Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI is unlocking new ways to work across industries. Nearly four in five CEOs are implementing or likely to implement generative AI to speed up innovation across their companies, and workers at every level are using GenAI to improve or expand their processes. Unfortunately, they aren’t the only ones embracing the power of AI. WormGPT was one of the best-known early examples of an AI that could create convincing social engineering attacks and build malware.

On Monday, September 8th, a highly regarded open source developer, ~qix, was compromised via a phishing email. ~qix is an author and maintainer behind a large number of popular npm packages and found himself caught by this attack after responding to a message from the email address of support help. This resulted in the attacker taking over his npm account and having access to publish malicious versions of packages to which Qix had privileged access.

As enterprises embrace AI, identity has become the defining security challenge. Every new database, Kubernetes cluster, SaaS app, and now every AI agent introduces yet another identity that must be governed and protected. At the same time, attackers are weaponizing AI to accelerate identity-based threats, exploiting fragmentation and credential sprawl to devastating effect.

Phishing threats remain one of the most common and effective attack methods. Research shows it contributes to over 34% of confirmed breaches. The financial impact is significant as well, with credential-related breaches averaging $4.76 million per incident. And despite years of security awareness training, nearly a third of employees still click on simulated phishing emails. Why does phishing work so well? Attackers exploit gaps in visibility, speed, and user behavior.

CIS Benchmarks provide standardized configuration best practices to reduce attack surfaces, strengthen compliance, and support secure operations across servers, endpoints, cloud, and applications. By implementing CIS-certified baselines, organizations can minimize misconfigurations, prevent drift, and improve audit readiness. Netwrix enhances this process with automated configuration monitoring, drift detection, and identity-first enforcement to sustain long-term security.

The NPM ecosystem faced another significant supply chain attack when 18 popular packages, including highly-used libraries like debug and chalk, were compromised with advanced cryptocurrency drainer malware. This attack, affecting packages with over 2 billion weekly downloads, demonstrates how cybercriminals are leveraging trusted software distribution channels to deploy advanced Web3 wallet hijacking code.