IngressNightmare, Next.js critical, More Agents, pwned
Introduction
Hello! ArvinF is your editor covering 23 to 29 March 2025 for this edition of F5 SIRT This Week in Security. Credit to the original sources.
IngressNightmare
Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could allow the total takeover of Kubernetes clusters – and thinks more than 6,000 deployments of the software are at risk on the internet.
This vulnerability is fixed in Ingress NGINX Controller versions 1.12.1 and 1.11.5, so do update to the latest version. Ensure the admission webhook endpoint is not exposed externally.
Other mitigations if an upgrade is not yet possible are:
Enforce strict network policies so only the Kubernetes API Server can access the admission controller.
Temporarily disable the admission controller component of Ingress-NGINX
F5 published K000150538: Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514 as F5 NGINX has a similarly named but different product NGINX Ingress Controller. The product has been assessed and it is not vulnerable to IngressNightmare related CVEs.
https://my.f5.com/manage/s/article/K000150538
F5 also released in the March 27 2025 attack signature update (ASU) an attack signature to address IngressNightmare, namely, 200103569.
K000150594: Attack Signatures for IngressNightmare: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974
https://my.f5.com/manage/s/article/K000150594
High 200103569 New Kubernetes NGINX Ingress Admission Controller Command Execution Command Execution CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24514 Kubernetes Ingress NGINX controller is vulnerable to remote command execution via a malicious AdmissionReview request
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/
Next.js critical CVE-2025-29927
A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. The flaw, tracked as CVE-2025-29927, enables attackers to send requests that reach destination paths without going through critical security checks.
Next.js is a popular React framework with more than 9 million weekly downloads on npm. It is used for building full-stack web apps and includes middleware components for authentication and authorization.
Next.js uses a header called 'x-middleware-subrequest' that dictates if middleware functions should be applied or not.
The header is retrieved by the 'runMiddleware' function responsible for processing incoming requests. If it detects the 'x-middleware-subrequest' header, with a specific value, the entire middleware execution chain is bypassed and the request is forwarded to its destination.
In the original research paper, the header and value "x-middleware-subrequest: /pages/_middleware" and "x-middleware-subrequest: middleware:middleware:middleware:middleware:middleware" and its variations were the examples and are potential "Indication of Attack" and will be useful with monitoring and logging systems and threat hunting.
F5 released in the March 23 2025 ASU, an attack signature to address CVE-2025-29927, namely, 200013111.
High 200013111 New Next.js Middleware Authorization Bypass Authentication/Authorization Attacks CVE-2025-29927 Next.js is vulnerable to an authorization check bypass on middleware via a specially crafted request
https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware
https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/
https://www.ncsc.gov.uk/news/vulnerability-affecting-nextjs-web-development-framework
https://nextjs.org/blog/cve-2025-29927
https://jfrog.com/blog/cve-2025-29927-next-js-authorization-bypass/
Chrome emergency patches zero-day
Google pushed out an emergency patch for Chrome on Windows this week to stop attackers from exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia.
Now Mozilla’s doing damage control, too, after spotting a similar flaw – albeit unexploited, as far as we’re aware – lurking in the code of its Firefox browser.
"The vulnerability CVE-2025-2783 really left us scratching our heads, as, without doing anything obviously malicious or forbidden, it allowed the attackers to bypass Google Chrome’s sandbox protection as if it didn’t even exist," wrote Kaspersky researchers Igor Kuznetsov and Boris Larin.
https://securelist.com/operation-forumtroll/115989/
https://www.theregister.com/2025/03/28/google_kaspersky_mozilla/
More Security Copilot Agents
Microsoft revealed an expanded flight plan for Security Copilot, which is now assisted by 11 task-specific AI agents that interact with products like Defender, Purview, Entra, and Intune.
Of the 11 Security Copilot agents introduced, five came from Microsoft Security partners.
The Microsoft-made agents include:
Phishing Triage Agent in Microsoft Defender, for sorting phishing reports.
Alert Triage Agents in Microsoft Purview, for triaging data loss prevention and insider risk alerts.
Conditional Access Optimization Agent in Microsoft Entra, for monitoring and preventing identity and policy issues.
Vulnerability Remediation Agent in Microsoft Intune, for prioritizing vulnerability remediation.
