Issue #168 - September 22, 2025
- Weekly INK
- Sep 21, 2025
- 2 min read
Npm Package Hides Malware in Steganographic QR Codes
Source: Dark Reading
A malicious npm package used QR-code images to conceal malware, helping attackers slip past simple content filters. For SMBs that rely on open-source code, the takeaway is to pin versions, review dependencies, and require least-privilege tokens for build and publish workflows.
Mandiant: Chinese Espionage Tool Embedded in US Systems
Source: Data Breach Today
Mandiant says a China-linked malware (BRICKSTORM) quietly lodged itself inside U.S. infrastructure and service providers for months, exploiting appliance blind spots to persist. Businesses should harden edge devices, monitor east-west traffic, and prioritize patching for network appliances—not just servers and endpoints.
SonicWall releases SMA100 firmware update to wipe rootkit malware
Source: BleepingComputer
SonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices. "SonicWall SMA 100 10.2.2.2-92sv build has been released with additional file checking, providing the capability to remove known rootkit malware present on the SMA devices," the company said in a Monday advisory.
European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested
Source: SecurityWeek
A ransomware hit on Collins Aerospace disrupted airport check-in systems across Europe; researchers tied it to the “HardBit” strain, and a suspect was arrested. Even “basic” ransomware can cripple operations. Map critical suppliers, enforce vendor security requirements, and test manual workarounds for customer-facing processes.
Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds
Source: The Hacker News
The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with longer durations, multi-layered strategies, and a shift in target industries. Technology now overtakes gaming as the most attacked sector, while the financial services industry continues to face heightened risks.