Ashutosh reports: The recent npm supply chain breach shows just how fragile open source ecosystems can be when trust in a single maintainer account is abused. Hackers tricked the maintainer of chalk, debug, ansi-styles, and several other popular npm packages with a phishing email disguised as official support. Once they gained access, they pushed malicious……
It’s budget season. Once again, security is being questioned, scrutinized, or deprioritized. If you’re a CISO or security leader, you’ve likely found yourself explaining why your program matters, why a given tool or headcount is essential, and how the next breach is one blind spot away. But these arguments often fall short unless they’re framed…
Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer’s account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm (“support@npmjs[.]help”), urging them to update their update their two-factor authentication (2FA) credentials before September 10, 2025,…
Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. “The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming that the 2024 Salt Typhoon attacks were not the first activity…
Some data breaches make headlines for the number of people affected globally, such as a Facebook scraping incident in 2019 that affected 553 million people worldwide. Then there are breaches that affect a country’s entire population or much of it, such as a misconfigured database that exposed almost the entire population of Ecuador in 2019,……
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companies have confirmed they were impacted…
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the latest activity gives it a little twist of its own: Embedding a GitHub commit…
When Attackers Get Hired: Today’s New Identity Crisis What if the star engineer you just hired isn’t actually an employee, but an attacker in disguise? This isn’t phishing; it’s infiltration by onboarding. Meet “Jordan from Colorado,” who has a strong resume, convincing references, a clean background check, even a digital footprint that checks out. On…
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it…
Ashden Fein, Micaela McMurrough, Caleb Skeath, and John Webster Leslie of Covington and Burling write: The U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) plans to delay the publication of its much-anticipated cybersecurity incident reporting rule implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”). According to an entry on the Spring 2025 Unified Agenda……
