Daily Brief

A new supply-chain attack involving Shai-Hulud malware has compromised over 500 npm packages, targeting developer and CI/CD secrets with encoded leaks to GitHub. The campaign, initially detected in mid-September, has expanded rapidly, affecting thousands of packages and involving around 350 compromised maintainer accounts. Malicious scripts were injected into package.json files, exploiting compromised maintainer accounts to distribute trojanized packages on npm. Security researchers identified the malware's use of TruffleHog for secret theft and extreme obfuscation techniques to evade detection. GitHub is actively removing repositories created by the attackers, but new ones are emerging at a fast pace, complicating mitigation efforts. Affected developers are advised to downgrade to safe package versions, rotate secrets, and disable npm postinstall scripts to mitigate risks. The attack coincides with GitHub's gradual implementation of enhanced security measures to counteract supply-chain threats on npm.

A new variant of the Shai-Hulud worm has compromised over 25,000 GitHub repositories by exploiting npm packages, affecting developers globally within a few days. Key affected packages include those from Zapier, AsyncAPI, ENS Domains, PostHog, and Postman, which experience high download volumes weekly. The malware scans infected systems for AWS, GCP, Azure, and GitHub credentials, publishing them to the users' own repositories, significantly impacting security. GitHub is actively removing compromised repositories, but the rapid spread of the worm poses a significant challenge to containment efforts. The worm executes during the pre-install phase, increasing exposure risks in build and runtime environments, a notable change from previous versions. Security teams are advised to clear npm caches, roll back dependencies, rotate credentials, and monitor for indicators of compromise to mitigate risks. GitHub and npm are enhancing security measures, including transitioning to FIDO-based authentication and revoking classic tokens, to protect against future supply chain attacks.

Harvard University reported a data breach affecting its Alumni Affairs and Development systems, compromising personal data of students, alumni, donors, staff, and faculty. The breach, resulting from a voice phishing attack, exposed email addresses, phone numbers, addresses, and event attendance records but did not involve sensitive financial data. University officials, including the Vice President for Alumni Affairs and Development, confirmed that Social Security numbers and payment information were not compromised. Harvard is collaborating with law enforcement and cybersecurity experts to investigate the breach and has notified affected individuals to remain vigilant against potential phishing attempts. The university has taken immediate action to secure its systems and prevent further unauthorized access, advising caution against suspicious communications requesting sensitive information. This incident follows a recent claim by the Clop ransomware group of breaching Harvard's systems through a zero-day vulnerability, highlighting ongoing cybersecurity challenges. The breach is part of a broader trend, with other Ivy League institutions like Princeton and the University of Pennsylvania also experiencing similar data breaches recently.

The FCC has repealed telecom cybersecurity rules established after the China-linked Salt Typhoon espionage campaign, citing them as "unlawful and ineffective." The decision was made in a 2-1 vote, with dissenting voices warning that this could weaken national security against state-sponsored cyber threats. The original rules aimed to secure telecom networks, particularly those involved in lawful intercept functions, following significant breaches by state-backed actors. The FCC claims telecom providers have improved cybersecurity measures voluntarily, thus rendering the formal rules unnecessary. Critics argue that without enforceable standards, the U.S. remains vulnerable to future breaches, lacking a framework to ensure compliance and security. The FCC plans to adopt a more flexible approach, relying on industry cooperation and targeted rules for specific areas like submarine cable security. Concerns persist about smaller carriers' ability to maintain robust security without mandatory guidelines, potentially leaving gaps for exploitation.

A second wave of the Sha1-Hulud campaign has compromised over 25,000 npm repositories, executing malicious code during the preinstall phase to steal credentials. The attack utilizes a new variant that targets build and runtime environments, publishing stolen secrets to GitHub with the description "Sha1-Hulud: The Second Coming." Attackers leverage compromised maintainer accounts to distribute trojanized npm packages, executing credential theft and exfiltration during installation. The malicious payload registers infected machines as self-hosted runners, allowing arbitrary command execution and exfiltration of sensitive data. Over 350 unique users have been affected, with new repositories being compromised at a rapid pace, adding 1,000 new instances every 30 minutes. Security firms recommend immediate scanning of endpoints, removal of compromised packages, credential rotation, and auditing of GitHub workflows for suspicious activity. The campaign's escalation includes a wiper-like function that destroys data if credential theft fails, marking a shift from data theft to punitive sabotage.

