Good Morning Security Gang!
Happy Thursday, August 28th, 2025, and welcome back to the CyberHub Podcast. I’ve got my double espresso here—it’s a little too hot and burned my tongue this morning—but that’s not stopping us from diving into one of the biggest AI-driven cyber news cycles yet.
Today we’re unpacking the first AI-weaponized supply chain attack, hackers leveraging Claude AI as a full-on attacker, Sweden dealing with a massive IT outage affecting 200 municipalities, China-Russia joint cyber campaigns, Microsoft’s warning on cloud ransomware, and more. Buckle in, this one’s loaded.
🤖 S1ngularity – The First AI-Weaponized Supply Chain Attack
Researchers uncovered S1ngularity, the first known supply chain attack to weaponize AI developer assistants. Attackers stole an NX NPM token and pushed malicious versions of NX packages, compromising thousands of repositories. The payload systematically searched systems for sensitive files, SSH keys, GitHub tokens, and even crypto wallets.
Between 6:32 PM and 8:37 PM EDT on August 26, eight malicious Nx iterations were published. They were removed at 10:44 PM and all the NPM tokens with permissions for publishing were revoked at 11:57 PM.
Nx versions 21.5.0, 20.9.0, 21.6.0, 20.10.0, 21.7.0, 20.11.0, 21.8.0, and 20.12.0 were packed with a post-install script that executed a malicious telemetry.js file on Linux and macOS systems, cybersecurity firm Wiz notes.
The twist: adversaries embedded prompts designed to leverage Claude and Gemini AI assistants for reconnaissance and data exfiltration. This shows how adversaries are already tricking AI into becoming their accomplices in supply chain compromises.
⚡ Claude AI Deployed as an Autonomous Hacker
Anthropic’s August threat report revealed a campaign where attackers abused Claude’s coding agent to run an AI-driven extortion operation against 17 organizations in healthcare, government, and emergency services. Dubbed “Vibe Hacking,” this wasn’t ransomware—it was AI-powered reconnaissance, credential harvesting, ransom calculation, and even the design of tailored extortion messages. The attacker walked away with $500,000. This marks a fundamental shift: AI is no longer just a co-pilot—it can now execute entire campaigns with minimal human input.
"Never in my life, if you would have sat down to talk to me five years ago and said, James, one day you'd be able to red team using AI. No way. Today, totally doable. Totally doable. And I didn't have AI do anything malicious. It was just proper prompting and then organizing that data and putting it all together. It's simple." James Azar
🎣 AI Supercharged Social Engineering – ScreenConnect Phishing
Researchers found a new campaign using phishing to deploy ConnectWise ScreenConnect, giving attackers remote control of victim systems. More than 900 enterprises were targeted. The sophistication here wasn’t in the payload, but in the AI-driven phishing setup—professional conversations, fake NDAs, and flawless execution.
As I said: “If you’re still training users to look for spelling mistakes, you’ve already lost.”
🇸🇪 Sweden Hit – 200 Municipalities Offline
Swedish software provider MiljoData, serving 80% of Sweden’s municipalities, was hit in a ransomware attack, knocking more than 200 regions offline. Attackers demanded 1.5 BTC not to leak sensitive HR and government data. Regional authorities confirmed possible leaks affecting citizens across multiple provinces. This is critical infrastructure disruption at scale—citizen services, payroll, and local systems all down at once.
🌍 Shadow Silk – China-Russia Espionage Campaign
Group-IB uncovered Shadow Silk, a bilingual cyber crew blending Russian developers and Chinese operators, targeting government and energy entities across Central Asia and APAC. Their campaigns leveraged WordPress/Drupal exploits and tools like Metasploit, FOFA, and Cobalt Strike. This is another reminder that China and Russia collaborate deeply in cyber espionage, despite often being treated separately by analysts.
🇨🇳 Chinese Tech Companies Blamed for Salt Typhoon
Spy agencies from 13 allied countries named three Chinese firms as enablers of the Salt Typhoon campaign that hit U.S. presidential candidates and global telecoms. Vulnerabilities in Palo Alto VPNs and other systems were exploited to intercept high-level political communications. This attribution is a major step in holding commercial entities accountable for state-linked espionage.
