PhantomRaven, Supply Chain Bombs, and the $35 Million Insider Threat

Show Notes

 We dive into two major software supply chain campaigns, including the "PhantomRaven" operation, which delivered infostealers via 136 malicious NPM packages downloaded 100,000 times. Then, we look at why vetting dependencies is no longer enough and examine the shocking case of a US defense contractor executive who sold $35 million in cyber trade secrets to a Russian exploit broker.

Transcript

Welcome back to Cyber Scoops & Digital Shenanigans, the podcast that dissects the biggest threats and most shocking security failures happening this week. I’m your host, Mike Housch. We’ve got a packed show today, covering everything from critical infrastructure tampering in Canada to a massive data breach affecting millions, and the ongoing war against supply chain integrity.

Let’s start with a major warning for developers and security teams concerning software dependencies. Over the past four months—since about July and August—security researchers have been tracking two operations involving 136 malicious NPM packages. These packages have been collectively downloaded roughly 100,000 times.

Now, these aren't benign; these are delivering information stealers. The malicious code is harvesting sensitive system information, credentials, authentication tokens, API keys, browser cookies, and even SSH private keys. Once compressed into ZIP files, all that data is shipped off to an attacker-controlled remote server.

One campaign, which started in July, involved only 10 packages but still racked up more than 9,900 downloads. It uses NPM’s postinstall hook to automatically execute a script when the npm install command runs. This script identifies the victim’s operating system, launches a payload in a new terminal window, and then, get this: it displays a fake CAPTCHA prompt using Node’s readline interface before downloading the final binary.

The second, much larger campaign, known as PhantomRaven, involved 126 packages and accumulated over 86,000 downloads. PhantomRaven is particularly clever because it keeps the main packages clean and relies on hidden dependencies to deliver the malware. It abuses the Remote Dynamic Dependencies (RDD) NPM feature, which allows developers to use HTTP URLs as dependency specifiers, coupled with a preinstall hook. This ensures the malicious code is fetched automatically upon installation without the user needing to interact, and without triggering detection.

Both operations used typosquatting to deceive developers. But PhantomRaven added a twist: the package names were carefully chosen to match LLM hallucinations. Think about it: a developer asks an AI assistant for a package recommendation, the AI invents a plausible but non-existent package name, and the threat actor creates that exact package, waiting for developers who trust the AI’s recommendation.

Ken Johnson, CTO of DryRun Security, summed up the defense perfectly: Vetting dependencies is necessary but no longer sufficient. Teams need visibility into "what happens next"—the install scripts, build artifacts, and runtime behavior. This means treating installs and builds as untrusted execution. Johnson recommends running package installs in ephemeral, isolated CI containers, requiring reproducible builds, and scanning for postinstall hooks and typosquatted names before they even reach the Continuous Integration environment. That’s critical advice for anyone managing developer workflows.

Moving from supply chain hacks to the alarming rise of state-sponsored activity. First, we have a major legal development: an Australian national and former US defense contractor executive, Peter Williams, pleaded guilty in a US court. Williams stole at least eight "cyber-exploit components"—trade secrets associated with national security—from his US employer. He stole these exploits between April 2022 and June 2025 and sold them to a Russian broker.

The US Department of Justice states that Williams placed greed over freedom and democracy by selling $35 million worth of cyber trade secrets to a Russian Government supplier. He was promised millions of dollars in cryptocurrency. The DoJ is now seeking forfeiture of property, including a house, jewelry, expensive watches, and $1.3 million in crypto and bank funds representing the proceeds of his illicit activity.

This is a stark reminder that sometimes the biggest threat is already inside the firewall.

Speaking of nation-states, Ribbon Communications, an American firm providing backbone technology for communication networks, has been hacked. Ribbon’s solutions are used by major customers including the US government, the Department of Defense, Verizon, and BT. Ribbon discovered unauthorized access in early September 2025, but the threat actor may have gained initial access as early as December 2024.

Ribbon believes a nation-state threat actor is behind the intrusion. Although they haven’t shared technical details, the attack profile points to China as a likely suspect. Chinese cyberspies are notorious for sophisticated cyberespionage campaigns targeting telecommunications companies. While Ribbon hasn't found evidence of material information exfiltration, they admitted that several customer files saved outside the main network on two laptops do appear to have been accessed.

Next up, critical infrastructure. The Canadian Centre for Cyber Security has warned CISOs that hacktivists are increasingly targeting internet-exposed Industrial Control Systems (ICS). These are not just threats, they are real incidents.

Canadian authorities reported several attacks, including one where hackers targeted a water facility and tampered with water pressure valves, resulting in degraded service for the community. In another case, hackers triggered false alarms at a Canadian oil and gas company by tampering with an automated tank gauge, or ATG. And in a third example, attackers manipulated the temperature and humidity parameters in a grain-drying silo on a farm. The agency noted that these actions could have led to unsafe conditions had they not been caught quickly.

These opportunistic attacks often target poorly secured, internet-accessible ICS devices to gain media attention or undermine Canada's reputation. But remember, while the agency labels them "hacktivists," state-sponsored groups sometimes launch attacks under that guise.

Finally, let’s talk about a huge data breach. Business services provider Conduent is notifying millions of people—at least 4.5 million individuals, with the largest number in Texas—that their personal information was stolen. The intrusion lasted from October 21, 2024, until January 13, 2025.

The data stolen is highly sensitive: names, addresses, dates of birth, Social Security numbers, health insurance details, and medical information. While Conduent hasn’t officially named the attacker, the Safepay ransomware group claimed the incident back in February. Conduent serves over 600 government and transportation organizations, supporting roughly 100 million US residents across 46 states. The company is encouraging victims to obtain free credit reports and place security freezes on their credit files.

We’re wrapping up with a major vulnerability that impacts billions of internet users worldwide. Security researcher Jose Pino has found a critical, currently unpatched bug in Chromium’s Blink rendering engine. This flaw, dubbed Brash, can be abused to crash most Chromium-based browsers—like Chrome, Microsoft Edge, Brave, and Vivaldi—within seconds, causing a denial-of-service condition, and in some tests, even freezing the host system.

The architectural flaw is the complete absence of rate limiting on document.title API updates. This allows an attacker to inject millions of Document Object Model, or DOM, mutations per second, completely saturating the main thread and disrupting the event loop.

Pino demonstrated this attack in three phases: preparing 100 unique hexadecimal strings, executing bursts of three consecutive document.title updates (attempting about 24 million updates per second), and finally, saturating the main thread, leading to the browser collapsing within 15 to 60 seconds.

While this exploit won't lead to ransomware, it can certainly mess up your PC and cause you to lose unsaved work. Pino published the proof-of-concept because he initially disclosed it to the Chromium security team two months prior and received no response. He noted that since each company customizes Chromium, the fix might need to be independent for each browser. Notably, browsers using different rendering engines—like Firefox (Gecko) and Safari (WebKit)—were immune to the Brash attack.

So, whether you are worried about the $35 million trade secret sale, the hacktivists playing with water pressure, or just trying to keep your browser from collapsing, it’s clear vigilance remains paramount. Thank you for tuning into Cyber Scoops & Digital Shenanigans. We’ll catch you next time.