Malware Activity
Emerging Threats Highlight Risks Across Malware-as-a-Service and AI Ecosystems
Recent research highlights how cybercriminals are continuing to expand their capabilities through both traditional malware and emerging AI-driven attack techniques. Researchers identified QuimaRAT, a new cross-platform Remote Access Trojan (RAT) being sold as a Malware-as-a-Service (MaaS) offering, enabling threat actors to easily deploy advanced malware across Windows, Linux, and macOS environments without developing their own tools. The malware uses encrypted plugins, stealth capabilities, and multiple delivery mechanisms to maintain long-term access to compromised systems. At the same time, researchers uncovered SkillCloak, a novel technique that allows malicious AI agent extensions to evade security scanners by disguising harmful code and restoring it only during execution. Testing showed that these hidden payloads were able to bypass detection in the majority of cases, raising concerns about the growing software supply chain risks associated with AI coding assistants and third-party extensions. Together, these findings demonstrate how attackers are leveraging both accessible malware platforms and emerging AI technologies to increase the effectiveness, scalability, and stealth of modern cyberattacks, emphasizing the need for stronger detection, monitoring, and defense strategies. CTIX analysts will continue to report on the latest malware strains and attack methodologies.
- TheHackerNews: New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS article
- TheHackerNews: SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing article
Threat Actor Activity
Threat Actors are Using Fully Agentic JadePuffer Ransomware in Attacks
Sysdig reports what appears to be the first fully “agentic” ransomware operation, dubbed JadePuffer, conducted end-to-end by a large language model (LLM) agent rather than a human operator. The attacker exploited CVE-2025-3248, a critical unauthenticated RCE in Langflow, an open-source framework for building LLM apps, to gain code execution on an internet-exposed instance. Once in, the LLM-driven agent autonomously dumped Langflow’s Postgres database, harvested API keys, cloud credentials, wallets, and config files, scanned internal networks, probed MinIO, and set up persistence via a cron job. It then pivoted to a production MySQL server running Alibaba Nacos, abusing root credentials and multiple vectors, including CVE-2021-29441 and forged JWTs, to gain admin control. The agent encrypted 1,342 Nacos configuration items using MySQL’s AES_ENCRYPT(), dropped original tables, and created an extortion table with a ransom note, Bitcoin address, and Proton Mail contact. Payloads contained natural-language commentary and showed the LLM adapting in real time—fixing failed logins in seconds, adjusting to XML vs JSON responses, and narrating its logic. Notably, the randomly generated encryption key was never stored or sent, making recovery impossible, and the Bitcoin address appears lifted from public documentation, which was another signal of LLM behavior. This agentic operated JadePuffer demonstrates that capable models have the ability to be substitute for skilled humans, dramatically lowering the barrier to serious attacks against poorly secured, internet-facing infrastructure, while also creating new detection opportunities in LLM-generated code.
- Bleeping Computer: JadePuffer Article
- Security Week: JadePuffer Article
- SysDig: JadePuffer AI Report
Vulnerabilities
CISA Confirms Active Exploitation of Microsoft SharePoint RCE, Urges Immediate Patching
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that threat actors are actively exploiting a high-severity remote code execution (RCE) vulnerability affecting on-premises Microsoft SharePoint Server. The flaw, tracked as CVE-2026-45659, is caused by insecure deserialization of untrusted data, allowing authenticated attackers with only Site Member permissions to remotely execute arbitrary code on vulnerable SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016 deployments without requiring administrator privileges or user interaction. Although Microsoft released patches in May 2026 after the vulnerability was inadvertently omitted from its original May security updates and initially assessed exploitation as “Less Likely,” attackers rapidly weaponized the flaw, prompting CISA to add it to its Known Exploited Vulnerabilities (KEV) Catalog. In response, the agency ordered U.S. federal civilian agencies to remediate affected systems or discontinue use if mitigations are unavailable. While CISA has not attributed the attacks or disclosed their scale, more than 10,000 internet-exposed SharePoint servers remain visible online, underscoring the significant attack surface. The incident highlights the speed at which threat actors can reverse engineer newly released patches, reinforces SharePoint’s continued role as a common target for ransomware and other intrusion campaigns, and emphasizes the critical importance of rapidly patching internet-facing systems to reduce the risk of compromise. CTIX analysts strongly urge any affected administrators to patch and follow the CISA guidance to prevent compromise.
- Bleeping Computer: CVE-2026-45659 Article
- The Register: CVE-2026-45659 Article
- CISA: CVE-2026-45659 Advisory
📧 Never Miss a Briefing
Stay informed and secure. Subscribe to Ankura’s Cyber Flash Update, a bi-weekly briefing curated by our top cybersecurity experts. Receive timely insights on emerging threats, vulnerabilities and malicious actors to keep your systems secure.
Join the Cyber Flash Update community today.
© Copyright 2026. The views expressed herein are those of the author(s) and not necessarily the views of Ankura Consulting Group, LLC., its management, its subsidiaries, its affiliates, or its other professionals. Ankura is not a law firm and cannot provide legal advice.
