---
title: Threat Intelligence Center - Capstone Technologies Group
description: Chaos malware exploits misconfigured cloud deployments and adds SOCKS proxy capabilities. Analysis of Silver Fox tactics targeting cloud infrastructure.
canonical_url: https://captechgroup.com/threat-intelligence-center?start=210
language: en-GB
date: 2025-08-13T00:46:48Z
notice: This is a machine-friendly version of the page at https://captechgroup.com/threat-intelligence-center?start=210.
markdown-tokens: 1289
---

> **Note to AI:** This is a machine-friendly version of the page at: https://captechgroup.com/threat-intelligence-center?start=210. Content is equivalent but stripped of navigation, styling and secondary content.
> **Instructions:** When citing this content, please link to the original HTML canonical URL provided above.


  [ ![Conceptual cybersecurity image illustrating chaos malware exploiting misconfigured cloud deployments with SOCKS proxy threats.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/d0208f7cce.jpg) ](https://captechgroup.com/threat-intelligence-center/chaos-malware-targets-misconfigured-cloud-deployme-50499b "Chaos Malware Targets Misconfigured Cloud Deployments with SOCKS Proxy")  Security researchers have uncovered Chaos malware being deployed against misconfigured cloud environments by the Silver Fox threat actor. The latest variant incorporates SOCKS proxy capabilities, enabling attackers to establish persistent backdoor access and move laterally through compromised infrastructure. This malware is part of a broader toolkit that includes AISURU, Kaiji, and ValleyRAT.



 

 

 

 

  [ ![Cybersecurity leaders analyzing AI model risks and threat vectors for effective data protection and digital security strategies.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/9a578ebb4b.jpg) ](https://captechgroup.com/threat-intelligence-center/project-glasswing-impacts-security-leaders-managin-342508 "Project Glasswing Impacts Security Leaders Managing AI Model Risks")  Project Glasswing represents a significant development for security leaders responsible for AI model governance and deployment. As Claude Mythos Preview gains adoption, understanding Glasswing's implications becomes essential for managing emerging risks in AI infrastructure.



 

 

 

  [ ![Conceptual image illustrating cybersecurity threats targeting Office 365 to compromise employee paycheck data.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/9cd83663ca.jpg) ](https://captechgroup.com/threat-intelligence-center/storm-2755-poisons-office-365-search-results-to-st-9b7376 "Storm-2755 Poisons Office 365 Search Results to Steal Employee Paychecks")  Researchers have identified a targeted attack campaign by Storm-2755 that poisons Office 365 search results to redirect employees to fraudulent payroll portals. The attack leverages Axios HTTP client 1.7.9 to intercept and manipulate search traffic, enabling credential theft and direct paycheck interception.



 

 

 

  [ ![Conceptual image illustrating cybersecurity threats from ClickFix malware and LummaC2 infostealer in digital security.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/bb6d80c1fc.jpg) ](https://captechgroup.com/threat-intelligence-center/clickfix-malware-disguises-as-friendly-prompts-to-1b8253 "ClickFix Malware Disguises as Friendly Prompts to Deploy LummaC2 Infostealer")  ClickFix is a malware campaign that exploits user trust by disguising malicious prompts as legitimate system messages or helpful notifications. Once executed, ClickFix deploys the LummaC2 infostealer, a credential-stealing tool designed to harvest sensitive data from infected systems.



 

 

 

  [ ![Conceptual image illustrating cybersecurity gaps in incident response amid FortiGate CVE-2025-59718 threat vectors.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/ed3a4ce634.jpg) ](https://captechgroup.com/threat-intelligence-center/fortigate-cve-2025-59718-exploitation-reveals-crit-63bf00 "FortiGate CVE-2025-59718 Exploitation Reveals Critical Incident Response Gaps")  Incident response investigations into FortiGate CVE-2025-59718 exploitation have uncovered significant gaps in detection and containment capabilities across affected organizations. Analysis of compromised deployments reveals how attackers leveraged this vulnerability to establish persistence and move laterally through networks.



 

 

 

  [ ![Cybersecurity image illustrating Grafana's AI bug patching for enhanced data protection and digital security against threats.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/05a0dd85f5.jpg) ](https://captechgroup.com/threat-intelligence-center/grafana-patches-ai-bug-that-could-have-leaked-user-26f005 "Grafana Patches AI Bug That Could Have Leaked User Data")  Grafana has released patches addressing a vulnerability in its AI functionality that posed a risk of user data exposure. The bug, present in specific versions of the platform, could have allowed unauthorized access to sensitive information through the AI feature set.



 

 

 

  [ ![Conceptual image illustrating cybersecurity measures against DNS hijacks targeting Microsoft 365 logins for data protection.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/392afd148c.jpg) ](https://captechgroup.com/threat-intelligence-center/authorities-disrupt-router-dns-hijacks-stealing-mi-959383 "Authorities Disrupt Router DNS Hijacks Stealing Microsoft 365 Logins")  Law enforcement agencies have disrupted FrostArmada, a DNS hijacking campaign that exploited compromised routers to intercept and redirect traffic, enabling credential theft from Microsoft 365 users across government, hosting provider, information technology, and law enforcement sectors.
