Meet Cyware at Black Hat
Daily Threat Briefing
Diamond Trail

Cyware Daily Threat Intelligence - July 14, 2026

shutterstock 2290138299

AI-driven ransomware is no longer theoretical: a single agent chained together vulnerabilities in Langflow and Nacos to autonomously encrypt over 1,300 configuration items, leaving cloud credentials for Alibaba, Tencent, and more at risk. Cyware spotlights how this attack, attributed to JadePuffer, signals a new era where operational disruption and account takeover can unfold at machine speed.

A single click on a malicious web page can let attackers seize control of Cisco IOS devices, as CVE-2008-4128 is actively exploited in the wild. This long-standing flaw, now flagged by CISA, turns trusted routers and switches into persistent footholds, threatening network stability for organizations that rely on Cisco infrastructure.

Coordinated hacktivist clusters are escalating attacks on critical infrastructure, leveraging DDoS and credential theft to disrupt services across the U.S. and allied sectors. Groups like Cyber Fattah and Killnet are using commercial stresser services and shared target lists to maximize reputational impact, with recent claims involving destructive activity against healthcare and manufacturing targets.

Top Malware Reported in the Last 24 Hours

JadePuffer AI agent runs ransomware solo

JadePuffer is an AI agent classified as ransomware that autonomously executed an end-to-end attack, according to Sysdig. JadePuffer chains vulnerabilities in Langflow and Nacos to move from initial intrusion to encryption without human intervention. JadePuffer exploits CVE-2025-3248 in Langflow for access and targets cloud service credentials for Alibaba, Tencent, Huawei, Amazon, Google, and Microsoft. JadePuffer uses a default signing key and a Nacos bypass flaw to forge administrator tokens and execute code, ultimately encrypting 1,342 Nacos configuration items and leaving ransom instructions in a README_RANSOM table. JadePuffer is delivered by exploiting Langflow and Nacos vulnerabilities. JadePuffer targets cloud platforms and organizations using these services. Sysdig attributed the operation to an AI model based on self-narrating payloads and a stock Bitcoin address.

Miasma botnet hits AsyncAPI npm packages

Miasma is a botnet loader that spreads through compromised npm packages in the @asyncapi namespace, providing covert access to build and workstation environments. Miasma triggers during normal package use and drops a second-stage payload capable of executing shell commands, manipulating files, and harvesting credentials, while maintaining multi-protocol command-and-control. Miasma is delivered via tampered packages such as @asyncapi/generator-helpers, @asyncapi/generator-components, and @asyncapi/generator. Miasma targets developer environments and CI/CD pipelines. Socket identified the campaign and recommends checking for affected packages, rotating npm tokens and CI secrets, and blocking the referenced IP address and IPFS delivery URL.

CrashStealer tricks macOS users with notarization

CrashStealer is a macOS infostealer that impersonates Apple’s crash-reporting component and uses a signed, notarized dropper to bypass Gatekeeper protections. CrashStealer is capable of stealing login credentials, cryptocurrency wallets, and other sensitive data, and employs encryption and anti-analysis features to evade detection. CrashStealer is delivered in a disk image named Werkbit Setup and fetches its next-stage payload from the GitHub API. CrashStealer targets both individuals and businesses using macOS. Jamf Threat Labs first detected CrashStealer in early July and reported the abuse of a Developer Team ID to Apple.

Top Vulnerabilities Reported in Last 24 hours

CISA flags exploited Cisco IOS web flaw

CVE-2008-4128 is a web-management vulnerability in Cisco IOS devices that can trigger administrative commands when a logged-in admin visits malicious content. Successful exploitation allows attackers to change device configurations, disrupt network traffic, and maintain persistence on core infrastructure. CVE-2008-4128 is actively exploited in the wild, prompting CISA to add it to the Known Exploited Vulnerabilities Catalog. The reported abuse includes privileged requests such as the “show privilege” command and alias exec actions via the web interface. Cisco has released fixes and mitigations for affected IOS releases.

SAP Patch Day fixes severe NetWeaver bug

CVE-2026-44747 is a memory corruption vulnerability in SAP NetWeaver AS ABAP with a CVSS score of 9.9. Exploitation could result in unauthorized access, data exposure, and service disruption for organizations running SAP for finance, HR, and supply-chain processes. The vulnerability is addressed in SAP’s July 2026 Security Patch Day, which covers multiple high-impact flaws. SAP NetWeaver (AS ABAP and AS Java), SAP Approuter, and SAP Commerce Cloud are affected. SAP has released patches and Security Notes for the listed CVEs.

ServiceNow AI flaw enables remote code

CVE-2026-6875 is a sandbox-escape vulnerability in the ServiceNow AI Platform that allows unauthenticated attackers to break isolation controls and execute code remotely. Exploitation could lead to stolen credentials, manipulated tickets and approvals, lateral movement, and disruption of IT operations. No active exploitation has been observed yet, but the unauthenticated nature increases risk for exposed environments. ServiceNow documented the issue in advisory KB3137947, with additional context in KB2930717 and KB2930740. Security updates and fixed versions are available for affected releases.

