NPM package caught using QR Code to fetch cookie-stealing malware
https://www.bleepingcomputer.com/news/security/npm-package-caught-using-qr-code-to-fetch-cookie-stealing-malware/
Our plan for a more secure npm supply chain - The GitHub Blog
https://github.blog/security/supply-chain-security/our-plan-for-a-more-secure-npm-supply-chain/
ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service
https://thehackernews.com/2025/09/shadowv2-botnet-exploits-misconfigured.html
CISA says hackers breached federal agency using GeoServer exploit
https://www.bleepingcomputer.com/news/security/cisa-says-hackers-breached-federal-agency-using-geoserver-exploit/
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html
GitHub tightens npm security with mandatory 2FA, access tokens
https://www.bleepingcomputer.com/news/security/github-tightens-npm-security-with-mandatory-2fa-access-tokens/
SonicWall releases SMA100 firmware update to wipe rootkit malware
https://www.bleepingcomputer.com/news/security/sonicwall-releases-sma100-firmware-update-to-wipe-rootkit-malware/
Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security
https://thehackernews.com/2025/09/two-new-supermicro-bmc-bugs-allow.html
Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack
https://www.bleepingcomputer.com/news/security/cloudflare-mitigates-new-record-breaking-222-tbps-ddos-attack/
Police dismantles crypto fraud ring linked to €100 million in losses
https://www.bleepingcomputer.com/news/security/police-dismantles-crypto-fraud-ring-linked-to-100-million-in-losses/
Nimbus Manticore Deploys New Malware Targeting Europe - Check Point Research
https://research.checkpoint.com/2025/nimbus-manticore-deploys-new-malware-targeting-europe/
Threat Intelligence - ANY.RUN
https://intelligence.any.run/analysis/lookup?utm_content=linktoti&utm_term=230925#%7B%2522query%2522:%2522threatName:%255C%2522%5Ephishing$%255C%2522%2522,%2522dateRange%2522:180%7D
SolarWinds releases third patch to fix Web Help Desk RCE bug
https://www.bleepingcomputer.com/news/security/solarwinds-releases-third-patch-to-fix-web-help-desk-rce-bug/
Automaker giant Stellantis confirms data breach after Salesforce hack
https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/
Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries
https://thehackernews.com/2025/09/eurojust-arrests-5-in-100m.html
EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State
https://www.zerosalarium.com/2025/09/EDR-Freeze-Puts-EDRs-Antivirus-Into-Coma.html
The Phantom Extension: Backdooring chrome through uncharted pathways
https://www.synacktiv.com/en/publications/the-phantom-extension-backdooring-chrome-through-uncharted-pathways
U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN
https://thehackernews.com/2025/09/us-secret-service-seizes-300-sim.html
A suspected Scattered Spider member suspect detained for casino network attacks
https://securityaffairs.com/182490/cyber-crime/a-suspected-scattered-spider-member-suspect-detained-for-casino-network-attacks.html
GitHub - KingOfTheNOPs/Get-NetNTLM: Internal Monologue BOF
https://github.com/KingOfTheNOPs/Get-NetNTLM