All posts by : admin

On December 1, 2025, India’s telecommunications ministry issued a directive requiring all major mobile device manufacturers to preload a government-backed cybersecurity application called Sanchar Saathi on every new phone within 90 days. This move is part of the government’s strategy to enhance national security and safeguard citizens against telecom-related cyber threats. Notably, the app cannot be deleted or disabled once installed.

Features of the Sanchar Saathi App

Sanchar Saathi, which is available on both Android and iOS platforms, serves several key functions aimed at protecting users from fraud and enhancing telecom security. Among its features are:

• Users can report suspicious activities such as fraudulent calls, spam messages, and malicious web links, including those sent through SMS or WhatsApp.
• The app allows users to block stolen handsets and track lost devices.
• Subscribers can check how many mobile connections have been registered in their name, helping to identify unauthorized use.
• A crucial feature of Sanchar Saathi is the ability to report incoming international calls that are made to appear as domestic calls. These calls are often routed through illegal telecom setups operating over the internet, potentially resulting in financial losses and cybersecurity risks.

The government highlights that reporting such calls is essential for preventing illegal telecom exchanges, which not only cause financial harm but also threaten national security.

Since its launch in May 2023, Sanchar Saathi has garnered significant traction, with the app collectively installed over 11.4 million times. The majority of installations have been in the Indian states of Andhra Pradesh and Maharashtra. To date, the app has successfully blocked over 4.2 million stolen devices, traced 2.6 million of them, and recovered approximately 723,638 devices.

The Sanchar Saathi app requests access to several services on users’ phones, including the ability to read and send SMS messages, view network connections, access photos and media files, and control vibration and storage functions. Additionally, the app can access phone status, identity, and camera to assist in reporting fraud and other telecom issues.

Government’s Stance on Security

The government’s push for preloading the app onto all new devices aims to address several cybersecurity challenges, particularly the misuse of spoofed International Mobile Equipment Identity numbers. These counterfeit IMEI numbers, when used in devices, enable fraud and illegal activity, such as the resale of stolen or blacklisted mobile phones. The Ministry of Communications emphasized that tampered IMEIs are a significant threat to telecom security, as they make it difficult to track devices and prevent illegal usage.

India’s large second-hand mobile market has also led to concerns about the circulation of blacklisted devices. In response, the Sanchar Saathi app provides a mechanism for users to verify whether a device’s IMEI has been flagged, which is essential for preventing the buying and selling of stolen goods.

The Ministry’s directive mandates that mobile manufacturers push the Sanchar Saathi app to devices already in the supply chain via software updates. The app must be easily accessible to consumers, appearing on the device’s setup screen and remaining fully functional without any restrictions. The government argues that this measure will protect consumers from purchasing counterfeit devices and ensure greater transparency in telecom operations.

Global Comparison

India’s move to mandate the pre-installation of a government app mirrors a similar policy recently implemented in Russia. Starting September 1, 2025, Russia required that all smartphones, tablets, computers, and smart TVs sold in the country come with the MAX app preinstalled. MAX is a homegrown messenger app, and like Sanchar Saathi, it has raised concerns over potential surveillance. Critics claim that MAX could be used to track users, although Russian state media have denied these accusations.

In addition to the MAX app mandate, Russian authorities have imposed partial restrictions on messaging apps like Telegram and WhatsApp, citing their use in organizing criminal activities, including fraud, terrorism, and sabotage. As of late October 2025, these apps have been restricted in approximately 40% of Russia’s regions due to concerns about their role in illegal activities.

Cybersecurity and Telecom Oversight

Both India and Russia’s actions underline a growing trend in state-led oversight of telecommunications and digital security. While the governments argue that such measures are essential for protecting citizens from fraud, cybercrime, and national security threats, critics remain concerned about privacy and potential overreach. In India, the push to preinstall Sanchar Saathi is seen as a direct response to the increasing use of spoofed IMEI numbers and other telecom-related frauds. However, the move also highlights the broader challenges of balancing national security with individual privacy and freedom.

As India’s Sanchar Saathi app continues to expand its reach and functionality, its success will likely depend on how effectively it manages privacy concerns while providing robust security features for its users. Similarly, global scrutiny of Russia’s MAX app will be a bellwether for how other countries might follow suit in mandating similar software for national security purposes.

