of communism,” was by Narayana Murthy.  No one got it.

This Week’s Quote:  “I am so clever that sometimes I don’t understand a single word of what I am saying.”  By ???

THE RULES:  No searching up the answer, must be posted at the bottom of the blog post, in the comments section.

The Prize:  First person to post the correct answer gets their next domain or hosting renewal on us.

AI Jailbreak Exposes Critical Flaws: Researchers Use Chatbots to Generate Malware with No Coding Experience

Cato Networks’ 2025 Cato CTRL Threat Report exposes a security failure: AI-generated malware is now possible without coding skills. A Cato CTRL researcher, using the “Immersive World” jailbreak, tricked Large Language Models—DeepSeek-R1, DeepSeek-V3, Microsoft Copilot, and OpenAI’s ChatGPT—into writing a fully functional Chrome 133 infostealer. The technique involved embedding malicious intent into a detailed fictional narrative, bypassing built-in AI security controls. This highlights a systemic failure in GenAI safeguards and introduces the “zero-knowledge threat actor,” where anyone, not just skilled hackers, can create malware.

Cato notified Microsoft and OpenAI, which acknowledged receipt, but DeepSeek stayed silent. Google declined to review the malware code, raising concerns about inconsistent corporate responses to AI threats. Prior studies already showed DeepSeek-R1 failed over half of jailbreak tests, and a 2023 SlashNext report proved AI chatbots could generate phishing emails. Cato’s report calls for stronger defenses: training AI on expected prompts and responses, rigorous system testing, regular red teaming, and clear disclaimers defining acceptable use. As GenAI lowers the bar for cybercrime, fragmented industry reactions and unpatched vulnerabilities suggest the next major malware wave might not come from seasoned hackers—but from anyone with a chatbot and a clever enough story.

Read: https://hackread.com/ai-jailbreak-on-top-llms-to-create-chrome-infostealer/

Google Play Malware Campaign Exposes 60 Million Users to Ads and Phishing Attacks

Bitdefender and IAS Threat Lab uncovered a Google Play ad fraud campaign deploying 331 malicious apps, 15 still active, masquerading as QR scanners, expense trackers, health apps, and wallpaper apps. Downloaded over 60 million times, these apps bombard users with full-screen ads, even while other apps run, and execute phishing attacks to steal credentials and financial data. Google removes such apps, but attackers adapt, exploiting API vulnerabilities to hide icons from launchers and rename apps to mimic services like Google Voice, complicating detection.

Active since Q3 2024 and ongoing in March 2025, the campaign disproportionately affects Brazil, the U.S., Mexico, Türkiye, and South Africa. Apps employ Content Provider Abuse to execute malicious code post-installation without user interaction. Other techniques, like DisplayManager.createVirtualDisplay, launch activities without permissions, while dummy receivers and background services maintain persistence, bypassing newer Android security restrictions.

Users should avoid unnecessary downloads, even from official stores, and monitor for disappearing icons, renamed apps, sluggish performance, or battery drain. Immediate deletion is advised if detected. While Google Play remains a safer source than third-party stores, this campaign underscores persistent security gaps in Android’s app ecosystem, requiring constant vigilance and proactive defense measures.

Read: https://hackread.com/scammers-ad-fraud-apps-google-play-60m-downloads/

Threat Actors Exploit SSRF Vulnerability in Third-Party ChatGPT Tool, Targeting Financial and Government Sectors

A year-old SSRF vulnerability, CVE-2024-27564, is being actively exploited in a third-party, open-source ChatGPT tool—not OpenAI’s—created by a Chinese developer. The flaw in pictureproxy.php allows attackers to inject URLs into the url parameter, forcing arbitrary requests. Reported in September 2023 and publicly known for a year, it has been easily exploitable due to the existence of PoC code. Though classified as medium severity, it has become a real-world attack vector.

Threat actors, at least one of whom has integrated the exploit into their arsenal, are conducting mass scans for vulnerable implementations. Veriti observed over 10,000 attacks from a single IP in one week. The primary targets are U.S. government agencies and financial firms, though attacks have also hit financial and healthcare organizations in Germany, Thailand, Indonesia, Colombia, and the UK. About one-third of affected organizations remain vulnerable due to misconfigurations in security solutions.

Banks and fintechs, reliant on AI services and APIs, are particularly exposed to SSRF-based data theft. Veriti warns that ignoring medium-severity flaws is costly. Organizations must patch systems, audit firewalls, monitor attacker IPs, and fix misconfigurations to mitigate the risk. Financial institutions, take note: hackers certainly have.

Read: https://www.securityweek.com/chatgpt-vulnerability-exploited-against-us-government-organizations/

GitHub Action Compromised: Supply Chain Attack Exposes CI/CD Secrets in 23,000+ Repositories

GitHub’s tj-actions/changed-files, used in 23,000+ repositories to track file modifications in CI/CD workflows, was compromised in a supply chain attack (CVE-2025-30066, CVSS 8.6) before March 14, 2025. Attackers retroactively modified version tags to reference a malicious commit, executing a Python script from a GitHub gist that extracted CI/CD secrets from Runner Worker processes, including AWS keys, GitHub PATs, npm tokens, and private RSA keys. The gist was deleted, and while no evidence suggests secrets were exfiltrated, exposed build logs posed a major risk.

The breach originated from a compromised GitHub Personal Access Token (PAT) belonging to @tj-actions-bot, which had privileged access to the repository. GitHub revoked the PAT, project maintainers implemented passkey authentication, and restricted permissions under the principle of least privilege. Going forward, tj-actions projects will not use PATs.

All versions were compromised, as attackers modified existing version tags, affecting even past versions unless hash-pinned before the attack window. Users must update to 46.0.1 and review workflows from March 14-15 for unexpected output in the changed-files section. This follows a 2024 critical flaw (CVE-2023-49291, CVSS 9.8) in tj-actions/changed-files and tj-actions/branch-names, highlighting open-source supply chain risks.

Read: https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html

LockBit-Linked Hackers Exploit Fortinet Firewall Flaws to Deploy SuperBlack Ransomware

Hackers linked to LockBit are exploiting Fortinet firewalls, leveraging vulnerabilities CVE-2024-55591 (active since December 2024) and CVE-2025-24472 to deploy SuperBlack ransomware across corporate networks. Forescout Research attributes the attacks to Mora_001, a group with a distinct operational signature and LockBit ties. SuperBlack, built from LockBit 3.0’s leaked malware, selectively encrypts only after exfiltrating sensitive data, aligning with modern ransomware tactics prioritizing theft over disruption.

Forescout’s Sai Molige confirmed at least three intrusions, with attackers infiltrating companies that failed to patch systems after Fortinet’s January update. The ransom note includes LockBit’s messaging address, suggesting Mora_001 is either a LockBit affiliate or an associated group. Stefan Hostetler of Arctic Wolf notes that victims are likely firms that didn’t harden firewall configurations when the vulnerability was disclosed. The ransom notes resemble those of ALPHV/BlackCat, adding another layer of attribution complexity.

LockBit, despite last year’s U.S. law enforcement takedown, continues influencing ransomware operations. Fortinet has not responded to inquiries. The exploitation of edge-network security devices underscores a broader industry challenge: patching delays leave corporate infrastructure vulnerable long after fixes are available, a fact attackers continue to exploit.

Read: https://techcrunch.com/2025/03/17/hackers-are-exploiting-fortinet-firewall-bugs-to-plant-ransomware/