Supply Chain Attacks Cripple NPM and Salesforce; FCC Rolls Back ISP Security Rules

Publication Date: November 24, 2025

Summary

This 24-hour period saw a surge in high-impact supply chain attacks, with the 'Shai-Hulud' worm infecting hundreds of NPM packages and a breach at Gainsight exposing Salesforce customer data. Concurrently, a major cyberattack hit a key US mortgage vendor, and the FCC controversially rescinded ISP cybersecurity rules amidst ongoing nation-state threats. Ransomware and espionage campaigns also continue, with Akira hitting LG and a new APT, 'Autumn Dragon,' targeting Southeast Asia.

Today New Articles

Massive NPM Supply Chain Attack Spreads Self-Replicating "Shai-Hulud" Worm

A significant, ongoing supply chain attack is targeting the NPM JavaScript ecosystem, where a self-replicating worm dubbed "Shai-Hulud" has infected over 400 software packages. The attack has a substantial impact on the cryptocurrency sector, compromising at l...

FCC Rolls Back ISP Cybersecurity Rules Despite China-Linked Hacking Threats

In a controversial decision, the U.S. Federal Communications Commission (FCC) has rescinded cybersecurity regulations for internet service providers (ISPs). These rules were implemented by the Biden Administration following the discovery that the Chinese state...

Akira Ransomware Gang Hits LG Energy Solution, Claims 1.7TB Data Theft

South Korean battery manufacturing giant LG Energy Solution has confirmed it was the victim of a ransomware attack at one of its overseas facilities. The notorious Akira ransomware gang has claimed responsibility for the breach, alleging on its dark web leak s...

New "Autumn Dragon" Espionage Campaign Targets Southeast Asia

A newly identified cyber-espionage campaign named "Autumn Dragon" has been targeting government and media organizations across Southeast Asia since early 2025. The operation, attributed with medium confidence to a China-nexus Advanced Persistent Threat (APT) g...

ShadowPad Backdoor Deployed via Critical WSUS Server Vulnerability

An active intrusion campaign is exploiting a critical remote code execution (RCE) vulnerability, CVE-2025-59287, in Microsoft's Windows Server Update Services (WSUS). Attackers, believed to be Chinese state-sponsored APTs, are leveraging the flaw to gain syste...

Supply Chain Breaches Escalate Despite Maturing Defenses, Report Finds

A new 2025 report from cybersecurity firm BlueVoyant reveals a troubling trend: despite most organizations maturing their third-party risk management (TPRM) programs, the number of supply chain breaches is escalating. The study found that 97% of surveyed organ...

Ransomware Attacks Peak on Holidays and Weekends, Exploiting Low Staffing

A new global study by Semperis, the "2025 Holiday Ransomware Risk Report," confirms that threat actors strategically launch attacks during holidays and weekends to exploit reduced security staffing. The report found that 52% of organizations were targeted duri...

Italian IT Firm Almaviva Hit by Cyberattack, 2.3TB of Data Leaked

The prominent Italian IT services provider Almaviva has confirmed it was hit by a major cyberattack, resulting in the theft and leaking of nearly 2.3 terabytes of sensitive data. The breach has exposed information from several of Almaviva's clients, most notab...