Security researchers have reported a large-scale compromise of more than 180 npm packages by a self-replicating malware strain that automatically trojanizes downstream projects and targets developer secrets. The campaign, dubbed Shai-Hulud, takes its name from a malicious GitHub Actions workflow file shai-hulud.yaml dropped into victim repositories. Some packages tied to a CrowdStrike-associated account were impacted; … Read more

Samsung has released a security update for CVE-2025-21043, a zero-day vulnerability rated CVSS 8.8 and confirmed as exploited in targeted attacks. The flaw affects Samsung devices running Android 13 and newer and was first reported on 13 August 2025 by security teams at Meta and WhatsApp as part of an ongoing investigation into targeted exploitation. … Read more

Threat analysts at Koi Security have identified a coordinated WhiteCobra campaign abusing the VS Code Marketplace and Open VSX Registry. The actors seeded at least 24 malicious VSIX packages aimed at users of Visual Studio Code, Cursor, and Windsurf. The operation is actively maintained: removed plugins are quickly replaced, indicating a resilient delivery infrastructure and … Read more

The commercial spyware market is expanding rapidly, with fresh capital accelerating despite mounting policy constraints. A new Atlantic Council report cataloging the ecosystem over three decades finds that investment flows—led by the United States and Israel—are outpacing attempts to curb abuse, widening an “ethics gap” between regulation and finance. Investment surge and geography of capital … Read more

The European Commission has imposed a €2.95 billion fine on Google for abusing its dominant position in digital advertising technology and for engaging in self-preferencing within its ad stack. Alongside the penalty, the regulator ordered Google to cease the identified practices and adopt structural measures to reduce conflicts of interest across its ad exchange and … Read more

Apple has unveiled the iPhone 17 and iPhone Air alongside a new platform defense called Memory Integrity Enforcement (MIE), a persistent memory-safety enforcement layer in iOS 26. Designed to counter the sophisticated exploit chains favored by commercial spyware vendors, MIE is enabled by default and, according to Apple, delivers robust protection without noticeable performance impact … Read more

ESET has analyzed a new ransomware strain dubbed HybridPetya that fuses Petya/NotPetya-style tactics with UEFI bootkit capabilities. The sample, discovered on VirusTotal, appears to be a proof-of-concept or early build rather than a fully operational campaign. Despite its early stage, HybridPetya demonstrates a working Secure Boot bypass on Windows via CVE-2024-7344, placing unpatched systems at … Read more

Microsoft’s September Patch Tuesday delivers security fixes for 81 vulnerabilities across its product stack. The release includes nine critical issues, primarily remote code execution (RCE), and two zero‑day vulnerabilities that were publicly disclosed before patches were available. Microsoft reports no evidence of active exploitation at the time of release. Zero‑day vulnerabilities: SMB relay and Newtonsoft.Json … Read more

AI Darwin Awards, a new initiative that documents high-impact failures in artificial intelligence deployments, has opened nominations with a clear goal: highlight the business consequences of irresponsible AI implementation and help organizations learn from real-world missteps. Conceived by a software engineer known as Pete and first discussed in a Slack professional community, the project aims … Read more

A critical vulnerability tracked as CVE-2025-54236 and informally dubbed SessionReaper impacts Adobe Commerce and Magento, earning a CVSS 9.1 severity. According to Adobe and researchers at Sansec, the bug allows unauthenticated account takeover via the Commerce REST API. Adobe has released patches, and a temporary WAF rule is active for Adobe Commerce on Cloud customers; … Read more