CISA sounds the alarm on Cisco flaws.

CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. Researchers uncover the first known malicious MCP server used in a supply chain attack. The New York SIM card threat may have been overblown. Microsoft tags a new variant of the XCSSET macOS malware. An exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncover North Korea’s hybrid playbook of cybercrime and insider threats. An old Hikvision security camera vulnerability rears its ugly head. Dan Trujillo from the Air Force Research Laboratory’s Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats. DOGE delivers dysfunction, disarray, and disappointment.

Today is Friday September 26th 2025. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. 

Federal civilian agencies have until Friday evening to patch two actively exploited Cisco firewall vulnerabilities, CVE-2025-30333 and CVE-2025-20362, under a new emergency directive from the Cybersecurity and Infrastructure Security Agency (CISA). The flaws affect Cisco Adaptive Security Appliances (ASA), widely used by governments and large enterprises. CISA warned attackers can exploit the bugs with ease, chain them for greater impact, and persist through reboots and upgrades. Cisco released fixes Thursday and confirmed attacks targeting ASA 5500-X Series devices. Agencies must patch, assess for compromise, and decommission unsupported hardware. Canada and the U.K. issued parallel alerts, citing risks to critical infrastructure. Cisco linked the activity to sophisticated actors behind last year’s ArcaneDoor campaign, previously associated with state-sponsored interests.

Researchers uncover the first known malicious MCP server used in a supply chain attack. 

Researchers at Koi Security uncovered the first known malicious Model Context Protocol (MCP) server used in a supply chain attack. A Model Context Protocol (MCP) server is a component in the MCP ecosystem that acts as a bridge between AI assistants or large language models (LLMs) and external systems, tools, or data sources. In this case, the npm package postmark-mcp, once trusted by hundreds of developers, was altered by its maintainer, @phanpak, in version 1.0.16 to secretly exfiltrate emails. A single line of code added a blind carbon copy (BCC) to every processed email, sending sensitive data to an attacker-controlled domain, giftshop.club. Researchers estimate about 300 organizations were affected, with thousands of emails stolen daily, including credentials, financial records, and legal documents. The incident highlights a fundamental weakness in MCP servers: they inherit full privileges from AI assistants but lack containment or verification safeguards. Koi Security urges organizations to uninstall compromised versions and rotate exposed credentials.

The New York SIM card threat may have been overblown. 

Earlier this week the US Secret Service announced that it had dismantled a network of more than 300 SIM servers and 100,000 SIM cards near New York, describing it as an imminent threat to protective operations during the UN General Assembly. Officials warned the infrastructure could disable cell towers and support nation-state communications, citing links to swatting attacks against members of Congress. However, experts quickly cast doubt, suggesting the setup was instead a large SIM farm used for VoIP scams and SMS fraud, a common criminal scheme worldwide. Commentators noted the described equipment was unlikely to disrupt regional cellular networks. By day’s end, the narrative shifted from nation-state sabotage to overblown claims about an ordinary telecom fraud operation.

Microsoft tags a new variant of the XCSSET macOS malware. 

Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware active in limited attacks. XCSSET, which spreads by infecting Xcode projects, now includes enhanced browser targeting, updated clipboard hijacking to steal cryptocurrency, and new persistence methods such as LaunchDaemon entries and a fake System Settings app. The malware can exfiltrate Notes, crypto wallets, and browser data, redirecting funds to attacker-controlled addresses. Microsoft has notified Apple and GitHub, urging developers to scrutinize shared Xcode projects carefully.

Elsewhere, Microsoft said it has stopped providing certain cloud and AI services to a division of Israel’s Ministry of Defense after finding evidence supporting reports that Unit 8200 used Microsoft technology to track Palestinians’ phone calls. The move follows employee protests over Israel’s use of Microsoft software during its Gaza invasion. President Brad Smith confirmed the suspension involved Azure storage in the Netherlands and AI services. The Guardian reported Israel may shift the surveillance system to Amazon Web Services.

An exposed auto insurance claims database puts PII at risk. 

