Cyber Briefing: 2025.07.15

XORIndex malware targets npm, NCSC urges Windows 11 upgrade, FBI seizes piracy sites, Louis Vuitton breach hits 3 nations, Elmo X hacked, GMX crypto funds returned after bounty.

Jul 15, 2025

👉 What's the latest in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. XORIndex Malware DPRK npm Attack

North Korean threat actors have escalated their "Contagious Interview" campaign by deploying 67 new malicious npm packages, totaling over 17,000 downloads, that distribute a new malware loader called XORIndex. This ongoing attack highlights persistent efforts to compromise the open-source ecosystem through software supply chain attacks, with the malware ultimately deploying data-stealing and backdoor capabilities.

2. NCC Urges Windows 11 Upgrade Cyber Defenses

The National Cyber Security Centre (NCSC) has released updated security configuration packs for Microsoft Windows to simplify the deployment of robust baseline defenses. This update also serves as a critical warning for organizations to immediately transition to Windows 11 due to the impending end-of-life for Windows 10 in October 2025, which will leave systems vulnerable to severe cyber threats.

3. FBI Seizes Multiple Game Piracy Sites

The FBI, in collaboration with the Dutch FIOD, has seized several prominent piracy sites, including ps4pkg.com, which were distributing pirated Nintendo Switch and PlayStation 4 games, effectively dismantling their infrastructure. These sites had amassed 3.2 million downloads in a few months, resulting in an estimated $170 million in losses for the gaming industry.

For more alerts, click here!

Check Jobs

💥 Cyber Incidents

4. Louis Vuitton Data Breach Global Impact

Louis Vuitton is notifying customers in the UK, South Korea, and Turkey, and potentially other countries, about a data breach discovered on July 2nd, 2025, which exposed names and contact details but no financial information. The company has no evidence of data misuse but warns of potential phishing attempts, marking the third LVMH system breach in three months.

5. Elmo Impersonator Posts Antisemitic X Content

A hacker gained control of Elmo's X account, posting racist and antisemitic content, which Sesame Workshop is working to remove. This incident follows a broader trend of increased hate speech on X and a surge in antisemitic incidents in the U.S.

6. PET Imaging Phishing Attack Hits

Integrated Oncology Network, a PET imaging provider, recently experienced a phishing attack in December that compromised patient data, including sensitive financial and health information. This breach, affecting nearly 114,000 individuals across multiple states, has led to a class-action lawsuit investigation against the company.

For more incidents, click here!

Click to Read

📢 Cyber News

7. Sinaloa cartel hired cybersnoop for FBI kills

A 2018 FBI investigation uncovered that the Sinaloa drug cartel hired a cybercriminal who exploited mobile devices and Mexico City's surveillance systems to track, intimidate, and kill FBI informants. This revelation is part of a broader audit highlighting the FBI's ongoing struggles with "Ubiquitous Technical Surveillance" threats and their "disjointed and inconsistent" response to such vulnerabilities in their operations.

8. UK launches vulnerability research program

The UK's National Cyber Security Centre (NCSC) has launched a new Vulnerability Research Initiative (VRI) to work more closely with external cybersecurity experts. This program aims to accelerate the discovery and sharing of critical insights into software and hardware vulnerabilities, bolstering the UK's defense against cyber threats.

9. Hacker returns GMX crypto for bounty

A hacker returned $42 million in cryptocurrency stolen from the decentralized exchange GMX in exchange for a $5 million bounty. This agreement followed GMX's public assurance not to pursue legal action if the funds were recovered.

For more news, click here!

Check Events

📈Cyber Stocks

On Tuesday, July 15, 2025, cybersecurity stocks posted mixed results as investors responded to evolving tariff policies, analyst commentary, and shifting earnings expectations

Fortinet (FTNT) surged 3.96% to $102.97, following a Barclays upgrade that emphasized strong Unified SASE growth, AI integration, and rising enterprise security demand.
CrowdStrike (CRWD) declined 0.47% to $476.18, following a modest pullback in high-growth tech stocks and tempered analyst sentiment after its recent rally.
Okta (OKTA) rose 0.43% to $91.97, supported by continued optimism around the software sector’s tariff resilience and improved free cash flow expectations due to updated R&D expensing rules.
Radware (RDWR) dipped 0.53% to $28.14, as investors remained cautious ahead of its Q2 earnings release amid increased market volatility.
Palo Alto Networks (PANW) gained 1.80% to $190.72, driven by renewed investor confidence in its federal cybersecurity positioning and expanding strategic partnerships.

💡 Cyber Tip

Don’t Delay Windows 11 Migration

The UK's National Cyber Security Centre (NCSC) is urging organizations to upgrade to Windows 11 ahead of Windows 10’s end-of-life in October 2025. Once support ends, Windows 10 systems will no longer receive security updates, leaving them exposed to serious threats such as ransomware and advanced persistent attacks. The NCSC has also released updated configuration packs to simplify baseline security deployments on Windows systems and help IT teams build stronger defenses with minimal disruption.

✅ What you should do:

Plan and execute a migration to Windows 11 well before October 14, 2025.
Evaluate hardware readiness for Windows 11, including TPM 2.0, UEFI, and Secure Boot support.
Use NCSC’s new configuration packs to streamline baseline security setup across devices.
Decommission Windows 10 systems that cannot meet Windows 11 requirements or isolate them from core networks.
Train IT staff to leverage Windows 11's advanced security features like Credential Guard, BitLocker, and Virtualization-Based Security.

🔒 Why this matters:

Running outdated operating systems creates major security gaps. Upgrading to Windows 11 ensures access to Microsoft’s latest protections and hardware-based defenses. Acting early helps reduce exposure to known and emerging threats as attackers increasingly target unsupported platforms.