SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse
8 snips
Sep 17, 2025 Discover the urgent need for phishing-resistant authentication amid rising cyber threats. Recent attacks on npm accounts showcase how dangerous phishing emails can be. Additionally, a new wave of malware is targeting npm-related GitHub repositories, spreading through worm-like behavior. Explore shocking exploits in ChatGPT's calendar integration that could compromise personal email security. Stay informed about these critical cybersecurity issues to better protect yourself online!
AI Snips
Chapters
Transcript
Episode notes
Adopt Phishing-Resistant Authentication
- Use phishing-resistant authentication such as FIDO2/passkeys instead of user-supplied credentials.
- Let the device or authenticator choose credentials so phishing sites cannot harvest them.
Start With Password Managers, Move To Passkeys
- Use password managers as a practical first step to reduce credential misentry.
- Move to passkeys/FIDO2 where possible because they technically prevent sending credentials to wrong sites.
Small Domain Tweaks Enable Big Phishing
- Attackers register lookalike domains (e.g., npm.js vs npm.js) to trick users into giving credentials.
- Small TLD changes can be visually indistinguishable and enable effective phishing campaigns.