🤖 Malicious AI-Generated npm Package Surfaces
Threat actors are now using AI to craft npm packages that appear legitimate but are laced with malware. This one masqueraded as a coding helper but instead functioned as a loader for a remote access trojan.
AI’s not just accelerating defense—it’s now fueling offense at scale.
🔗 https://thehackernews.com/2025/08/ai-generated-malicious-npm-package.html
🧬 New BIOS-Level Technique Bypasses Traditional Security
A technique known as SHADE BIOS manipulates early boot processes to avoid detection by EDR and AV tools. It’s subtle, low-level, and dangerous—hardware-layer obfuscation is back on the rise, and it’s far harder to detect than app-layer persistence.
This isn’t script kiddie stuff. This is nation-state–adjacent stealth tech.
🔗 https://www.darkreading.com/endpoint-security/shade-bios-technique-beats-security
🔒 Proofpoint Warns: OAuth Phishing Tactic Bypasses MFA
This isn’t your average phishing link. Attackers are now using AI-powered Adversary-in-the-Middle (AiTM) kits targeting OAuth flows to trick users into granting real permissions to malicious apps. The result? Cloud accounts hijacked without even stealing the password.
MFA is not a silver bullet. It’s a speed bump when trust is gamed through deception.
🔗 https://securityonline.info/the-oauth-phishing-trap-proofpoint-exposes-aitm-attacks-that-bypass-mfa-to-hijack-cloud-accounts/
📊 Enterprise Risk Management Practices Under Review
Security Magazine’s latest coverage explores enterprise challenges in measuring cyber risk—balancing board-level expectations with ever-shifting threat intelligence.
More organizations are trying to quantify risk, but reporting isn’t the same as readiness.
🔗 http://www.securitymagazine.com/articles/101808
🦑 Friday Squid Blogging: Fossil Confusion Edition
Always good for a brain break—this week’s post covers a misidentified squid fossil. Not threat intel per se, but… even science gets phished by false data sometimes.
🔗 https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-a-case-of-squid-fossil-misidentification.html
⚙️ Takeaways
Attackers are adapting faster, using AI not just for automation but for crafting deception. Old-school BIOS attacks are back, proving that hardware roots still matter. OAuth phishing is climbing, and it’s not phishing-as-we-know-it—it’s phishing with permissions.