Featured Story

Microsoft SharePoint Zero-Day Disrupts Servers Worldwide

Several serious zero-day vulnerabilities have been discovered and actively exploited in self-hosted Microsoft SharePoint environments, impacting hundreds of organizations worldwide. Victims include critical infrastructure, government agencies, and a U.S. nuclear weapons agency.

Attackers, reportedly China-nexus state-sponsored groups, are exploiting the flaws to gain access to SharePoint servers, extract sensitive documents, and in some cases, deploy ransomware. A malicious tool known as “Toolshell” is being used to automate parts of the attack. Microsoft has issued urgent patches, and CISA has added the flaws to its Known Exploited Vulnerabilities list.

Other Stories

NPM Package ‘is’ with 2.8M Weekly Downloads Infected Devs with Malware

The widely used NPM package ‘is’ was compromised in a supply chain attack. Malicious actors hijacked maintainer accounts and injected malware that granted attackers full access to affected devices. The package, used in countless JavaScript projects, was downloaded millions of times before the breach was identified.

Compromised Amazon Q Extension Told AI to Delete Everything – And It Shipped

The official Amazon Q extension for VS Code was briefly compromised, containing a prompt designed to wipe users’ home directories and delete all AWS resources. While the attack appears intended more as a demonstration than to cause harm, it exposed dangerous blind spots in how AI-based tools are validated and distributed.

Russia-Backed Actor Uses LLM-Powered LAMEHUG Malware to Target Defense Sector

Russian APT group UAC-0001 (APT28) has launched a new campaign targeting the defense and security sector using a novel malware strain, LAMEHUG, powered by large language model (LLM) technology. CERT-UA reports that this malware is capable of enhanced obfuscation and autonomous payload generation.

Watch Out for E-Mails Pretending to Be from the Police

A recurring phishing campaign is resurfacing, impersonating the Federal Police and Europol. These messages falsely accuse recipients of sexual offenses and attempt to extort money under coercion. The tone is threatening and manipulative, aiming to scare victims into compliance.