MongoBleed exploitation π΄, Spotify catalog breach π΅, Mustang Panda rootkit πΌ, Copilot backdoor flaw π€, Trust Wallet theft π°
Daily Threat Intel Digest - 2025-12-30
π΄ Critical Threats & Active Exploitation
[UPDATE] MongoBleed exploitation widens as PoC code drops
CISA added CVE-2025-14847 (“MongoBleed”) to its Known Exploited Vulnerabilities catalog amid confirmed active exploitation. The critical MongoDB server vulnerability enables unauthenticated attackers to read uninitialized heap memory, potentially exposing credentials or encryption keys. Over 74,000 internet-exposed MongoDB instances remain vulnerable (95% of all exposed servers), with Shadowserver Foundation reporting widespread scanning following the December 26 release of proof-of-concept exploit code. Organizations must patch to versions 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, or 4.4.30, or disable zlib compression immediately [CyberPress; GBHackers; Tenable].
[UPDATE] Coupang breach: Hacker’s MacBook recovered, $1.17B compensation announced
Investigators retrieved a MacBook Air discarded in a river by the former Coupang employee responsible for the breach affecting 33.7 million South Koreans. Forensic analysis linked the device to the perpetrator via iCloud records and revealed attack scripts on seized hard drives. Coupang confirmed stolen data was limited to approximately 3,000 customers and announced β©50,000 ($35) vouchers for all affected users, totaling $1.17B in compensation. The incident, traced to a retained security key, prompted a formal government inquiry and potential regulatory fines [CyberPress; BleepingComputer].
[NEW] Spotify faces massive music catalog leak by hacktivists
The “Anna’s Archive” hacktivist group claims to have stolen approximately 86 million music files (300TB) from Spotify’s catalog, representing 99.6% of tracks frequently streamed. The group plans to release the files publicly via torrents in early 2026 after already publishing metadata. Spotify confirmed no user personal data was compromised and patched the scraping vulnerability, but the exposed files could be exploited to train AI systems without artist consent. The scraping occurred over months via user accounts targeting tracks from 2007-2025 [Malware News].
π― Threat Actor Activity & Campaigns
[NEW] Mustang Panda deploys kernel-mode rootkit in espionage attacks
Chinese APT Mustang Panda (HoneyMyte) has adopted a new kernel-mode rootkit to deliver and conceal ToneShell backdoor malware against government organizations in Myanmar and Thailand. The rootkit, signed with a stolen certificate, uses a mini-filter driver to block deletion/renaming operations, interfere with Microsoft Defender, and protect injected payloads by denying handle access. Kaspersky reports this is the first observed use of kernel-mode loading for ToneShell, enhancing stealth against security tools and enabling persistent espionage [BleepingComputer].
[UPDATE] Trust Wallet crypto theft impacts 2,596 users
Following the December 24 browser extension compromise, Trust Wallet confirmed attackers drained approximately $7 million from 2,596 wallet addresses. The malicious extension (v2.68) was published via a leaked Chrome Web Store API key, bypassing release checks. Trust Wallet is reimbursing verified victims while warning of phishing domains impersonating support. The incident highlights systemic risks in browser extension supply chains and underscores the need for strict API key management [BleepingComputer].
β οΈ Vulnerabilities & Patches
[NEW] Microsoft Copilot Studio design flaw enables backdoor access
The “Connected Agents” feature in Copilot Studio is enabled by default with insufficient access controls and no native audit logging. Researchers demonstrated that attackers with tenant access can deploy rogue agents to invoke legitimate agents (e.g., email-sending capabilities) without detection, enabling phishing, misinformation, or spam campaigns. Microsoft has not assigned a CVE identifier. Organizations should disable the feature for sensitive operations and implement third-party monitoring [CyberPress].
[NEW] EmEditor supply chain breach distributes infostealer
Attackers compromised EmEditor’s official website between December 19-22, 2025, serving malware-laced MSI installers with fraudulent digital signatures. The popular text editor’s downloads were tampered with to distribute infostealer malware, though specific payload details were not disclosed. Users who downloaded installers during this window should scan systems and update to clean versions [GBHackers].
π Policy & Industry News
[NEW] OWASP releases Agentic AI Top 10 amid rising real-world attacks
OWASP published its first security framework for autonomous AI agents, citing 2025 incidents like prompt-jacking in Claude Desktop (CVSS 8.9), malicious MCP servers, and Amazon Q supply chain poisoning. The framework addresses risks such as “Agent Goal Hijack” (ASI01) and “Tool Misuse” (ASI02), providing a taxonomy for defending agentic systems. Organizations deploying AI agents should inventory MCP servers/plugins and enforce least-privilege policies [BleepingComputer].
[NEW] Lithuanian national arrested for KMSAuto malware campaign
A 29-year-old suspect was extradited from Georgia to South Korea for distributing clipper malware via KMSAuto Windows activators, infecting 2.8 million systems. The operation stole $1.2M in cryptocurrency by swapping wallet addresses in clipboards across 3,100 victims. The arrest highlights risks of using unlicensed software activators, which frequently deliver malware [BleepingComputer].