What is the Silent Ransom Group USB attack the FBI warned about?

The FBI issued a flash alert that Silent Ransom Group is sending human operatives into law firm offices to physically insert USB devices loaded with malware. The technique bypasses email security and network perimeter controls entirely — initial access is a person walking through the door.

Who was behind the LA Metro cyberattack?

The Los Angeles Metropolitan Transportation Authority cyberattack has been re-attributed from hacktivists to Iranian state-sponsored operators, making it a confirmed nation-state attack against U.S. critical transportation infrastructure.

What is the SymJack attack on AI coding agents?

SymJack is a technique that weaponizes AI coding assistants like Cursor and Windsurf by exploiting malicious Model Context Protocol servers. It hijacks tool-resolution to inject persistent backdoors into codebases without developer awareness.

What is CVE-2026-45659 in Microsoft SharePoint?

CVE-2026-45659 is an 8.8 CVSS deserialization remote code execution flaw in Microsoft SharePoint Server. Microsoft released an out-of-band patch. No special exploit conditions are required for exploitation.

How can organizations defend against physical USB malware attacks?

Defenders should enforce USB device control policies at the endpoint level, disable unauthorized peripheral connections, segment networks to limit lateral movement from compromised workstations, and implement physical access controls for visitor-accessible areas.

FBI Warns Silent Ransom Group Walking Into Law Firms

The FBI published a flash alert this week that should change how defenders think about initial access. Silent Ransom Group is not phishing its way into law firms — it is sending people through the front door with USB devices loaded with malware. When the initial access vector is a human being with a lanyard and a thumb drive, every assumption about perimeter defenses and email security becomes irrelevant. That physical intrusion story anchors today’s brief, alongside an Iranian state-sponsored attribution shift for the LA Metro cyberattack and a new technique that turns AI coding assistants into supply-chain backdoor installers.

In the News

FBI Warns Silent Ransom Group Is Physically Entering Law Firms to Deploy USB Malware

The FBI issued a flash alert warning that Silent Ransom Group (SRG) has shifted tactics from callback phishing to physical social engineering. Operatives are walking into law firm offices — posing as IT support, consultants, or building contractors — and inserting USB devices into unattended workstations. The USB payloads establish command and control access, enabling data exfiltration of privileged legal documents, client communications, and litigation strategy files.

This is a significant escalation. SRG previously relied on telephone-based social engineering (MITRE ATT&CK T1566.004 — Phishing: Spearphishing Voice) and BazarCall-style callback campaigns. The shift to T1091 — Replication Through Removable Media — eliminates the need for any email delivery, domain infrastructure, or credential phishing. The attacker’s initial access tool is physical presence.

Law firms are high-value targets because they hold material non-public information, litigation strategy, M&A documentation, and client privileged communications. Most law firms have minimal physical access controls for common areas and conference rooms where visitor-accessible workstations or network jacks exist. The FBI warning specifically calls out firms with fewer than 500 employees, where reception security and visitor badge enforcement are often informal.

What defenders should do: Enforce USB device control policies at the endpoint — block mass storage device enumeration entirely on workstations that do not require it. Segment networks so that a single compromised workstation cannot reach file shares, domain controllers, or backup infrastructure without additional authentication. Review physical access controls for any area where an outsider could access a powered-on workstation or exposed network port. Treat USB port policy as a physical security control, not just an IT convenience setting.

LA Metro Cyberattack Re-Attributed to Iranian State-Sponsored Hackers

The cyberattack against the Los Angeles Metropolitan Transportation Authority (LA Metro) — initially attributed to a hacktivist group — has been re-attributed to Iranian state-sponsored operators, according to SecurityWeek’s reporting. The attribution shift moves this from a nuisance-tier incident to a confirmed nation-state operation targeting U.S. critical transportation infrastructure.

Iranian state-sponsored groups — including MuddyWater (MITRE ATT&CK G0069) — have expanded their targeting of Western critical infrastructure throughout 2025 and 2026. This incident fits a pattern: initial claims of hacktivist motivation that later prove to be cover for state-directed intelligence collection or pre-positioning operations. The same pattern appeared in previous water utility and energy sector incidents where hacktivist branding masked state objectives.

For transit agencies and public-sector organizations, the takeaway is operational: if your threat model excludes nation-state actors because you consider your organization “too small” or “not strategic enough,” this incident contradicts that assumption. Iranian APTs target infrastructure for geopolitical leverage, not necessarily for the data itself.

What defenders should do: Critical infrastructure operators should review IT/OT segmentation boundaries, ensure SCADA and industrial control systems are not reachable from corporate IT networks, and tune network detection for low-and-slow lateral movement patterns characteristic of state-sponsored dwell operations. CISA’s Iran Cyber Threat Overview advisories remain the primary reference for TTPs and detection guidance.

