💥 This week in cyber was one for the history books.

📦 The world’s largest supply chain attack hit npm, with billions of downloads tainted.
⚡ Nation-state espionage escalated as China-linked groups ramped up campaigns tied to trade negotiations.
💻 Ransomware evolved yet again, with HybridPetya breaking UEFI Secure Boot and Akira exploiting SonicWall appliances.
📱 Meanwhile, Samsung scrambled to patch a WhatsApp-linked zero-day, and Apple unveiled a five-year project to shut down spyware developers.

And that’s just scratching the surface — phishing kits got smarter, backdoors stealthier, and even “AI-coded” mistakes sent companies back to hiring human developers.

🔍 Curious about how these stories connect, and what they mean for your security strategy? ➡️ Check out this week’s Friday Wrap-Up!

🚨 Major Supply Chain & Data Breaches
This week saw what may be the largest supply chain attack in history, alongside new corporate breaches.

• 📦 Hackers hijack npm packages with 2.6B weekly downloads in historic supply chain attack (Published on 9/8/2025, BleepingComputer). Read More

• 🎞️ Plex urges password resets after hackers breach database of auth data (Published on 9/9/2025, SecurityWeek). Read More

• 📉 Blast radius of Salesloft Drift attacks still widening, severity unclear (Published on 9/4/2025, Dark Reading). Read More

🛡️ Malware & Vulnerabilities
Stealthy backdoors, cross-platform RATs, and new zero-days reminded defenders that attackers innovate quickly.

• 🎭 GPUGate malware spreads via Google ads and fake GitHub commits (Published on 9/8/2025, The Hacker News). Read More

• 🐧 Sitecore zero-day exploited to deploy WEEPSTEEL malware (Published on 9/8/2025, Hackread). Read More

• 💻 MystRodX backdoor uses DNS & ICMP triggers for stealthy control (Published on 9/2/2025, The Hacker News). Read More

• 🍎 CHILLYHELL macOS backdoor and ZynorRAT hit macOS, Windows, Linux (Published on 9/10/2025, The Hacker News). Read More

• 🔁 ChillyHell macOS malware resurfaces using Google.com as a decoy (Published on 9/11/2025, Hackread). Read More

• ⚡ New VMScape attack breaks VM isolation on AMD & Intel CPUs (Published on 9/11/2025, BleepingComputer). Read More

• 📱 Samsung patches actively exploited zero-day reported by WhatsApp (Published on 9/12/2025, BleepingComputer). Read More

• 🔧 Fortinet, Ivanti & Nvidia issue patches for high-severity flaws (Published on 9/10/2025, SecurityWeek). Read More

📡 Espionage & Nation-State Operations
China-linked actors dominated headlines with brazen espionage tied to trade negotiations and infrastructure access.

• 🇨🇳 APT41 impersonated U.S. lawmaker to target trade groups with malware (Published on 9/8/2025, SecurityWeek). Read More

• 🛰️ New infrastructure links 45 more domains to Salt Typhoon/UNC4841 espionage ops (Published on 9/8/2025, Dark Reading). Read More

• 🏛️ APT41 actively targeting U.S. trade officials amid negotiations (Published on 9/10/2025, The Hacker News). Read More

💻 Ransomware & Financial Crime
AI and new tactics continue to fuel ransomware’s evolution, including a throwback with a dangerous twist.

• 📈 Ransomware losses climb as AI drives phishing and triple extortion (Published on 9/9/2025, SecurityWeek). Read More

• 🔓 Akira ransomware exploiting SonicWall flaw for access (Published on 9/11/2025, SecurityWeek). Read More

• 🧨 New HybridPetya ransomware bypasses UEFI Secure Boot via CVE-2024-7344 (Published on 9/12/2025, The Hacker News). Read More

🌐 Phishing & Social Engineering
Attackers continue refining phishing kits and lures, targeting both MFA and public services.

• 🪝 Salty2FA phishing kit bypasses MFA & clones login portals (Published on 9/9/2025, Hackread). Read More

• 🚔 Fake Bureau of Motor Vehicles texts steal banking details (Published on 9/11/2025, Malwarebytes). Read More

⚖️ Policy, Regulation & Industry Trends
Legal battles and compliance challenges reshaped the business side of cybersecurity.

• 🧩 Apple unveils Memory Integrity Enforcement, crippling spyware devs (Published on 9/10/2025, CyberScoop). Read More

• 💼 UK court to rule on legality of reselling enterprise software licenses (Published on 9/10/2025, ComputerWeekly). Read More

• 🇪🇺 Microsoft avoids EU fine by unbundling Teams from Office (Published on 9/12/2025, Ars Technica). Read More

• 👥 Scattered Lapsus$ Hunters hacking group announces shutdown (Published on 9/12/2025, Hackread). Read More

• 🤖 After AI layoffs, companies rehire coders to fix “vibe-coded” errors (Published on 9/12/2025, Gizmodo). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!