In both cases, the question remains: how much control should governments have over the devices and apps that individuals use in the name of security? Only time will tell if these moves will be seen as effective solutions or as the beginning of a broader trend of surveillance and regulation.

A rapidly growing scam targeting WhatsApp users has emerged as one of the most dangerous social-engineering threats across global messaging platforms. Cybersecurity experts are warning that criminals are exploiting WhatsApp’s screen-sharing feature introduced in 2023 — to trick victims into revealing highly sensitive financial and personal data.

Reports of the scam have surfaced across the United Kingdom, India, Hong Kong, and Brazil, highlighting its worldwide reach. In one high-profile case in Hong Kong, a victim was deceived into sharing their screen, enabling fraudsters to siphon off HK$5.5 million (US$700,000).

Unlike malware-driven cyberattacks, this scheme relies almost entirely on human manipulation making it exceptionally difficult to detect and prevent.

How the Scam Works

The attack begins with an unsolicited WhatsApp video call. Criminals pose as bank officers, Meta support staff, government agents, or even distressed family members. To appear credible, they often spoof local phone numbers and obscure their video feed to hide their identity.

They then generate panic by claiming:

• Suspicious activity on a bank account
• Unauthorized card charges
• A security alert requiring instant verification
• A problem with WhatsApp that needs immediate fixing

ESET researchers categorize the tactic as a potent form of remote-access fraud that blends:

1. Authority – impersonating trusted institutions
2. Urgency – fabricating a crisis
3. Access – convincing the victim to share their screen

Once the victim complies, the attacker gains full visual access to the contents of the device.

Screen sharing gives criminals real-time visibility into:

• One-time passwords (OTPs)
• Two-factor authentication codes
• Banking app screens
• Email accounts
• Password managers
• Private chats

Some attackers go further by persuading the victim to install remote access tools such as AnyDesk or TeamViewer. In more serious cases, victims unknowingly install malware including keyloggers, enabling long-term monitoring and theft.

How Attackers Take Over WhatsApp Accounts

With access to incoming text messages and verification codes displayed during screen sharing, criminals can immediately take control of a user’s WhatsApp account. Once hijacked, the account becomes a launchpad for additional fraud:

• Accessing sensitive conversations
• Targeting contacts with new scams
• Impersonating the victim to steal money
• Resetting passwords on other linked accounts
• Raiding bank accounts and digital wallets

The cascading nature of these attacks often leads to widespread losses across social circles and family networks.

Prevention Relies on Awareness, Not Technology

Experts emphasize that defending against this scam depends far more on user vigilance than on technical safeguards.

Users should:

• Never share their screen with unexpected or unknown callers.
• Independently verify any urgent claims by contacting their bank or institution directly.
• Enable WhatsApp two-step verification (Settings → Account → Two-step verification) to add an extra layer of protection.
• Avoid installing remote-access apps unless for verified, legitimate support.

Cybersecurity professionals stress that social engineering remains one of the most effective tools in modern cybercrime and that skepticism, patience, and independent verification remain the strongest defenses.

A major outage at Cloudflare one of the world’s most widely used internet infrastructure providers triggered widespread service disruptions on November 18, 2025, sending ripple effects across the global web and briefly rendering countless platforms partially or completely inaccessible.

Internal Failure Triggers Global Impact

The disruption originated from an internal service degradation within Cloudflare’s network that began producing HTTP 500 errors across several of its core systems. The failures affected the company’s dashboard, API, and underlying network services, leaving millions of users struggling to access websites relying on Cloudflare for security, DNS, and content delivery.

Cloudflare acknowledged the incident at 11:48 UTC, reporting intermittent impact and promising immediate remediation. By 12:03 UTC, the investigation remained underway; at 12:21 UTC the company noted signs of recovery but warned customers to expect elevated error rates. Another update at 12:37 UTC confirmed continuing work with no full resolution in sight throughout the afternoon.

Ironically, Cloudflare’s own status page went down during the height of the outage, preventing users from checking updates in real time.

The failure cascaded through major online platforms, many of which depend on Cloudflare’s CDN, DDoS protection, and DNS services.

