-
The JavaScript ecosystem experienced one of its most sophisticated and damaging supply chain attacks in September 2025, when a novel self-replicating worm dubbed “Shai-Hulud” compromised over 477 npm packages, marking the first successful automated propagation campaign in the npm registry’s history. This attack represents a significant evolution in supply chain threats, leveraging both social engineering and […] The post Lessons Learned From Massive npm Supply Chain Attack Using “Shai-Hulud” Self-Replicating Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A decade-old Unicode vulnerability known as BiDi Swap allows attackers to spoof URLs for sophisticated phishing attacks. By exploiting how browsers render mixed Right-to-Left (RTL) and Left-to-Right (LTR) language scripts, threat actors can craft URLs that appear legitimate but secretly redirect users to malicious sites. The BiDi Swap attack builds on prior Unicode manipulation methods […] The post Hackers Exploit RTL/LTR Scripts and Browser Gaps to Hide Malicious URLs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor who gained initial access through a SonicWall VPN device was able to escalate their attack by finding Huntress recovery codes saved in a plaintext file on a user’s desktop. This allowed the attacker to log into the client’s security portal, where they attempted to remediate incident reports and uninstall security agents to […] The post How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated and widespread supply chain attack has struck the NPM ecosystem, compromising the popular @ctrl/tinycolor package, which is downloaded over 2 million times per week. The attack also affected more than 40 other packages from various maintainers, introducing a dangerous self-propagating malware designed to steal developer credentials and spread itself across the software landscape. […] The post Massive Supply Chain Attack Hijacks ctrl/tinycolor With 2 Million Downloads and Other 40 NPM Packages appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jaguar Land Rover (JLR) has confirmed that data was stolen during a major cyberattack that has crippled its global operations, bringing vehicle production to a standstill since early September. The luxury carmaker, a subsidiary of India’s Tata Motors, is now working with cybersecurity specialists to investigate the breach and restore its systems. The cyber incident, […] The post Jaguar Land Rover Confirms Hackers Stole Data in Ongoing Cyberattack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jaguar Land Rover (JLR) has extended the shutdown of its UK factories until at least Wednesday, more than a week after a significant cyber attack crippled its operations. The production halt, which began after the company detected the breach on August 31, affects its primary car plants in Halewood and Solihull, as well as its […] The post Jaguar Land Rover Extends Factory Shutdown Following Cyber Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In the largest supply chain attack, hackers compromised 18 popular npm packages, which together account for over two billion downloads per week. The attack, which began on September 8th, involved injecting malicious code designed to steal cryptocurrency from users. The compromised packages include widely used libraries such as chalk, debug, ansi-styles, and supports-color. The malicious […] The post Hackers Hijacked 18 Very Popular npm Packages With 2 Billion Weekly Downloads appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated supply-chain attack that impacted over 700 organizations, including major cybersecurity firms, has been traced back to a compromise of Salesloft’s GitHub account that began as early as March 2025. In an update on September 6, 2025, Salesloft confirmed that an investigation by cybersecurity firm Mandiant found that threat actors leveraged this initial access […] The post Salesloft Drift Cyberattack Linked to GitHub Compromise and OAuth Token Theft appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated backdoor linked to the notorious Russian cyber-espionage group APT28 allows attackers to exfiltrate data, upload files, and execute commands on compromised computers. The new, sophisticated backdoor targets Microsoft Outlook, which allows threat actors to steal data and take control of a victim’s machine. The malware, dubbed “NotDoor,” has been attributed to the Russian […] The post New ‘NotDoor’ Malware Attacks Outlook Users to Exfiltrate Data and Compromise Computers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cloudflare, a company that provides web security and infrastructure, recently reported that it stopped a huge cyber attack. This attack reached a record high of 11.5 terabits per second (Tbps). It was a type of attack called a Distributed Denial-of-Service (DDoS) attack, specifically a UDP flood. Most of the attack came from compromised resources on […] The post Record-breaking 11.5 Tbps UDP Flood DDoS Attack Originated from Google Cloud Platform appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
