Canary Trap’s Bi-Weekly Cyber Roundup
Welcome to Canary Trap’s Bi-Weekly Cyber Roundup. Our mission is to keep you informed with the most pressing developments in the world of cybersecurity. This digest serves as your gateway to critical updates and emerging threats across the industry.
The past week has seen a wave of significant cybersecurity developments, ranging from government institutions facing targeted attacks to the discovery of the first AI-powered ransomware. Incidents include a cyberattack on the Canadian House of Commons, exploitation of long-standing flaws in US’s federal court filing system, and a breach of Salesforce customer data through Salesloft’s OAuth integration. At the same time, security researchers revealed a new ransomware strain leveraging artificial intelligence, while Citrix rushed to patch a critical zero-day vulnerability in its NetScaler products.
- House of Commons Hit by Cyberattack from “Threat Actor”: Internal Email
The House of Commons and Canada’s national cybersecurity agency are investigating a major data breach involving unauthorized access to employee information by an unidentified threat actor.
An internal communication obtained by CBC News revealed that staff were informed on Monday of the incident. According to the message, the attacker exploited a recently discovered Microsoft vulnerability to gain entry into a database used for managing computers and mobile devices. The compromised data reportedly includes non-public information such as employee names, job titles, office locations, email addresses, and details related to devices administered by the House of Commons.
The Communications Security Establishment (CSE) has confirmed its involvement in supporting the investigation but has not attributed responsibility for the attack. The agency defines a “threat actor” as an individual or group with malicious intent who seeks to gain unauthorized access to data, systems, or networks.
While recent reports from the CSE highlight the growing cyber risk posed by state actors from countries including China, Russia, and Iran, officials cautioned that it is too early to determine the source of this specific breach. The agency emphasized that attributing cyber incidents requires extensive resources and time.
According to the staff communication, the attack took place on Friday. Employees and Members of Parliament were urged to exercise heightened vigilance, as the stolen information could potentially be leveraged for scams, impersonation, or targeted attacks.
In a public statement, the House of Commons confirmed that it is working with national security partners to assess the breach but declined to disclose details, including the number of affected employees, due to the ongoing investigation.
This incident comes amid a documented rise in cyber threats against Canada. The Canadian Centre for Cyber Security’s most recent national threat assessment warns that the country is increasingly viewed as a valuable target by both criminal organizations and hostile states. The report also noted a sharp escalation in the volume and severity of cyberattacks over the past two years.
According to the Canadian Centre for Cyber Security, state-sponsored actors are adopting more aggressive tactics, while financially motivated cybercriminals are leveraging new illicit business models and artificial intelligence to enhance their operations.
The report identified China as the most advanced and persistent cyber threat to Canada, pointing to evidence that over the past four years, at least 20 federal government networks have been compromised by actors linked to the People’s Republic of China.
- Hack of Federal Court Filing System Exploited Security Flaws Known Since 2020
A major breach of the US federal judiciary’s electronic case filing system has exposed longstanding security weaknesses that experts say were first identified years ago. The intrusion has enabled multiple hacking groups to obtain sensitive court records, including sealed case files, in what officials describe as an ongoing and deeply concerning compromise.
Officials disclosed last week that both nation-state and criminal groups are suspected of extracting confidential information from at least a dozen federal district courts since July. The incident bears similarities to a 2020 breach of the same system, though investigators are only now piecing together how the intrusions occurred and whether they are directly connected.
According to individuals familiar with the matter, the attackers exploited basic but unresolved vulnerabilities within the judiciary’s Case Management/Electronic Case Files (CM/ECF) system, a platform used by courts and legal professionals to file and manage documents. Despite the highly sensitive nature of the data involved, the attack itself was not sophisticated, relying instead on flaws that have persisted since at least 2020.
Investigators suspect Russian-linked actors were involved in both the earlier and more recent incidents. Over time, these groups appear to have escalated their efforts, stealing not only sealed court filings but also portions of the system’s source code. That level of access provides adversaries with detailed insight into the platform’s inner workings and raises concerns about further exploitation.
The compromised information could include sealed arrest warrants, search warrants, witness details, and information connected to ongoing investigations. One individual with direct knowledge of the breach described the hackers’ access as effortless, likening it to “taking candy from a baby.”