• X (formerly Twitter) was hit particularly hard, with widespread loading issues and error messages citing Cloudflare server failures. Downdetector logged more than 11,000 user reports at peak, the majority tied to the mobile app.
• AI platforms such as OpenAI’s ChatGPT and Perplexity AI were unreachable for many users, displaying Cloudflare-branded error pages urging retry attempts.
• Other affected services included Canva, Spotify, Discord, League of Legends, Shopify, Medium, multiple crypto exchanges, and even Letterboxd.
• Outage tracker Downdetector itself briefly experienced issues, compounding user frustration as reports surged worldwide.

The crisis recalled the recent Amazon Web Services incident in October, which underscored the growing vulnerability of global systems reliant on a small number of cloud infrastructure providers.

Maintenance and Third-Party Issues Add Complexity

Concurrent maintenance activities in several Cloudflare datacenters—including Los Angeles, Atlanta, Santiago, and Tahiti may have contributed to latency and added strain as traffic was rerouted through alternative regions. Meanwhile, a separate problem affecting Cloudflare’s third-party support portal limited customers’ ability to view cases, though responses remained functional.

Ongoing Recovery and Industry Context

As of 6:24 PM IST, Cloudflare reported gradual recovery across its network, though elevated error rates persisted in regions of Europe, North America, and Asia. The company emphasized its ongoing mitigation efforts and promised a detailed post-incident analysis once the situation was fully resolved.

The outage comes amid a tense period for global cloud infrastructure. On October 20, AWS suffered a 15-hour disruption in its US-EAST-1 region, impacting platforms such as Slack, Snapchat, and Atlassian. Nine days later, an accidental DNS configuration change at Microsoft Azure triggered a worldwide outage affecting Azure Front Door and CDN services.

Cloudflare’s latest update at 14:34 UTC confirmed that dashboard functionality had been restored, though broader application services were still in remediation.

A large-scale phishing operation is leveraging Meta’s legitimate Business Suite infrastructure to steal credentials from thousands of small and medium-sized businesses around the world.

According to security researchers at Check Point, the campaign has distributed more than 40,000 phishing emails to over 5,000 organizations across key industries such as automotive, education, real estate, hospitality, and finance. The attacks have primarily impacted companies in the United States, Europe, Canada, and Australia.

Unlike traditional phishing attempts that rely on spoofed domains or fake websites, this sophisticated campaign uses Meta’s authentic Business Suite invitation system to appear credible. By operating through legitimate Meta infrastructure, attackers have made their phishing emails nearly impossible for standard security filters to detect.

How the Attack Works

The threat actors created fraudulent Facebook Business pages featuring genuine Meta logos and branding. These fake pages were then used to send Business Portfolio invitations that appeared to originate from the official facebookmail.com domain making them indistinguishable from legitimate Meta communications.

The emails employed convincing subject lines such as “Action Required,” “You’re Invited to Join the Free Advertising Credit Program,” and “Account Verification Required.” These messages urged recipients to click embedded links that redirected them to phishing sites hosted on domains like vercel.app.

Once users landed on these pages, they were prompted to enter their Meta credentials and other sensitive information, which was then harvested by the attackers.

Check Point analysts noted that the phishing campaign followed clear, repetitive templates indicating a highly organized, large-scale distribution effort. The use of Meta’s legitimate email infrastructure enabled the attackers to bypass common anti-phishing defenses, as the messages were technically sent from an authentic and trusted domain.

This marks a concerning evolution in cybercriminal tactics: by weaponizing legitimate business features of trusted platforms, attackers can exploit user confidence and evade detection far more effectively than before.

Defense and Mitigation

To defend against these sophisticated phishing schemes, cybersecurity experts recommend several key measures:

• if credentials are stolen, MFA can prevent unauthorized access.
• Staff should be trained to verify invitations and scrutinize links—even those appearing to come from trusted senders.
• Behavioral analysis and AI-driven detection tools can identify subtle anomalies that traditional filters may miss.
• Users should navigate directly to official Meta portals rather than clicking on links within unsolicited emails.

This campaign underscores a troubling trend in cybercrime: the exploitation of trusted digital ecosystems to deliver malicious content. As platforms like Meta continue to integrate deeper into business operations, attackers are increasingly turning these legitimate services into vectors for credential theft.

