Chrome 0-Day Patched, npm Attack, LinkedIn AI Data Scandal
▼ Summary
– Most enterprise AI use is invisible to security teams, with 89% of activity going unseen and creating risks around data privacy and compliance.
– A self-replicating worm compromised over 180 npm packages in a large-scale automated supply chain attack.
– Google fixed an actively exploited Chrome zero-day vulnerability (CVE-2025-10585) and introduced VaultGemma, a differentially private LLM for secure data handling.
– Attackers are exploiting neglected assets, old file types, and incorrectly stored recovery codes, while phishing campaigns target developers and ransomware groups adapt tactics.
– LinkedIn now uses member data by default for AI training unless users opt out, and AI is making crypto scams more dangerous and widespread.
A significant portion of enterprise AI usage remains undetected by IT and security departments, creating substantial risks for data privacy and compliance. According to recent findings, 89% of AI activity within organizations goes unseen, highlighting a critical gap in governance and oversight.
In the realm of open-source security tools, Arkime offers a robust solution for large-scale network analysis and packet capture. This system integrates seamlessly with existing security infrastructure, storing and indexing network traffic in standard PCAP format for efficient search and retrieval.
Security leaders are increasingly emphasizing the need for engineering-driven protection rather than mere compliance checkboxes. In a recent discussion, Nir Rothenberg of Rapyd noted that strong security naturally follows good engineering practices, urging organizations to prioritize genuine safeguards over superficial audits.
Global compliance strategies are also evolving, with experts like Marco Goldberg of EQS Group advising on practical approaches to international regulations. The focus remains on maintaining system usability while adhering to diverse legal requirements across borders.
Researchers have developed ICSLure, a deceptive network designed to mimic industrial control systems, allowing experts to study and defend against emerging ICS threats in a controlled environment.
Daniel Stenberg, creator of the widely-used cURL tool, shared insights into maintaining security across billions of devices. Through decades of rigorous testing and refinement, cURL continues to minimize risks in everything from cloud services to IoT applications.
Large language models are gaining traction in cybersecurity operations, assisting with threat intelligence sorting and incident response. However, their integration raises important questions about when AI enhances decision-making and when it might introduce vulnerabilities.
A phishing campaign recently targeted Rust developers on crates.io, echoing earlier attacks on npm. Attackers sent deceptive emails to package maintainers, attempting to compromise published crates.
In a concerning development, ransomware actors exploited improperly stored recovery codes to disable endpoint detection and response agents. This incident underscores how adaptable attackers are in capitalizing on organizational mistakes.
A self-replicating worm compromised over 180 npm packages in a largely automated supply chain attack. This event demonstrates the escalating scale and sophistication of software distribution threats.
Microsoft and Cloudflare successfully disrupted the RaccoonO365 Phishing-as-a-Service operation, identifying and taking action against its alleged leader.
Despite being known since 2014, the vulnerability enabling pixie dust attacks continues to affect consumer and small office networking equipment worldwide, according to NetRise researchers.
Google addressed an actively exploited zero-day vulnerability in Chrome, identified as CVE-2025-10585, with an urgent security update.
SonicWall confirmed that attackers compromised some firewall configuration backup files, adding to a challenging year marked by multiple vulnerabilities in their appliances.
The rise of AI-powered video surveillance sparks intense debate about privacy boundaries. While promising enhanced safety, these technologies risk normalizing intrusive monitoring practices.
Google introduced VaultGemma, a differentially private large language model designed for secure data handling in sensitive sectors like healthcare and finance.
GitHub enhanced SSH access security by implementing post-quantum cryptography, preparing for future threats to current encryption standards.
AI has dramatically increased the scale and effectiveness of cryptocurrency scams, contributing to over $3 billion in losses during the first half of 2025.
LinkedIn updated its policies to use member data for AI training by default, requiring users to manually opt out to preserve their privacy.
Protecting cyber-physical systems grows more complex amid shifting supply chains and evolving regulations, creating new opportunities for attackers.
As 6G standards development progresses, security experts emphasize the need for a secure-by-design approach to anticipate and mitigate future threats.
Neglected assets represent a frequently overlooked risk, as attackers actively seek out forgotten or unmaintained systems.
Understanding intent, not just detecting bots, is becoming crucial for effective cybersecurity defense, according to threat researchers.
The EU’s Digital Operational Resilience Act (DORA) is reshaping risk management practices for financial institutions, with global implications.
Static intelligence feeds often leave security teams reacting to outdated or irrelevant data, prompting calls for more dynamic, primary source collection methods.
Operational technology security requires continuous vigilance rather than one-time solutions, as evidenced by widespread breaches in critical infrastructure.
Attackers are increasingly weaponizing common file types, hiding malicious activity within trusted formats to evade detection.
The Electronic Frontier Foundation released Rayhunter, an open-source tool for detecting cell site simulators used in cellular surveillance.
Identity fraud in hiring processes is rising globally, complicbackground checks and increasing organizational risk.
Shadow AI practices are undermining corporate security from within, converging with supply chain and compliance concerns as top board-level issues.
Many threat reports only reveal part of the malware landscape, with hidden variants slipping past defenses undetected.
Evidence suggests collaboration between Gamaredon and Turla threat groups, both linked to Russian intelligence, targeting high-profile Ukrainian organizations.
New security products like Exaforce’s AI SOC platform and Clean Links’ QR code safety tool offer innovative approaches to detection and prevention.
The cybersecurity job market remains active, with roles available across various skill levels and specializations.
Recent product releases from Absolute Security, Catchpoint, Nagomi Security, Neon Cyber, and QuSecure highlight continued innovation in the information security landscape.
(Source: HelpNet Security)