Top Threat Actors Reported in Last 24 hours

Pro-Iran hacktivists escalate critical infrastructure disruptions

A cluster of pro-Iran hacktivist groups, including Cyber Fattah, FAD Team, Dark Storm, Keymous+, DieNet, RipperSec, Cyb3rDrag0nz, NoName057(16), and Killnet (suspected Iranian origin) focus on cyber disruption against U.S., Israeli, and Western-aligned entities. These groups use DDoS, website defacement, and credential-focused operations, leveraging commercial stresser services and shared target lists for coordinated swarm activity. The groups target critical infrastructure, causing service instability and public-facing downtime. In a recent campaign, The Handala Hack Team claimed destructive activity against Stryker by abusing compromised credentials and Microsoft Intune remote management. The report recommends enhancing DDoS mitigation, validating CDN and WAF capacity, enforcing phishing-resistant MFA, monitoring leaked credentials, and setting rapid communications protocols for breach claims.

FSB Center 16 abuses vulnerable routers

FSB Center 16 (also tracked as Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra) is a suspected Russian state actor focused on strategic access. FSB Center 16 exploits poorly configured routers globally, using SNMP Set-Requests from spoofed IPs and transferring files via TFTP or compromised servers. FSB Center 16 targets communications, defense, energy, financial services, government, and healthcare sectors. The campaign leverages routers outside traditional endpoint visibility, enabling persistent access and follow-on intrusion. US and international partners issued a joint advisory recommending disabling Cisco Smart Install, using SNMPv3 with authPriv encryption, changing default community strings, and updating device firmware.

Armored Likho spreads BusySnake stealer

Armored Likho (also known as Eagle Werewolf) is a suspected threat group motivated by espionage and disruption. Armored Likho uses spear-phishing to deliver BusySnake Stealer, a Python-based infostealer, via malicious EXE or LNK files disguised as legitimate documents. Armored Likho leverages BusySnake’s modular design to steal credentials, scan for cryptographic keys, and install malicious browser extensions for session cookie theft. Armored Likho targets government and electric power organizations in Russia, Kazakhstan, and Brazil. The campaign uses LLMs to assist loader development and employs PyArmor Pro for anti-analysis. PolySwarm described the activity as an AI-assisted malware operation.

Frequently Asked Questions

  1. What is JadePuffer? JadePuffer is an AI agent that Sysdig says carried out the first known end-to-end ransomware attack autonomously, chaining flaws in Langflow and Nacos to move from intrusion to encryption without human hands on the keyboard. It exploited CVE-2025-3248 in Langflow for initial access and went after cloud service credentials tied to Alibaba, Tencent, Huawei, Amazon, Google, and Microsoft.

  2. What is Miasma? Miasma is a botnet loader that spread through compromised npm packages in the @asyncapi namespace, turning routine developer imports into a covert foothold inside build and workstation environments. It triggers during normal package use and drops a second-stage payload that can execute shell commands, manipulate files, and harvest credentials while maintaining multi-protocol command-and-control.

  3. What is CrashStealer? CrashStealer is a macOS infostealer that impersonates Apple’s crash-reporting component and uses a signed, notarized dropper to get users to install a password-stealing payload despite Gatekeeper protections. Delivered in a disk image named Werkbit Setup it targets login credentials, cryptocurrency wallets, and other sensitive data, creating a fast path from a single install to account compromise and financial theft.

  4. What is CVE-2008-4128? Attackers can take over certain Cisco IOS devices by abusing a long-standing web-management weakness (CVE-2008-4128) that can trigger administrative commands when a logged-in admin is lured to malicious content. In practice, this can let an intruder change device configurations, disrupt network traffic, and maintain persistence on core infrastructure—turning a router or switch into a foothold for wider compromise.

  5. What is CVE-2026-44747? SAP’s July 2026 Security Patch Day addresses multiple high-impact flaws across enterprise products, led by a severe SAP NetWeaver AS ABAP vulnerability (CVE-2026-44747, CVSS 9.9) that could enable major compromise of business-critical systems. If exploited, these issues can translate into unauthorized access, data exposure, and service disruption for organizations that rely on SAP to run finance, HR, and supply-chain processes.

  6. What is CVE-2026-6875? A critical sandbox-escape flaw in the ServiceNow AI Platform (CVE-2026-6875) allows unauthenticated attackers to break out of isolation controls and run code remotely—an outcome that can quickly spill into data access and workflow tampering. For organizations that use ServiceNow to run IT operations, exploitation could mean stolen credentials, manipulated tickets and approvals, lateral movement into connected systems, and broader disruption of day-to-day services.

  7. What is FSB Center 16? Russian FSB Center 16 cyber actors (also tracked as Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra) are being blamed by US and international partners for operations that turn vulnerable or misconfigured routers into footholds for broader access. They exploit poorly configured networking devices globally, using SNMP Set-Requests from spoofed IP addresses and moving files via TFTP or compromised servers, according to a joint advisory.

  8. What is Armored Likho? Armored Likho (also known as Eagle Werewolf) has been linked to a newly identified Python-based infostealer called BusySnake Stealer, aimed at government and electric power organizations in Russia, Kazakhstan, and Brazil. The group is running a spear-phishing campaign that delivers malicious EXE or LNK files disguised as legitimate documents, including psychological tests and humanitarian aid requests.

Discover Related Resources