Today’s security landscape is dominated by multiple actively exploited zero-day vulnerabilities in Cisco firewalls, prompting an emergency directive from CISA for immediate patching. A massive software supply chain attack, dubbed ‘Shai-Hulud,’ has compromised over 500 npm packages, affecting millions of downloads. We are also covering the significant financial fallout from the Co-op cyberattack and a critical data exposure flaw in a popular call-recording app. This digest provides essential details on these high-priority threats.
Top 5 Critical Security Alerts
- Cisco warns of ASA firewall zero-days exploited in attacks: Cisco has disclosed two critical zero-day vulnerabilities in its ASA and FTD firewall software that are being actively exploited in the wild, urging immediate patching. Read more
- CISA orders agencies to patch Cisco flaws exploited in zero-day attacks: CISA has issued an emergency directive ordering all U.S. federal agencies to secure their Cisco firewall devices against the two actively exploited zero-day flaws within one day. Read more
- As many as 2 million Cisco devices affected by actively exploited 0-day: Security scans reveal that up to two million Cisco devices with vulnerable SNMP interfaces are exposed to the internet, significantly increasing the attack surface for this exploited flaw. Read more
- Massive npm infection: the Shai-Hulud worm and patient zero: A widespread software supply chain attack involves a self-replicating worm named ‘Shai-Hulud,’ which has infected over 500 npm packages with millions of downloads. Read more
- Critical Vulnerability in Salesforce AgentForce Exposed: A critical flaw dubbed ‘ForcedLeak’ in Salesforce’s AgentForce AI platform allows for sensitive CRM data exfiltration through indirect prompt injection attacks. Read more
Threat Intelligence
- Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs: Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, which now includes enhanced features for browser targeting and clipboard hijacking. Read more
- Malicious Rust packages on Crates.io steal crypto wallet keys: Two malicious packages on Rust’s official Crates.io repository, downloaded nearly 8,500 times, were found scanning developer systems to steal cryptocurrency private keys. Read more
- Unofficial Postmark MCP npm silently stole users’ emails: A malicious npm package impersonating the official ‘postmark-mcp’ library was discovered exfiltrating user email communications via a single line of malicious code. Read more
Security Breaches & Incidents
- Co-op says it lost $107 million after Scattered Spider attack: UK retailer The Co-op has reported a massive operating loss of £80 million ($107 million) as a direct result of the cyberattack it suffered in April. Read more
- Viral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcripts: The popular iPhone app Neon was pulled offline after a major security bug was discovered that allowed any user to access the call recordings and transcripts of other users. Read more
Security Tools & Best Practices
- How secure are passkeys, really? Here’s what you need to know: Passkeys offer significant advantages over traditional passwords by providing phishing resistance and simpler logins, though some hurdles to widespread adoption remain. Read more
Cloud & Network Security
- Chinese APT Drops ‘Brickstorm’ Backdoors on Edge Devices: The China-linked cyber-espionage group UNC5221 is actively compromising network edge devices with new versions of the ‘Brickstorm’ backdoor to evade traditional EDR solutions. Read more
Security Standards & Frameworks
- CISA urges orgs to review software after ‘Shai-Hulud’ supply chain compromise: In response to the ‘Shai-Hulud’ worm, CISA is urging all organizations to diligently review their software supply chains for potential compromise from infected packages. Read more
