Australia’s spy chief, Mike Burgess, highlighted the growing risk of cyber-attacks from authoritarian regimes aimed at critical infrastructure. He emphasized that these threats are no longer hypothetical, with foreign teams actively exploring options for sabotage, especially as technology advances. Burgess urged organizations to take proactive measures to manage these foreseeable risks.

Two malicious npm packages, 'express-api-sync' and 'system-health-sync-api,' have been found to act as data wipers that delete entire application directories instead of functioning as advertised utilities. These packages, which have been removed from npm, contained backdoors that allowed attackers to execute destructive commands remotely, raising concerns about potential sabotage or state-level disruptions in the software ecosystem.