Introducing Sophos Intelix for Microsoft Security Copilot

Blog

Byadmblake December 5, 2025

Elevating threat intelligence for all Security Copilot users.

Blog

npm Supply Chain Attack

What is the Attack? On September 8, 2025, attackers phished the npm maintainer “qix” and stole their two-factor authentication (2FA) credentials. With that access, they published malicious versions of some very popular npm packages (including debug, chalk, and ansi-styles). The impact is considered high risk for applications that serve frontend JavaScript, especially those handling payments,…

Read More npm Supply Chain Attack
Blog

Serbian Police Hack Protester’s Phone With Cellebrite Exploit Chain

Amnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development.

Read More Serbian Police Hack Protester’s Phone With Cellebrite Exploit Chain
Blog

Vibe Coding Changed the Development Process

AI tools shook up development. Now, product security must change too.

Read More Vibe Coding Changed the Development Process
Blog

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below – CVE-2025-27610 (CVSS score: 7.5) – A path…

Read More Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Blog

Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Cybersecurity researchers are warning of a “significant spike” in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, with over 780 unique IP addresses participating in the effort. As many as 56 unique IP addresses have been detected over the past 24…

Read More Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager
Blog

Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors

The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul. The activity, which took place between July and December 2024, singled out organizations in the mass media, telecommunications, construction, government entities, and energy sectors, Kaspersky said in a new report published Thursday. Paper Werewolf, also…

Read More Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors

Related