"Shai-Hulud" Worm Digs Into npm Supply Chain; SonicWall Cloud Backup Service Breach; Jaguar Land Rover Shutdown Has Significant Economic Impact

Researchers at ReversingLabs are warning of a worm that spreads through the npm open-source registry supply chain, compromising developer accounts and hiding itself in legitimate packages which, when downloaded, install the worm and repeat the process. The first npm package affected by the worm appears to have been compromised on September 14 at 17:58 UTC. Once a system is compromised, the malware installs TruffleHog, an open-source secret-detection analysis tool, then exfiltrates primarily GitHub, AWS, GCP, and npm tokens, using them to compromise additional accounts and to publish the secrets to new GitHub repositories or branches with "Shai-Hulud" in the name or description. After exfiltration, the worm propagates, writing itself into up to 20 packages the developer has access to, "automat[ing] the spread by piggybacking on the maintainer’s own publishing rights." While in GitHub, the worm also attempts to create public copies of users' private repositories, likely seeking hardcoded secrets and source code to enable future attacks. Compromised packages identified by ReversingLabs "account for millions of combined weekly downloads, making this a high-impact supply chain compromise," and the researchers emphasize that the affected parties are spread across many industries and professional strata. This attack bears similarities to the August 27, 2025 AI-enabled credential stealer attacks on Nx packages (an attack dubbed "s1ngularity") and researchers at both Wiz and Aikido believe the same threat actor is responsible for the "Shai-Hulud" campaign. Nicholas Weaver, a researcher with the International Computer Science Institute, calls this "a supply chain attack that conducts a supply chain attack," and urges package managers to require phishing-proof 2FA human consent for every publication request. Users should identify and remove compromised packages, reviewing dependency trees; look for and remove GitHub repositories and branches containing "shai-hulud" in the name or description; rotate credentials; check cloud infrastructure for compromise; and implement network monitoring and security controls.

SonicWall is urging some customers to reset passwords after the company's cloud backup service was breached and firewall configuration data were compromised. In a knowledge base article, SonicWall writes that their "investigation found that threat actors accessed backup firewall preference files stored in the cloud for fewer than 5% of [their] firewall install base. While credentials within the files were encrypted, the files also included information that could make it easier for attackers to potentially exploit the related firewall." When SonicWall became aware of the breach, they disabled the cloud backup feature and rotated internal keys. They also made "infrastructure and process changes" to prevent a recurrence of the incident. The SonicWall article provides detailed instructions to help users determine if they are at risk, and guidance for those who are.

Jaguar Land Rover (JLR) now says their global operations will be shuttered until at least September 24, bringing the company's downtime to nearly four weeks. JLR took operations offline at the beginning of September in response to a cybersecurity incident; they are currently undergoing a forensic investigation. The ongoing outage has had a significant financial impact, not just on JLR but also on their suppliers. Shares in Autins, a company that provides components for JLR vehicles, fell 40 percent. As "Lucas Kello, the director of the University of Oxford's Academic Centre of Excellence in Cyber Security Research, told Recorded Future News last week: 'This is more than a company outage — it’s an economic security incident.'" Unite, a UK automotive workers union, has called for government support during the outage, much like the furlough schemes that supplemented salaries during the early months of the COVID-19 pandemic.

Google has released an update to address a zero-day vulnerability in Chrome; this is the sixth zero-day Chrome vulnerability Google has addressed this calendar year. The high-severity type-confusion flaw in the V8 JavaScript and WebAssembly engine (CVE-2025-10585) is one of four security issues addressed in the most recent update to Chrome. The others are also high-severity: a use after free issue in Dawn (CVE-2025-10500); a use after free in WebRTC (CVE-2025-10501); and a heap buffer overflow in ANGLE (CVE-2025-10502). The zero-day issue (CVE-2025-10585) was detected and reported by the Google Threat Analysis Group (TAG). Two of the flaws were reported by third-party entities, and the fourth was detected by Google's Big Sleep AI Agent. Users are urged to ensure their systems have been updated to Chrome 140.0.7339.185/.186 for Windows/Mac, and Chrome 140.0.7339.185 for Linux.

Researchers from JFrog Security have discovered a group of four vulnerabilities in the Chaos-Mesh Chaos engineering platform. The vulnerabilities, which have been dubbed Chaotic Deputy, "can be easily exploited by in-cluster attackers to run arbitrary code on any pod in the cluster, even in the default configuration of Chaos-Mesh" and take control of Kubernetes clusters. Users are urged to update to Chaos-Mesh version 2.7.3. Frog writes, "Chaos-Mesh is a Cloud Native Computing Foundation incubating project that brings various types of fault simulation to Kubernetes and has an enormous capability to orchestrate fault scenarios. Some managed Kubernetes service platforms support Chaos-Mesh and integrate it as part of their fault injection services, such as Azure’s Chaos Studio for AKS."

