Datadog threat roundup: Top insights for Q3 2025

Datadog's Q3 2025 threat roundup highlights a surge in developer supply-chain compromises and malicious tooling: phishing and typosquatting campaigns led to compromised npm maintainers and widespread malicious package pushes (S1ngularity, Shai-Hulud worm), malicious/typosquatted VS Code extensions deployed Windows payloads and remote access tools, and attackers increasingly weaponized AI (LLMs and AI CLIs) to generate malicious commands and automate data theft; the report also emphasizes long-lived cloud credentials as a recurring initial access vector and growing fraud operations posing insider-like risks.