Member-only story
Cyber Briefing: 2025–06–16
👉 What’s happening in cybersecurity today?
PyPI malware steals AWS and CI/CD credentials, DNS TXT records used to hide images, IBM backup flaw allows elevated access. VirtualMacOSX data leaked, WestJet and Washington Post hit by cyberattacks. Denmark drops Microsoft for open source, Arsen unveils AI vishing sim, and Kali Linux 2025.2 debuts new tools and car hacking features.
Listen to our podcast here ⏬
https://open.spotify.com/episode/7JGcG9ee8rD7ct348dcb50?si=hB3Jp7L2RqaAF27vm4wboA
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please subscribe
1. PyPI Malware Steals AWS, CI/CD, macOS Data
Cybersecurity researchers have uncovered a new malicious package on PyPI, chimera-sandbox-extensions, designed to steal sensitive developer credentials and data from corporate and macOS systems. This sophisticated, multi-stage malware highlights a growing trend of advanced threats within the open-source software supply chain.
