Security Bulletin

September 8, 2025

❓What:

• Security firm ESET uncovered a novel ransomware variant dubbed PromptLock, believed to be the first AI-powered ransomware.

• Researchers at NYU Tandon confirmed they authored the code as part of a research project named Ransomware 3.0 ("Self-Composing and LLM-Orchestrated"), with intent to expose potential future threats. PromptLock is considered to be Proof-of-Concept (PoC), and while it has yet to be observed in real world attacks, it is theoretically capable of autonomously scanning files, deciding which to exfiltrate or encrypt, and can even destroy data altogether.
  

⚠️Impact:

August 15th, 2025

❓What:

• The city of Saint Paul confirmed the cyber attack they experienced in late July to be a ransomware attack carried out by ransomware gang Interlock. Threat intel company PRODAFT reports that the actors were able to access the city's systems via custom SystemBC Remote Access Trojan (RAT) malware.

• After the incident exceeded city response capacity, the state of Minnesota activated the National Guard's Cyber Protection Unit to work jointly with the city and the FBI in a recovery effort the Mayor has named Operation Secure St. Paul.

• Interlock claims it stole ~66,000 files / 43 GB and has begun leaking data. The mayor said residents’ personal/financial info was "not impacted".

July 14th, 2025

🔍 Key Takeaways

• What happened? Paradox.ai’s AI chatbot “Olivia,” used in McDonald’s McHire hiring platform, contained basic yet critical security flaws. An administrator login was protected by the credentials 123456/123456, and a sequential applicant ID allowed Insecure Direct Object Reference (IDOR) access.

• Scope of exposure: This enabled access to all of the platforms historical chat records, approximately 64 million records, including names, emails, phone numbers, physical addresses, and application data.

• Researchers findings: In 30 minutes, two cybersecurity professionals (Ian Carroll & Sam Curry) accessed a dormant Paradox.ai test admin account and used ID manipulation to review multiple applicants’ chat logs.

July 8th, 2025

❓ What:

• Researchers at Koi Security discovered nearly a dozen Chrome extensions on the official Web Store with approximately 1.7 million combined installations. These extensions, disguised as helpful tools—such as color pickers, VPNs, emoji keyboards, and more—contain hidden malicious capabilities.

• The malicious code, inserted into the extensions via later updates, registers a background listener to capture every visited URL. Data and a unique user ID are sent to a remote server, which could deliver redirect commands to unsafe websites. The extension updates are rolled out silently and automatically by Google's auto-update system without requiring interaction from the end-user.

• Compromised extensions were also found in the Microsoft Edge store, adding another 600,000 installs, making the total infected users over 2.3 million.