Brief #115: Palo Alto's $25B CyberArk Acquisition, Microsoft OAuth MFA Bypass, 45% Insecure AI Code

Nikoloz Kokhreidze

Nikoloz Kokhreidze

9 min read

Auto-Color backdoor exploits SAP NetWeaver via CVE-2025-31324 targeting US chemicals company. Cursor IDE vulnerability enables full RCE through prompt injection attacks.

Mandos newsletter for cybersecurity professionals and leaders by nikoloz kokhreidze

Happy Sunday!

The crypto industry just lost over $800 million in a single quarter – a quick reminder that even cutting-edge tech isn't immune to basic security fundamentals being overlooked.

In this week's brief:

  • Attackers are successfully bypassing MFA using fake Microsoft OAuth apps, compromising thousands of accounts with a concerning 50%+ success rate
  • New research reveals that AI-generated code contains vulnerabilities nearly half the time, raising questions about our growing reliance on LLMs for development
  • The cybersecurity job market is getting tougher, with even GRC roles now requiring technical skills that weren't expected just a few years ago

As organizations rush to integrate AI into security workflows, are we moving fast enough on securing the AI itself, or are we creating new attack surfaces faster than we can defend them?

Let me know in the comments.

Industry News

Threat Actors Using Fake Microsoft OAuth Apps To Bypass MFA

  • Attackers are impersonating legitimate enterprises with fake Microsoft OAuth applications to conduct AiTM (attacker-in-the-middle) phishing campaigns that specifically bypass multi-factor authentication using the Tycoon phishing-as-a-service platform.

  • The campaign has targeted over 3,000 user accounts across 900+ Microsoft 365 environments with a success rate exceeding 50%, customizing attacks to specific industries including aerospace and defense companies.

  • Microsoft plans to block legacy authentication protocols and require admin consent for third-party app access starting July 2025, which will significantly reduce the effectiveness of this attack technique.

Aim Labs Discovers "CurXecute" RCE Vulnerability in Cursor IDE

  • Aim Labs identified a high severity (8.6) vulnerability in Cursor IDE enabling full Remote-Code-Execution through a prompt-injection attack tracked as CVE-2025-54135.

  • The exploit occurs when Cursor's MCP server fetches untrusted external data that can silently rewrite ~/.cursor/mcp.json and execute arbitrary commands with user privileges.

  • Cursor fixed the issue in version 1.3, but all earlier releases remain vulnerable to this attack vector, which requires no user confirmation and executes before users can reject suggested edits.

Auto-Color Backdoor: Darktrace Thwarts Stealthy Linux Intrusion Via CVE-2025-31324

  • Darktrace identified and contained an Auto-Color backdoor malware attack targeting a US chemicals company through exploitation of CVE-2025-31324 in SAP NetWeaver, marking the first observed pairing of this vulnerability with Auto-Color malware.

  • The threat actor used multiple stages: initial exploitation to download a ZIP file, followed by DNS tunneling requests to OAST domains, and ultimately deployment of the Auto-Color ELF file which establishes persistence by modifying /etc/ld.so.preload and installing a malicious shared object (libcext.so.2).

  • Auto-Color employs sophisticated evasion techniques including a unique suppression mechanism that limits malicious behavior when C2 connection fails, helping it avoid detection in air-gapped or sandboxed environments while maintaining persistence through system library manipulation.

Leadership Insights

Web3 Security: Over $800 Million Lost In Crypto Hacks During Q2 2025

  • The crypto industry suffered $801,315,669 in losses across 144 security incidents in Q2 2025, with phishing emerging as the most costly attack vector ($395M stolen across 52 incidents), followed by code vulnerabilities ($235.7M across 47 incidents).

  • While Ethereum experienced the highest number of incidents (70), Bitcoin saw the largest financial impact with $373.6M stolen. The total for H1 2025 has already reached $2.47B in losses, surpassing the entire 2024 total of $2.4B.

  • Notable incidents include a BTC whale losing $330.7M to social engineering, Cetus Protocol's $225.6M smart contract exploit on Sui blockchain, and Nobitex's $89.1M loss to a hacktivist group that deliberately burned the stolen funds.

Mitratech Study: Third-Party Risk Management Programs Understaffed and Underprepared

  • Nearly 70% of TPRM programs are understaffed by about 29%, with organizations only managing 40% of their total vendor base on average – creating significant security blind spots for most companies.

  • The involvement of compliance teams in TPRM has surged from 42% in 2023 to 88% in 2025, driven by increasing regulatory pressures, particularly around data privacy and operational resilience.

  • While cybersecurity remains the most tracked third-party risk (85%), only 35% of organizations feel prepared for incident response, with 41% still relying on spreadsheets despite growing AI adoption (14% active implementation, 65% exploring).

Social Engineering Remains Top Initial Access Vector in Unit 42 IR Cases

  • Social engineering was the top initial access vector in 36% of Unit 42 incident response cases between May 2024-2025, with high-touch attacks on the rise where threat actors like Muddled Libra bypass MFA and exploit IT support processes to escalate privileges in minutes.

  • Data exposure resulted from 60% of social engineering attacks, significantly higher than the 44% rate seen in other attack vectors, with financial gain being the primary motivation in 93% of cases.

  • Non-phishing social engineering techniques are gaining ground, with SEO poisoning, fake system prompts, and help desk manipulation accounting for 35% of social engineering cases, forcing defenders to strengthen identity resilience and visibility across workflows.

Discover my collection of industry reports, guides and cheat sheets in Cyber Strategy OS

Career Development

CISO Melina Scotto Shares Insights on Cybersecurity Career Paths

  • Former Fortune 500 CISO Melina Scotto recommends pursuing certifications through organizations like ISC2 and platforms like Udemy before committing to full degree programs, noting that while formal education remains valuable for leadership roles, certifications may suffice for technical positions.

