ChillyHell Malware Resurfaces with Stealth Tactics on macOS
A once-dormant macOS backdoor, known as ChillyHell, is showing signs of renewed activity. First linked to threat actor UNC4487 and discovered in 2023 by Mandiant, the malware was recently detected again by Jamf Threat Labs. A new Intel-based sample appeared on VirusTotal in May 2025 with a rare “zero” detection score, raising alarms about its ability to bypass traditional defenses.
Wealthsimple Data Breach Exposes Limited Customer Information
Wealthsimple has confirmed a data breach that exposed sensitive customer details, including contact information, government-issued IDs, account numbers, IP addresses, Social Insurance Numbers, and dates of birth. The incident impacted fewer than one percent of the company’s three million clients.
China-Linked Hackers Tied to Years-Old Domain Infrastructure
Threat hunters have uncovered 45 domains linked to China-backed groups Salt Typhoon and UNC4841, some dating as far back as May 2020.
Bridgestone Investigates Cyberattack Affecting North American Manufacturing
Bridgestone, the world’s largest tire manufacturer, confirmed it is investigating a cyberattack that has disrupted operations at some of its North American facilities. The company reported that its rapid response helped contain the incident early, preventing customer data theft or deep network infiltration. Initial reports identified disruptions at Bridgestone Americas (BSA) facilities in Aiken County, South Carolina, and Joliette, Quebec, sparking concerns about potential supply chain impacts.
Popular JavaScript Packages Briefly Compromised in Cryptocurrency Phishing Attack
At least 18 widely-used JavaScript code packages, collectively downloaded over two billion times per week, were briefly compromised after a developer was phished. The phishing email tricked the maintainer into submitting a one-time two-factor authentication token on a fake NPM login page, giving attackers access to his account. The malicious code was narrowly focused on intercepting cryptocurrency transactions, redirecting funds to attacker-controlled wallets without visible signs to users. Security experts warn that a similar attack with a more harmful payload could easily trigger a large-scale malware outbreak.
Major Tech Firms Exposed in Salesforce Data Breach via Salesloft Drift
Hackers have exploited a vulnerability in the Salesloft Drift application to steal OAuth tokens and access Salesforce data, leading to the exposure of sensitive customer information across several major companies.
Cloudflare Neutralizes Record-Breaking 11.5 Tbps DDoS Attack
Cloudflare has successfully defended against the largest distributed denial-of-service (DDoS) attack ever recorded, a 35-second flood that peaked at 11.5 terabits per second.
AI Tools Fueling a New Wave of Cybercrime
A new report from AI startup Anthropic warns that cybercriminals are weaponizing AI assistants in increasingly sophisticated ways. In one case, attackers used Anthropic’s own coding tool, Claude Code, to carry out nearly every stage of a large-scale data extortion campaign targeting at least 17 organizations across multiple industries.
