Security Bulletin September 25

September 24, 2025

By Rodrigo Luna

NPM Compromises Expose Critical Weakness in the Software Supply Chain

In September 2025, two major NPM compromises exposed the fragility of the software supply chain—from phishing-driven credential theft to the wormable Shai-Hulud attack. This bulletin details how open-source trust was exploited and the risks for defenders.

Learn More

April 15, 2024

By Lauren Farrell

Palo Alto Networks Vulnerability: CVE-2024-3400

Learn More

April 1, 2024

By Lauren Farrell

XZ Utils Vulnerability: CVE-2024-3094

Learn More

February 21, 2024

By Lauren Farrell

ConnectWise Vulnerability: Authentication Bypass in ScreenConnect

Learn More

February 9, 2024

By Lauren Farrell

Fortinet Vulnerability: CVE-2024-21762

Learn More

February 6, 2024

By Matthew Sparrow

AnyDesk Production Systems Breach

Learn More

October 17, 2023

By Lauren Farrell

Cisco iOS XE Vulnerability: CVE-2023-20198

Learn More

June 13, 2023

By Lauren Farrell

Shielding Against the Most Recent Fortinet Vulnerability

Learn More

December 9, 2021

By Lauren Farrell

Shielding Against CVE-2021-44228 IOCs

Learn More
1 2 3 4 5