Over 130 malicious NPM packages have been downloaded about 100,000 times. These packages use the NPM postinstall hook to deploy information stealers. Dubbed PhantomRaven, this campaign cleverly hides its malicious intent and targets developers with typosquatting and AI-suggested package names.

Proton’s Data Breach Observatory has unearthed over 300 million compromised records on the dark web this year. SMBs, particularly in retail, have been prime targets. The new service aims to spotlight breaches and alert affected parties promptly. It’s like having a digital watchdog, sniffing out cyber trouble before it bites!

Cloud Atlas is back in action, targeting Russia’s agricultural sector with an old 2023 exploit. Using booby-trapped Word documents, they deliver the VBShower backdoor. This adaptable threat actor has been active since 2014, increasing attacks on Russia and Belarus in 2025. Other groups like GOFFEE and PhantomCore are also in the mix.

PhantomRaven is a crafty software supply chain attack targeting the npm registry with over 100 malicious packages. By exploiting Remote Dynamic Dependencies, attackers cleverly hide their code, making it invisible to security scanners. Developers beware! These packages are stealthier than a ninja in a library.

People’s Postcode Lottery players got a surprise peek at others’ personal info due to a technical glitch. Instead of winning numbers, users saw names and addresses. PPL swiftly pulled the site offline, ensuring no more accidental prize draws for privacy breaches. They’re now offering free Experian credit monitoring to those affected.

Matrix hopes to be the lifeboat as Europe looks for secure communication alternatives. With France and Germany leading the charge, the continent is embracing Matrix’s decentralized approach. Meanwhile, the European Commission is dipping its toes in the Matrix pool, but anyone hoping for a Teams breakup? Keep dreaming!

Australian Peter Williams, 39, former boss of a US defense contractor, confessed to selling zero-day exploits to a Russian cyber broker. For a tidy sum in cryptocurrency, he transmitted stolen cyber secrets in encrypted form, aiding Russian cyber actors. This cybersecurity breach is being viewed as a national security threat.

Dentsu’s U.S. subsidiary Merkle got hacked, exposing staff and client data. Cyber crooks left the marketing giant scrambling to unplug systems faster than a bad karaoke machine. No ransom note yet, but Dentsu’s on high alert, and impacted folks are getting free dark web monitoring as a silver lining.

An Australian national, Peter Williams, has pleaded guilty to stealing trade secrets from a US defense contractor and selling them to a Russian broker. He traded $35 million worth of cyber exploits for cryptocurrency, which he then used to buy luxury items. He faces up to 20 years in prison and hefty fines.

Beware of sneaky impostors! Ten malicious npm packages, including typescriptjs and react-router-dom.js, have been pilfering sensitive data from nearly 10,000 developers. These impostor packages use typosquatting and a fake CAPTCHA to trick users into downloading an info-stealer that loves collecting credentials. Always double-check package names before installing—you don’t want your data taking an unexpected vacation!

Microsoft suffered a massive infrastructure disruption on October 29, 2025, due to a misconfiguration in its cloud network. The outage impacted Azure, Microsoft 365, Teams, and even gaming services like Xbox Live. As Microsoft scrambles to fix the chaos, businesses are left pondering their dependency on single cloud providers.

Cybersecurity threat alert! Zimperium’s investigation reveals a new malware menace targeting Android users through tap-to-pay systems. Dubbed “Tap-and-Steal,” this NFC relay malware disguises itself as trusted apps, turning devices into payment fraud tools. Stay alert, download apps wisely, and don’t let your phone become a cybercriminal’s dream machine!

Canada’s cyber agency warns that hacktivists have breached the country’s critical infrastructure, causing chaos at water, oil, and agricultural facilities. These cyber pranksters have turned serious systems into a high-stakes game of whack-a-mole, risking public safety to discredit organizations and tarnish Canada’s image.

AI cloaking is turning classic SEO tricks into powerful misinformation weapons, fooling AI crawlers like Atlas into swallowing bogus narratives. Researchers have shown how easy it is to make AI tools rank fake profiles highly by feeding them doctored résumés. It’s context poisoning, not hacking—just serving up digital deception with a side of chaos.

Microsoft’s Azure cloud platform had an outage due to an “inadvertent configuration change.” This marks the second major cloud outage in two weeks. Even Azure’s status page went down—talk about a bad day at the office! Remember, when one tech giant sneezes, the whole internet catches a cold.

CyberCorps scholars, eager to protect the nation’s infrastructure, now face a plot twist: a career fair cancellation and looming debt. This “Hunger Games”-style job hunt has them scrambling for opportunities, as federal hiring freezes leave them in the lurch. Will the program’s future be a comedy or tragedy? Only time will tell.

PhantomRaven’s invisible dependencies pose a serious challenge by using Remote Dynamic Dependencies to sneak malicious code past security tools. These packages cleverly exploit npm’s little-known feature, masquerading as harmless. Threat actors employ slopsquatting, using AI hallucinations to name fake packages, duping developers into compromising their systems with malicious npm packages.

Hold onto your server hats, folks! The Anti-Malware Security and Brute-Force Firewall plugin for WordPress is dealing with a vulnerability that’s got subscribers reading files like a bestseller. Identified as CVE-2025-11705, this bug invites low-privileged users to peek at confidential info. Plugin update 4.23.83 is your new best friend!

A critical bug in Chromium’s Blink engine allows browsers to crash in seconds, causing chaos for billions worldwide. Security researcher Jose Pino’s exploit, Brash, highlights the issue that affects nine major browsers. It won’t lead to ransomware but could still ruin your day and your open tabs.

Hacktivists have repeatedly breached Canada’s critical infrastructure, and the Canadian Centre for Cyber Security urges stronger security for internet-exposed Industrial Control Systems (ICS). Recent incidents involved tampering at key facilities, causing disruptions and potential dangers. Authorities emphasize that while these attacks weren’t sophisticated, they highlight the risk of poorly protected ICS components.