Major Incidents or Breaches

  • A supply chain attack compromised 15 popular Gluestack NPM packages, which collectively have over 950,000 weekly downloads. The compromised packages were modified to include malicious code functioning as a remote access trojan (RAT).
  • Two malicious NPM packages, disguised as utility tools, were discovered to be destructive data wipers. When installed, these packages delete entire application directories, causing potential data loss for affected users.

Newly Discovered Vulnerabilities

  • Wireshark 4.4.7 was released, addressing one security vulnerability (CVE-2025-5601) and resolving eight additional bugs.

Notable Threat Actor Activity

  • Ongoing investigations and reporting continue regarding unexplained iPhone crashes that some external sources have linked to Chinese threat actors, though Apple denies any connection to Chinese hacking activity.

Trends, Tools, or Tactics of Interest

  • The tool pngdump.py has been updated to enhance its capability for extracting chunks and embedded data from PNG images, aiding in malware analysis and forensic investigations.
  • There is a noted trend of malicious actors leveraging NPM packages for both remote access and destructive attacks, with packages either installing RATs or acting as wipers that erase project data.