Logitech leaks data after zero-day attack

Steven

Logitech leaks data after zero-day attack

Summary

Logitech has confirmed a breach after attackers exploited a zero-day in a third-party platform to copy data from its internal IT systems. The company patched the vulnerability after the vendor released a fix and says the stolen dataset “likely included limited information about employees and consumers and data relating to customers and suppliers,” while believing no highly sensitive personal data (national IDs, credit cards) was stored in the impacted system.

The item sits inside a broader infosec round-up: senators pressing CISA to release a telecoms security report; a massive npm worm (“IndonesianFoods”) publishing tens of thousands of malicious packages; the Lumma stealer resurfacing with new evasion techniques; and a third DoorDash data leak following social-engineering of an employee.

Key Points

  • Logitech disclosed a zero-day-driven data exfiltration via a third-party software platform and patched after the vendor released a fix.
  • The firm says the data probably included limited employee, consumer, customer and supplier information but believes no national ID or credit card data was in the compromised system.
  • CISA is being pressed by US senators to publish a withheld 2022 telecoms security report; lawmakers argue secrecy harms public debate and security planning.
  • Security researchers discovered an npm worm called “IndonesianFoods” that pushed >78,000 malicious packages, using many throwaway accounts and self-replication to flood the registry.
  • Lumma Stealer has returned with browser-fingerprinting, hiding in Edge update installers and using process injection to blend into browser traffic.
  • DoorDash notified customers of another breach after an employee was social-engineered; exposed fields include names, postal and email addresses, and phone numbers.

Context and relevance

The Logitech incident underscores persistent risks from third-party components: even major vendors can be undermined by vulnerabilities in vendor-supplied platforms. Supply-chain and dependency attacks (illustrated here by both the Logitech breach and the huge npm worm) remain a primary vector for wide-reaching compromise. Meanwhile, the return of Lumma and repeated social-engineering successes at companies like DoorDash show attackers continuing to combine technical and human-targeted techniques.

For security teams this means: treat third-party platforms as first-class risks, prioritise rapid patching and visibility, monitor for unusual exfiltration patterns, and reinforce employee anti-phishing training. For developers, the npm worm is a red flag to audit dependencies and lock down supply-chain hygiene.

Why should I read this?

Short version: if you use Logitech gear in your organisation, rely on npm packages in production, or ship customer data, this one’s relevant. It shows how third-party weaknesses and social engineering keep letting attackers in — and why you should be checking patches, dependencies and staff training right now. We’ve read it so you don’t have to — quick hit, big implications.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2025/11/16/infosec_news_in_brief/