🚨 First-ever malicious MCP server spotted in the wild.

A trojanized npm package (postmark-mcp) silently exfiltrated emails by adding a hidden Bcc.
This exposes a critical blind spot in AI agent ecosystems, autonomous tools with high permissions but no oversight.

💬 What safeguards should be in place to prevent supply chain compromises like this?

👉 Follow @technadu for daily threat intelligence.

#Cybersecurity #InfoSec #Malware #OpenSourceSecurity #SupplyChainAttack #AIThreats

Alright team, it's been a pretty busy 24 hours in the cyber world! We've got a heap of critical zero-day exploits, some nasty new malware variants, significant data breaches, and a few interesting policy updates to chew on. Let's dive in:

GoAnywhere MFT Zero-Day Under Active Exploitation ⚠️

- A critical deserialisation vulnerability (CVE-2025-10035) in Fortra GoAnywhere MFT software, with a CVSS score of 10.0, has been actively exploited as a zero-day since at least September 10th, a week before public disclosure.
- Attackers are chaining an authentication bypass with the deserialisation flaw to achieve remote code execution (RCE), create backdoor admin accounts, and deploy secondary payloads like SimpleHelp and custom implants.
- Organisations using GoAnywhere MFT must immediately patch to versions 7.8.4 or 7.6.3, inspect logs for 'SignedObject.getObject' errors, and consider removing public internet exposure for the Admin Console.

📰 The Hacker News | https://thehackernews.com/2025/09/fortra-goanywhere-cvss-10-flaw.html
💻 Bleeping Computer | https://www.bleepingcomputer.com/news/security/maximum-severity-goanywhere-mft-flaw-exploited-as-zero-day/

Cisco Firewall Zero-Days Actively Exploited by State-Sponsored Actor 🚨

- UK NCSC and US CISA have issued urgent warnings and directives regarding active exploitation of Cisco ASA and FTD firewall vulnerabilities (CVE-2025-20333, CVE-2025-20362) by a sophisticated state-sponsored actor, UAT4356 (aka Storm-1849), linked to the ArcaneDoor campaign.
- The threat actors are deploying previously undocumented malware, RayInitiator (a persistent GRUB bootkit) and LINE VIPER (a user-mode shellcode loader), to maintain persistence, execute commands, exfiltrate data, and bypass VPN authentication.
- Federal agencies have a 24-hour deadline to patch and investigate, while all organisations are urged to update to fixed versions, remove end-of-life ASA devices, and check for ROMMON modifications on older ASA 5500-X series lacking Secure Boot.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/cisco_firewall_flaws/
🤫 CyberScoop | https://cyberscoop.com/cisa-emergency-directive-timeline-investigation/
📰 The Hacker News | https://thehackernews.com/2025/09/cisco-asa-firewall-zero-day-exploits.html

Volvo North America and Ohio County Hit by Ransomware 💸

- Volvo North America confirmed employee data, including names and Social Security numbers, was stolen in an August ransomware attack on its HR system provider, Miljödata, by the DataCarry group.
- The Miljödata breach, affecting 1.5 million people across Sweden, impacted numerous organisations beyond Volvo, including Swedish airline SAS and over 200 municipalities, with data types varying per victim.
- Separately, Union County, Ohio, disclosed a May ransomware attack that exfiltrated sensitive data for over 45,000 residents and employees, including SSNs, financial info, and medical records, though no ransomware group has publicly claimed responsibility.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/volvo_north_america_confirms_staff/
🗞️ The Record | https://therecord.media/ohio-ransomware-attack-impacts-45000/

Salesforce Faces Lawsuits Over Salesloft Breach ⚖️

- Salesforce is facing multiple class-action lawsuits alleging inadequate security after a cyberattack on its third-party IT supplier, Salesloft, led to the exposure of customer data.
- Attackers stole OAuth tokens from Salesloft's Drift app via a GitHub breach in March 2025, which were then used to access Salesforce data, impacting millions of individuals from various Salesforce customers like TransUnion and Farmers Insurance.
- While Salesforce maintains its own platform was not compromised, the lawsuits claim the company failed to implement sufficient cybersecurity procedures, causing victims to face risks of identity theft and fraud.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/salesforce_class_actions/

Evolving XCSSET macOS Malware Targets Developers 🍎

- A new variant of the XCSSET macOS malware has been observed in limited attacks, continuing its trend of infecting Xcode projects to spread and execute malicious payloads on developer machines.
- The updated malware includes enhanced capabilities such as targeting Firefox browser data using a modified HackBrowserData tool, a new clipboard hijacker for cryptocurrency addresses, and stealthier persistence via LaunchDaemon entries and fake System Settings.app files.
- Developers are urged to scrutinise Xcode projects from external sources, keep macOS updated, and use endpoint security tools to detect suspicious activity, as XCSSET's resilience and expanded modules pose a persistent threat to the Apple developer ecosystem.