Organizations must therefore pair strong security technologies with ongoing vigilance and education to stay ahead of these evolving, trust-based phishing tactics

As online shoppers around the world gear up for the excitement, bargains, and rush of Black Friday 2025, cybersecurity researchers are raising serious concerns that this year could be one of the most dangerous in shopping-fraud history. The warning comes as experts identify a perfect storm of conditions — surging transaction volumes, increasingly advanced attacker tools such as generative AI and deepfakes, and the consumer urgency and distraction that often accompany the holiday shopping frenzy.

Recent data paints a concerning picture of just how widespread and sophisticated Black Friday–related cyber threats have become. Fraud-monitoring firm Darktrace observed a staggering 692% increase in attempted Black-Friday-themed phishing attacks during the week of November 25–29, 2024, compared to early November. Similarly, Kaspersky reported that its systems blocked over 38.4 million phishing attempts targeting online shopping platforms, payment systems, and banks throughout 2024 — an increase of nearly 25% year on year, according to data cited by IT News Africa.

Fake Black-Friday-themed websites surged by approximately 89% year on year, underscoring how cybercriminals are rapidly scaling operations to deceive consumers. Meanwhile, the UK’s Action Fraud service revealed that between April 2024 and April 2025, there were 784 reports of “quishing” (QR-code phishing) scams, resulting in nearly £3.5 million in losses. Complementing that, a PR Newswire survey found that 74% of U.S. consumers expect to scan at least one QR code during Black Friday or Cyber Monday campaigns a clear signal that this attack vector is ripe for exploitation.

Collectively, these figures highlight how cyber-fraudsters are becoming increasingly adept at leveraging the holiday shopping rush to exploit unsuspecting consumers.

Top 10 Scam Types to Watch During Black Friday 2025

Below are ten scam categories cyber-professionals and consumers alike should watch. For each I include the core methodology, tactics, red-flags to watch, and a brief example of how it plays out.

1. Fake Shopping Websites & Look-alike Domains

Attackers clone or mimic major retail websites, register domain names that look almost identical (e.g., missing letters, extra characters, alternate TLDs), upload convincing product photos, and accept payment or capture credentials.
Fast-domain registration, generative content, realistic checkout flows that terminate after payment. One report tracked an ~89% surge in such sites ahead of Black Friday. (Technuter)
Misspelled URLs, TLDs you don’t expect, no “About Us” or contact info, unrealistic discounts (e.g., luxury item at extreme cut).
Shoppers rushing for a deal may not inspect the URL or check authenticity of a site before entering payment details.

2. Phishing & Smishing

Fraudulent emails or SMS texts that impersonate a retailer, delivery firm, bank or payment service, often referencing Black Friday deals or order re-verification. Victims click a link or open an attachment, and credentials and/or financial data are harvested.
Urgent language (“only 10 minutes left”), use of brand names, link redirection to look-alike domains. Kaspersky data show 44% of online-shopping phishing attacks targeted banking services in 2024. (securelist.com)
Generic greetings (“Dear Customer”), mismatched sender domain, urgent deadlines, offers you didn’t request, out-of-context delivery notifications.
High volume of emails during peak shopping means victims may be less suspicious, and attackers exploit social-engineering triggers.

3. QR Code Fraud (“Quishing”)

Attackers present QR codes (via emails, posters, social media, even physical stickers) that redirect to phishing sites or trigger malware installation. Codes may be overlayed on legitimate ones in public spaces.
Placement in busy retail areas, use in Black Friday campaign signage, mobile users scanning quickly without verifying destination. The Action Fraud stats of ~£3.5 m lost and 784 reports between April 2024–April 2025 reflect the scale. (Action Fraud) Also, reports indicate QR scams now account for ~20% of all online scams. (PYMNTS.com)
QR code in unsolicited message, code stuck over another poster/code, request for login or payment immediately after scanning, no visible brand verification.
QR codes obscure the link destination from the user; when scanning via mobile, many users skip full URL review.