SymJack Weaponizes AI Coding Agents Into Supply-Chain Backdoor Delivery Systems

Researchers disclosed SymJack, the first documented technique that converts enterprise AI coding assistants into persistent supply-chain attack tools. The attack targets AI agents that use Model Context Protocol (MCP) servers for tool resolution — including Cursor, Windsurf, and Claude Dev. By standing up a malicious MCP server, an attacker hijacks the agent’s tool-resolution chain and injects backdoor code into every project the developer works on, without any visible indication in the IDE.

The mechanism is straightforward: MCP servers define the tools an AI agent can call. If a developer’s agent connects to a malicious server — through a poisoned configuration file, a compromised extension marketplace entry, or a shared team configuration — the attacker controls which code the agent suggests, inserts, or executes. The injected code persists in the codebase and propagates through version control to CI/CD pipelines and production deployments (MITRE ATT&CK T1195.002 — Supply Chain Compromise: Compromise Software Supply Chain).

This is the realization of the “AI shadow IT” risk that security teams have been warning about since coding assistants became mainstream in 2024. The attack surface is not the AI model itself — it is the infrastructure the model depends on for tool resolution, context retrieval, and code generation.

What defenders should do: Audit which MCP servers are configured in developer environments. Restrict MCP server connections to an approved allowlist. Integrate software composition analysis and SBOM generation into CI/CD pipelines to catch injected dependencies before they reach production. Treat AI coding assistant configurations with the same rigor as CI/CD pipeline credentials and secrets management.

Defender Action Items

USB device control: Enforce endpoint policies that block unauthorized USB mass storage enumeration. Test the policy — plug in a USB drive and verify the block fires and generates an alert.
SharePoint patch (CVE-2026-45659): Apply the out-of-band Microsoft SharePoint RCE patch immediately. CVSS 8.8 deserialization flaw, no special conditions required. SharePoint access in most environments is equivalent to domain-wide document access.
LiteSpeed cPanel Plugin: If you operate or host on cPanel with LiteSpeed, patch within CISA’s 4-day KEV deadline. Active exploitation confirmed.
Gitea container registry (CVE-2026-27771): Upgrade self-hosted Gitea instances to 1.26.2. Unauthenticated pull of private container images is trivially exploitable.
AI coding agent audit: Inventory all AI coding assistants in use across development teams. Catalog configured MCP servers and restrict to an approved allowlist.

Detection Spotlight

Silent Ransom Group’s USB-based initial access leaves artifacts in Windows event logs that are often overlooked. When a USB mass storage device is connected, Windows generates Event ID 6416 (a new external device was recognized) in the Security log — but only if the “Audit PNP Activity” subcategory is enabled. Most environments have this disabled by default.

Enable the audit policy and then query for USB insertion events that correlate with new process execution within a short time window. The following Splunk SPL query identifies USB device connections followed by process creation from the same endpoint within 120 seconds:

index=wineventlog sourcetype="WinEventLog:Security" EventCode=6416
| eval usb_time=_time
| join host
  [search index=wineventlog sourcetype="WinEventLog:Security" EventCode=4688
   | eval proc_time=_time
   | where NOT match(New_Process_Name, "(?i)(explorer|svchost|csrss|wininit)")
   | fields host, proc_time, New_Process_Name, Creator_Process_Name]
| where (proc_time - usb_time) > 0 AND (proc_time - usb_time) < 120
| table _time, host, New_Process_Name, Creator_Process_Name
| sort - _time

This query will generate false positives in environments where USB storage is permitted for legitimate use — the signal is strongest in environments with device control policies that should be blocking USB storage entirely. Any hit in that context is a policy violation worth investigating immediately.

Prerequisite: Enable auditpol /set /subcategory:"Plug and Play Events" /success:enable on monitored endpoints. Without this, Event ID 6416 will not be generated.

References

FBI warns of Silent Ransom Group in-person data theft attacks — BleepingComputer
LA Metro cyberattack linked to Iranian state-sponsored hackers — SecurityWeek
SymJack attack turns AI coding agents into supply-chain attack delivery systems — SecurityWeek
Microsoft patches SharePoint RCE flaw (CVE-2026-45659) — The Hacker News
Gitea vulnerability exposes private container images (CVE-2026-27771) — The Hacker News
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw — BleepingComputer
KnowledgeDeliver LMS flaw exploited with Godzilla web shell (CVE-2026-5426) — The Hacker News
Charter confirms data breach after ShinyHunters extortion threat — BleepingComputer
GlassWorm botnet disrupted — SecurityWeek
Cryptojacking campaign abusing AI chatbot results and ScreenConnect — Microsoft Security Blog
MuddyWater uses DLL side-loading in espionage campaign across 9 countries — The Hacker News
Cisco Talos introduces EvidenceForge synthetic log generator — Cisco Talos Blog

(placeholder — will be auto-filled by publish lambda)

Get the daily cybersecurity brief in your inbox every weekday morning — news, SE angles, and detection queries.