Attackers have recently begun targeting organizations with a server-side request forgery (SSRF) vulnerability tracked as CVE-2024-27564 (CVSS score: 6.5) in OpenAI’s ChatGPT. The vulnerability was first introduced in commit f9f4bbc back in May 2023 but only discovered later in September 2023. The medium-rated vulnerability is related to the pictureproxy.php component used by ChatGPT.

A proof of concept (PoC) is available for the vulnerability showing how exploitation can be achieved by using specially crafted URLs with the “url” parameter. This could enable an unauthenticated attacker to force the ChatGPT application to make arbitrary requests which could then be used to redirect victims to malicious content.

Despite the availability of a PoC, the vulnerability was largely ignored by attackers until recently when it began to gain traction with multiple threat actors. According to researchers, a sustained campaign of attacks using this vulnerability began in January 2025 and continued into March 2025. The volume of attacks is substantial with the number of exploitation attempts amounting to over 10,000 in a single week, with attacks coming from 14 different IP addresses.

Most of the targets are based in the financial, healthcare, and government sectors, located in the U.S., Germany, Thailand, Indonesia, Colombia, and the UK.

Organizations are advised to ensure that their networks are adequately protected with appropriate policies and rules.

Google has issued out-of-band patches to address a high-severity Chrome zero-day vulnerability that has been exploited in the wild as part of attacks targeting organizations in Russia.

The sandbox escape vulnerability, tracked as CVE-2025-2783, is described as an “incorrect handle provided in unspecified circumstances in Mojo on Windows.” Mojo is a collection of runtime libraries that provide a platform-agnostic mechanism for inter-process communication (IPC).

“Google is aware of reports that an exploit for CVE-2025-2783 exists in the wild,” the search giant said in a short advisory. Google did not reveal additional details about the nature of the attacks, the identity of the threat actors behind them, or who was targeted.

Kaspersky researchers Boris Larin and Igor Kuznetsov discovered and reported the vulnerability on March 20, 2025. The researchers characterized the zero-day exploitation of CVE-2025-2783 as a technically sophisticated targeted attack, indicative of an advanced persistent threat (APT). Kaspersky is tracking the activity under the name Operation ForumTroll.

“In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser,” the researchers said. “No further action was required to become infected.”

The researchers said that CVE-2025-2783 is designed to be run with an additional exploit that facilitates remote code execution; however, they could not obtain the second exploit.

The vulnerability has been patched in Chrome version 134.0.6998.177/.178 for Windows.

A critical remote code execution (RCE) vulnerability in Apache Tomcat is actively being exploited by attackers to take over servers with a simple PUT request.

The vulnerability (CVE-2025-24813) was disclosed on March 10, 2025, with proof-of-concept (PoC) exploits published on GitHub just 30 hours later. Hackers are reportedly now using these PoC exploits in attacks.

According to Wallarm researchers, the attacks are difficult to detect as PUT requests appear normal and the malicious content is obfuscated using Base64 encoding.

The attacks involve the threat actors sending a PUT request containing a Base64-encoded serialized Java payload saved to Tomcat’s session storage. They then send a GET request with a JSESSIONID cookie pointing to the uploaded session file, forcing Tomcat to deserialize and execute the malicious Java code, granting complete control to the attacker. The attack does not require authentication and is caused by Tomcat accepting partial PUT requests and its default session persistence.

CVE-2025-24813 impacts Apache Tomcat 11.0.0-M1 to 11.0.2, 10.1.0-M1 to 10.1.34, and 9.0.0.M1 to 9.0.98. Users are advised to upgrade to Tomcat versions 11.0.3+, 10.1.35+, or 9.0.99+, which are patched against the flaw.

A new remote access Trojan (RAT) called StilachiRAT is said to be highly sophisticated, incorporating features that allow it to perform in-depth reconnaissance on compromised networks to gather extensive details of the environment, as well as steal clipboard data such as private keys and credentials that may be copied by the user.

The malware can also scan for active Remote Desktop Protocol (RDP) sessions in order to steal security tokens, with all collected data then sent to one of two preconfigured remote command and control (C&C) servers (95560[.]cc, 194.195.89[.]47) to enable the attackers to plan their next steps.