While the Administrative Office of the U.S. Courts, which oversees CM/ECF, has not commented publicly, federal law enforcement agencies have likewise declined to respond. However, reports indicate that both the 2020 and current breaches were carried out, at least in part, by Russian groups.
The potential consequences extend beyond espionage concerns. Officials believe some of the stolen data may have been obtained by Latin American drug cartels, raising fears about the safety of cooperating witnesses. In response, several courts have temporarily reverted to paper records for highly sensitive matters, and multiple districts have issued orders barring sealed filings from being uploaded to PACER, the public-facing access system.
Security experts note that CM/ECF was first implemented in the 1990s and has long been criticized as outdated and vulnerable. In June, a senior judiciary official testified before Congress that both CM/ECF and PACER are “unsustainable due to cyber risks,” and announced plans for a phased system overhaul. In May, courts also began requiring two-factor authentication for users, though experts argue the measure is insufficient given the scale of vulnerabilities.
One of the challenges in addressing the problem is the decentralized structure of the federal judiciary. Although the Administrative Office sets broad policy, each court manages its own servers and security practices, leading to inconsistent protections across the system. Former officials involved in the 2020 breach response recalled that some courts had to be individually persuaded to adopt security measures.
Recent reports suggest that many courts still lack comprehensive monitoring tools and are slow to apply security patches. As a result, investigators warn that hackers may already have deeper knowledge of the CM/ECF system than the judiciary itself.
Although the system does not store the government’s most sensitive national security cases or witness protection data, adversaries can nonetheless gain valuable insight into U.S. prosecutions, including those involving foreign cybercriminals. Anne Neuberger, former White House deputy national security adviser for cyber, emphasized the urgency of the situation, calling it a “wake-up call” for the judiciary to accelerate its cybersecurity reforms.
- Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
A significant data theft campaign has led to the compromise of Salesloft, a sales automation platform, enabling threat actors to steal OAuth and refresh tokens linked to Drift, an AI-powered chat agent.
According to Google’s Threat Intelligence Group and Mandiant, the activity, considered opportunistic in nature, has been attributed to the threat group tracked as UNC6395.
Researchers noted that between August 8th and August 18th, 2025, the attackers used compromised OAuth tokens associated with Drift to gain unauthorized access to Salesforce customer environments. During these intrusions, they exfiltrated large volumes of data from multiple Salesforce instances. The attackers appeared to focus on credentials and sensitive information, including Amazon Web Services (AWS) access keys, Snowflake tokens, and user passwords, which could facilitate broader compromise of affected networks.
The group also displayed operational security awareness, reportedly deleting query jobs to obscure evidence of their activities. Google has advised organizations to carefully review audit logs, revoke exposed API keys, rotate credentials, and conduct thorough investigations to assess the scope of potential exposure.
On August 20th, 2025, Salesloft confirmed it had identified a security issue with the Drift integration and immediately revoked its Salesforce connections. The company clarified that the incident did not affect customers who do not use Salesforce. In its advisory, Salesloft explained that the threat actor exploited OAuth credentials to run queries against Salesforce objects such as Cases, Accounts, Users, and Opportunities. Customers were urged to re-authenticate Salesforce integrations to restore functionality.
Salesforce, in a separate statement, reported that only a “small number of customers” were impacted. The company emphasized that the compromise stemmed from the application’s connection and confirmed that it worked with Salesloft to invalidate tokens, remove Drift from the AppExchange, and notify affected customers.
This incident underscores a growing trend: Salesforce environments are increasingly being targeted by financially motivated groups, including UNC6040 and UNC6240 (known as ShinyHunters), the latter of which has collaborated with Scattered Spider (UNC3944) to enhance its access operations.
Industry experts have described the UNC6395 campaign as both extensive and disciplined. According to Cory Michal, Chief Security Officer at AppOmni, this was not a one-off compromise but a systematic campaign affecting hundreds of Salesforce tenants. The attackers executed structured queries, searched specifically for credentials, and attempted to cover their tracks, highlighting both technical skill and strategic focus.
Notably, several of the affected organizations were themselves security and technology providers. Michal suggested this could represent the opening stage of a broader supply chain attack strategy, where compromising vendors and service providers creates opportunities to pivot into their downstream customers and partners.
