New supply chain attack hits npm registry, compromising 40+ packages
New supply chain attack hits npm registry, compromising 40+ packages Pierluigi Paganini September 16, 2025 Researchers uncovered a new supply...
Year: 2025
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed "Shai-Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm...
Ongoing npm Software Supply Chain Attack Exposes New Risks
Last updated 7:00 p.m. ET on September 16, 2025 The post Ongoing npm Software Supply Chain Attack Exposes New Risks...
Chinese-Made Villager AI Pentest Tool Raises Cobalt Strike-Like Concerns
Villager is being pitched as a legitimate AI-powered pentest tool for red teams, but the platform, made by Chinese company...
Luxury fashion brands Gucci, Balenciaga and Alexander McQueen hacked – customer data stolen
Luxury fashion group Kering - owner of the prestigiou Gucci, Balenciaga, and Alexander McQueen brands, amongst others - has confirmed...
Self-Replicating Worm Hits 180+ Software Packages
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that...
Survey Surfaces Rising Number of AI Security Incidents
A global survey of 1,025 IT and security professionals finds that while organizations experienced an average of 2.17 cloud breaches...
3 Weeks Left Until the Start of the OpenSSL Conference 2025
Newark, New Jersey, United States, 16th September 2025, CyberNewsWire The post 3 Weeks Left Until the Start of the OpenSSL...
CrowdStrike Extends AI Security Ambitions Beyond Operations to Include Workloads
CrowdStrike at its Fal.Con event today expanded its effort to embed artificial intelligence (AI) agents into security operations center (SOC)...
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Sep 16, 2025Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if...
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids
Sep 16, 2025Ravie LakshmananAd Fraud / Mobile Security A massive ad fraud and click fraud operation dubbed SlopAds ran a...
Sophos supports Objective-See Foundation to advance macOS security and inclusive cybersecurity education
Dedicated to building a stronger, more inclusive Apple security community through open-source security tools Sophos is proud to be a...
Not all Endpoint protection is created equal
If you’re evaluating endpoint protection, you’ve likely noticed something: Everything starts to sound the same. “AI-powered.” “Next-gen.” “Integrated.” These claims...
Jaguar Land Rover Admits to Longer Shutdown as Childish Hackers Troll Carmaker
JLR vs. SLH: Jaguar Land Rover woes worse than previously thought. The post Jaguar Land Rover Admits to Longer Shutdown...
DigiCert Acquires Valimail to Add Email Authentication Service
DigiCert acquires Valimail to strengthen email authentication with DMARC and content protection, to fight phishing and AI-driven threats. The post...