☁ Microsoft: Ransomware Now Targeting Cloud Admins
Microsoft warned that Storm-0501 is shifting tactics from traditional ransomware to cloud-based extortion. By compromising Azure and Entra ID tenants, attackers reset MFA, escalated to global admin, and encrypted cloud data using customer-managed keys, wiping backups and recovery points. This shows ransomware groups don’t even need local payloads anymore—cloud abuse is the new frontier.
Storm 0501 has deployed Sabbath ransomware attacks globally and joined various ransomware-as-a-service platforms including Hive, Black Hat, Hunters International, Lockbit, and most recently, Embargo. The cloud-based attacks use stolen directory synchronization accounts to enumerate users and Azure resources with tools like Azure Hound. They discovered global admin accounts that lacked multi-factor authentication, allowing password resets and complete admin control. With these privileges, they establish persistence through malicious federated domains, enabling them to impersonate almost any user and bypass MFA. They abuse Microsoft's "authorization elevate access" action to assign themselves owner roles, effectively taking over entire Azure environments. After stealing data and destroying backups or encrypting cloud data with new keys, they move to extortion using Teams through compromised accounts to deliver ransom demands.
📞 FreePBX Zero-Day in the Wild
A zero-day in Sangoma FreePBX admin panel is being exploited. This VoIP/telecom platform is heavily used in call centers and MSPs. If you’re running it exposed to the internet, patch now or you’re already compromised.
🇷🇺 U.S. Sanctions Russia & China for North Korea IT Scam
OFAC sanctioned a Russian national and two Chinese companies for supporting North Korea’s IT worker infiltration scheme—a program where disguised IT freelancers funnel wages and access back to Pyongyang’s cyber and WMD programs.
💼 CrowdStrike Acquires Onum
CrowdStrike announced its acquisition of Spanish startup Onum, which specializes in real-time telemetry pipelines for SIEM. Valued at $290M, this adds next-gen log processing capabilities to Falcon’s growing ecosystem.
🧠 James Azar’s CISO Take
What we're witnessing today isn't just an evolution in cybercrime - it's a complete transformation of the threat landscape where artificial intelligence has become the primary weapon of choice for sophisticated adversaries. The discovery of the first AI-weaponized supply chain attack through the NX platform, combined with cybercriminals using Claude AI as an autonomous attack coordinator, represents a fundamental shift that every security practitioner needs to understand immediately.
We're no longer dealing with AI as a support tool for criminals; we're facing AI as the criminal itself, capable of running multi-stage campaigns with minimal human intervention. The fact that these attacks succeeded in stealing over 2,300 secrets and generating half a million dollars in ransom payments shows this isn't theoretical anymore - it's operational reality.
The defense implications are staggering because ninety percent of the tools we need to create resiliency against these attacks already exist in our current security stacks. The problem isn't capability - it's implementation and integration. Whether you're running Microsoft's suite with multiple email protection products or deploying SASE environments with domain spoofing detection, the key is maximizing the value of everything within your ecosystem rather than buying new solutions.
From my experience moderating Hacker News webinars over the past six to seven months, I've seen security partners develop AI-powered detection capabilities that are just sitting there waiting to be activated. The challenge for CISOs today isn't acquiring new technology - it's ensuring our teams understand how to orchestrate these existing tools into comprehensive defense-in-depth strategies that can counter AI-driven attacks at perimeter, email, user behavior, and cloud levels simultaneously.
✅ Action Items
🤖 Audit developer pipelines for AI weaponization risks; enforce MFA on NPM/GitHub tokens.
🔐 Rotate Salesforce, AWS, and Snowflake credentials tied to third-party apps.
📡 Harden Azure/Entra ID tenants; monitor for suspicious admin role escalations.
🛡 Patch FreePBX zero-day immediately.
🌐 Monitor AI-driven phishing and ScreenConnect usage in enterprise environments.
🇨🇳 Track Chinese vendor involvement in state-backed espionage campaigns.
🚌 Build continuity plans for municipal and citizen-facing systems.
That's our show today, security gang. We'll be back Monday at 9 AM Eastern live with all the latest and greatest. Tomorrow we'll be releasing our weekly summary exclusively at cyberhubpodcast.com and the Cyber Hub Podcast LinkedIn page.
Thank you all for tuning in. Have a great weekend, and Monday we'll still have a show despite Labor Day.
Most importantly, y'all stay cyber safe.
Share this post