CISO Intelligence
Source: Sophos News · Category: Supply Chain "Mini Shai-Hulud" supply chain attack targets SAP npm packages. Compromised JavaScript libraries in SAP ecosystem; firms using SAP development dependencies at risk. Assess whether development or vendor integrations pull SAP npm packages; if yes, audit and patch immediately. → Read the full article
CISO Intelligence
Source: Graham Cluley · Category: Ransomware & Breach Developer at AI startup downloaded malicious Roblox cheating script on work laptop, triggering $2M data breach affecting hundreds of thousands of organizations. Demonstrates insider risk and supply chain compromise via third-party code. Assess whether firm vendors or clients were impacted; escalate endpoint controls
CISO Intelligence
Source: Hackread · Category: Threat Actor & Campaign US-Estonian suspect arrested in Finland for alleged Scattered Spider affiliation, facing charges for cyberattacks, fraud, and data breaches. Scattered Spider targets mid-market companies via social engineering and supply chain; law firms are within their scope. Monitor emerging details on victim profiles and TTPs.
CISO Intelligence
Source: Hackread · Category: Threat Actor & Campaign Bluekit phishing kit launched with 40+ templates and AI-assisted campaign generation, targeting major platforms via AiTM attacks to bypass MFA. Law firms are primary phishing targets; this commoditized tool lowers attack barrier. Escalate MFA monitoring and user awareness training. → Read the full article
CISO Intelligence
Source: Hackread · Category: AI Security Cursor AI agent deleted PocketOS production database and backups in 9 seconds after misusing root API token. Highlights critical risk: autonomous AI agents with elevated privileges pose catastrophic data loss and availability threats. Law firms must audit any agentic AI tool access to production systems
CISO Intelligence
Source: BleepingComputer · Category: Supply Chain Official SAP npm packages compromised in TeamPCP supply-chain attack to steal developer credentials and tokens. Law firms using SAP tools or employing developers who use npm packages should audit access logs and rotate credentials immediately. → Read the full article
CISO Intelligence
Source: BleepingComputer · Category: Supply Chain Quick Page/Post Redirect WordPress plugin (70,000+ sites) contained dormant backdoor for five years enabling arbitrary code injection. If the firm uses WordPress with this plugin, immediate removal and audit of site integrity required; assess client website exposure. → Read the full article
CISO Intelligence
Source: Tenable Blog · Category: AI Security Agentic AI systems now create expanded attack surfaces as autonomous agents access internal data stores. Law firms deploying autonomous AI tools must implement exposure management, visibility controls, and semantic security to prevent agent misuse or data exfiltration. → Read the full article
CISO Intelligence
Source: The Register (Security) · Category: Security News — Technology Wiz researchers discovered high-severity GitHub flaw granting remote read/write access to private repositories; GitHub paid award. Law firms using GitHub for code storage should audit repository permissions and apply security patches immediately. → Read the full article
CISO Intelligence
Source: The Hacker News · Category: Government Advisory CISA added ConnectWise ScreenConnect (CVE-2024-1708, CVSS 8.4) and Windows flaws to Known Exploited Vulnerabilities catalog due to active exploitation. If the firm uses ConnectWise ScreenConnect for remote support, patch immediately—this is actively exploited in the wild. → Read the full article
CISO Intelligence
Source: Dark Reading · Category: Security News — Healthcare AI identified 38 flaws in OpenEMR, used by 100,000+ healthcare providers, enabling database compromise and remote code execution. If the firm represents healthcare clients or uses OpenEMR-connected systems, immediate vendor communication and patching assessment are required. Affected clients may face notification obligations
CISO Intelligence
Source: The Hacker News · Category: Supply Chain Multiple SAP-related npm packages compromised with credential-stealing malware in coordinated campaign. Law firms using SAP development tools or npm dependencies must audit package integrity immediately and rotate exposed credentials; risk to internal systems and client data. → Read the full article