Threat Intelligence Briefing Agent in Security Copilot, for curating threat intelligence.
Microsoft Security partners have also contributed to the agent pool:
Privacy Breach Response Agent (OneTrust), for distilling data breaches into reporting guidance.
Network Supervisor Agent (Aviatrix), for doing root-cause analysis on network issues.
SecOps Tooling Agent (BlueVoyant), for assessing security operations center controls.
Alert Triage Agent (Tanium), for helping security analysts prioritize alerts.
Task Optimizer Agent (Fletch), for forecasting and prioritizing threat alerts.
The eleventh agent resides in Microsoft Purview Data Security Investigations (DSI), an AI-based service designed to help data security teams deal with data exposure risks.
Essentially, these agents use the natural language capabilities of generative AI to automate the summarization of high-volume data like phishing warnings or threat alerts so that human decision makers can focus on signals deemed to be the most pressing.
F5 has reference literature on Agentic AI. The MS Security Pilot are "AI Agents" - focused on executing specific tasks based on predefined rules. "Agentic AI" has "autonomy and adaptive decision making" and is a combination of GenAI and AI Agents.
Agentic AI combines extremely specific directive code that executes jobs with AI inference to generate or predict rich and contextual answers. Agentic AI is not magic, but it is more powerful than agents or GenAI operating alone. These two building blocks can be assembled in various amounts and combinations, automating a flow of work to produce tremendously valuable results. Here is a simple diagram depicting an automated agentic AI workflow. It uses multiple types of specialized agents and AI models to complete a set of actions. The solution executes until an acceptable outcome is achieved, and then it is fed back to the user.
https://www.theregister.com/2025/03/24/microsoft_security_copilot_agents/
https://www.f5.com/company/blog/ai-agents-vs-agentic-ai-understanding-the-difference
https://www.f5.com/company/blog/security-context-matters-for-agentic-ai
https://community.f5.com/kb/technicalarticles/agentic-rag---securing-genai-with-f5-distributed-cloud-services/339571
https://www.youtube.com/watch?v=Pwb8k3LPKgI
HaveIbeenPwned mail list leaked
Infosec veteran Troy Hunt of HaveIBeenPwned fame is notifying thousands of people after phishers scooped up his Mailchimp mailing list.
The list comprises around 16,000 records, and every active subscriber will be receiving a notification and apology email soon. Around half of these records (7,535), however, pertain to individuals who had unsubscribed from the list.
Based on the original blog post, tiredness was a factor in the momentary lapse in judgment. The brief moment where the credentials were captured, the attacker was able to export the HaveIbeenPwned mailing list, suspecting an automated attack.
In general, we should protect our digital fingerprints as extensively as we can. Having a 2nd factor of authentication may not be sufficient anymore with the advancement in phishing attacks. Use phishing-resistant MFAs where possible and stick to basics - if you are not sure, don’t click.
https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
https://www.theregister.com/2025/03/25/troy_hunt_mailchimp_phish/
https://www.pcmag.com/news/creator-of-haveibeenpwned-data-breach-site-falls-for-phishing-email
https://www.cisa.gov/news-events/news/phishing-resistant-mfa-key-peace-mind
NCSC taps influencers to make 2FA go viral
In related news covering a much wider audience, the UK’s National Cyber Security Centre (NCSC) has hopped on the bandwagon to preach two-factor authentication (2FA) to the masses.
It's the latest effort to improve the nation's cyber resilience as part of Stop! Think Fraud campaign launched in February 2024 under Rishi Sunak’s government, drafting in comedic sketch artists and Instagram personal finance gurus to promote wider uptake of security technologies.
"To boost public awareness about the crucial benefits of enabling two-step verification on their most important accounts, we’ve partnered with popular social media influencers to amplify this vital message and encourage a wider audience to adopt secure online habits,"
https://www.theregister.com/2025/03/26/ncsc_influencers_2fa/
https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/activate-2-step-verification-on-your-email
BlackLock ransomware gang pwned
Cybersecurity vendor Resecurity is admitting to breaking into a notorious ransomware crew's infrastructure and gathering data it relayed to national agencies to help victims.
Dubbed “BlackLock” (aka "El Dorado" or "Eldorado"), the ransomware-as-a-service (RaaS) outfit has existed since March 2024. In Q4 of last year, it increased its number of data leak posts by a staggering 1,425% quarter-on-quarter. According to independent reporting, a relatively new group has rapidly accelerated attacks and could become the most dominant RaaS group in 2025.
