Sysdig Security Briefing: September 2025

September 2025 was marked by significant cybersecurity incidents, including the compromise of hundreds of NPM packages, notably chalk, debug, and duck, due to a spear phishing attack aimed at redirecting crypto payments. Sysdig provided timely updates and tools to help its customers identify and address these vulnerabilities. Additionally, the emergence of the Shai-Hulud worm compromised approximately 200 packages, and the Fezbox package was discovered to steal credentials through browser cookies and QR codes. The Sysdig Threat Research Team also discovered ZynorRAT, an advanced malware targeting Linux and Windows systems, and published detection methods. Other notable events included new rowhammer-style attacks on DDR5 memory chips, Google and Cisco patching critical zero-day vulnerabilities, and operational disruptions caused by cyberattacks on Collins Aerospace and Jaguar Land Rover. These events underscored the need for continuous vigilance and proactive measures in an ever-evolving threat landscape.