Shai-hulud: The Hidden Costs of Supply Chain Attacks Source: Dark Reading A new breed of self propagating supply chain malware in open source ecosystems can rapidly alter thousands of software packages and create downstream damage well beyond the initial victim. The article explains how these campaigns spread, why detection is difficult, and what organizations must do to reduce software dependency risk. Link to article CISA warns of SmarterMail RCE flaw used in ransomware attacks Source:...

Harvard, UPenn Data Leaked in ShinyHunters Shakedown Source: Data Breach Today Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors’. Cyber extortion group ShinyHunters claimed responsibility Wednesday for late 2025 attacks against Harvard University and the University of Pennsylvania, publishing on a darkweb leak site what they claimed were more than 2 million records stolen from the two Ivy League schools. Link to article Russia’s APT28 Rapidly Weaponizes Newly...

Social Engineering Hackers Target Okta Single Sign On Source: Data Breach Today Single sign-on customers of identity provider Okta should be on alert against attackers seeking to gain access to their corporate network, steal data and hold it to ransom, security experts warn. A surge in social engineering attacks has targeted users of Okta's SSO tools, leading the company to directly warn customers last week about this campaign. Link to article Chrome, Edge Extensions Caught Stealing ChatGPT...