https://feed.craftedsignal.io/tags/file-access/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 22 Apr 2026 16:34:10 +0000https://feed.craftedsignal.io/briefs/2024-01-genai-sensitive-file-access/Wed, 22 Apr 2026 16:34:10 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-01-genai-sensitive-file-access/This brief outlines the threat of attackers leveraging GenAI tools to access sensitive files containing credentials, SSH keys, browser data, and shell configurations for credential access and persistence.Attackers are increasingly exploiting GenAI tools to automate the discovery and exfiltration of sensitive information from compromised systems. This involves using GenAI agents to systematically scan file systems for credentials, API keys, tokens, and other secrets. Access to credential stores (.aws/credentials, .ssh/id_*) indicates credential harvesting, while modifications to shell configuration files (.bashrc, .zshrc) point to persistence attempts. The observed activity leverages legitimate GenAI tool functionality, making it difficult to distinguish between benign use and malicious intent. This technique has become more prevalent since late 2025, with attackers refining methods to instruct GenAI agents to specifically target and exfiltrate sensitive files. Defenders must monitor for unusual file access patterns by GenAI processes.

Attack Chain

1. Attacker gains initial access to a system via phishing or exploiting a software vulnerability.
2. Attacker installs or deploys a GenAI tool (e.g., LM Studio, Claude, Copilot) on the compromised system.
3. The attacker configures the GenAI tool to scan the file system for specific file names and patterns associated with sensitive data (credentials, keys, cookies).
4. The GenAI tool accesses files such as .aws/credentials, .ssh/id_rsa, browser login databases (e.g., Login Data, logins.json, Cookies), and other credential stores.
5. The GenAI tool may modify shell configuration files (.bashrc, .zshrc) to establish persistence.
6. The GenAI tool stages the collected data for exfiltration.
7. The attacker exfiltrates the harvested credentials and data to an external server.
8. The attacker uses the stolen credentials to gain unauthorized access to other systems or cloud resources.

Impact

Successful exploitation can lead to widespread credential compromise, allowing attackers to move laterally within a network, access sensitive data, and potentially disrupt critical business operations. A single compromised developer workstation could expose cloud infrastructure credentials, impacting hundreds of systems and services. The use of GenAI tools allows for rapid and automated credential harvesting, significantly increasing the scale and speed of potential breaches. Sectors at high risk include software development, cloud computing, and any organization that relies heavily on API keys and secrets for authentication.

Recommendation

• Deploy the Sigma rule GenAI Process Accessing Sensitive Files to your SIEM to detect GenAI tools accessing sensitive files. Tune for your environment to reduce false positives.
• Monitor file access events, specifically looking for GenAI processes (ollama, lmstudio, claude) accessing files with names like credentials, id_rsa, logins.json, and .bashrc, as outlined in the Sigma rule.
• Implement stricter access controls and monitoring for sensitive directories like .aws, .ssh, and browser profile directories.
• Regularly audit and rotate credentials, API keys, and tokens, especially those stored in files.
• Educate developers and users about the risks of using GenAI tools to handle sensitive data.

]]>highadvisorycredential-accessgenaifile-accesspersistencehttps://feed.craftedsignal.io/briefs/2024-01-avideo-file-access/Mon, 23 Mar 2026 16:16:49 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-01-avideo-file-access/WWBN AVideo platform versions up to 26.0 are vulnerable to unauthorized file access and deletion, where an authenticated user with upload permissions can exploit the `objects/import.json.php` endpoint by manipulating the `fileURI` parameter to steal private video files, read adjacent text files, and delete `.mp4` and other writable files on the filesystem.WWBN AVideo, an open-source video platform, is vulnerable to unauthorized file access and deletion in versions up to and including 26.0. The vulnerability resides in the objects/import.json.php endpoint, which lacks proper directory restriction on the user-controlled fileURI POST parameter. This allows an authenticated user with upload permissions to bypass intended security measures and access or delete files outside of their authorized scope. The vulnerability was addressed in commit e110ff542acdd7e3b81bdd02b8402b9f6a61ad78. This vulnerability allows for the potential compromise of sensitive video content and adjacent data. Exploitation can lead to data theft and potential data loss. Defenders should prioritize patching and monitoring for suspicious activity targeting this endpoint.

Attack Chain

1. An attacker authenticates to the AVideo platform with a valid user account that possesses upload permissions.
2. The attacker crafts a malicious HTTP POST request targeting the objects/import.json.php endpoint.
3. The POST request includes the fileURI parameter, which is set to a path pointing to a target video file or adjacent text file outside the user’s designated directory.
4. The server-side code processes the request without performing adequate directory restriction checks on the fileURI parameter.
5. If the target is a video file, the server imports the video file into the attacker’s account, allowing the attacker to steal private video files.
6. If the target is a readable text file adjacent to a video, the attacker can access its contents via the import mechanism.
7. If the targeted file (either video or adjacent text file) is writable by the web server process, the attacker can trigger its deletion by including the appropriate parameters in the crafted request.
8. The attacker successfully exfiltrates the stolen video data or sensitive information from accessed files, or causes data loss due to file deletion.

Impact

Successful exploitation of this vulnerability can lead to several critical consequences. An attacker can steal private video files belonging to other users, resulting in a breach of confidentiality and potential reputational damage. The ability to read adjacent .txt/.html/.htm files can expose sensitive information, such as configuration files or credentials. Furthermore, the capability to delete .mp4 files and adjacent text files can cause data loss and disruption of service. The number of affected users depends on the specific deployment and the number of users with private video content.

Recommendation

• Apply the patch from commit e110ff542acdd7e3b81bdd02b8402b9f6a61ad78 to remediate CVE-2026-33493.
• Deploy the Sigma rule to your web server logs to detect attempts to access arbitrary files using the fileURI parameter in requests to objects/import.json.php.
• Monitor web server logs for unusual file access patterns, particularly requests to objects/import.json.php with fileURI parameters containing directory traversal sequences like “../”.

]]>highadvisoryavideofile-accessvulnerability