NPM Linter Packages Hijacked, Microsoft's China Issue, and AI in Phishing Attacks: Cybersecurity Today:
Failed to add items
Add to Cart failed.
Add to Wish List failed.
Remove from wishlist failed.
Adding to library failed
Follow podcast failed
Unfollow podcast failed
NPM Linter Packages Hijacked, Microsoft's China Issue, and AI in Phishing Attacks: Cybersecurity Today:
-
Narrated by:
-
By:
In this episode of Cybersecurity Today, host David Shipley discusses several pressing cybersecurity issues. First, popular NPM Linter packages were hijacked via phishing to spread malware, affecting millions of downloads.
Concurrently, Ukrainian CERT uncovers new phishing campaigns tied to APT28 using large language models for command and control.
Microsoft discontinues the use of China-based engineers for US Department of Defense systems following a controversial report. Lastly, social engineering, facilitated by AI, becomes a greater threat than zero-day exploits.
The episode emphasizes the need for stronger maintainer security, multifactor authentication, and a comprehensive understanding of social engineering risks.
00:00 Introduction - 10 Million Downloads
01:30 NPM Linter Packages Hijacked
05:05 Social Engineering and AI in Cybersecurity
08:57 Microsoft's China-Based Engineers Controversy
12:15 The Real Threat: Social Engineering
16:39 Conclusion and Call to Action