Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cybercrime world took a major hit this month with the RaccoonO365 domain takedown, a coordinated move by Microsoft’s Digital Crimes Unit (DCU) and Cloudflare. By seizing 338 malicious domains, investigators disrupted a sprawling phishing-as-a-service ( PhaaS) network that had stolen more than 5,000 Microsoft 365 credentials across 94 countries. This action signals a shift toward large-scale, proactive disruption of phishing operations that exploit everyday users and global enterprises alike.

North Korean threat actor Kimsuky has escalated its social engineering tactics by leveraging military ID deepfakes to deceive South Korean targets. According to a recent analysis by South Korean cybersecurity firm Genians, the group is now using AI-generated images to impersonate military personnel, making phishing campaigns more convincing and harder to detect.

On September 11, a message appeared on BreachForumshn that seemed to mark the end of an era.

The software supply chain has once again come under fire, with npm — the world’s largest package ecosystem — at the center of one of the most significant compromises to date. Recent findings suggest that attackers successfully hijacked a maintainer account through phishing, injecting malicious code into popular open-source packages with billions of weekly downloads.

In a world where our lives are increasingly managed through email, an unexpected security alert can be a jarring experience. Recently, misinformation spread about a supposed mass security alert from Google, creating widespread panic. While Google has confirmed these claims are false, the incident serves as a powerful reminder of a constant threat: phishing scams. These fraudulent emails mimic real security warnings to trick you into giving away your personal information.

A critical vulnerability, identified as CVE-2025-29927, has shaken the Next.js development community. Rated with a severity score of 9.1 (Critical), this flaw allows attackers to completely bypass authorization checks in middleware, potentially granting unauthorized access to sensitive data and protected routes. The issue is a powerful reminder that even a small design flaw in a popular framework can have widespread and dangerous consequences.

The recent Zscaler breach has sparked significant attention in the cybersecurity community not just because of its impact, but also because of the complexity of the attack and the multiple claims of responsibility surrounding it. Here’s a breakdown of what happened, who’s claiming involvement, and what we can learn from the incident. This was not a direct hack of Zscaler’s core systems. Instead, it was a supply chain attack that exploited a third-party integration.