Risky Bulletin: Microsoft takes down MSaaS used by ransomware gangs

This newsletter is brought to you by Push Security. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. You can also add the Risky Business newsletter as a Preferred Source to your Google search results by going here.

Microsoft has sued and seized domains and server infrastructure belonging to SignSpaceCloud (signspace[.]cloud), a Russian cybercrime service that sold code signing certificates to malware and ransomware gangs.

The service, which Microsoft is tracking as Fox Tempest, has been running since May of last year and is what cybersecurity experts call a malware-signing-as-a-service (MSaaS).

The group used hundreds of fake accounts on the Microsoft Artifact Signing service to obtain code signing certificates that it later resold on its website for thousands of US dollars.

Cybercrime groups paid the hefty prices but used the certificates to sign their malware and make it appear as software from legitimate developers.

The service was advertised on Russian Telegram channels and appears to be the work of a Russian-speaking threat actor.

Fox Tempest's clientele included all sorts of groups, ranging from infostealer operators to ransomware gangs and SEO poisoning groups.

The Rhysida ransomware group often used the service to disguise and execute its encrypters without getting detected. Other ransomware gangs like INC, Qilin, and Akira also bought certificates from Fox Tempest at one point or another in the past year.

Microsoft says it spent the past year taking down the group's fake accounts but they have always dodged its efforts and even rebranded at one point before the company's legal team pulled the rug from under their feet and just seized their infrastructure.

The company estimates the service made millions of US dollars before it was shut down.

Risky Business Podcasts

In this episode of Risky Business Features, Ollie Whitehouse, the CTO of the UK’s National Cyber Security Centre, joins Patrick Gray and James Wilson to talk about why “patch faster” will only get organisations so far in the face of the AI "bugpocalypse."

Breaches, hacks, and security incidents

Huawei zero-day behind Post Luxembourg hack: A zero-day in Huawei enterprise routers was allegedly used last year to break into Luxembourg's state-owned telecom operator. The hack of Post Luxembourg took place last July and led to extended internet outages in the country. Nine months later, details about the zero-day have yet to be publicly disclosed by either the telco or Huawei. [The Record]

ChimeraZ targets France: Three French holiday booking sites have been hacked and their data sold online. Breaches have been reported at Pierre & Vacances, Belambra, and Gîtes de France. The hacks have been claimed by the same hacker, an individual going by the name ChimeraZ. [Le Dauphine Libere]

Verus crypto-heist: Hackers have stolen $11.58 million worth of crypto assets from the Verus-Ethereum bridge. [The Block]

RXNT breach impacts Congress: Hackers have stolen patient data from healthcare software company RXNT. The company's software handles drug prescriptions and was hacked in March. Members of the US Congress, which uses RXNT to handle prescriptions, were also affected. RXNT notified authorities of the breach on the final day allowed under US health privacy laws. [Legal Insurrection] [h/t DataBreaches.net]

Eurovision cyberattacks: Austrian law enforcement say they blocked more than 500 cyberattacks that targeted the Eurovision song contest over the weekend. [Eurovision Fun]

7-Eleven confirms breach: Retail store chain 7-Eleven has disclosed a data breach to American authorities. The incident took place in April, when the company was hacked by the ShinyHunters group and listed on its dark web leak site. [Maine OAG]

General tech and privacy

Musk loses OpenAI lawsuit: Elon Musk has lost his lawsuit against OpenAI and two executives after a jury decided that Musk waited too long to sue the company. Musk sued OpenAI claiming he was misled to invest early in the non-profit, which then spun out a commercial entity. Musk sought $130 billion in damages paid to OpenAI's nonprofit arm, the removal of Sam Altman and Greg Brockman, and the dismantling of the for-profit entity. [CNN]

Twitter limits visibility for non-paying users: Twitter/X is limiting non-paying customers to only 50 posts and 200 replies per day. The previous limit was 2,400 posts/day. The company claims the new limit is intended to fight spam and bot activity, which appears to be just fine since most of the spam is posted from verified accounts anyway. [Engadget]

Discord rolls out E2EE: Discord is rolling out support for end-to-end encrypted voice and video calls. The feature runs on Discord's in-house DAVE protocol, which the company has been testing for two years. Encrypted calls are now the default for all Discord users. [Discord]

Red Hat Hardened Images: Red Hat announced the general availability of Hardened Images, a collection of secure container images. The containers come with SBOMs and are constantly updated with the latest security patches. The new Hardened Images are available at no cost. [Red Hat]

Firefox 151: Mozilla has released Firefox 151. New features and security fixes are included. The biggest feature in this release is the ability to merge PDF files in the Firefox PDF viewer and a new look for the Firefox Home new tab page.