📰 The Hacker News | https://thehackernews.com/2025/09/new-macos-xcsset-variant-targets-firefox-with-clipper-and-persistence-module.html
🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/microsoft_xcsset_macos/
💻 Bleeping Computer | https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-xcsset-macos-malware-variant-targeting-xcode-devs/

LockBit 5.0: A New Cross-Platform Ransomware Threat 🛡️

- Trend Micro warns that LockBit 5.0 is "significantly more dangerous" than previous versions, now capable of simultaneously targeting Windows, Linux, and VMware ESXi environments with enhanced evasion and obfuscation.
- The new variant features DLL reflection and aggressive anti-analysis packing for Windows, command-line directives for Linux, and VM encryption capabilities for ESXi, making it a comprehensive threat to enterprise stacks.
- Despite law enforcement disruptions earlier this year, LockBit's resurgence with version 5.0 and a refreshed affiliate program underscores the need for comprehensive cross-platform defences, especially for virtualisation infrastructure, as recovery is further complicated by its ability to terminate security processes and delete backups.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/lockbits_new_variant_is_most/

Salesforce Agentforce Vulnerable to Prompt Injection 🤖

- Security researchers demonstrated a "ForcedLeak" attack on Salesforce's Agentforce AI platform, using indirect prompt injection and an expired, re-registered trusted domain to exfiltrate sensitive CRM lead data.
- The vulnerability stemmed from a DNS misconfiguration and the Web-to-Lead feature, allowing attackers to embed malicious instructions in a description field with a large character limit, tricking the AI agent into querying and sending data to an attacker-controlled server.
- Salesforce has patched the flaw by enforcing trusted URL allow-lists for Agentforce and Einstein Generative AI agents, highlighting the critical need for proactive AI security and governance to prevent similar "trust boundary confusion" attacks.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/salesforce_agentforce_forceleak_attack/

Global Cybercrime Crackdowns and Espionage Arrests 🌍

- Interpol's coordinated operation in Africa led to 260 arrests across multiple countries, targeting transnational criminal networks running romance and sextortion scams via social media, with victims losing an estimated $2.8 million.
- The crackdown highlights a sharp rise in digital-enabled crimes across Africa and challenges faced by law enforcement due to legal framework gaps and resource shortages, underscoring the need for enhanced international cooperation.
- Separately, two 17-year-old Dutch teenagers were arrested on suspicion of espionage for pro-Russian hackers, allegedly tasked with using a "wifi-sniffer" near sensitive buildings in The Hague, following a tip from the Dutch signals intelligence agency.

🗞️ The Record | https://therecord.media/africa-cyber-fraud-crackdown-ghana-senegal-cote-divoire-angola-interpol
🗞️ The Record | https://therecord.media/teens-arrested-netherlands-reportedly-suspected-cyber-espionage-russia

UK Fines Robo-Callers for Targeting Vulnerable Individuals 📞

- The UK's ICO fined two British companies, Green Spark Energy and Home Improvement Marketing, a combined £550,000 for making illegal automated marketing calls to elderly and vulnerable people from offshore call centres.
- These companies used "robo call technology" (avatar software) with pre-recorded messages to pose as "local energy advisors," employing scare tactics about loft insulation to book appointments and sell products.
- The ICO urges the public to recognise signs of robo-calls, such as pauses before responses or limited flexibility in conversation, to help them investigate and take enforcement action against such predatory marketing practices.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/brits_warned_as_illegal_robocallers/

US Cyber Threat-Sharing Law Faces Sunset Amidst Government Shutdown Threat 🏛️

- The US Cybersecurity Information Sharing Act (CISA) of 2015 is set to lapse on October 1st, coinciding with a potential federal government shutdown, threatening a critical component of US cybersecurity policy.
- Supporters view CISA as the "backbone" of national cyber defence, facilitating vital threat intelligence sharing between government and businesses, preventing billions in losses, and fostering a culture of mutual aid.
- Detractors, including privacy advocates, have long criticised CISA for its perceived privacy invasions and insufficient protections for personal information, despite mandates for scrubbing unrelated PII from shared data.

