Daily Security Briefing 019

September 23, 2025 | Read Online

Apple’s new memory integrity, npm QR code malware, and Russia’s cyberattacks on critical industries dominate today’s cybersecurity news.

Executive Summary

Today’s cybersecurity landscape reveals significant advancements and ongoing threats. Apple introduces “Memory Integrity Enforcement” to counter memory safety exploits famously leveraged by spyware like Pegasus. Meanwhile, sophisticated supply chain attacks emerge as a malicious npm package uses steganographic QR codes to steal browser credentials. Nation-state actors, notably Russia-affiliated groups, continue to target critical infrastructure worldwide through spear-phishing and cyber operations. Additionally, the complexities of critical infrastructure protection and identity governance underscore the need for automation and multi-factor authentication. Law enforcement’s crackdown on a massive cryptocurrency fraud demonstrates persistent cybercrime risks. Together, these developments emphasize an accelerated arms race between security innovations and evolving threats.

Top Articles

Apple’s New Memory Integrity Enforcement
Apple’s iPhone 17 introduces a hardware/software feature aimed at mitigating memory safety vulnerabilities commonly exploited by spyware such as Pegasus. This mechanism enhances system security by making it more difficult for unauthorized processes to manipulate memory, reflecting a broader industry trend toward addressing these critical bugs.
SCHNEIER

NPM Package Employs Steganographic QR Code to Steal Browser Credentials
A malicious npm package named ‘fezbox’ disguises itself as a utility library while embedding a multi-tier payload hidden in QR codes to steal cookies and browser credentials. This novel steganographic technique delivers a second-stage payload and highlights increasing risks in open-source software supply chains.
CYBERPRESS | BLEEPINGCOMPUTER

Russia Employs Cyberattacks to Undermine Major Countries’ Critical Industries
Since early 2024, Russian-aligned threat actors have intensified cyber attacks targeting critical industries worldwide using spear phishing and malware distribution. Groups like SectorJ149 have focused on South Korean manufacturing and energy sectors through deceptive procurement emails, illustrating persistent geopolitical cyber threats.
CYBERPRESS

Microsoft Publishes Guide for Certificate-Based Authentication in Windows Admin Center
Microsoft released comprehensive guidance for implementing certificate-based authentication in Windows Admin Center, enhancing access security by requiring valid smart card certificates. This strengthens administrator access controls by adding a robust second authentication factor within enterprise environments.
GBHACKERS

Dark Reading Confidential: Cyber Pros Defend US Critical Infrastructure Front Lines
The latest Dark Reading Confidential episode discusses the urgent need for a coordinated plan to protect US critical infrastructure from nation-state cyberattacks. Cybersecurity professionals are increasingly responsible for defending assets across diverse organizations unprepared for international cyber conflicts.
DARKREADING

Two New Supermicro BMC Vulnerabilities Bypass Root of Trust Security
Researchers disclosed two medium-severity vulnerabilities in Supermicro Baseboard Management Controller firmware that allow attackers to bypass signature verification and load malicious firmware. These flaws threaten to undermine system integrity and highlight risks in critical server management components.
THEHACKERNEWS

Eurojust Arrests Five Suspects in €100M Cryptocurrency Investment Fraud
European law enforcement arrested five suspects involved in an elaborate investment fraud scheme stealing over €100 million from more than 100 victims across multiple countries. Raids spanned Spain, Portugal, Italy, Romania, and Bulgaria, reflecting ongoing efforts to disrupt large-scale cyber-enabled financial crime.
THEHACKERNEWS

Self-Driving IT Security: The Road Ahead
IT security automation parallels the evolution of self-driving cars as defenses increasingly rely on automated playbooks and scripts. This trend aims to improve incident response speed and accuracy, moving towards autonomous security operations capable of adapting to dynamic threats.
CHECKPOINT

Top 10 Best Penetration Testing Companies in 2025
Penetration testing firms remain critical in identifying vulnerabilities before attackers can exploit them. This list highlights companies offering specialized services across industries, providing simulated attacks that help strengthen organizational cyber defenses proactively.
GBHACKERS

Five Ways to Streamline Identity Governance with a Free Tool
The free Community Edition from tenfold enables organizations of up to 150 users to simplify onboarding, access reviews, and Microsoft 365 permission management using a no-code Identity Governance and Administration platform, making security governance more accessible and efficient.
BLEEPINGCOMPUTER

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.