Telcos form new ISAC: Eight of the largest US telcos have formed a new center for sharing intel on cyber attacks. The new Communications Cybersecurity Information Sharing and Analysis Center, or C2 ISAC, aims to share data and prevent another Salt Typhoon telco mass-hacking campaign. Founding members include AT&T, Charter, Comcast, Cox, Lumen, T-Mobile, Verizon, and Zayo. [AT&T]

Bitcoin Depot shuts down: The largest Bitcoin ATM operator in the US has filed for voluntary bankruptcy on Monday. Bitcoin Depot cited increasing costs and complexity related to the rollout of anti-fraud measures, customer lawsuits, and the regulatory environment. At least two US states have banned crypto ATMs, and a ban is also being prepared in Canada. According to the FBI, Americans lost more than $388 million last year to scams leveraging cryptocurrency ATMs and kiosks. [Bitcoin Depot press release]

Government, politics, and policy

CISA contractor leaks AWS GovCloud keys: A CISA contractor has leaked credentials for CISA cloud accounts via a public GitHub repository. The credentials granted access to at least three admin accounts on CISA's AWS GovCloud platform. The accounts were being used to manage CISA's internal systems. The credentials were revoked over the weekend after security researchers asked infosec reporter Brian Krebs for help in contacting the agency. [KrebsOnSecurity]

FBI looking to buy ALPR data: The FBI is seeking to buy access to automated license plate readers (ALPRs) data for all Americans. The agency is willing to pay up to $36 million per year to access the data. Access to an ALPR system would allow the agency to track any car's movement in the US without a court warrant. [404 Media]

Military coup plotters used ChatGPT: A group who were planning a military coup in Romania used ChatGPT to translate messages to and from Russian to coordinate with Russia's FSB intelligence service. Romanian investigators say they found evidence in ChatGPT logs of their crimes and deep cooperation with the Russian government. The group worked directly with FSB Director Alexander Bortnikov, who promised help to "put things into order." The plotters were one of two groups meant to help Calin Georgescu take power in Romania after the country canceled a first round of elections and his candidacy was dismissed due to Russia's election meddling. [Libertatea // Ziare]

Sponsor section

In this Risky Business sponsor interview, James Wilson chats with Push Security’s Chief Research Officer Jacques Louw about how the company has integrated an army of AI agents into its threat detection platform. Not only has agentic AI led to the discovery of Install Fix campaigns, but it will help simplify the platform for new customers. 

Arrests, cybercrime, and threat intel

Operation Ramz: Interpol and law enforcement agencies from 13 countries have detained more than 200 suspects involved in cybercrime operations across the MENA regions. The suspects were allegedly involved in cyber scams, phishing, and malware operations. A cyber scam compound was also dismantled for the first time in Jordan. [Interpol // Team Cymru]

South Korea arrests SMS spammers: South Korean authorities have arrested 36 suspects linked to a massive SMS spam operation. Suspects include the CEO and employees of a bulk SMS messaging business. The company allegedly worked with the employee of a mobile virtual network operator to hide the spam and make SMS messages appear as coming from real financial institutions. The group allegedly sent more than 580 million fraudulent text messages over the course of 15 months. [CommsRisk]

Trapdoor operation: More than 24 million users have downloaded malicious apps that load ads in hidden containers to perform touch fraud. More than 450 Android apps have served 659 million ads every day as part of the Trapdoor scheme. The original apps are clean in order to make it on the official Google Play Store. Once on a user's phone, they lure users into installing updates from third-party locations that contain the malicious ad fraud behavior. [Human Security]

Shai-Hulud code in the wild: The Shai-Hulud source code that got leaked last week has now been spotted used in campaigns in the wild, less than a week after it was "open-sourced." [Ox Security]

Storm-2949 profile: Microsoft has published a profile on a new hacking group it tracks as Storm-2949. The group targets cloud environments for data theft and appears to abuse Microsoft's Self-Service Password Reset (SSPR) process to gain initial access to some of its victims. [Microsoft]

