CyberSecurity Updates

16 Sep

Self-Replicating Worm Hits 180+ Software Packages

Information, Insights

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed. Image: https://en.wikipedia.org/wiki/Sandworm_(Dune) The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms…

Read More
15 Sep

689,000 Affected by Insider Breach at FinWise Bank

Data Breaches, Information, News

Hundreds of thousands of individuals have been impacted by an insider breach experienced by FinWise Bank. FinWise Bank, a Utah-based provider of fintech solutions and banking services, has informed the Maine Attorney General’s Office on behalf of payment solutions provider American First Finance (AFF) that a data breach discovered last year has impacted 689,000 individuals. The incident involved a former FinWise employee accessing data after their employment ended. No additional details have been shared, but…

Read More
13 Sep

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Information

ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware, adding the capability of compromising UEFI-based systems and weaponizing CVE‑2024‑7344 to bypass UEFI Secure Boot on outdated systems. Key points of this blogpost: New ransomware samples, which we named HybridPetya, resembling the infamous Petya/NotPetya malware, were uploaded to VirusTotal in February 2025. HybridPetya encrypts the Master File Table, which contains important metadata about all the…

Read More
12 Sep

Are cybercriminals hacking your systems – or just logging in?

Information

Business Security As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door firmly locked tight Phil Muncaster 11 Sep 2025  •  , 5 min. read Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This is the rationale behind a trend in cybersecurity where adversaries are increasingly looking to steal…

Read More
12 Sep

In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research

Information, News

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.  Here are this…

Read More
12 Sep

DELMIA Factory Software Vulnerability Exploited in Attacks

Information, News

Threat actors are exploiting a critical-severity vulnerability in DELMIA Apriso factory software, the US cybersecurity agency CISA warns. Developed by French company Dassault Systèmes, DELMIA Apriso is a manufacturing operations management (MOM) and manufacturing execution system (MES) software designed for managing every detail of the manufacturing process. The software is used in North America, Europe, and Asia, including in the aerospace and defense, automotive, high-tech, and industrial equipment industries.  Tracked as CVE-2025-5086 (CVSS score of…

Read More
12 Sep

Apple Sends Fresh Wave of Spyware Notifications to French Users

Information, News

Apple in early September sent a fresh wave of threat notifications to French users it believes might have been targeted by commercial spyware. This is at least the fourth time the Cupertino-based tech giant has notified users in France of potential mercenary spyware attacks, according to an alert from the French national Computer Emergency Response Team (CERT-FR). “This alert records all waves of notifications sent by Apple and known to CERT-FR since March 5, 2025.…

Read More
11 Sep

Bulletproof Host Stark Industries Evades EU Sanctions

Information, Insights

In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before Russia invaded Ukraine and quickly became a top source of Kremlin-linked cyberattacks and disinformation campaigns. But new findings show those sanctions have done little to stop Stark from simply rebranding and transferring their assets to other corporate entities controlled by its original hosting providers. Image: Shutterstock. Materializing just two weeks…

Read More
10 Sep

Preventing business disruption and building cyber-resilience with MDR

Information

Business Security Given the serious financial and reputational risks of incidents that grind business to a halt, organizations need to prioritize a prevention-first cybersecurity strategy Phil Muncaster 09 Sep 2025  •  , 4 min. read Threat actors are on a roll. They’ve optimized supply chains. Their ranks are growing thanks to pre-packaged services that lower the barriers to entry for budding cybercriminals. And they’re using AI tools to improve the success of social engineering, reconnaissance,…

Read More
09 Sep

Microsoft Patch Tuesday, September 2025 Edition

Information, Insights

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices. Microsoft assigns security flaws a “critical” rating when malware or miscreants can exploit…

Read More