  • Scotto emphasizes gaining practical experience in different systems, networking, and AI before specializing in cybersecurity, as understanding technical details helps security professionals work effectively with operations teams.

  • The industry has evolved from viewing cybersecurity teams as "nags" to recognizing them as essential business partners, with organizations now understanding that cyber risk is business risk and well-maintained systems improve both security and operational performance.

Cybersecurity Job Market Shows Significant Challenges for GRC Professionals

  • A GRC security professional with 5 years of experience reports applying to 80 jobs over 7 weeks, resulting in only 4 substantive interviews, highlighting the competitive nature of the current cybersecurity job market.

  • Many interviews focused on technical skills outside traditional GRC expertise, including coding requirements, SIEM usage, threat hunting, and EDR knowledge – suggesting employers are seeking broader technical competencies even for governance-focused roles.

  • Community responses indicate this experience is common, with multiple professionals noting extended unemployment periods and increasing technical requirements for traditionally non-technical security roles, including coding assessments for GRC positions.

Cybersecurity Professionals Question Value Of Certifications Without Experience

  • Industry professionals are emphasizing that cybersecurity is not an entry-level field – it typically requires foundational IT experience before specialization, with many hiring managers looking past certifications to practical skills.

  • Multiple experienced cybersecurity practitioners report employment challenges despite having advanced certifications (like CISSP, GCIH, GDAT), suggesting that the current job market values demonstrated competence over credentials alone.

  • The consensus among commenters is that certifications primarily help candidates pass initial HR filters but rarely compensate for a lack of hands-on experience, with hiring managers increasingly scrutinizing applicants who pursue certifications without building relevant technical backgrounds.

How do you like Mandos Brief?

Terrible Bad Okay Good Excellent

AI & Security

MAS Hijacking Attack Compromises Multi-Agent AI Systems

  • Trail of Bits released pajaMAS, a set of demo exploits showing how attackers can manipulate multi-agent systems (MAS) to execute malicious code, even when individual agents have strong prompt injection defenses.

  • The attack works by exploiting inter-agent communication, turning agents into confused deputies that launder unsafe data from other agents, with attack vectors including compromised environments, tools, agent memory, and URL anchors.

  • Researchers recommend defensive measures including validation of command chains, tool provenance tracking, strict session hygiene, and implementing security at the orchestration layer rather than within individual agents.

OWASP Releases Comprehensive GenAI Incident Response Guide

  • The OWASP GenAI Security Project has published a new guide to help security teams respond to incidents involving generative AI applications, addressing the unique challenges posed by their probabilistic nature and semantic vulnerabilities.

  • The guide provides practical frameworks for risk assessment, asset classification, detection techniques, and response protocols specific to AI systems, with dedicated sections for attacks on AI systems, supply chains, and third-party model providers.

  • According to 2025 McKinsey data cited in the guide, fewer than 50% of organizations are actively mitigating security risks associated with GenAI, highlighting a significant gap in organizational preparedness for AI-related threats.

GenAI LLMs Generate Insecure Code 45% Of The Time, Study Finds

  • Only 55% of code generated by AI models is secure, with the remaining 45% containing known vulnerabilities like SQL injection, XSS, log injection, and insecure cryptographic algorithms.

  • Security performance remains consistent regardless of model size and has shown minimal improvement over time, even as LLMs get better at generating functionally correct code.

  • Test results varied significantly across different vulnerability types (CWEs) and programming languages (Java, JavaScript, C#, and Python), but remained surprisingly consistent across different AI models.

Market Updates

Palo Alto Networks to Acquire CyberArk in $25 Billion Deal

  • Palo Alto Networks will acquire CyberArk for approximately $25 billion, marking its formal entry into identity security as a core pillar of its multi-platform strategy.

  • The strategic combination aims to disrupt the legacy IAM market by extending robust, security-first privileged access management principles to all identity types – human, machine, and autonomous AI agents.

  • Integration will create a unified security platform that addresses critical credential protection challenges while securing Agentic AI, ensuring AI agents receive just-in-time access with least privilege principles.

Comp AI Secures $2.6M Pre-Seed To Disrupt SOC 2 Compliance Market

  • San Francisco-based startup Comp AI has raised $2.6M in pre-seed funding to transform how companies achieve compliance with frameworks like SOC 2, HIPAA, and ISO 27001 through AI-powered automation.

  • The company claims its AI-powered approach can automate up to 90% of the compliance process, helping early customers save over 2,500 hours on manual compliance work with its solution positioned as a developer-friendly alternative to traditional platforms.

  • Funding will support the expansion of their open-source platform enabling security professionals to contribute control templates, and launch their AI Agent Studio for automated evidence collection and risk assessments.

Echo Raises $15M for Vulnerability-Free Container Images

  • Echo secured $15M in seed funding led by Notable Capital and Hyperwise Ventures to develop container base images built from the ground up to be free of known vulnerabilities.

  • Founded by former Argon Security creators, Echo allows customers to simply replace the base image in their Dockerfile with a CVE-free version without switching to non-standard operating software.

  • The company has reduced vulnerability remediation timelines from an industry average of 120 days to just 24 hours, with changes reflected in customers' existing scanners and CNAPPs.

Tools

Tracebit

A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.

xocopy

Copy executables with execute, but no read permission on Unix systems.

OWASP Bricks

Deliberately vulnerable web application for security professionals to practice attack techniques.


If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

How do you like Mandos Brief?

Terrible Bad Okay Good Excellent

For more frequent cybersecurity, leadership and AI updates, follow me on LinkedInBlueSky and Mastodon.

Best, 
Nikoloz

Share With Your Network

Check out these related posts