4. AI-Powered Deepfake and Influencer Scams

Attackers use generative AI to create realistic audio/video impersonations of brands, celebrities, or influencers promoting fake Black Friday deals, apps, or “giveaways.” Victims are directed to download fraudulent apps or visit malicious sites.
Synthesis of public-figure appearances, customizing messages to target audience, using deepfake voices to add credibility. While specific quantified data for Black Friday 2025 are still emerging, vendor commentary and academic research point to rising usage of these tools. (arXiv)
Promotional videos on social media from unverified accounts, unrealistic offers tied to a celebrity, links that don’t appear on the official brand’s channels, slight voice or facial movement “offness.”
The novelty and sophistication of the technology lower consumer suspicion—people assume they’re interacting with a genuine brand or influencer endorsement.

5. Fake Social-Media Ads & Counterfeit Marketplace Listings

Fraudsters create fake ads on platforms such as Instagram, Facebook, TikTok, often impersonating established brands, offering huge discounts, redirecting users to counterfeit storefronts. On marketplaces, fake sellers list high-demand items at unrealistic prices.
Rapid creation and deletion of fake accounts, use of URL shorteners, bot-generated fake reviews, impersonated brand pages.
Luxury items at steep discounts (e.g., 70-90% off), newly created seller accounts, pressure to purchase quickly, only crypto or direct payment methods.
Social-media ad fatigue means users may click without verifying; urgency and fear of missing out (FOMO) further drive impulse buys.

6. Fake Delivery Notifications

With so many parcels expected during Black Friday, scammers exploit this by sending fake messages (email/SMS) claiming a delivery issue and asking recipients to click a link, submit payment or verify details — which leads to phishing or malware.
Posing as major carriers (e.g., DHL, FedEx, UPS), use of tracking links that lead to malicious sites, request for confirmatory payment or account verification.
Notification for a parcel you didn’t order, request for payment to “complete” delivery, tracking number invalid on the carrier’s official site, sender domain differs from official brand.
Shoppers expect many deliveries around Black Friday, which lowers their guard and makes them more likely to act quickly.

7. Counterfeit Products & Marketplace Fraud

On peer-to-peer marketplaces or less-regulated vendor sites, fraudsters list branded goods (luxury or high-demand electronics) at steep discounts. Products either never arrive or arrive as cheap knock-offs. Payment may be requested outside the normal platform protections.
Listings with very few reviews, seller asks for payment via direct bank transfer/crypto, refusal of platform escrow, fake tracking numbers.
Price dramatically below market, seller with no history or ratings, request to communicate off-platform or pay outside standard payment systems, vague product details.
Black Friday increases volume of listings and “he’s selling the same item for far less” appeals to bargain-hunters.

8. Gift Card & Voucher Scams

Attackers promise “free” or heavily discounted gift cards, vouchers or contest wins via email/social media. Some sites ask users to enter wallet addresses or install apps that monitor the clipboard for cryptocurrency addresses.
Use of “giveaway” claims, phishing sites disguised as card-generators, clipboard-monitoring malware targeting crypto payments.
You didn’t enter any contest but get a “you’ve won” email, request to supply gift card codes or pay via gift cards, sites saying “just pay shipping and get your voucher”, apps requesting excessive permissions.
During high-spend seasons people may justify “free gift cards” and click indiscriminately.

9. Fake Charity & Donation Scams

Fraudsters exploit the generosity of the season by creating sham charity websites or campaigns (particularly around Black Friday / Cyber Monday). They impersonate legitimate nonprofits, solicit donations, and take the funds.
Emotional appeals linked to deals (“shop for good and give back”), fake websites, use of real-looking branding, donation links that are fraudulent.
Unsolicited donation request via email/social media, pressure to donate immediately, vague description of how funds will be used, charity not listed in recognized watchdog databases.
The mix of shopping and giving during the holiday period lowers consumer scepticism, and many people pay less attention to verification under the guise of goodwill.

10. Cryptocurrency Payment & Wallet Scams

Some fraudulent retailers or “discount deals” claim that if you pay with cryptocurrency you’ll get extra savings. In such cases, once payment is sent the seller disappears or the website steals wallet credentials. Other schemes prompt users to input recovery phrases or private keys disguised as verification.
Retailers switching to crypto-only payment, apps requesting photo access to scan wallet recovery phrases, fake investment pitch tied to Black Friday offers.
A retailer suddenly accepts only cryptocurrency payment, offers “guaranteed returns” after paying crypto during Black Friday, apps asking for device photo library, or wallet recovery phrase.
Crypto payments are often irreversible, making them an attractive target for fraud; the hype around “cryptocurrency payments for discounts” adds plausible cover.

