Cyber (In)Securities – Issue 170

AI Copyright Theft, NPM Supply-Chain Attack, and Global Child Safety Laws

his edition of Cyber (In)Securities brings together the latest cybersecurity alerts, incidents, and insights from across the world. From Australia to Brazil, the United States, South Korea, and Europe, governments and businesses are confronting critical challenges in cyber defense, regulation, and digital trust.

Key highlights in this issue include:

• Industrial Control Systems Security: CISA released fourteen new ICS advisories impacting Rockwell, ABB, Schneider Electric, and Mitsubishi, underscoring the urgency of securing critical infrastructure.
• Supply-Chain Attack on NPM: The largest compromise in NPM history briefly affected 10 percent of cloud environments, but quick detection prevented major damage.
• AI and Copyright Theft: Anna Funder and Julia Powles argue that Big Tech has built AI systems on “brazen theft” of books, films, and music, warning of risks to Australia’s creative industry and democratic values.
• Global Child Safety Laws: Brazil passed a landmark bill banning loot boxes and expanding parental controls, while India, South Korea, and the UK introduced new digital safety measures.
• Ransomware and Threat Actors: KillSec and LunaLock ransomware groups launched disruptive attacks, including feeding stolen data into AI models, while Akira ransomware exploited SonicWall vulnerabilities.
• Governance and AI Security: Microsoft faces scrutiny over critical infrastructure protections, Apple introduced Memory Integrity Enforcement for iOS, and fresh debate continues over balancing privacy, accountability, and innovation.

In this edition’s CyAN Spotlight:

• An upcoming members-only webinar on AI and compliance with Matthieu Camus, Gilles Chevillon, and Christian Navelot.
• A warm welcome to new member Jean Manuel Bullukian.
• CyAN members Will Rivera, Vaishnavi J., and Caroline Humer joining global leaders at the Marketplace Risk New York Conference 2025.
• Articles from Kim Chandler McDonald and Vyanams Strategies, plus commentary from Editor’s Desk and Root Access.
• A vibrant look at What’s On Our Feed with updates from Yedhu Krishna Menon, Jean-Christophe Le Toquin, Jonathan Wood, Sapann Talwar, Matthieu Camus, Sylvain Hajri, Florian Hantke, and Gilles Chevillon.

Cyber (In)Securities 170 showcases how cyber threats, AI governance, and regulatory innovation continue to reshape the global digital landscape.

You can download this edition by clicking the three dots icon on the bottom right and selecting Download PDF File. To enlarge the view, click the fullscreen icon on the bottom right. All article titles inside the flipbook are clickable links.