Vulnerability exploitation is now the dominant entry vector: Vulnerability exploitation was the most common initial access vector for data breaches last year. According to Verizon's yearly Data Breach Investigations Report, vulnerabilities accounted for a third of all breaches. The number of vulnerabilities also increased last year, which also led to longer times to patch, 43 days on median. Another major trend observed last year was a shift towards mobile phishing and social engineering campaigns. [Verizon 2026 DBIR // PDF]

MSHTA abuse on the rise: As Microsoft has deprecated VBScript, multiple malware operations have shifted to abusing the Microsoft HTML Application Host (MSHTA). [Bitdefender]\

Another Steam game deployed malware: The Beyond The Dark horror game on Steam was caught deploying an infostealer that stole crypto-wallet data and Roblox account credentials. [PCGamesN]

Supply chain attack at AntV: More than 300 npm packages have been compromised in the most recent wave of the Shai-Hulud npm worm. The incident appears to have originated from the account of Alibaba's AntV data visualization project. A threat actor compromised the AntV account and deployed the Shai-Hulud worm via updates to existing libraries. The worm quickly spread to other packages in a matter of hours. The Shai-Hulud source code was released online last week and these incidents will become commonplace. [Aikido Security // JFrog // OpenSourceMalware // SafeDep // Snyk // Socket Security // Step Security // Wiz]

UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave. That includes 558 versions across 279 unique @​antv packages. Most were detected within ~6 minutes of publication. We also published our technical analysis.

— Socket (@socket.dev) May 19, 2026 at 7:47 AM

Microsoft is investigating a new, emerging Mini Shai-Hulud npm supply chain attack targeting antv packages. Attackers compromised an antv maintainer account and published malicious versions of multiple widely used packages (for example, antv/g2).

[image or embed]

— Microsoft Threat Intelligence (@threatintel.microsoft.com) May 19, 2026 at 10:39 AM

Nx Console incident: The Nx Console, a VS Code extension with more than 2.2 million downloads, was compromised and shipped an update that stole user credentials. [Step Security]

DurableTask compromised: Microsoft's PyPI package for the Durable Task Framework was compromised in a Shai-Hulud-based attack. [Aikido Security]

B1ack's Stash drops 4.6m cards: Carding forum B1ack's Stash has released 4.6 million cards for free. The card details were allegedly taken from a seller who was selling on multiple platforms, a violation of the forum's rules. [SOCRadar]

Residential proxies: Qurium researchers have put together a list of all the botnets behind residential proxy networks these days. [Qurium]

Malware technical reports

New SHub Stealer variant: There's a new version of the SHub Stealer being spread in the wild. The malware is distributed via ClickFix pages impersonating companies like Apple, Google, and Microsoft. SHub is a macOS stealer. [SentinelOne]

PureLogs: Add the PureLogs infostealer to the list of malware using steganography. [Fortinet]

CrystalX RAT: Security researcher Matt Kirkland takes a closer look at CrystalX, a Go-based RAT that appeared in March as a rebrand of the older WebCrystal RAT. [Matt Kirkland] 

Banana RAT: Trend Micro looks at Banana RAT, a Windows RAT used by the Brazilian e-crime for banking fraud. The company tracks the group behind this malware as SHADOW-WATER-063. [Trend Micro]

BadIIS: Cisco Talos takes another look at BadIIS, the backdoor planted on IIS servers that's being used for SEO poisoning campaigns and offered through a MaaS. [Cisco Talos]

DevilNFC and NFCMultiPay: Two Android malware families known for their support for NFC relay attacks, DevilNFC and NFCMultiPay, have been spotted active in Europe and LATAM. [Cleafy]

WantToCry ransomware: A new ransomware family named WantToCry is breaking into companies via SMB, stealing files, encrypting them remotely, and then placing them back on the victim network for extortion. The ransomware has nothing in common with the old WannaCry strain, despite the name. [Sophos]

Sponsor section

In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. 

