Trending Topics

Attackers Are Abusing Shopify’s Shop App for Callback Phishing

Threat actors are turning Shopify’s popular Shop order-tracking app into a new delivery channel for callback phishing scams, quietly inserting fake order receipts into users’ purchase histories and then waiting for their victims to pick up the phone. Instead of sending a sketchy-looking email, the attackers rely on a trusted app, a real-looking order timeline, and a bogus support number to socially engineer users into handing over sensitive data or installing remote access tools.

In these campaigns, victims open the Shop app and see what appears to be a legitimate high-value purchase associated with a well-known brand, complete with order details and a phone number to call if the charge looks wrong. When users call that number, they do not reach a retailer or bank; they reach a scammer running a classic callback phishing play, who then walks them through “canceling” the order by collecting credentials and payment data, or by convincing them to install remote desktop software so the attacker can access their device. This hybrid mix of in-app notices and voice social engineering fits the broader trend of callback phishing, which has grown rapidly over the past few years as email-based lures become easier to detect.

For now, there is no indication that Shopify or the Shop app itself has been technically compromised; instead, the abuse hinges on social engineering and the perception of trust that comes with a familiar app interface. The safest response for users who spot unfamiliar orders in Shop is to refuse any suggestion to call the embedded phone numbers, verify charges directly in their bank or card portal, and contact the financial institution using the number on the back of the card. Anyone who has already called and shared information should immediately change their passwords, enable MFA where possible, run a security scan on their device if remote tools were installed, and alert their card issuer to review and potentially replace the affected card.

Water Systems Face Mounting Cyber Threats, Agencies Urge Immediate Action

Water and wastewater utilities are under unprecedented cyber pressure, caught between aging infrastructure and increasingly capable adversaries who understand how disruptive even a “small” compromise can be to a community. Many plants still run legacy SCADA and PLC systems that were never designed with security in mind, are often reachable from the internet for convenience, and use default or weak passwords, which gives attackers an easy path from simple reconnaissance to direct control of pumps, valves, and chemical dosing. Recent advisories have linked campaigns to foreign state-aligned groups that are actively probing water-sector OT devices across the United States, underscoring that these risks are not theoretical and that water systems now sit alongside power and pipelines as priority targets.

Federal agencies have begun issuing much more pointed guidance, recognizing that many utilities, especially smaller ones, lack dedicated security teams or large budgets. The EPA’s “Top Cyber Actions for Securing Water Systems” and related sector guidance emphasize straightforward steps that deliver immediate risk reduction, such as identifying every internet-exposed device, enforcing strong authentication, segmenting business IT from operational control networks, and keeping offline, tested backups of critical configurations. CISA and the FBI complement this with technical advisories that detail how attackers are abusing remote access tools, exploiting outdated firmware, and targeting exposed PLCs, while also offering detection tips and incident response contacts tailored to the water sector. For utility leaders, the takeaway is that cyber resilience is now inseparable from safety and regulatory compliance, and for operators on the ground, the priority is to close the simplest doors first, so that a phishing email or exposed web interface cannot turn into a community-wide water emergency.

Actively Exploited Critical WinRAR Flaw Allows Remote Code Execution

A critical WinRAR vulnerability, CVE-2025-8088, allows attackers to turn a malicious archive into a RCE tool on Windows systems. The flaw is a path traversal bug that allows crafted archives to escape the normal extraction directory and write files to sensitive locations, such as the Windows Startup folder, where they can run automatically at the next logon. Because WinRAR is widely used and often left unpatched, routine actions like opening a “normal” RAR file can become a high-impact security risk for individuals and organizations alike.

Attackers are already exploiting CVE-2025-8088 in real campaigns, typically by sending phishing emails with weaponized archives that masquerade as job applications, invoices, or official documents. When opened in a vulnerable WinRAR version, the visible decoy file behaves as expected, while hidden HTA, LNK, BAT, or DLL payloads are quietly dropped into autorun locations to establish persistence and enable remote access, credential theft, or further lateral movement. With PoC code and exploitation details publicly available, multiple threat groups have adopted this technique, making it a favored vector for initial access and long-term footholds.

