Latest news as of 9/18/2025, 3:07:57 PM
Dark Reading
Highly deceptive FileFix uses code obfuscation and steganography and has been translated into at least 16 languages to power a global campaign.
Bleeping Computer
Microsoft has announced that the Windows Management Instrumentation Command-line (WMIC) tool will be removed after upgrading to Windows 11 25H2 and later. [...]
The Register
Intrusions bear the same hallmarks as recent Nx mess The npm platform is the target of another supply chain attack, with crims already compromising 187 packages and counting.…
Bleeping Computer
One VMware-certified pro is a win. An entire certified team? That's a security multiplier. VMUG Advantage makes team-wide certification practical—building collaboration, resilience, and retention. [...]
Dark Reading
The malware, which has traits of Petya ransomware and the infamous NotPetya wiper, is designed to target UEFI-based systems, according to researchers.
The Hacker News
A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228 countries and territories. "These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks," HUMAN’s Satori Threat Intelligence and
Dark Reading
The cybercrime group, named after Japanese ghosts but believed to be from Morocco, uses a modified version of the Prince-Ransomware binary that includes a flaw allowing for partial data recovery. However, an extortion threat remains.
Krebs on Security
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.
Graham Cluley
Luxury fashion group Kering - owner of the prestigious Gucci, Balenciaga, and Alexander McQueen brands, amongst others - has confirmed that hackers stole customer data from its systems in June 2025. Read more in my article on the Hot for Security blog.
Graham Cluley
In episode 68 of The AI Fix, our hosts open the show by launching the thing nobody asked for but everybody wanted: our shiny new merch store - yes, including the “Would YOU trust a pigeon???” t-shirt for when you need fashion alongside health and safety. Meanwhile, AI hoaxers send Manila firefighters racing to an imaginary blaze, Albania appoints an AI as a minister, and the godfather of AI gets dumped... by ChatGPT. Plus Mark shows off his ventriloquism skills, while Graham describes a near-telepathic wearable that lets you “talk” without moving your lips, and we look into how humanity and AI has joined forces to fight for AI rights. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.