July 15, 2025 – Cyber Briefing

👉 What’s happening in cybersecurity today?

XORIndex malware spreads via npm packages in DPRK supply chain attack, NCSC urges urgent Windows 11 migration before 2025 EOL, and FBI seizes game piracy sites after $170M in losses. Louis Vuitton breach affects global customers, PET imaging phishing attack leaks 114K records, and Sinaloa cartel hacker exploited surveillance tech to target FBI informants. UK launches vulnerability research program, GMX hacker returns $42M for $5M bounty, and Elmo’s X account hijacked for antisemitic posts.

First time seeing this? Join us on Substack!

🚨 Cyber Alerts

1. XORIndex Malware DPRK npm Attack

North Korean threat actors have escalated their “Contagious Interview” campaign by deploying 67 new malicious npm packages, totaling over 17,000 downloads, that distribute a new malware loader called XORIndex. This ongoing attack highlights persistent efforts to compromise the open-source ecosystem through software supply chain attacks, with the malware ultimately deploying data-stealing and backdoor capabilities.

2. NCC Urges Windows 11 Upgrade Cyber Defenses

The National Cyber Security Centre (NCSC) has released updated security configuration packs for Microsoft Windows to simplify the deployment of robust baseline defenses. This update also serves as a critical warning for organizations to immediately transition to Windows 11 due to the impending end-of-life for Windows 10 in October 2025, which will leave systems vulnerable to severe cyber threats.

3. FBI Seizes Multiple Game Piracy Sites

The FBI, in collaboration with the Dutch FIOD, has seized several prominent piracy sites, including ps4pkg.com, which were distributing pirated Nintendo Switch and PlayStation 4 games, effectively dismantling their infrastructure. These sites had amassed 3.2 million downloads in a few months, resulting in an estimated $170 million in losses for the gaming industry.

💥 Cyber Incidents

4. Louis Vuitton Data Breach Global Impact

Louis Vuitton is notifying customers in the UK, South Korea, and Turkey, and potentially other countries, about a data breach discovered on July 2nd, 2025, which exposed names and contact details but no financial information. The company has no evidence of data misuse but warns of potential phishing attempts, marking the third LVMH system breach in three months.

5. Elmo Impersonator Posts Antisemitic X Content

A hacker gained control of Elmo’s X account, posting racist and antisemitic content, which Sesame Workshop is working to remove. This incident follows a broader trend of increased hate speech on X and a surge in antisemitic incidents in the U.S.

6. PET Imaging Phishing Attack Hits

Integrated Oncology Network, a PET imaging provider, recently experienced a phishing attack in December that compromised patient data, including sensitive financial and health information. This breach, affecting nearly 114,000 individuals across multiple states, has led to a class-action lawsuit investigation against the company.

📢 Cyber News

7. Sinaloa cartel hired cybersnoop for FBI kills

A 2018 FBI investigation uncovered that the Sinaloa drug cartel hired a cybercriminal who exploited mobile devices and Mexico City’s surveillance systems to track, intimidate, and kill FBI informants. This revelation is part of a broader audit highlighting the FBI’s ongoing struggles with “Ubiquitous Technical Surveillance” threats and their “disjointed and inconsistent” response to such vulnerabilities in their operations.

8. UK launches vulnerability research program

The UK’s National Cyber Security Centre (NCSC) has launched a new Vulnerability Research Initiative (VRI) to work more closely with external cybersecurity experts. This program aims to accelerate the discovery and sharing of critical insights into software and hardware vulnerabilities, bolstering the UK’s defense against cyber threats.

9. Hacker returns GMX crypto for bounty

A hacker returned $42 million in cryptocurrency stolen from the decentralized exchange GMX in exchange for a $5 million bounty. This agreement followed GMX’s public assurance not to pursue legal action if the funds were recovered.

For more news click here

Get Shield 360

💡 Cyber Tip

Don’t Delay Windows 11 Migration

The UK’s National Cyber Security Centre (NCSC) is urging organizations to upgrade to Windows 11 ahead of Windows 10’s end-of-life in October 2025. Once support ends, Windows 10 systems will no longer receive security updates, leaving them exposed to serious threats such as ransomware and advanced persistent attacks. The NCSC has also released updated configuration packs to simplify baseline security deployments on Windows systems and help IT teams build stronger defenses with minimal disruption.

✅ What you should do:

• Plan and execute a migration to Windows 11 well before October 14, 2025.
• Evaluate hardware readiness for Windows 11, including TPM 2.0, UEFI, and Secure Boot support.
• Use NCSC’s new configuration packs to streamline baseline security setup across devices.
• Decommission Windows 10 systems that cannot meet Windows 11 requirements or isolate them from core networks.
• Train IT staff to leverage Windows 11’s advanced security features like Credential Guard, BitLocker, and Virtualization-Based Security.

🔒 Why this matters:

Running outdated operating systems creates major security gaps. Upgrading to Windows 11 ensures access to Microsoft’s latest protections and hardware-based defenses. Acting early helps reduce exposure to known and emerging threats as attackers increasingly target unsupported platforms.

📚 Cyber Book

Secret Key Cryptography: Ciphers, from simple to unbreakable by Frank Rubin

Get Book ➤ https://amzn.to/3KrXC2M

Click to See Events

That concludes today’s briefing. You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.