Fortinet disclosed a medium-severity vulnerability in FortiWeb, CVE-2025-58034, which has been actively exploited in the wild, affecting systems with a CVSS score of 6.7. The vulnerability allows authenticated attackers to execute unauthorized code via crafted HTTP requests or CLI commands, posing significant security risks to affected systems. Fortinet's response included patching the flaw in version 8.0.2, but the company faced criticism for its delayed disclosure and handling of the issue. Another critical vulnerability, CVE-2025-64446, with a CVSS score of 9.1, was patched silently, raising concerns about transparency and communication with stakeholders. Security firm Orange Cyberdefense reported exploitation campaigns chaining both vulnerabilities to facilitate authentication bypass and command injection. The staggered disclosure of these vulnerabilities raises questions about Fortinet's strategy to manage patch deployment and alert threat actors. Organizations using FortiWeb are urged to apply the latest patches promptly to mitigate potential exploitation risks and ensure system integrity.

CISA has directed U.S. federal agencies to patch a critical Oracle Identity Manager vulnerability, CVE-2025-61757, by December 12, following signs of active exploitation. The flaw allows unauthenticated attackers with network access to completely compromise Oracle Identity Manager, posing significant security risks. Searchlight Cyber researchers have detailed the vulnerability, describing it as "trivial" to exploit, involving a single HTTP request to bypass authentication. Evidence suggests the vulnerability was exploited as a zero-day, with attack logs indicating activity from August 30 to September 9, prior to Oracle's patch release. Oracle's October advisory rated the issue as critical but did not confirm zero-day exploitation, raising concerns over the transparency of their vulnerability disclosures. The urgency of the patch is compounded by Oracle's previous security challenges, including a major breach by the Clop ransomware group earlier this year. Federal agencies face compliance consequences if the patch is not applied by the deadline, emphasizing the critical need for timely updates and robust security practices.

Microsoft announced the removal of Windows Internet Name Service (WINS) from Windows Server releases following the 2025 version, urging IT administrators to plan for this change. WINS, deprecated since Windows Server 2022, will no longer be supported after November 2034, marking a shift towards modern Domain Name System (DNS)-based solutions. The decision is driven by DNS's superior scalability and security features, including DNSSEC, which protects against cache poisoning and spoofing attacks. Organizations relying on WINS are advised to audit their systems and transition to DNS, using conditional forwarders or split-brain DNS to ensure continuity. Microsoft cautions against using static host files as a workaround, citing scalability and sustainability issues in enterprise environments. The removal of WINS affects the server role, management console, automation APIs, and related interfaces, necessitating a comprehensive migration strategy. Businesses are encouraged to begin migration planning immediately to prevent operational disruptions and align with modern internet standards.

CrowdStrike research reveals DeepSeek-R1 AI model generates insecure code when prompts include politically sensitive topics like Tibet and Uyghurs, increasing security vulnerability likelihood by up to 50%. The model's coding flaws include hard-coded secrets, insecure data handling, and invalid code, posing significant cybersecurity risks for businesses using this AI technology. Taiwan's National Security Bureau warns against Chinese-made generative AI models, citing potential pro-China biases, historical narrative distortion, and disinformation risks. DeepSeek-R1's vulnerability issues arise from geopolitical modifiers in prompts, with significant deviations observed in code security for politically sensitive topics. CrowdStrike discovered an "intrinsic kill switch" in DeepSeek-R1, preventing code generation on banned topics like Falun Gong, indicating possible compliance with Chinese regulations. The findings stress the need for caution when using AI models in sensitive contexts, highlighting the importance of robust security measures and thorough testing. Broader implications include potential regulatory challenges and the necessity for international standards to govern AI model training and deployment to prevent misuse.