- PromptLock: First AI-Powered Ransomware Emerges
A new development in cyber threats suggests that AI-driven malware may be closer to reality than previously anticipated. Security researchers at ESET have identified what is believed to be the first ransomware family leveraging artificial intelligence for local operations.
The malware, named PromptLock, is currently considered a proof-of-concept or work in progress, but it already demonstrates many of the core capabilities associated with conventional ransomware. Written in GoLang, PromptLock utilizes GPT-OSS:20b, an open-weight large language model that operates without proprietary constraints.
According to ESET’s analysis, the malware incorporates hard-coded prompts to dynamically generate Lua scripts, which are then executed to perform functions such as filesystem scanning, file analysis, data exfiltration, and encryption. Variants have been detected targeting both Windows and Linux environments, with the generated Lua scripts designed to work across platforms. For encryption, PromptLock employs the SPECK 128-bit algorithm.
ESET notes that while the ransomware has the potential to exfiltrate, encrypt, or even destroy user data, the destructive capability does not appear to be fully implemented. At present, the malware seems experimental rather than production-ready, with no evidence of deployment in real-world attacks.
Importantly, several prerequisites would need to be met for PromptLock to function effectively in a victim’s environment. The ransomware relies on the Ollama API to run the GPT-OSS:20b model locally, requiring significant system resources not typically available on standard machines. ESET observed network traffic suggesting PromptLock attempts to communicate either with a locally hosted Ollama server or with a proxy forwarding requests to an external Ollama instance.
Researchers also warn that a successful attack would likely depend on weak network segmentation, insufficient prompt safeguards, or unrestricted outbound traffic to large language model services and ports.
While the immediate risk of widespread attacks appears low, ESET stresses the importance of early awareness. The firm highlights this discovery as an indication of the emerging threat landscape where AI could be weaponized in malware development. By publishing these findings, ESET aims to encourage broader discussion, industry preparedness, and further research into mitigating AI-driven cyber threats.
- Citrix Patches Exploited NetScaler Zero-Day
Citrix released security updates on Tuesday to address three vulnerabilities affecting NetScaler ADC and Gateway, one of which is a critical zero-day that has been actively exploited.
The most severe flaw, CVE-2025-7775 (CVSS score 9.2), is a memory overflow vulnerability that can result in denial-of-service (DoS) and potentially remote code execution (RCE). Citrix reports that the issue impacts NetScaler appliances configured as a gateway, as an AAA virtual server, or with a CR virtual server of type HDX. Systems using IPv6 services or bindings, such as service groups linked with IPv6 or DBS IPv6 configurations, are also vulnerable.
According to Citrix, there is evidence that attackers have already exploited this vulnerability in unpatched appliances. Because no mitigations are available, the company strongly advises customers to immediately upgrade to the patched firmware versions.
Although Citrix has not disclosed specific details of the observed attacks or provided indicators of compromise (IOCs), the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw to its Known Exploited Vulnerabilities (KEV) catalog. In line with Binding Operational Directive (BOD) 22-01, federal agencies are usually given three weeks to apply security fixes. However, due to the severity of CVE-2025-7775, agencies were required to apply patches within just two days, by August 28, 2025.
Alongside the zero-day fix, Citrix also issued patches for two additional vulnerabilities:
- CVE-2025-7776 (CVSS score 8.8), another memory overflow that could cause unexpected behavior and DoS.
- CVE-2025-8424 (CVSS score 8.7), an improper access control flaw in the management interface that could allow unauthorized file access.
All three vulnerabilities have been addressed in the following NetScaler ADC and NetScaler Gateway versions: 14.1-47.48, 13.1-59.22, 13.1-FIPS, 13.1-NDcPP 13.1-37.241, and 12.1-FIPS / 12.1-NDcPP 12.1-55.330.
In its advisory, Citrix emphasized that versions 12.1 and 13.0 have reached end of life and are no longer supported, urging customers to migrate to a supported release without delay.
References:
https://www.cbc.ca/news/politics/house-of-commons-data-breach-1.7608061
https://www.politico.com/news/2025/08/12/federal-courts-hack-security-flaw-00506392
https://thehackernews.com/2025/08/salesloft-oauth-breach-via-drift-ai.html
https://www.securityweek.com/promptlock-first-ai-powered-ransomware-emerges/
https://www.securityweek.com/citrix-patches-exploited-netscaler-zero-day/