🕵️ The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/26/government_shutdown_cisa_law/

Microsoft Edge to Block Malicious Sideloaded Extensions 🔒

- Microsoft Edge is introducing a new security feature in November to detect and revoke malicious sideloaded extensions, aiming to protect users from threats not distributed through official channels.
- While developers can sideload extensions for testing, this feature addresses the risk of threat actors tricking users into installing dangerous third-party extensions that bypass official malware scans.
- This update is part of Microsoft's ongoing efforts to enhance Edge's security, which also includes updates to the Publish API for developers, warnings for performance-impacting extensions, an AI-powered scareware blocker, and HTTPS-First Mode.

💻 Bleeping Computer | https://www.bleepingcomputer.com/news/security/microsoft-edge-to-block-malicious-sideloaded-extensions/

#CyberSecurity #ThreatIntelligence #Ransomware #ZeroDay #Vulnerability #APT #Malware #SupplyChainAttack #DataBreach #AI #PromptInjection #InfoSec #Cybercrime #Policy #Privacy #IncidentResponse

Xcode devs, beware: a new macOS malware variant is sneaking into projects by disguising itself as a trusted app—and even hijacking clipboard crypto transactions. Curious how it evades detection?

https://thedefendopsdiaries.com/xcsset-macos-malware-evolves-new-variant-targets-xcode-developers-with-advanced-stealth-and-persistence/

#xcsset
#macosmalware
#xcode
#supplychainattack
#cybersecurity
#malwareanalysis
#obfuscation
#cryptotheft
#browsersecurity

One cleverly-crafted phishing email led to a ripple effect in the npm ecosystem, compromising billions of downloads and shaking the very foundation of open-source security. How safe is your code?

https://thedefendopsdiaries.com/the-npm-supply-chain-attack-of-september-2025-anatomy-of-a-phishing-driven-breach/

#npm
#supplychainattack
#phishing
#javascriptsecurity
#opensource
#malware
#credentialtheft
#cybersecurity
#packagemanagement

Software supply chain security in the age of LLMs:

#SoftwareSupplyChains #SoftwareSupplyChainSecurity
#supplychainsecurity #SupplyChainAttack #infosec

🔒 Mẹo bảo mật NPM trước các cuộc tấn công chuỗi cung ứng! Bài viết chia sẻ các phương pháp hay nhất để giúp nhà phát triển an toàn hơn. Đừng quên đóng góp ý kiến để cùng xây dựng cộng đồng mạnh mẽ nhé! 💡👨‍💻👩‍💻

#NPM #BảoMật #PhátTriểnPhầnMềm #SupplyChainAttack #Security #SoftwareDevelopment

https://github.com/bodadotsh/npm-security-best-practices

I like @obsidian approach to minimising the risk of supply chain attacks.

https://obsidian.md/blog/less-is-safer/

#SupplyChainAttack

⚠️ PyPI revokes all tokens stolen in the GhostAction supply chain attack
Malicious GitHub Actions exfiltrated tokens
- No PyPI packages compromised
- Developers advised to use short-lived Trusted Publisher tokens

💬 How do you safeguard DevOps pipelines against supply chain threats?

Follow @technadu for updates.

#CyberSecurity #SupplyChainAttack #PyPI #Python #DevSecOps #GhostAction #OpenSourceSecurity #TokenSecurity #GitHubActions

It's been a busy 24 hours in the cyber world with significant updates on nation-state activity, a couple of actively exploited vulnerabilities, and law enforcement action against a prominent cybercrime group. Let's take a look:

Scattered Spider Teens Charged Over TfL Attack 🚨

- Two teenagers, Owen Flowers (18) and Thalha Jubair (19), alleged members of the Scattered Spider cybercrime group, have been charged in the UK.
- The charges relate to the August 2024 cyberattack on Transport for London (TfL), which caused significant disruption, millions in losses, and exposed data for around 5,000 Oyster cardholders.
- Flowers also faces additional charges concerning attacks on US healthcare organisations, SSM Health Care Corporation and Sutter Health, highlighting the group's broad reach.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/18/two_teens_charged_in_tfl_case/
🗞️ The Record | https://therecord.media/scattered-spider-teenage-suspects-arrested-britain-nca

Insight Partners Confirms Ransomware Hit ⚠️

- Venture capital firm Insight Partners has confirmed a January 2025 ransomware attack compromised the personal data of over 12,000 individuals.
- Attackers gained access to HR and finance servers around October 2024, exfiltrated data, and then deployed encryption on January 16, 2025.
- Stolen data included banking and tax records, as well as information related to Insight funds, management companies, and portfolio companies.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/18/vc_giant_insight_partners_confirms/

Google Patches Sixth Chrome Zero-Day Actively Exploited This Year 🛡️

- Google has released emergency security updates for Chrome to address CVE-2025-10585, a type confusion vulnerability in the V8 JavaScript engine.
- This high-severity flaw is actively exploited in the wild, making it the sixth Chrome zero-day patched by Google this year.
- Users should immediately update their Chrome browser to versions 140.0.7339.185/.186 for Windows and macOS, and 140.0.7339.185 for Linux, and other Chromium-based browser users should follow suit.

