Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in a manner that’s reminiscent of the Shai-Hulud attack.

The new supply chain campaign, dubbed Sha1-Hulud, has compromised hundreds of npm packages, according to reports from Aikido, HelixGuard, JFrog, Koi Security, ReversingLabs, SafeDep, Socket, Step Security, and Wiz. The trojanized npm packages were uploaded to npm between November 21 and 23, 2025. The attack has impacted popular packages from Zapier, ENS Domains, PostHog, and Postman, among others.

“The campaign introduces a new variant that executes malicious code during the preinstall phase, significantly increasing potential exposure in build and runtime environments,” Wiz researchers Hila Ramati, Merav Bar, Gal Benmocha, and Gili Tikochinski said.

Nvidia confirms October Windows updates cause gaming issues

Nvidia has confirmed that last month’s security updates are causing gaming performance issues on Windows 11 24H2 and Windows 11 25H2 systems.

To address these problems, the American technology company released the GeForce Hotfix Display Driver version 581.94.

“Lower performance may be observed in some games after updating to Windows 11 October 2025 KB5066835 [5561605],” Nvidia said in a support document published earlier this week.

Quantum computers could be powerful enough to decrypt Bitcoin sometime after 2030, CEO of Nvidia’s quantum partner says

“You should have a few good years ahead of you but I wouldn’t hold my Bitcoin,” Peronnin said, laughing. “They need to fork [move to a stronger blockchain] by 2030, basically. Quantum computers will be ready to be a threat a bit later than that,” he said.

Quantum doesn’t just threaten Bitcoin, of course, but all banking encryption. And it is likely that in all these cases companies are developing quantum resistant tools to upgrade their existing security systems.

Defensive security algorithms are improving, Peronnin said, so it’s not certain when the blockchain will become vulnerable to a quantum attack. But “the threshold for such an event is coming closer to us year by year,” he said.

Cloudflare hit by outage affecting global network services

Cloudflare is investigating an outage affecting its global network services, with users encountering “internal server error” messages when attempting to access affected websites and online platforms.

Cloudflare’s Global Network is a distributed infrastructure of servers and data centers located in over 330 cities across more than 120 countries, delivering content delivery, security, and performance optimization services.

It has 449 Tbps global network edge capacity and connects Cloudflare to over 13,000 networks, including every major ISP, cloud provider, and enterprise worldwide.

UT Eclipses 5,000 GPUs To Increase Dominance in Open-Source AI, Strengthen Nation’s Computing Power

Amid the private sector’s race to lead artificial intelligence innovation, The University of Texas at Austin has strengthened its lead in academic computing power and dominance in computing power for public, open-source AI. UT has acquired high-performance Dell PowerEdge servers and NVIDIA AI infrastructure powered by more than 4,000 NVIDIA Blackwell architecture graphic processing units (GPUs), the most powerful GPUs in production to date.

The new infrastructure is a game-changer for the University, expanding its research and development capabilities in agentic and generative AI while opening the door to more society-changing discoveries that support America’s technological dominance. The NVIDIA GB200 systems and NVIDIA Vera CPU servers will be installed as part of Horizon, the largest academic supercomputer in the nation, which goes online next year at UT’s Texas Advanced Computing Center (TACC). The National Science Foundation (NSF) is funding Horizon through its Leadership Class Computing Facility program to revolutionize U.S. computational research.

UT has the most AI computing power in academia. In total, the University has amassed more than 5,000 advanced NVIDIA GPUs across its academic and research facilities. The University has the computing power to produce open-source large language models — which power most modern AI applications — that rival any other public institution. Open-source computing is nonproprietary and serves as the backbone for publicly driven research. Unlike private sector models, it can be fine-tuned to support research in the public interest, producing discoveries that offer profound benefits to society in such areas as health care, drug development, materials and national security.

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT.

The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers masquerading as legitimate like Google Chrome and Microsoft Teams, according to Elastic Security Labs.

“The infection chain employs a multi-stage delivery mechanism that leverages various evasion techniques, with many redundancies aimed at neutralising endpoint security products popular in the Chinese market,” security researchers Jia Yu Chan and Salim Bitam said. “These include bringing a legitimately signed driver, deploying custom WDAC policies, and tampering with the Microsoft Defender binary through PPL [Protected Process Light] abuse.”

/* */