News

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

By Nina Kowalski · Cybersecurity Correspondent 2 days ago

A fresh batch of security threats spans authentication bypasses, privilege escalation flaws, and widespread scam campaigns targeting enterprise and consumer systems.

Researchers disclosed a privilege escalation vulnerability in Microsoft Azure that allows attackers with limited access to escalate permissions to administrative levels. The flaw affects cloud environments running standard Azure configurations and requires no additional exploitation techniques beyond basic account access.

A critical authentication bypass affects Kali365, a security testing platform, enabling attackers to circumvent multi-factor authentication controls. Users relying on Kali365 for secure access face direct account compromise risks without detecting unauthorized logins.

An undocumented security plugin for Claude, Anthropic's AI assistant, introduces code execution risks for users integrating third-party extensions. The plugin lacks proper input validation and allows attackers to inject arbitrary commands during normal API interactions.

FIFA-themed phishing campaigns target sports fans with counterfeit ticket sales and merchandise offers. Threat actors harvest credentials and payment information through convincing replica websites, then pivot into corporate networks using stolen employee accounts.

The threat cluster includes recycled malware loaders repackaged with new obfuscation, fake software installers hosting banking trojans, and exposed cloud storage buckets leaking sensitive files from development environments. Organizations commonly misconfigure S3 buckets and similar storage services, leaving databases and source code accessible to unauthenticated attackers.

Social engineering remains the fastest route into protected systems. New phishing templates impersonate cloud service providers and IT support teams, convincing users to grant OAuth permissions or reset credentials.

Defenders should patch Azure systems immediately, disable legacy authentication methods, enforce hardware security keys for sensitive accounts, and audit third-party AI integrations for proper sandboxing. Security teams need to scan for exposed cloud storage and verify proper access controls. Employee training on phishing and credential hygiene remains essential, as attackers consistently exploit human

Key facts

A fresh batch of security threats spans authentication bypasses, privilege escalation flaws, and widespread scam campaigns targeting enterprise and consumer systems.
Researchers disclosed a privilege escalation vulnerability in Microsoft Azure that allows attackers with limited access to escalate permissions to administrative levels.
The flaw affects cloud environments running standard Azure configurations and requires no additional exploitation techniques beyond basic account access.
A critical authentication bypass affects Kali365, a security testing platform, enabling attackers to circumvent multi-factor authentication controls.

Why it matters

This general story is part of CyberWireDaily's daily monitoring of sources, companies, institutions, and trends shaping security breaches, threats & cyber news.

Source context

This article summarizes and contextualizes reporting from The Hacker News. The visible original source link is retained so readers can review the primary report directly.

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Key facts

Why it matters

Source context

Related reading

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

Get Daily CyberWireDaily