Update: Host Header Injection Attacks Surge, Exposing Major Gaps in Web Application Security
Host Header Injection is rapidly emerging as a critical threat vector, with cybersecurity researchers observing a sharp increase in successful breaches exploiting this overlooked weakness. The HTTP Host header is at the center of this attack, a required part of any web request that tells the server which site the user is trying to access. Many modern web applications rely on this header to build URLs, route traffic, enforce access controls, and manage redirection logic. When developers fail to validate or restrict the Host header to trusted values, attackers can replace it with a malicious domain. This allows them to intercept data, poison password reset workflows, or manipulate the application's behavior. In coordinated attacks, threat actors have used this technique to generate fake reset links or session-based URLs that redirect unsuspecting users to attacker-controlled domains, giving them direct access to accounts or sensitive information. Beyond individual account compromise, Host Header Injection has far-reaching consequences for web infrastructure. Attackers can exploit this flaw to bypass internal network boundaries, trick caching systems into storing and serving malicious versions of pages, and escalate access to backend systems by pivoting through manipulated requests. Because many frameworks and hosting environments trust the Host header by default, organizations relying on standard configurations are particularly exposed. The lack of built-in sanitization in many platforms further increases the risk. To mitigate this, developers should implement strict allowlists to verify incoming Host values and never use unsanitized headers in links or redirects. Security teams should also ensure that Web Application Firewalls (WAFs) are tuned to detect irregular Host values and perform regular security assessments focused on request handling behavior. As these attacks become more common, they highlight a need to reevaluate trust assumptions in core web protocols.
Update: Slopsquatting, AI-Created Code Opens the Door to Supply Chain Attacks
Kaspersky researchers have identified a growing supply chain threat linked to the widespread use of AI-generated code, known as "slopsquatting". This attack vector stems from AI systems hallucinating non-existent software dependencies—phantom libraries that don’t exist but are treated as real in generated code. When attackers identify these hallucinated package names, they can publish malicious versions to public repositories, banking on developers or automated systems to unknowingly install them. A study of over half a million code samples from 16 language models found that hallucinations were common, especially in JavaScript and newer technologies. Some models, like CodeLlama 7B, generated fake dependencies in over 25% of outputs. Even with tuning and validation, models continued introducing fictional libraries at concerning rates, with nearly half of the hallucinated names reappearing in multiple generations, making them predictable and exploitable. What sets slopsquatting apart is its reliance on consistent AI-generated mistakes rather than human typos. As AI tools become more deeply integrated into development, especially through “vibe coding” workflows with minimal human review, these hallucinated packages pose a real threat to software integrity. Developers who trust AI-suggested dependencies without verifying them risk exposing their systems to malware and backdoors. To combat this, Kaspersky advises a multi-layered approach: automated static code analysis, enforcing code reviews on AI output, validating package names with secondary AI checks, restricting dependencies to vetted internal repositories, and educating developers on the security risks of AI-assisted coding. With malicious packages flooding public ecosystems and AI adoption accelerating, slopsquatting can become a serious supply chain vulnerability if left unchecked.
Weaponized PDF Invoices Used in Cross-Platform RAT Malware Campaign
A newly uncovered email campaign delivers remote access trojans through deceptive PDF invoices, marking a significant evolution in cross-platform malware delivery. While Windows systems are the primary targets, using Java-based malware means that Linux and macOS devices with Java Runtime Environment (JRE) installed are also vulnerable. The attack begins with invoice-themed emails that appear legitimate, often passing SPF validation by abusing the Spanish email service serviciodecorreo[.]es. These emails include weaponized PDF attachments instructing recipients to click a button to view invoice details. This action sets off a multi-layered infection chain designed to evade security controls, using social engineering tactics to exploit urgency and pressure users into acting without caution. The infection flow uses several evasion methods to avoid detection, including abuse of Dropbox and MediaFire for payload hosting, Ngrok tunneling to conceal infrastructure, and advanced geofencing to serve malware only to users in specific regions. When victims open the PDF and follow the embedded link, they are directed to an HTML file that appears to run a basic human verification step before redirecting them to a location-based Ngrok URL. Victims from Italy are served a malicious JAR file disguised with a neutral filename, while those from other regions see a harmless decoy document to evade sandbox detection. Once executed, the malware drops RATty, a Java-based remote access trojan capable of executing commands, logging keystrokes, accessing files, and activating webcams and microphones. The campaign demonstrates a high level of pre-attack reconnaissance, selective payload delivery, and effective masking, reinforcing the growing sophistication of modern threat actor tactics and the critical need for layered defense strategies.
