Thousands of API Keys and Passwords Discovered in Publicly Available LLM Training Data

In the past week, critical cybersecurity threats have emerged, with significant vulnerabilities being reported across various platforms. Recent cybersecurity incidents include the discovery of the stealthy “Auto-Color” Linux malware, which targeted universities and government organizations in North America and Asia. This malware enables full remote access while using advanced evasion techniques such as modifying /etc/ld.preload and deploying a malicious library implant (libcext.so.2) to maintain persistence. Additionally, CISA has flagged the active exploitation of CVE-2017-3066 (Adobe ColdFusion) and CVE-2024-20953 (Oracle Agile PLM), urging organizations to patch these deserialization flaws to prevent remote code execution and system compromise.

Meanwhile, researchers uncovered thousands of API keys and passwords exposed in publicly available LLM training datasets, raising concerns over data security risks and potential exploitation by threat actors. Cybercriminals are abusing MSC files to distribute Rhadamanthys Infostealer, using Console Taskpad execution to evade detection. Furthermore, Cisco confirmed Salt Typhoon APT’s exploitation of CVE-2018-0171, targeting U.S. telecoms through living-off-the-land techniques. These developments underscore the urgent need for organizations to stay vigilant and apply security updates promptly.

SISA Weekly Threat Watch – our weekly feature brings to you a quick snapshot of all the major security vulnerabilities that posed a threat to organizations worldwide. These recurring actionable threat advisories will also provide information and recommendations that will help security teams take appropriate actions to defend against the latest and critical threats.

1. Auto-Color: Stealthy Linux Malware Enabling Full Remote Access to Hackers

Auto-Color is a newly discovered Linux malware that targeted universities and government organizations in North America and Asia between November and December 2024. This stealthy threat grants attackers’ full remote access, using advanced evasion techniques to hide its command-and-control (C2) communications and ensure persistence—renaming itself, copying to /var/log/cross/auto-color, and modifying /etc/ld.preload, with a malicious library implant (libcext.so.2) when executed with root privileges. It disguises itself with benign file names and hooks libc functions to obscure its network activity. To combat Auto-Color, organizations should monitor changes to /etc/ld.preload, analyze /proc/net/tcp for hidden C2 connections, and review system logs for indicators of compromise. Additionally, scanning for libcext.so.2, restricting execution privileges, implementing behavior-based detection, and deploying Linux-specific endpoint detection and response (EDR) solutions are crucial steps to detect and remove this sophisticated malware.

2. CISA Flags Exploited Flaws in Adobe ColdFusion & Oracle Agile PLM

CISA has added two actively exploited vulnerabilities to its KEV catalog—CVE-2017-3066 in Adobe ColdFusion and CVE-2024-20953 in Oracle Agile PLM—due to evidence of real-world attacks. Both vulnerabilities are deserialization flaws that allow remote code execution and full system compromise, making urgent patching essential. Affected versions include ColdFusion 2016 Update 3 (and earlier), ColdFusion 11 Update 11 (and earlier), ColdFusion 10 Update 22 (and earlier), and Oracle Agile PLM version 9.3.6, while patched versions include ColdFusion 2016 Update 4, ColdFusion 11 Update 12, ColdFusion 10 Update 23, and the January 2024 update for Oracle Agile PLM. Federal agencies must apply fixes by March 17, 2025. To mitigate these risks, organizations should immediately apply the latest security updates, enforce deserialization protections (disabling unnecessary Apache BlazeDS components if possible), implement network segmentation, monitor logs and network traffic for suspicious HTTP requests, deploy Web Application Firewalls, enforce strong authentication with role-based access controls, conduct regular vulnerability scans and penetration testing, and enable intrusion detection systems to flag exploitation attempts.

3. API Keys and Passwords Discovered in Publicly Available LLM Training Data

A recent study revealed that a dataset used to train large language models contained nearly 12,000 live secrets—including AWS keys and API credentials—raising major concerns about hard-coded credentials and insecure coding practices. Researchers also discovered that even after GitHub repositories are made private, AI tools like Microsoft Copilot can still access them; an attack dubbed “Wayback Copilot” exposed private tokens from over 20,000 repositories belonging to companies such as Microsoft and Google. Additionally, fine-tuning AI on insecure code can lead to dangerous misalignment, while models like ChatGPT, Google Gemini, and Anthropic Claude remain vulnerable to prompt injections and logit bias manipulation. To combat these issues, it is crucial to regularly audit AI training datasets, use automated scanning tools to detect exposed credentials, enforce secure coding practices, and continuously update AI safety guardrails. This proactive approach can significantly reduce the risk of compromised data and insecure AI outputs, to learn more about AI security – click here.

4. Cisco Confirms Salt Typhoon APT Exploiting CVE-2018-0171 to Target U.S. Telecoms

Cisco has confirmed that the Chinese APT group Salt Typhoon exploited CVE-2018-0171 and stolen credentials to infiltrate U.S. telecommunications companies, maintaining persistence for over three years. By leveraging living-off-the-land (LOTL) techniques, the attackers evaded detection while capturing SNMP, TACACS, and RADIUS secrets to expand access. They modified loopback interfaces for SSH tunneling, altered network configurations, created local accounts, and deployed JumbledPath, a Go-based binary that captured packets, disabled logging, and erased forensic traces. Additionally, Cisco observed separate SMI-based attacks on its devices, unrelated to Salt Typhoon.

Organizations should patch CVE-2018-0171, disable Smart Install (SMI) if unnecessary, and enforce MFA for network devices. Monitoring SNMP, TACACS, and RADIUS traffic can help detect anomalies, while restricting SSH access, limiting Guest Shell creation, and storing logs externally enhances security. Implementing threat intelligence and behavioral detection rules in SIEM solutions can further mitigate the risk.

5. Malware Alert: Rhadamanthys Infostealer Campaign Abusing MSC File Execution

Rhadamanthys Infostealer is being distributed through MSC files, exploiting MMC’s capability to execute scripts and commands. Two variants exist—one leveraging CVE-2024-43572 (now patched) and another using Console Taskpad, which remains active. The malware masquerades as a Word document, tricking users into executing a PowerShell script that downloads and runs the infostealer. Once installed, it harvests sensitive data from infected systems.

To mitigate risks, restrict MSC execution through GPO rules, educate users on file masquerading, and enable Microsoft Defender Attack Surface Reduction (ASR) to block malicious scripts. Implement application whitelisting to prevent unauthorized PowerShell execution, monitor network traffic for suspicious activity, and block known C2 servers. Keeping systems updated with patches like CVE-2024-43572 and regularly updating endpoint protection solutions will help reduce exposure to this growing MSC-based malware threat.