The UK cyber team participated in the European Cyber Security Challenge 2025 in Poland, securing a commendable 22nd place among Europe's top young cyber talents. The team, selected from 30 of the UK's brightest cyber enthusiasts, demonstrated exceptional skills, collaboration, and resilience throughout the competition. The ECSC, known as the Olympics of cyber security, featured events like Jeopardy and Attack and Defend, testing participants' technical skills and strategic thinking. Despite initial training hurdles, the team excelled under pressure, showcasing remarkable teamwork and problem-solving abilities during the competition. Coaching focused on instilling core values such as teamwork, resilience, and empowerment, drawing inspiration from sports leadership philosophies. The experience fostered international collaboration and networking, with team members forming connections across borders, enhancing future cyber defense capabilities. The event highlighted the importance of nurturing young talent and the need for ongoing support and sponsorship to advance the UK's cyber security expertise.

A critical vulnerability, CVE-2025-59287, in Microsoft Windows Server Update Services (WSUS) is being actively exploited by attackers to distribute ShadowPad malware. The flaw allows remote code execution with system privileges, posing significant risks to organizations using WSUS for updates. Threat actors have utilized PowerCat to gain system shell access and employed tools like certutil and curl to download ShadowPad. ShadowPad, a modular backdoor linked to Chinese state-sponsored groups, is known for its sophisticated anti-detection and persistence capabilities. The attack involves DLL side-loading, using legitimate binaries to execute malicious payloads, enhancing stealth and effectiveness. Microsoft has patched the vulnerability, yet the release of proof-of-concept exploit code has spurred widespread exploitation efforts. Organizations are urged to apply the latest security updates and monitor WSUS configurations to mitigate potential threats.

The International Association for Cryptologic Research (IACR) will re-run its board election after losing a critical encryption key needed to count votes. The initial election, conducted via the Helios electronic voting system, faced a technical issue when a trustee lost their portion of the cryptographic key. IACR's bylaws require three trustees to hold parts of the key to ensure election integrity, preventing any two from colluding. The key loss incident led to the resignation of the responsible trustee and the decision to void the election and start anew. The association plans to implement a two-out-of-three threshold for key management to prevent future issues, alongside clear procedural guidelines. The re-run election will occur from November 21 to December 20, with the same candidates and electoral roll. This incident highlights the importance of robust key management practices in maintaining the integrity of electronic voting systems.

Researchers from PT Security identified China-linked APT 31, also known as Violet Typhoon, targeting Russian IT companies and government contractors in 2024 and 2025. The attacks were strategically timed to coincide with weekends and holidays, indicating a deep understanding of the targets' operational processes. APT 31 utilized a combination of common malware and proprietary tools to maintain persistent access to Russian networks, focusing on credential theft. The attackers leveraged Russian cloud services, including Yandex and Microsoft OneDrive, for command and control operations, complicating attribution and response efforts. This activity raises questions about the sincerity of the declared "limitless" partnership between China and Russia, as other reports also indicate ongoing cyber operations by China against Russian interests. The persistence of APT 31 in targeting Russian assets suggests continued geopolitical tensions and the need for robust cybersecurity measures to protect critical infrastructure.

Security researchers identified a significant remote code execution vulnerability in the Glob CLI tool, affecting versions v10.2.0 through v11.0.3. The flaw resides in the tool's –c flag, which executes commands on matching files, posing risks when filenames contain shell metacharacters. This vulnerability impacts systems using POSIX, including Linux and macOS, where malicious filenames can execute arbitrary code. Despite over ten million weekly downloads, the CLI tool's infrequent use contributed to the flaw's prolonged existence. Users operating in environments processing untrusted files are urged to update to Glob versions v10.5.0, v11.1.0, or v12.0.0 immediately. The discovery emphasizes the need for rigorous security assessments of widely used libraries and tools in software development environments.

As MCP becomes the standard for linking LLMs to tools and data, security teams are prioritizing robust protection measures to safeguard these integrations. The cheat sheet provides seven actionable security best practices designed to enhance the security posture of organizations implementing MCP. Key recommendations include regular security audits, implementing access controls, and ensuring encrypted data transmissions to prevent unauthorized access and data breaches. Organizations are advised to maintain a proactive approach in monitoring and updating MCP-related systems to address emerging threats and vulnerabilities. The guidance aims to assist security teams in mitigating risks associated with the rapid adoption of MCP, ensuring secure and efficient operations. Adoption of these practices is crucial for organizations to protect sensitive data and maintain trust while leveraging the capabilities of LLMs.