Given its high CVSS score and active exploitation, CVE-2025-8088 requires immediate remediation. All Windows users of WinRAR should update to version 7.13 or later, since 7.12 and earlier remain vulnerable to this path traversal issue. Organizations should pair patching with stricter controls on archive attachments, monitoring for suspicious file creation in Startup and other autorun paths, and user awareness training that emphasizes the risk of opening unexpected RAR files, even when they appear to be work-related or urgent.

New macOS Backdoor Embeds Fake Errors to Derail AI Security Tools

SentinelOne has documented a new macOS malware family, Gaslight, that takes direct aim at AI-assisted malware analysis rather than the operating system or sandbox itself. The Rust-based backdoor, attributed with high confidence to North Korea-aligned threat actors, delivers full remote access capabilities in a compact payload while embedding an unusual 3.5 KB prompt-injection blob within the binary. That blob contains 38 fabricated “system” messages formatted to resemble developer logs, crash reports, build errors, token expiry warnings, SQL injection alerts, and other diagnostics, all wrapped in Markdown and template style placeholders.

Rust has already been adopted in several state-sponsored toolchains because it compiles into small, fast executables with fewer recognizable patterns for traditional detection engines, and Gaslight follows that trend on macOS. The implant behaves like a conventional backdoor at the system level, maintaining a persistent outbound connection to attacker-controlled infrastructure and supporting remote command execution and data theft. What makes it novel is that the fake messages are not meant to fool static scanners or sandboxes; they are prompt injection content specifically designed to gaslight LLM-based triage pipelines into thinking something is wrong with the analysis session itself, so the AI aborts, truncates, or refuses to continue. By flooding AI tooling with fabricated out-of-memory errors, disk exhaustion warnings, token issues, and bogus vulnerability flags, Gaslight tries to erode confidence in the AI’s output and turn benign-looking strings inside the binary into an attack surface of their own.

SentinelOne notes that this technique has not yet been proven to reliably bypass major AI malware analysis platforms in controlled testing, but it is the first publicly documented case of prompt injection being weaponized inside malware to target the analyst’s tools rather than the sandbox. For security teams, the lesson is AI-assisted triage engines must treat binary-embedded text as adversarial input, aggressively sanitize prompts, and pair automated analysis with human review, rather than assuming AI will be more robust or trustworthy than a traditional, human-led security workflow.

CVE-2026-49269 Exposes a Hardware Privacy Gap in Apple’s Original M1 GPU

CVE-2026-49269 highlights a high-severity weakness in Apple’s original M1 GPU design, in which register file data can persist between compute shader dispatches from different sandboxed processes rather than being cleared. According to the NVD record, a malicious Metal application can run a reader shader to recover stale register values left behind by another sandboxed app, meaning confidential data recently handled by the GPU may be exposed across app boundaries.

What makes this issue notable is that it is rooted in hardware behavior rather than a conventional software bug. In the PoC described by NVD, one sandboxed app generated a fresh 128-bit secret and loaded it into GPU registers, while a separate sandboxed attacker app successfully recovered the exact same secret from the leftover register state, demonstrating that the attack is technically real and not just a theoretical edge case. Apple’s position, as reflected in the CVE record, is that the behavior affects only legacy hardware and has already been addressed at the hardware level in the current generation Apple Silicon.

There is no public evidence of active exploitation, attribution, or widespread attacks tied to CVE-2026-49269 at this point, which keeps the immediate threat lower than many remotely exploitable flaws. Even so, the vulnerability is important because software updates cannot fully redesign legacy silicon; they may help reduce exposure, but they do not fundamentally change the underlying register file behavior that made the data leak possible in the first place. For users still relying on original M1 systems, the practical advice is to stay fully updated and keep an eye on Apple’s security guidance, but the long-term fix is ultimately newer hardware with this GPU behavior already corrected.