📰 The Hacker News | https://thehackernews.com/2025/09/google-patches-chrome-zero-day-cve-2025.html
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/google-patches-sixth-chrome-zero-day-exploited-in-attacks-this-year/

Critical RCE in WatchGuard Firebox Firewalls 🔒

- WatchGuard has issued security updates for a critical remote code execution (RCE) vulnerability, CVE-2025-9242, affecting Firebox firewalls.
- The out-of-bounds write flaw in the iked process allows remote unauthenticated attackers to execute arbitrary code, particularly when IKEv2 VPN is configured.
- Admins should patch to Fireware OS versions 12.3.1_Update3 (B722811), 12.5.13, 12.11.4, and 2025.1.1, or implement the provided workaround if immediate patching isn't possible.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/watchguard-warns-of-critical-vulnerability-in-firebox-firewalls/

PyPI Invalidates Tokens After GhostAction Supply Chain Attack 📦

- The Python Software Foundation has invalidated all PyPI tokens stolen in the GhostAction supply chain attack, confirming no evidence of their abuse on PyPI.
- Attackers targeted GitHub Actions workflows to exfiltrate PyPI, npm, DockerHub, GitHub, and Cloudflare API tokens, as well as AWS access keys and database credentials.
- PyPI package maintainers using GitHub Actions are urged to replace long-lived tokens with short-lived Trusted Publishers tokens and review their account security history for suspicious activity.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/pypi-invalidates-tokens-stolen-in-ghostaction-supply-chain-attack/

Russian Fake-News Network Expands with AI Assist 🇷🇺

- The pro-Putin CopyCop (aka Storm-1516) network, allegedly led by ex-Florida sheriff's deputy John Mark Dougan and linked to the GRU, is back with over 200 new fake news websites.
- These sites use self-hosted, uncensored LLMs based on Meta's Llama 3 to generate fictional news stories, impersonating local media, political parties, and fact-checking organisations.
- The network targets audiences in the US, France, Canada, Norway, Armenia, Germany, and Moldova, focusing on political polarisation and narratives around US-China relations and Ukraine.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/18/russian_fakenews_network/

China-Backed TA415 Targets US Trade Policy 🇨🇳

- China-backed TA415 (APT41/Wicked Panda/Brass Typhoon) is actively targeting US government agencies, think tanks, and academic organisations.
- The group uses sophisticated phishing emails, spoofing Congressman John Robert Moolenaar, to gather intelligence on US-China economic and trade policy.
- Attackers deploy a Python loader dubbed WhirlCoil via password-protected archives and leverage legitimate cloud services like Google Sheets and Zoho WorkDrive for stealthy command-and-control.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/18/pandamonium_chinabacked_attackers_spoof_congressman/

SilentSync RAT Delivered via Malicious PyPI Packages 🐍

- Cybersecurity researchers have uncovered two malicious PyPI packages, "sisaws" and "secmeasure," designed to deliver the SilentSync Remote Access Trojan (RAT) to Windows systems.
- SilentSync is capable of remote command execution, file exfiltration, screen capturing, and stealing sensitive browser data including credentials, history, autofill, and cookies.
- The packages leveraged typosquatting to mimic legitimate libraries, underscoring the ongoing supply chain risks within public software repositories for Python developers.

📰 The Hacker News | https://thehackernews.com/2025/09/silentsync-rat-delivered-via-two.html

CISOs Driving Effective AI Governance 🤖

- CISOs are urged to adopt a "real-world forward" approach to AI governance, balancing security with innovation rather than implementing rigid policies.
- Effective governance involves understanding AI's use within the organisation, leveraging tools like AI Bill of Materials (AIBOM) and model registries for visibility.
- Policies should be living documents, adaptable to evolving business needs, and security leaders should empower employees with secure AI tools while utilising AI for cyber defence.

📰 The Hacker News | https://thehackernews.com/2025/09/how-cisos-can-drive-effective-ai.html

#CyberSecurity #ThreatIntelligence #Ransomware #NationState #APT #ZeroDay #Vulnerability #SupplyChainAttack #Malware #Disinformation #AI #InfoSec #CyberAttack #IncidentResponse #ScatteredSpider