Security researcher Jeremiah Fowler discovered an unprotected database containing 5.1 million files, totaling 10 terabytes, linked to Illinois-based ClaimPix, a platform used for managing auto insurance claims nationwide. The exposed data included vehicle registrations, repair invoices, images of damaged cars with visible VINs, and nearly 16,000 signed powers of attorney granting legal authority over vehicles. Sensitive personal information such as names, addresses, phone numbers, and emails was also visible, alongside internal business documents. Fowler reported the issue, and access was restricted soon after. It remains unclear how long the data was exposed or if it was accessed by others. Experts warn the leak could enable identity theft, insurance fraud, or VIN cloning. ClaimPix confirmed the findings and said it updated policies and code to remediate the flaw.

Amazon will pay $2.5 billion to settle dark pattern allegations. 

Amazon has agreed to pay $2.5 billion to settle Federal Trade Commission claims that it used deceptive “dark patterns” to push millions into unwanted Prime subscriptions and obstruct cancellations. The deal includes a $1 billion civil penalty and $1.5 billion in refunds for 35 million consumers. The FTC said Amazon knowingly designed manipulative enrollment flows and a cancellation system, codenamed “Iliad,” to deter users. The settlement follows the FTC’s 2023 lawsuit alleging Prime subscription traps violated federal consumer protection laws.

Researchers uncover North Korea’s hybrid playbook of cybercrime and insider threats.

Researchers at ESET have detailed links between DeceptiveDevelopment, a North Korea-aligned cybercrime group, and WageMole, a cluster of North Korean IT workers. DeceptiveDevelopment targets software developers, especially in cryptocurrency and Web3, using fake recruiter profiles and social engineering schemes such as trojanized coding challenges and the ClickFix technique. Its malware arsenal includes BeaverTail, InvisibleFerret, WeaselStore, and the complex TsunamiKit toolkit, along with links to Lazarus Group malware like Tropidoor and AkdoorTea. WageMole operators exploit stolen identities and AI-driven tools to pose as remote job seekers, sometimes using proxy interviews or manipulated video to secure roles abroad. Their earnings and access provide both financial resources and insider footholds for North Korea. Together, these groups illustrate a hybrid model that blends financial crime, espionage, and insider risk.

An old Hikvision security camera vulnerability rears its ugly head. 

SANS researchers report a sharp increase in exploitation attempts targeting CVE-2017-7921, an eight year old critical authentication bypass flaw in Hikvision security cameras with a CVSS score of 10. Attackers send crafted HTTP requests, often using weak credentials like “admin:11,” to gain access. Once compromised, cameras can be locked against legitimate users, have configurations altered, and be leveraged for lateral movement. Stolen configuration files use weak encryption and can be decrypted to harvest credentials. A wide range of Hikvision models remain vulnerable, with hundreds of thousands still exposed online. The risk is compounded by rebranding practices, where Hikvision hardware is sold under other names. SANS urges organizations to patch immediately, enforce strong passwords, and restrict management interface access to trusted networks.

DOGE delivers dysfunction, disarray, and disappointment. 

Wired asked federal workers for the inside story of DOGE, The Department of Government Efficiency, which stormed into federal agencies with all the grace of a toddler with a chainsaw. Ostensibly created to “modernize” government, it quickly became a Musk-fueled circus of Silicon Valley interns asking seasoned civil servants why AI couldn’t just do their jobs. Emails that looked like phishing (but weren’t, probably) flooded inboxes, capped off by the infamous “Fork in the Road” memo, which read like a parody of Musk’s Twitter ultimatum. Meanwhile, 300,000 workers took DOGE’s “incentives” to quit, and those who stayed faced chaos: surveillance projects, gutted offices, and managers suggesting “gratitude” exercises as childcare collapsed. The promised efficiency never materialized, but the damage did—leaving behind fewer staff, more distrust, and a lingering question: was this modernization, or just government by meme stock?

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s senior producer is Alice Carruth. Our producer is Liz Stokes. We’re mixed by Elliott Peltzman and Tré Hester, with original music by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.