How Consumers Can Detect & Avoid Scams

Here’s a consolidated checklist to help recognise and evade black-Friday related scams:

1. Verify the URL: Check for misspellings, strange TLDs (e.g., .top, .vip), hover over links to preview the target.
2. Check HTTPS & certificate: A padlock icon alone is not enough but absence of HTTPS is a strong red flag.
3. Evaluate website quality: Poor grammar, low-resolution images, inconsistent branding, broken links or odd layout often indicate fraud.
4. Confirm contact and company details: Legitimate sites show full contact info, physical address, support number; test them if possible.
5. Check domain age: Use WHOIS or domain lookup — domains newly registered (especially near Black Friday) may be suspect.
6. Read online reviews: Search “[site name] + scam” or check independent review sites, social media mentions, BBB equivalents.
7. Use security tools: Run URLs through services such as Google Safe Browsing, VirusTotal, APIVoid or ScamAdviser.
8. Evaluate deal-legitimacy: If price is ridiculously low (e.g., 70-90% off luxury items), treat as suspicious.
9. Check payment & return policy: Legit retailers accept mainstream payment (credit card, PayPal), and show proper return/refund policy. Be cautious if only crypto or gift-card payment is accepted.
10. Trust your instincts: If something feels wrong, step away. Don’t let FOMO make you ignore red flags.

Practical Mitigation Strategies

To stay safe this shopping season, consider implementing the following layered defence measures:

• Enable multi-factor authentication (MFA) on all your shopping, banking and payment accounts.
• Use strong, unique passwords (with a password manager) instead of reusing old credentials.
• Prefer a credit-card or virtual-card when shopping online — these often offer better fraud protection than debit cards or direct crypto payments.
• Shop via official retailer websites or verified apps — avoid clicking links in unsolicited emails or social-media advertisements.
• Keep your mobile device and computer updated with the latest patches and run reputable security software.
• For any charitable giving, go directly to the official charity website or donation portal rather than clicking offers in emails or social media.
• If using QR codes, double-check the context: make sure it’s displayed by the legitimate merchant, is not a sticker overlay, and after scanning pause to verify the URL before inputting anything.
• Be especially cautious of deep-discount offers, celebrity-endorsed “gifts”, deals only via crypto payment, or high-pressure “limited-time” prompts.

The Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a serious security vulnerability in Control Web Panel, previously known as CentOS Web Panel. The flaw, identified as CVE-2025-48703, is a dangerous OS command injection vulnerability that could allow cybercriminals to execute arbitrary commands on vulnerable servers without needing authentication.

CVE-2025-48703 is a critical vulnerability that can be exploited by unauthenticated remote attackers to run arbitrary commands on servers running vulnerable versions of CWP. This issue is particularly dangerous because it bypasses authentication altogether, meaning an attacker doesn’t need a valid login or root privileges to exploit the flaw.

The vulnerability lies in the file manager’s changePerm request functionality, where attackers can inject malicious shell commands into the t_total parameter. When executed, these injected commands can result in remote code execution, giving attackers full control over the affected system.

What makes this vulnerability especially concerning is its low barrier to entry: attackers only need to know a valid non-root username to successfully exploit it. This means cybercriminals can target vulnerable CWP systems with minimal information and little technical sophistication.

Why Is This Vulnerability So Dangerous?

CVE-2025-48703 is categorized under CWE-78, the Common Weakness Enumeration that covers improper handling of special characters used in operating system commands. In simple terms, this flaw stems from improper input validation, which allows attackers to escape the intended context of commands and execute arbitrary system-level commands.

The flaw’s low complexity and the ease with which attackers can exploit it make it a high-priority issue for security teams worldwide. And now, with CISA confirming that this vulnerability is actively being exploited in the wild, the need for immediate remediation is critical.

Immediate Action Required

On November 4, 2025, CISA added CVE-2025-48703 to its Known Exploited Vulnerabilities catalog, signaling that the vulnerability is being actively targeted by threat actors. CISA has set a mitigation deadline of November 25, 2025, giving organizations just three weeks to address the issue before the risks escalate further.

