Next.js Zero‑Click, Zapier Chain, Ransomware IT Scam

Researchers discovered that mirroring request headers into response headers enables a reliable zero‑click cross‑site scripting attack on recent Next.js versions. By forcing the App Router to treat a request as HTML, attackers can inject payloads through reflected URL parameters, bypassing typical defenses.

Token Security uncovered a five‑step attack chain—dubbed “Zapocalypse”—that could have let an adversary publish malicious JavaScript to every authenticated Zapier user’s browser, achieving full account takeover. Zapier patched the flaw within weeks and revoked the compromised NPM token, highlighting supply‑chain risks in SaaS automation platforms.

Using the same three‑stage nano‑analyzer pipeline that AIS LE used with GPT‑5.4‑nano, the author runs open‑weight models (GPT‑OSS‑20B and Gemma‑4‑31B‑IT) on the full FreeBSD RPCSEC_GSS codebase and, after a simple reachability tweak, successfully flags the 17‑year‑old CVE‑2026‑4747 RCE. The experiment shows that modest, locally run models can duplicate frontier‑model zero‑day detection when supported by effective scaffolding.

Depthfirst’s autonomous security agent has identified 21 previously unknown zero‑day vulnerabilities in the widely used FFmpeg library, many of which had been lurking for 15‑20 years. The findings include reproducible proof‑of‑concept exploits, underscoring AI’s growing ability to uncover deep, critical bugs in complex codebases.

Security researchers discovered a Magecart skimmer that stores malicious code in a Stripe customer's metadata and executes it via Google Tag Manager on checkout pages. The stolen card data is exfiltrated back to the attacker’s Stripe account as fake customers, letting the fraud blend into trusted traffic and bypass CSPs.

Google and the FBI report that the Silent Ransom Group is dispatching impostor IT workers to law firms, using USB drives or remote tools to steal contracts, personal data, and financial records. The gang then threatens to publish the stolen information unless a ransom is paid, expanding the physical‑social engineering angle of ransomware attacks.

ESET discovered a new Android spyware family called Asin that has been distributed since early 2025 through malicious apps masquerading as government news, PDF readers and war‑map tools aimed at Arabic‑speaking users. The campaigns appear to target journalists and OSINT researchers, tricking victims into manually installing the apps and granting spyware permissions.

Microsoft’s Threat Intelligence team uncovered the Miasma supply‑chain campaign, where malicious npm packages under the @redhat‑cloud‑services scope injected a pre‑install hook that hijacked developer credentials and propagated to 73 GitHub repositories across Azure, Azure‑Samples, Microsoft and MicrosoftDocs. GitHub responded by disabling the affected repos within minutes, highlighting the rapid spread of the self‑replicating worm.

US law firm Weil Gotshal & Manges reportedly paid between $18 million and $20 million to the Luna Moth ransomware group to prevent the public release of stolen client documents. The firm activated response protocols, engaged third‑party security experts, and notified law enforcement, but says the attackers never accessed its internal network.

DentaQuest confirmed a ransomware breach by ShinyHunters after ransom negotiations failed. The gang leaked about 234 GB of data, revealing personal, insurance and ID details for 2.6 million individuals. The company says operations continue and investigators are assessing the impact.

In 2025, Columbia University suffered a hack that exfiltrated about 460 GB of data, leaking roughly 1.8 million Social Security numbers from decades‑old recruitment and testing records. The leak includes individuals who never applied to the school. Columbia is offering two years of free credit monitoring and identity restoration services to affected persons.

OpenAI's new Lockdown Mode is an optional security setting that blocks live web browsing, image fetching, Deep Research, Agent Mode, Canvas networking, and file downloads. By limiting outbound network requests, it aims to reduce data exfiltration risk from prompt‑injection attacks for users handling sensitive information.

In an 8‑1 decision, the U.S. Supreme Court rejected AT&T and Verizon's challenge to FCC penalties totaling $100 million for unlawfully sharing customer location data with third parties. The ruling preserves the FCC’s authority to enforce data‑privacy rules on telecom carriers.

Include Security reveals Bright Data’s consent‑SDK embeds in smart TV apps, converting them into exit nodes for residential proxy networks. This lets AI firms bypass cloud‑IP blocks and harvest web data at scale, raising privacy concerns for everyday consumers.

Google will store government‑issued digital IDs in Google Wallet for select EU nations, allowing its service to verify users’ age on websites. This shifts age‑gate data from sites to Google, giving the company unprecedented insight into identity checks and sparking privacy concerns over a private ID verifier.

Praetorian’s new WasmForge tool wraps existing offensive security binaries—like the Sliver C2 framework—into WebAssembly‑based executables that evade EDR signatures without source changes. By compiling Go projects to wasm32, adding custom host shims, and obfuscating binaries, it lets red‑team operators drop stealthy implants on hardened endpoints.

The author compares several open-weight LLMs (DeepSeek V4, Qwen3.5, Kimi, GLM-5/5.1) against the closed-source Opus 4.7 on the crackaddr vulnerability suite. While open models lag on tougher artifacts, a well-designed harness and post-training tweaks close most of the gap, with GLM-5.1 matching Opus performance.

Z‑Jail is a ~130 KB, single‑binary sandbox for Linux that layers seven hardening mechanisms—namespaces, pivot_root, capability drops, no‑new‑privs, seccomp‑BPF whitelist, audit logging, and more—without any external dependencies. It targets CI pipelines, CTF challenges, and lightweight code evaluation where full VM isolation is overkill.