Major npm compromise
A number of high-profile npm libraries were compromised after developers fell for a phishing email. This compromise affected libraries with a total of hundreds of millions of downloads a week.
https://bsky.app/profile/bad-at-computer.bsky.social/post/3lydioq5swk2y https://github.com/orgs/community/discussions/172738 https://github.com/chalk/chalk/issues/656#issuecomment-3266894253
https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
HTTP Request Signatures
It looks like some search engines and AI bots are starting to use the HTTP request signature. This should make it easier to identify bot traffic.
https://isc.sans.edu/diary/HTTP%20Request%20Signatures/32266

From YARA Offsets to Virtual Addresses
Xavier explains how to convert offsets reported by YARA into offsets suitable for the use with debuggers.
https://isc.sans.edu/diary/From%20YARA%20Offsets%20to%20Virtual%20Addresses/32262
Phishing via JavaScript in SVG Files
Virustotal uncovered a Colombian phishing campaign that takes advantage of JavaScript in SVG files.
https://blog.virustotal.com/2025/09/uncovering-colombian-malware-campaign.html
FreePBX Patches
FreePBX released details regarding two vulnerabilities patched last week. One of these vulnerabilities was already actively exploited.
https://github.com/FreePBX/security-reporting/security/advisories/GHSA-3r47-p39v-vqqf

Unauthorized Issuance of Certificate for 1.1.1.1
Cloudflare published a blog post with more details regarding the bad 1.1.1.1 certificate that was issued by Fina.
https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/
AI Model Namespace Reuse
Deleted accounts on Huggingface can be taken over by other entities unrelated to the original owner.
https://unit42.paloaltonetworks.com/model-namespace-reuse/
macOS vulnerability allowed Keychain and iOS app decryption without a password
Excessive entitlements for the gcore binary facilitated access to key material that was sufficient to access secrets stored in Apple s keychain.
https://www.helpnetsecurity.com/2025/09/04/macos-gcore-vulnerability-cve-2025-24204/

Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086
Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a few critical vulnerabilities patched in recent months.
https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Dassault%20DELMIA%20Apriso.%20CVE-2025-5086/32256
Android Bulletin
Google released its September update, fixing two already-exploited privilege escalation flaws and some remote code execution issues.
https://source.android.com/docs/security/bulletin/2025-09-01
Mis-issued Certificates for SAN iPAddress:1.1.1.1 by Fina RDC 2020
Certificate authority Fina RDC issues a certificate for Cloudflare s IP address 1.1.1.1
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/SgwC1QsEpvc

A Quick Look at Sextortion at Scale
Jan analyzed 1900 different sextortion messages using 205 different Bitcoin addresses to look at the success rate, lifetime, and other metrics defining these campaigns.
https://isc.sans.edu/diary/A%20quick%20look%20at%20sextortion%20at%20scale%3A%201%2C900%20messages%20and%20205%20Bitcoin%20addresses%20spanning%20four%20years/32252
Azure AD Client Secret Leak
Attackers are stealing Azure AD client secrets from websites that are leaving them exposed.
https://www.resecurity.com/blog/article/azure-ad-client-secret-leak-the-keys-to-cloud
Covert Channel via ICMP and DNS
A new bot combines ICMP and DNS in new ways for covert communication. The DNS requests use domains with a fixed prefix followed by a base64 encoded command, and the ICMP echo request packets include commands as a payload.
https://blog.xlab.qianxin.com/mystrodx_covert_dual-mode_backdoor_en/
Official Release of Critical FreePBX Patch
Sangoma has announced that the experimental patch released for the exploited FreePBX vulnerability is now considered stable, and users should update to apply it.
https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203

pdf-parser: All Streams
Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams.
https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248
Salesloft Drift Putting OAuth Tokens at Risk
OAuth tokens used by Salesloft Drift users to provide access to integrations with Salesforce, Google Workspace, and others have been compromised and heavily abused for additional compromise and large-scale data exfiltration from exposed services.
https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift
Velociraptor incident response tool abused for remote access
Attackers are using the open source incident response tool Velociraptor to access remote systems in breached networks. Tools like Velocitraptor are ideal for attackers to perform lateral movement.
https://news.sophos.com/en-us/2025/08/26/velociraptor-incident-response-tool-abused-for-remote-access/
Default Password in NeuVector (Rancher Desktop)
SuSE fixed a default password vulnerability in NeuVector, a security tool included in Rancher Desktop.
https://github.com/neuvector/neuvector/security/advisories/GHSA-8pxw-9c75-6w56

Increasing Searches for ZIP Files
Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers.
https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242
FreePBX Vulnerability
An upatched vulnerability in FreePBX is currently being exploited. FreePBX offers mitigation advice and has also just released a beta patch.
https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203
Passwordstate Vulnerability
Clickstudios patched an authentication bypass vulnerability in its password manager, Passwordstate. The vulnerability can be used to access the emergency password page.
https://www.clickstudios.com.au/passwordstate-changelog.aspx

Interesting Technique to Launch a Shellcode
Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code.
https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238
NX Compromised to Steal Wallets and Credentials
The popular open source NX build package was compromised. Code was added that uses the help of AI tools like Claude and Gemini to steal credentials from affected systems
https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed the Global Espionage System
Several law enforcement and cybersecurity agencies worldwide collaborated to release a detailed report on the recent Volt Typhoon incident.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a

Getting a Better Handle on International Domain Names and Punycode
International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use.
https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234
Citrix Netscaler Vulnerabilities CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424
Citrix patched three vulnerabilities in Netscaler. One is already being exploited
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424
git vulnerability exploited (CVE-2025-48384)
A git vulnerability patched in early July is now being exploited
https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9

Reading Location Position Value in Microsoft Word Documents
Jessy investigated how Word documents store the last visited document location in the registry.
https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224
Weaponizing image scaling against production AI systems
AI systems often downscale images before processing them. An attacker can create a harmless looking image that would reveal text after downscaling leading to prompt injection
https://blog.trailofbits.com/2025/08/21/weaponizing-image-scaling-against-production-ai-systems/
IBM Jazz Team Server Vulnerability CVE-2025-36157
IBM patched a critical vulnerability in its Jazz Team Server
https://www.ibm.com/support/pages/node/7242925