The agency has also emphasized that organizations running cloud services—particularly those subject to Binding Operational Directive 22-01 (BOD 22-01) compliance requirements—must prioritize this patch. Failure to do so could put sensitive data and infrastructure at serious risk.

How Can Organizations Protect Themselves?

Organizations that use CWP should take immediate action to secure their systems against this critical vulnerability. There are three primary remediation pathways:

1. Vendors have released security patches to address the vulnerability. Organizations should apply these patches as soon as possible to mitigate the risks.
2. Cloud service providers need to implement BOD 22-01 guidance to meet security compliance requirements and reduce exposure.
3. If patches are unavailable or ineffective, organizations may need to consider discontinuing CWP entirely to avoid exposing their systems to further risk.

Recommended Immediate Actions for System Administrators

For organizations currently running vulnerable CWP installations, it is essential to prioritize this vulnerability in your patching schedule. Here are some immediate actions to take:

• Isolate vulnerable systems from critical infrastructure to limit the impact of potential exploitation.
• Review user access controls and ensure that only authorized personnel can interact with vulnerable CWP installations.
• Set up monitoring for any unusual or suspicious activities, especially filemanager changePerm requests containing shell metacharacters or abnormal parameters.
• Admins should immediately check their logs for signs of exploitation. Look for any instances where the changePerm request contains shell metacharacters or other suspicious parameter values.
• Organizations unsure of the status of their CWP deployments should conduct urgent infrastructure audits to identify all affected systems.

As AI systems become more powerful and interconnected, they increasingly become targets for cyberattacks. A recent discovery has revealed a critical security flaw in Anthropic’s Claude AI that allows hackers to exploit its newly added network capabilities to steal sensitive user data. By leveraging an indirect prompt injection method, attackers can extract private information such as chat histories and upload it to their own accounts.

This revelation, outlined in Johann Rehberger’s October 2025 blog post, sheds light on the growing risks as AI systems become more integrated with the external world. In this article, we’ll dive into how this vulnerability works, what it means for the security of AI models, and what steps can be taken to protect against such threats.

How Hackers Can Exploit Claude AI

The flaw in Claude AI lies in the system’s default setting, which permits network access to a list of approved domains including api.anthropic.com. This setting is primarily intended to allow Claude to install software packages securely from trusted sites like npm, PyPI, and GitHub. However, this whitelist inadvertently opens a backdoor for potential exploitation.

As detailed by Rehberger, an attacker can exploit this by embedding malicious prompts in files or user inputs, which can trick Claude AI into executing harmful actions. These actions include extracting sensitive data, such as recent chat histories, and uploading it to the attacker’s account using Claude’s network features.

Rehberger demonstrates the attack with a proof-of-concept, outlining a sophisticated chain of events that begins with indirect prompt injection. Here’s how it works:

The attacker embeds harmful instructions in a seemingly innocent file or document that the user submits to Claude for analysis.

With Claude’s recent “memory” feature, which allows the AI to recall past conversations, the malicious prompt instructs Claude to extract recent chat data and save it as a file. This file is then stored in the Code Interpreter’s sandbox, at a location such as /mnt/user-data/outputs/hello.md.

The next step involves forcing Claude to run Python code using the Anthropic SDK. The injected code sets an environment variable with the attacker’s API key, which allows the file to be uploaded to the attacker’s account via Claude’s Files API.

The key vulnerability here is that the upload targets the attacker’s account, bypassing normal authentication mechanisms. The attack succeeds on the first try, though Claude has since become more cautious about obvious API keys, requiring attackers to obfuscate them using benign code like simple print statements to evade detection.

AI Kill Chain and Data Exfiltration

Rehberger’s proof-of-concept includes a demo video and screenshots that illustrate the exploit in action. In the demo, an attacker views their empty console, while the victim processes a tainted document. Within moments, the stolen file appears in the attacker’s dashboard.

Notably, the exploit allows for multiple uploads, with each file potentially being as large as 30MB. This poses a significant threat, as attackers can exfiltrate large amounts of sensitive data. The “AI kill chain” could be expanded to other allow-listed domains, amplifying the risk to users.