APTs, cyber-espionage, and info-ops

UAC-0184: Today's lone APT report is from Synaptic Systems on a new UAC-0184 spear-phishing campaign targeting Ukraine. This is one of the lesser known Russian APT clusters targeting Ukraine over the past years. [Synaptic Systems]

Vulnerabilities, security research, and bug bounty

Linus is not a fan of AI-found bug reports: The Linux kernel project will treat AI-found bugs as public and not handle reports through its private mailing list. Linux creator Linus Torvalds says AI-found bugs are usually duplicates that cause "pointless churn" and are "a waste of time for everybody involved." He says AI reports have basically made the Linux security list "almost entirely unmanageable." [LKML]

"So just to make it really clear: if you found a bug using AI tools, the chances are somebody else found it too. If you actually want to add value, read the documentation, create a patch too, and add some real value on *top* of what the AI did. Don't be the drive-by "send a random report with no real understanding" kind of person. Ok?"

Drupal readies "highly critical" patch: The Drupal CMS has announced security updates for May 20 to patch a "highly critical" security bug. Drupal developers expect exploitation to start within hours or days of the patch. Security fixes have been prepared for all current Drupal releases, as well as some end-of-life versions. No details have been shared about what type of vulnerability this is. [Drupal security team]

SonicWall exploitation: A ReliaQuest report claims that hackers appear to have found a bypass for a SonicWall zero-day patch and are still gaining access to devices patched for CVE-2024-12802. [ReliaQuest]

DirtyDecrypt vulnerability: And we have a new variant of the CopyFail, DirtyFrag, and Fragnesia vulnerabilities, one called DirtyDecrypt. This is an EoP.

ChromaDB RCE: ChromeDB, a database system commonly used by AI companies, is impacted by a remote code execution bug (CVE-2026-45829) exploitable via one of its Python APIs. There is no patch for this because the dev team didn't respond to researchers. [HiddenLayer]

cPanel file read: The cPanel team has released a fix to patch a security bug that can allow threat actors to bypass authentication and read arbitrary files on servers. This is tracked as CVE-2026-29205. [Searchlight Cyber // cPanel]

More unpatched SGLang bugs: A popular AI server has once again failed to patch major security flaws. Three vulnerabilities in the SGLang server can allow path traversal and remote code execution attacks. This is the second time in a month that the project has failed to patch major security issues after ignoring another RCE bug at the end of April. [CERT/CC]

RIP CTF scene: Security engineer Kabir Acharya has a good op-ed out on how frontier AI models have effectively killed the Capture-the-Flag competition scene, as most competitions don't measure human skill anymore. Assetnote co-founder Shubham Shah thinks the end is coming for bug bounty programs in the same way. [Kabir Acharya // Shubham Shah]

AudioHijack technique: LLMs that work with audio data are apparently vulnerable to attacks using human inaudible commands because nobody who put together that LLM thought to impose a limit to the human audible audio frequency spectrum. [IEEE Spectrum]

GhostBranch and GhostTree techniques: Varonis researchers have found two new methods of abusing NTFS junctions to bypass Windows EDRs. [Varonis]

Mythos at Cloudflare: Internet infrastructure company Cloudflare has published a blog post detailing how it used Mythos across internal repos to find bugs and chain them together in complex exploits. [Cloudflare]

"Mythos Preview is a real step forward, and it's worth saying that plainly before getting into anything else. We've been running models against our code for a while now, and the jump from what was possible with previous general-purpose frontier models to what Mythos Preview does today is not just a refinement of what came before. It's a different kind of tool doing a different kind of work, and that makes a clean apples-to-apples comparison to earlier models difficult."

Security updates: Atlassian, cPanel, Dovecot, Firefox, GitLab, Grafana, SEPPmail, TP-Link.

Infosec industry

Threat/trend reports: Black Kite, Bridewell, CyFirma, Kaspersky, Specops Software, ThreatMon, and Verizon have recently published reports and summaries covering various threats and infosec industry trends.

New tool—Pathfinding Labs: Cloud security firm DataDog has released Pathfinding Labs, a collection of intentionally vulnerable AWS environments that can be deployed into a sandbox account, exploited, and torn down.

New tool—LID: Security researcher Azizcan Dastan has published LID (Linux Integrity Drift), a tool to find Linux kernel code paths that bypass LSM hooks, subsystems that perform security-sensitive operations without consulting the Linux Security Module framework.

Risky Business podcasts

In this edition of Between Two Nerds, Tom Uren and The Grugq look at Department 4 of Bauman Moscow State Technical University where students learn how to hack for the state. Its curriculum is extremely explicit about how the hacking and propaganda operations are relevant to state operations. They discuss whether this is an advantage for Russia's cyber program and look at what Western intelligence agencies do instead.