Resecurity identified a vulnerability present at the Data Leak Site (DLS) of BlackLock in the TOR network - successful exploitation of which allowed our analysts to collect substantial intelligence about their activity outside of the public domain.
The Resecurity blog is a good read as they walk thru their exploit, findings and communications with the BlackLock group. Another group mentioned was DragonForce - very similar in techniques and also pwned the BlackLock Data Leak Site.
https://www.theregister.com/2025/03/27/security_shop_pwns_ransomware_gang/
https://www.infosecurity-magazine.com/news/blacklock-2025s-most-prolific/
And that's the week that was
I hope you find the security news I picked educational. We have a mix of vulnerabilities, a zero day, Security CoPilot AI agents and F5 Agentic AI, phishing, UK NCSC 2FA public awareness campaign and for the cherry on top, a ransomware gang getting pwned. For vulnerabilities and zero days, update your system and software as soon as possible to mitigate these. Implement WAF, Bot Defense or DDoS mitigations where possible and in anticipation of future vulnerabilities and application attacks. Ensure only trusted users and networks have access to your systems. If a system does not need to be exposed for public access, ensure that it is not. For phishing, stand up the human firewall - be vigilant on received emails and links. If unsure, don’t click. Use MFA/phishing resistant MFA. An MFA is better than "no MFA”. AI agents and Agentic AI - we might have been using it and we may not have known. If you own one, ensure to protect it and implement security controls - Think F5 Distributed Cloud. Till next time - Stay Safe and Secure!
As always, if this is your first TWIS, you can always read past editions. We also encourage you to check out all of the content from the F5 SIRT.
1 Comment
- ArvinF
SIRT
hi its ArvinF again. I wanted to add this news on the ongoing Oracle Cloud data breach from March 23 -29.
Credit to the original source.
Looking through the Wayback Machine, we can see that the US2 server was as recently as February 2025 running some form of Oracle Fusion Middleware 11G.
Infosec outfit CloudSEK reckons that server may not have been patched to close CVE-2021-35587, a known critical vulnerability in Fusion Middleware's Oracle Access Manager, specifically its OpenSSO Agent.
Exploiting that bug – which can be done over HTTP with no authentication – would potentially give an intruder access to the very kind of information put up for sale this week. Public exploit code for the flaw exists.
On Thursday, what was claimed to be six million records of Oracle Cloud customers' Java KeyStore files, which contain security certificates and keys; encrypted Oracle Cloud SSO passwords; encrypted LDAP passwords; Enterprise Manager JPS keys; and other information stolen from the cloud provider went up for sale on BreachForums by a previously unknown netizen going by the name rose87168. The potentially affected customers is said to number in the thousands.
The price for this info has not been disclosed, as far as we can tell, and the seller is also accepting zero-day exploits as payment. It's said rose87168 contacted Oracle about a month ago to let the database giant know about the alleged data theft, wanted more than $20 million in cryptocurrency in exchange for details about the claimed heist, and was turned down.
https://www.theregister.com/2025/03/23/oracle_cloud_customers_keys_credentials/
Oracle Cloud's denial of a digital break-in is now in clear dispute. A infosec researcher working on validating claims that the cloud provider's login servers were compromised earlier this year says some customers have confirmed data allegedly stolen and leaked from the database giant is genuine.
Since Oracle rubbished reports of a security breach, rose87168, the individual who claimed responsibility for the alleged intrusion and theft of approximately six million records – customer security keys, encrypted credentials, LDAP entries, and other data – sent a 10,000-line sample of the collection to Alon Gal, co-founder and CTO at security shop Hudson Rock.
Gal said he took the sample and reached out to multiple Hudson Rock customers who appeared to be affected. Three customers have since confirmed the data handed to Gal by rose87168 from Oracle Cloud's internal systems is genuine, according to the CTO.
One customer, we're told, said its users are in the sample set, and have access to sensitive information. Another concurred, claiming the data is legitimate and from a production environment though it dates back to 2023.A third Hudson Rock customer said their users and tenant IDs match those in the sample, and that they are used in their production environment.
https://www.theregister.com/2025/03/25/oracle_breach_update/