Anthropic’s Initial Dismissal and Later Acknowledgment

Rehberger responsibly disclosed the vulnerability to Anthropic on October 25, 2025, through HackerOne. Initially, Anthropic dismissed the issue, calling it a “model safety issue” and claiming it was out of scope. However, after further investigation, the company acknowledged the vulnerability on October 30, 2025, citing a process error that led to the initial dismissal.

While Anthropic’s documentation already warns of the risks of data exfiltration from network egress, it highlights the need for users to carefully monitor sessions and halt any suspicious activity. The company’s eventual acknowledgment of the issue confirms the importance of securing AI models against potential exploitation, particularly as they gain greater external connectivity.

Security experts like Simon Willison have highlighted this exploit as part of the “lethal trifecta” of AI security risks: powerful AI models, external access, and prompt-based control. When these three elements converge, they create a perfect storm for attackers. As AI systems like Claude become more integrated into workflows, the attack surface increases, making them more susceptible to malicious use.

How to Protect Against AI Exploits

So, what can be done to protect against this kind of exploit? Several steps could help mitigate the risks:

• One obvious solution is to enforce sandbox rules that limit API calls to only the logged-in user’s account. By restricting what the AI can access, you can reduce the chances of an attack succeeding.
• Users should carefully consider when to enable network access and which domains to whitelist. Trusting default settings without review can create a false sense of security.
• Vigilant monitoring of AI sessions is key. If any suspicious activity is detected, it’s important to act quickly to shut down the system or revoke access.

WhatsApp has announced a major upgrade to its backup security with the launch of passkey encrypted backups, a feature designed to make protecting chat histories both simpler and stronger—without the hassle of remembering complex passwords.

With this update, users can now secure their end-to-end encrypted backups using biometric authentication methods such as fingerprints, facial recognition, or device screen locks. This ensures that chat histories, photos, and voice notes remain accessible and secure even after a device is lost or replaced.

The new feature addresses one of the app’s most persistent challenges for its three billion global users, safeguarding years of personal conversations stored in backups on Google Drive or iCloud.

Passkeys represent the next evolution in passwordless authentication, using device-specific biometrics to generate unique cryptographic keys that never leave the user’s hardware. Unlike WhatsApp’s previous encryption system introduced in 2021 which relied on a manually created password or a cumbersome 64-digit key, the new system seamlessly integrates with the phone’s built-in security features for effortless protection.

Privacy and Protection with a Single Tap

Once enabled, users can encrypt their chat backups with a simple tap or glance, extending the same end-to-end encryption that already protects live chats and calls. This means that neither WhatsApp, Meta, nor cloud storage providers can access the content of users’ backed-up messages.

Beyond convenience, the change eliminates the risk of being locked out due to forgotten passwords an issue that previously left some users unable to recover their chat data.

Security experts have praised the update, noting that passkeys are more resistant to phishing, credential theft, and brute-force attacks compared to traditional passwords. As cyber threats grow more sophisticated, this marks a proactive step toward ensuring users’ data remains private and secure.

Strengthening Data Security in an Era of Growing Cyber Threats

Recent cybersecurity incidents, including spyware exploits targeting messaging apps, highlight the importance of protecting stored data. With the new passkey encryption, WhatsApp ensures that personal memories and sensitive exchanges remain confidential, even if a device is compromised or stolen.

This enhancement builds on WhatsApp’s pioneering 2021 introduction of end-to-end encrypted backups, which currently safeguard over 100 billion messages daily for two billion users.

By eliminating the need for complex encryption keys, passkeys make advanced security more accessible to everyday users, democratizing privacy without compromising protection.

The move also reflects a broader industry shift toward biometric and zero-knowledge authentication, positioning WhatsApp as a leader in mobile security innovation. Analysts suggest this could set a new standard for other messaging and cloud-based platforms managing personal data.

Global Rollout and How to Enable It

The passkey-encrypted backup feature will roll out gradually across iOS and Android devices in the coming weeks and months. To activate it, users can head to:
Settings → Chats → Chat Backup → End-to-End Encrypted Backup → Passkey Option.

WhatsApp encourages users to update their app to the latest version to ensure early access to the new feature. The company emphasizes that this upgrade brings backup security on par with chat security, keeping conversations both private and effortlessly accessible.