The RAT can extract saved credentials and data from the Chrome web browser, and it also checks for 20 different popular cryptocurrency and exchange wallet extensions on the browser such as BNB Wallet, Coinbase, MetaMask, OKX Wallet, Trust Wallet, and many more.

Besides these features, StilachiRAT also has the usual collection of anti-analysis and evasion features such as detection for sandbox environments, obfuscation of its code, and API calls. The backdoor functionality of the RAT can allow the attacker to perform a wide range of functions such as starting applications, terminating processes, monitoring network activity, clearing logs, etc.

A popular GitHub Action has been compromised in a supply chain attack targeting secrets associated with continuous integration and continuous delivery (CI/CD).

The targeted GitHub Action is called tj-actions/changed-files. Tj-actions provides GitHub Actions for streamlining CI/CD processes, while Changed-files, which is actively used in over 23,000 repositories, is designed for tracking file and directory changes.

According to researchers, the attack began on March 14 and involved a threat actor modifying the Changed-files code to execute a malicious Python script designed to dump CI/CD secrets to build logs. If the workflow logs are publicly accessible, they could lead to the unauthorized exposure of sensitive secrets when the action is run on the repositories. However, there is no evidence that such data has been siphoned to any attacker-controlled infrastructure.

On March 15, GitHub removed the compromised action, and the repository was restored with the malicious code having been removed. However, the compromise has lasting repercussions for impacted software projects, so the supply chain compromise has been assigned the CVE identifier CVE-2025-30066 (CVSS score: 8.6).

At least 11 state-sponsored threat groups have been abusing Windows shortcut files for espionage and data theft, according to Trend Micro’s Zero Day Initiative (ZDI).

Advanced persistent threat (APT) groups from North Korea, Iran, Russia, and China have been exploiting the flaw since at least 2017, according to Trend, which tracks the vulnerability as ZDI-CAN-25373 as Microsoft has yet to assign a CVE-ID.

“We discovered nearly a thousand Shell Link (.lnk) samples that exploit ZDI-CAN-25373; however, it is probable that the total number of exploitation attempts are much higher,” the researchers said. “Subsequently, we submitted a proof-of-concept exploit through Trend ZDI’s bug bounty program to Microsoft, who declined to address this vulnerability with a security patch.”

The vulnerability enables attackers to execute arbitrary code on affected Windows systems. ZDI-CAN-25373 is caused by a User Interface (UI) Misrepresentation of Critical Information (CWE-451) weakness, which allows attackers to exploit how Windows displays shortcut (.lnk) files to evade detection and execute code on vulnerable devices without the user’s knowledge. The attackers hide malicious command-line arguments within LNK shortcut files using padded whitespaces added to the COMMAND_LINE_ARGUMENTS structure.

The flaw has been exploited in widespread attacks by many state-sponsored threat groups and cybercrime gangs, including Hispid (aka Evil Corp), Springtail (aka APT43, Kimsuky), Fireworm (aka Bitter), Vedalia (aka APT37), Fireant (aka Mustang Panda), Leafperforator (aka SideWinder), Funnelweb (aka RedHotel), Engraver (aka Konni), and others.

Two critical vulnerabilities in mySCADA myPRO can allow malicious actors to take control of susceptible industrial control systems (ICS).

The vulnerable mySCADA myPRO software is a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments. The newly uncovered flaws include:

• CVE-2025-20014 (CVSS score: 9.8) — An operating system command injection vulnerability that could permit an attacker to execute arbitrary commands on the affected system via specially crafted POST requests containing a version parameter.

• CVE-2025-20061 (CVSS score: 9.8) — An operating system command injection vulnerability that could permit an attacker to execute arbitrary commands on the affected system via specially crafted POST requests containing an email parameter.

Both vulnerabilities are caused by improper sanitization of user input. Exploiting the flaws could allow attackers to inject system commands and execute arbitrary code.

“These vulnerabilities, if exploited, could grant unauthorized access to industrial control networks, potentially leading to severe operational disruptions and financial losses,” explained the PRODAFT researchers who discovered the issues.

The issues were addressed with the release of mySCADA PRO Manager 1.3 and mySCADA PRO Runtime 9.2.1.