ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Adversarial Podcast Ep. 24 – Global Lumma takedown, Coinbase employee bribed, malicious MCP integrations and NPM packages"
Episode Synopsis
00:00 Intro02:49 Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals14:29 Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom26:24 Fake OpenAI MCP Integration32:25 Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials36:03 Destructive malware available in NPM repo went unnoticed for 2 years48:10 Sam & Jony introduce io58:23 Discussion: how risky are local admin rights?Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by CybercriminalsIn May 2025, an international coalition led by Microsoft, the U.S. Department of Justice, Europol, and Japan's Cybercrime Control Center dismantled the Lumma Stealer malware operation.https://www.wired.com/story/lumma-stealer-takedown-disrupted/Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransomHackers bribed overseas Coinbase customer support agents to steal sensitive user data, leading to a breach prompting a $20M ransom, which Coinbase refused, instead offering a $20M bounty for information leading to the attackers' arrest.https://www.cnbc.com/2025/05/15/coinbase-says-hackers-bribed-staff-to-steal-customer-data-and-are-demanding-20-million-ransom.htmlFake OpenAI MCP IntegrationA fake OpenAI MCP integration was found by a security researcher, showing the importance of security in emerging technologies.https://www.linkedin.com/feed/update/urn:li:activity:7331118878384615424/Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal CredentialsThree malicious npm packages targeting macOS users of the AI-powered code editor Cursor have infected over 3,200 developers by harvesting credentials.https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.htmlDestructive malware available in NPM repo went unnoticed for 2 yearsA destructive malware campaign infiltrated the npm ecosystem for over two years, with malicious packages disguised as legitimate tools targeting popular JavaScript frameworks.https://arstechnica.com/information-technology/2025/05/destructive-malware-available-in-npm-repo-went-unnoticed-for-2-years/Sam & Jony introduce ioOpenAI has announced the acquisition of Jony Ive's AI hardware startup, io.https://openai.com/sam-and-jony/Hosts:Jerry Perullo (Founder, https://adversarial.com/)Sounil Yu (Founder, https://www.knostic.ai/)Mario Duarte (Founder, stealth startup)Producer: Tillson Galloway (https://tillsongalloway.com)
More episodes of the podcast The Adversarial Podcast
Adversarial Podcast S4E06 – F5 Breach, AWS Outage, Risk Management vs. Security Engineering
28/10/2025
Adversarial Podcast S4E03 – Fumbled NPM Attack, Entering the AI Browser Market, Salesloft breach
16/09/2025
In God we trust