Risk
-
Self-propagating npm supply-chain attack hits at least 187 packages in ‘Shai-Hulud’ worm
Security researchers warn of a self-propagating supply-chain attack on npm that has compromised at least 187 packages in a campaign dubbed ‘Shai-Hulud.’ The worm begins with the widely used @ctrl/tinycolor package and spreads to other maintainers’ packages, using a bundle.js payload that leverages TruffleHog to exfiltrate secrets and forge GitHub Actions workflows.
-
Kering confirms data breach hits Gucci, Balenciaga and Alexander McQueen; customer records exposed
Kering says hackers accessed customer data in a June 2025 breach affecting Gucci, Balenciaga and Alexander McQueen, exposing names, birth dates, phone numbers, emails and purchase histories, but not payment card data. The incident has been linked to the ShinyHunters group via Salesforce CRM access, with law enforcement reporting arrests in Paris. Authorities warn of…
-
FileFix: New Facebook security alert spoof hijacks victims into downloading StealC infostealer, researchers warn
Security researchers have uncovered a campaign dubbed FileFix that masquerades as a Facebook security alert to trick users into executing a malicious payload, culminating in the StealC infostealer. The operation, a variant of the ClickFix social-engineering technique, shows global reach, steganography-based delivery, and a Go-based loader that drops StealC v2, with researchers noting evolving infrastructure…
-
KillSec ransomware hits Brazil’s healthcare IT supply chain, exposing tens of thousands of records
KillSec has claimed responsibility for a September 2025 attack on Brazil’s healthcare software provider MedicSolution, breaching the healthcare IT supply chain and exposing more than 34 GB of sensitive health data across clinics and laboratories, including medical and minor records.
-
North Korea-linked hackers used AI-generated fake military ID in espionage campaign, researchers say
Researchers say North Korea’s Kimsuky used a deepfaked image of a military ID generated with ChatGPT to launch a July spear-phishing campaign against a South Korean defense-related institution, highlighting AI-assisted espionage tactics and the ongoing challenges of AI misuse.
-
Samsung patches critical CVE-2025-21043 Android vulnerability exploited in the wild
Samsung has issued a September 2025 security update to patch CVE-2025-21043, a critical remote code execution flaw in a Quramsoft image parsing library used on Android devices, underscoring the need for immediate patching across affected devices.
-
FBI warns of UNC6040 and UNC6395 hackers targeting Salesforce to steal data and extort victims
The FBI has issued a FLASH alert about UNC6040 and UNC6395 hacking groups that are compromising Salesforce environments to steal data and extort victims, releasing IOCs to aid defense efforts across organizations and multiple cloud platforms.
-
ECG signals can be linked to individuals, study finds, prompting privacy cautions
A new study shows ECG signals can be linked to identifiable individuals with high accuracy, challenging traditional de-identification methods and prompting calls for stronger privacy protections in health data sharing.
-
Apple says devices targeted by mercenary spyware in new wave of attacks, CERT-FR reports
France’s CERT-FR says Apple devices were targeted in a new wave of mercenary spyware attacks, issuing four threat notifications this year and noting that some campaigns exploit zero-day flaws while others require no user interaction.
-
Wyden urges FTC to probe Microsoft over alleged ‘gross cybersecurity negligence’ linked to ransomware attacks, citing Ascension breach
U.S. Senator Ron Wyden has urged the FTC to investigate Microsoft, accusing the company of cybersecurity negligence linked to ransomware attacks on critical infrastructure, including a major Ascension health-system breach that affected millions of people.
