In this week's roundup, we feature Vali Cyber CTO Austin Gadient's Forbes Tech Council piece breaking down why AI-enabled workflows represent a fundamentally new attack surface as agents move from assistants to autonomous actors with direct access to production systems, then cover the discovery of PamDOORa, a new Linux backdoor targeting the PAM authentication stack to harvest credentials and maintain persistent SSH access with active log tampering to erase forensic traces, Dirty Frag, a newly disclosed unpatched Linux privilege escalation vulnerability that chains two kernel flaws to achieve reliable root access across major distributions — and critically bypasses mitigations already applied for its predecessor Copy Fail, Google's disclosure of the first known in-the-wild use of AI to discover and weaponize a zero-day 2FA bypass as part of a coordinated mass exploitation campaign, and the world's largest electronics manufacturer confirming a Nitrogen ransomware attack on its North American factories with 8TB of data allegedly stolen — including a coding flaw in Nitrogen's ESXi encryptor that irrevocably corrupts files rather than encrypting them. Read on!
AI Is Moving Into Production Workflows, And So Are The Risks
As AI agents move from assistants to autonomous actors — running scripts, calling APIs, and triggering downstream processes — the security risk shifts from bad outputs to execution risk. Vali Cyber CTO and cofounder Austin Gadient breaks down why AI-enabled workflows represent a fundamentally new attack surface: one defined not by the model itself, but by its integrations, identity tokens, automation permissions, and proximity to production systems. Attackers don't need to compromise the model, they just need to steer a workflow that already has reach. This piece outlines the key leverage points threat actors are exploiting, from prompt injection and supply chain abuse to credential exposure through normal automation steps, and explains why virtualized environments raise the stakes further by centralizing operational value.
"Autonomous agents are effectively insiders with tool access and no judgment, and they act faster than any human can intervene. Runtime enforcement isn't optional; it's the only control layer that can act in time."
On AI Is Moving Into Production Workflows, And So Are The Risks
"Nitrogen’s recent attack on Foxconn represents yet another entry in the growing wave of campaigns targeting hypervisors. Notably, a coding error in their malware resulted in the use of an incorrect public key, rendering post‑attack decryption impossible; further reinforcing the importance of preventing these attacks before they occur."
On Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
PamDOORa is a new Linux backdoor being sold on a Russian cybercrime forum that targets the Pluggable Authentication Module stack to harvest credentials from every user who authenticates through a compromised system, while maintaining persistent SSH access via a magic password and port combination. Because PAM modules typically run with root privileges, a malicious implant can operate largely undetected. PamDOORa compounds this with active log tampering to erase forensic traces. Its asking price has already dropped nearly 50% since March, suggesting the seller may be eager to close a deal quickly.
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Dirty Frag is a new unpatched Linux privilege escalation vulnerability that chains two page-cache write flaws — one in the IPSec subsystem and one in RxRPC — to achieve root access across major distributions including Ubuntu, RHEL, Fedora, and AlmaLinux. A successor to Copy Fail, it requires no race condition, is highly reliable, and critically bypasses the algif_aead blacklist mitigation applied to its predecessor, meaning systems that applied the Copy Fail fix remain vulnerable. A working single-command proof-of-concept is publicly available and Microsoft has confirmed limited in-the-wild exploitation is already underway.
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google has identified the first known in-the-wild use of AI to discover and weaponize a zero-day vulnerability — a 2FA bypass developed via an LLM-generated Python script and deployed as part of a coordinated mass exploitation campaign. The exploit's AI origins were evident from hallmarks in the code including educational docstrings, a hallucinated CVSS score, and textbook LLM formatting. The same report details state-sponsored actors from North Korea, China, and Russia leveraging AI for vulnerability research, polymorphic malware development, and autonomous exploit generation, signaling a broader and accelerating shift in how threat actors are operationalizing AI.
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
Foxconn, the world's largest electronics manufacturer with over 900,000 employees and $260 billion in 2025 revenues, has confirmed a ransomware attack on its North American factories after Nitrogen ransomware claimed responsibility and alleged theft of 8TB of data spanning more than 11 million documents. The stolen files allegedly include confidential designs and project files belonging to several of the company's major technology customers. Adding a troubling wrinkle, Nitrogen's ESXi encryptor contains a critical coding error that encrypts files with the wrong public key, meaning data is irrevocably corrupted rather than recoverable, leaving victims with no decryption path.
-2.png?upscale=true&width=1120&upscale=true&name=Copy%20of%20WTR%20Newsletter%20Email%20Header%20(5)-2.png)
