Today’s cybersecurity news highlights a diverse array of threats and challenges, from the rise of new botnet malware exploiting IoT devices to significant supply chain attacks crossing ecosystems, alongside the accelerating impact of generative AI on digital fraud. Organisations large and small, as well as public services, continue to face evolving risks that demand vigilance and adaptive security strategies.

New Botnet Malware Exploits IoT Vulnerabilities Amid AWS Outage

A newly identified Mirai-based botnet, dubbed ShadowV2, has been detected targeting IoT devices from vendors such as D-Link and TP-Link. Researchers observed the malware taking advantage of the recent AWS outage as a testing ground, exploiting known vulnerabilities to compromise devices.

This development is critical for security teams managing IoT deployments, as it underscores the persistent risk posed by unpatched or poorly secured devices. Businesses relying on these devices should prioritise vulnerability management and network segmentation to limit botnet propagation.

Supply Chain Attacks Escalate: Shai-Hulud Expands From npm to Maven

The second wave of the Shai-Hulud supply chain attack campaign has extended beyond the npm registry into the Maven ecosystem, affecting over 830 packages. The malicious payloads, including loaders and environment scripts, have been embedded in widely used open-source packages, posing a serious threat to software integrity.

This cross-ecosystem contamination highlights the growing sophistication of supply chain attacks and the importance for developers and organisations to implement rigorous dependency monitoring and verification processes. It also raises awareness of the need for enhanced security controls within package repositories.

Critical Vulnerability Fix in Popular JavaScript Cryptography Library

The ‘node-forge’ package, a widely-used JavaScript cryptography library, received a patch addressing a signature verification bypass vulnerability. This flaw could allow attackers to craft data that appears valid, potentially enabling forgery or other cryptographic abuses.

Security teams and developers utilising node-forge should promptly update to the latest version to mitigate this risk. The incident serves as a reminder of the critical need for auditing and promptly addressing vulnerabilities in cryptographic components.

Cyberattacks Disrupt London Councils’ IT Systems

Multiple London councils, including the Royal Borough of Kensington and Chelsea and Westminster City Council, have reported service disruptions due to cyberattacks. Details remain limited, but such incidents emphasize the ongoing threat to public sector IT infrastructure.

For government and municipal organisations, these attacks underline the importance of robust incident response plans, continuous monitoring, and investment in cybersecurity resilience to maintain public services.

Comcast Fined $1.5 Million Over Vendor Data Breach

Comcast agreed to pay a $1.5 million fine following an FCC investigation into a February 2024 vendor data breach that compromised the personal information of nearly 275,000 customers. The incident reflects the risks associated with third-party vendors in the supply chain.

Businesses must ensure comprehensive vendor risk management and enforce stringent security requirements for partners to prevent similar breaches and regulatory penalties.

AI’s Double-Edged Sword: Digital Fraud Surges While Dark LLMs Underperform

Advanced fraud attacks surged by 180% in 2025, fuelled by generative AI technologies producing flawless fake identities, deepfakes, and autonomous bots at unprecedented scale. However, the darker side of AI — so-called ‘dark LLMs’ utilised by petty criminals — has yet to meet expectations, aiding low-level cybercrime but falling short of more sophisticated capabilities.

Security leaders should recognise the transformative impact AI has on threat landscapes, investing in detection technologies and staff training to combat increasingly automated fraud schemes.

Prompt Injection Risks in AI-Enabled Browsers

The launch of AI-empowered browsers, such as ChatGPT’s Atlas browser, has introduced new security challenges. Prompt injection attacks, where malicious inputs manipulate AI behaviour, pose a significant risk, potentially leading to data leakage or compromised interactions.

Application security teams need to incorporate AI-specific threat modelling and adopt mitigation strategies to secure agentic AI systems against these emerging vulnerabilities.

Inside the Mind of a Hacker: Profile of ‘Rey’ from Scattered LAPSUS$ Hunters

An exclusive interview with ‘Rey,’ the technical lead of the Scattered LAPSUS$ Hunters cybercriminal group, reveals insights into the motivations and operations of one of the most prolific extortion groups this year. The group has targeted numerous major corporations with data theft and public extortion.

Understanding the human elements behind cybercrime can aid organisations in anticipating attacker tactics and improving threat intelligence.

VPN Deals Highlight Growing User Demand for Privacy

Amid rising cyber threats, NordVPN has launched a significant Black Friday discount offering 77% off VPN plans. This reflects increasing public and business interest in enhancing online security and privacy, particularly in response to growing digital risks.

While not a direct cybersecurity incident, this trend signals the importance of secure remote access and data privacy as fundamental components of modern security postures.

Key Takeaways

• The ShadowV2 botnet demonstrates ongoing risks from IoT vulnerabilities and the opportunistic nature of cyber threats during infrastructure outages.
• Supply chain attacks are increasingly cross-platform, requiring enhanced scrutiny of third-party software components.
• Critical cryptographic libraries like node-forge must be closely monitored and updated to prevent exploitation.
• Public sector organisations remain prime targets for disruptive cyberattacks, necessitating resilience investments.
• Vendor security lapses can result in significant regulatory fines and customer impact.
• Generative AI is both a tool for advanced fraud and a challenge for security teams, while dark LLMs have yet to fully realise their malicious potential.
• AI-enabled applications introduce new vulnerability classes such as prompt injections, demanding specialised defensive approaches.
• Insights into threat actor profiles can improve organisational threat understanding and response strategies.
• Increased consumer interest in VPNs highlights the growing emphasis on privacy and secure communications.

Staying informed and proactive is key as the cybersecurity landscape continues to evolve rapidly in 2025.