The Good, the Bad and the Ugly in Cybersecurity – Week 18

Authorities disclosed multiple high-impact incidents: U.S. extradition of an alleged MSS-linked hacker from Italy for a coordinated espionage campaign (Silk Typhoon) that exploited Microsoft Exchange zero-days and web shells to steal COVID-19 research; European takedowns of large cryptocurrency fraud networks and prosecutions related to massive theft and laundering; an FTC report on a $2.1B surge in social-media scams; and a supply-chain campaign ("Mini Shai-Hulud") that poisoned SAP-related npm packages to deploy credential-stealing malware that harvests developer, GitHub, npm and cloud secrets and exfiltrates via abused GitHub repositories.