New Shai Hulud NPM Worm Emerges
Researchers from Wiz are currently tracking more than 25,000 affected repositories across approximately 350 unique users.
All topics
Intrusions
47 Posts
Lighthouse Phishing Kit Takedown, Zero Day Mysteries, and Measuring Cyber Attack Costs
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the […]
Marks and Spencer’s Profit Drop: The Financial Toll of Cyberattacks
The financial impacts of cyberattacks are hard to measure - but they lend critical context to conversations around security risk at the boardroom level.
APT Targets Cisco and Citrix Zero Days
The chain of discovery began with Amazon's security honeypot service, MadPot, which detected exploitation attempts for the Citrix Bleed Two vulnerability (CVE-2025-5777) before its public disclosure
Google: Threat Actors Testing AI During Malware Execution
Threat actors are now using LLMs in malware during execution, as a way to alter the malware’s behavior to enable detection evasion and more.
US Cybersecurity Going in Reverse, the AWS Outage, and is CISA Okay
This week saw a blessed lack of major vulnerabilities, but there was plenty of other news to dig into. We discuss the fallout from the AWS outage (0:36), the conclusions from the latest Cyberspace Solarium Commission report (4:37), and the effects of CISA’s shakeup on the private sector (14:07), and the continued effects of the F5 incident […]