AI Malware, Entra ID Flaw, & ShadowLeak Vuln – 09/20/2025
This intelligence digest highlights a significant escalation in AI-driven threats, including the discovery of ‘MalTerminal,’ a GPT-4 powered malware capable of creating ransomware. Additionally, a critical zero-click ‘ShadowLeak’ vulnerability was found in an OpenAI agent, posing a risk to Gmail data. We also cover severe, now-patched vulnerabilities in Microsoft’s Entra ID that could have led to widespread account compromise.
Top 4 Critical Security Alerts
- Microsoft’s Entra ID vulnerabilities could have been catastrophic: Researchers discovered severe, now-patched vulnerabilities in Microsoft’s Entra ID that could have allowed attackers to access virtually all Azure customer accounts. Read more
- Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell: A novel malware named MalTerminal leverages GPT-4 to autonomously generate malicious code, including ransomware and reverse shells, marking a new evolution in AI-driven threats. Read more
- ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent: A zero-click vulnerability, dubbed ShadowLeak, was discovered in an OpenAI agent that could allow exfiltration of sensitive Gmail data with a single crafted email. Read more
- LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer: LastPass is alerting macOS users to an active campaign using fraudulent GitHub repositories to distribute the Atomic infostealer malware disguised as legitimate tools. Read more
Threat Intelligence
- Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell: A novel malware named MalTerminal leverages GPT-4 to autonomously generate malicious code, including ransomware and reverse shells, marking a new evolution in AI-driven threats. Read more
- LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer: LastPass is alerting macOS users to an active campaign using fraudulent GitHub repositories to distribute the Atomic infostealer malware disguised as legitimate tools. Read more
Security Breaches & Incidents
- Canada dismantles TradeOgre exchange, seizes $40 million in crypto: Canadian authorities have shut down the TradeOgre cryptocurrency exchange, seizing over $40 million believed to be linked to criminal activities. Read more
Cloud & Network Security
- Microsoft’s Entra ID vulnerabilities could have been catastrophic: Researchers discovered severe, now-patched vulnerabilities in Microsoft’s Entra ID that could have allowed attackers to access virtually all Azure customer accounts. Read more
- Images over DNS: A technical proof-of-concept demonstrates a method for transferring image data over the DNS protocol, highlighting a potential covert channel for data exfiltration. Read more
Emerging Security Technologies
- ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent: A zero-click vulnerability, dubbed ShadowLeak, was discovered in an OpenAI agent that could allow exfiltration of sensitive Gmail data with a single crafted email. Read more
Operating on the philosophy that 'you can't build a secure system if you don't know how to break it,' Chris leads our engineering division. A top 1% National Cyber League competitor, he hardens our digital infrastructure against the very exploits he has mastered.
Media Inquiries
For expert commentary, interview requests, or high-res assets regarding this announcement, initialize the terminal.