Microsoft and Cloudflare have worked together to take down the operational infrastructure that supported the RaccoonO365 phishing network. Microsoft's Digital Crimes Unit (DCU) obtained a court order allowing them to seize websites related to the RaccoonO365 subscription-based phishing operation, which is tracked by Microsoft as Storm-2246. According to Cloudflare's write-up, "The campaign's primary attack vector was phishing kits designed to steal Microsoft 365 credentials. The kits used a simple CAPTCHA page and anti-bot techniques to evade analysis and appear legitimate to victims." The phishing kits have been used to steal Microsoft credentials in more than 90 countries.

Google recently detected and disabled a fraudulent account created in its Law Enforcement Request System (LERS), which the company maintains for official data requests from police and intelligence agencies including subpoenas, court orders, and emergency disclosure requests. This confirmation follows a threat actor's social media post offering screenshots as proof of access to Google's LERS platform and the FBI National Instant Criminal Background Check (NICS eCheck) system. The FBI has not commented. While Google states "no requests were made with this fraudulent [LERS] account, and no data was accessed," no information has been disclosed on how a threat actor was able to fraudulently access the system.

The US House Appropriations Committee has introduced a bill that would extend two pieces of cybersecurity legislation, pushing their expiration from September 30 to November 21, 2025. The 2015 Cybersecurity Information Sharing Act (CISA 2015, not to be confused with the Cybersecurity and Infrastructure Security Agency), is characterized as "bedrock law," and establishes protections and voluntary procedures for the sharing of cyber threat information between private organizations and the federal government. Under CISA 2015, federal agencies must develop procedures for sharing threat indicators and defensive measures with the private sector; private organizations are authorized to conduct comprehensive network monitoring and are protected from liability doing so, except in enacting defensive measures; and information shared within the act's rules is "protected from the waiver of any evidentiary privilege when information is shared under the Act, limits on the government’s ability to use shared information for regulatory enforcement, and liability limitations." The second measure, the State and Local Cybersecurity Grant Program (SLCGP), was established in 2021 and Congress appropriated $1 billion to be distributed in grants over four years "to address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local, or tribal governments." The House Homeland Security Committee previously proposed ten-year extensions that have not yet reached the House floor, and the Senate Homeland Security Committee will address its own version including possible revisions.

On Wednesday, September 17, 2025, after a year of debate, Italy's parliament approved the first law by an EU member state to comprehensively regulate AI, maintaining consistency with the EU Artificial Intelligence Act. The law's stated aim is human-centric, to protect citizens' rights and safety from possible harm from misuse of AI, regulating use in healthcare, justice, and education, and mandating transparency about AI use in the workplace. The law also lays out prison sentences of one to five years for generating and distributing certain malicious content, such as deepfakes, and specifies harsher penalties for use of AI in fraud, theft, and money laundering. Children under 14 must get parental consent before accessing AI. "On copyright, works created with AI assistance are protected if they result from intellectual effort, while AI-driven text and data mining is allowed only for non-copyrighted content or scientific research by authorised institutions." Oversight and enforcement will be spread across several government agencies and authorities, who must develop a national AI strategy, and €1 billion (US$1.18 billion) has been approved for investment in AI, cybersecurity, and telecommunications companies. The following day, a panel of four experts testified before the US House Judiciary Subcommittee on Courts, Intellectual Property, Artificial Intelligence, and the Internet, on the subject of US federal regulation of AI. The experts, David A. Bray, Kevin Frazier, Neil Richards, and Adam Thierer, representing universities and think tanks with expertise in technology, politics, law, and AI, gave "differing perspectives" but agreed at large that some kind of federal framework for regulating AI is necessary, and that innovation must be balanced with responsible development and oversight.

The Cyberspace Administration of China (CAC) has announced new National Cybersecurity Incident Reporting Management Measures that will require some incidents to be reported within an hour. The new rules, which apply to network operators, include an incident classification guide with threshold indicators for disruption, cost, and potential threats to national security or "social stability." The operators will be required to provide specifics about the incident: type of incident, attack timeline, which systems were affected, damage assessment, causes, and steps taken to manage it. They will also be required to submit an evaluation within 30 days of the incident, describing the causes of the incident and lessons learned. Operators who fail to report an incident, or withhold or falsify information in their reports will face severe penalties. The new rules take effect on November 1, 2025.