A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects.
That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the chaos, running ad fraud at scale behind innocent-looking icons.
Meanwhile, ransomware gangs are getting smarter—using stolen drivers to shut down defenses—and threat groups are quietly shifting from activism to profit. Even browser extensions are changing hands, turning trusted tools into silent threats.
AI is adding fuel to the fire—used by both attackers and defenders—while critical bugs, cloud loopholes, and privacy shakeups are keeping teams on edge.
Let’s dive into the threats making noise behind the scenes.
⚡ Threat of the Week
Coinbase the Initial Target of GitHub Action Supply Chain Breach — The supply chain compromise involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread and less stealthy. The attackers are suspected of attempting to poison open-source projects associated with Coinbase, failing which they mounted a large-scale campaign by pushing a malicious version of “tj-actions/changed-files” that leaked CI/CD secrets from any repository that ran the workflow. It’s not clear what the end goal of the campaign was, but Palo Alto Networks Unit 42 told The Hacker News that it was likely financially motivated with an aim to conduct cryptocurrency theft.
Drata’s new report takes a look at how GRC professionals are approaching data protection regulations, AI, and the ability to maintain customer trust.
🔔 Top News
️🔥 Trending CVEs
Attackers love software vulnerabilities—they’re easy doors into your systems. Every week brings fresh flaws, and waiting too long to patch can turn a minor oversight into a major breach. Below are this week’s critical vulnerabilities you need to know about. Take a look, update your software promptly, and keep attackers locked out.
This week’s list includes — CVE-2025-29927 (Next.js), CVE-2025-23120 (Veeam Backup & Replication), CVE-2024-56346, CVE-2024-56347 (IBM Advanced Interactive eXecutive), CVE-2024-10441 (Synology BeeStation Manager, DiskStation Manager, and Unified Controller), CVE-2025-26909 (WP Ghost), CVE-2023-43650, CVE-2023-43651, CVE-2023-43652, CVE-2023-42818, CVE-2023-46123, CVE-2024-29201, CVE-2024-29202, CVE-2024-40628, CVE-2024-40629 (JumpServer), and CVE-2025-0927 (Linux kernel)
📰 Around the Cyber World
🎥 Expert Webinar
🔧 Cybersecurity Tools
🔒 Tip of the Week
Audit Your Active Directory in Minutes — If you manage or work with Active Directory (AD), don’t assume it’s secure by default. Many AD environments quietly collect risky settings—like unused admin accounts, weak password rules, or overly broad group permissions—that attackers love to exploit.
To find and fix these, try free tools like InvokeADCheck (great for quick AD health scans), PingCastle (for visual risk scoring and reports), and BloodHound Community Edition (to map attack paths across users and permissions). Even basic steps—like identifying inactive accounts, reviewing GPOs, or checking who’s a Domain Admin—can uncover big risks. Run these tools in a test-safe environment and start building a checklist of things to clean up. You don’t need a full red team to tighten your AD—just the right tools and a bit of time.
Conclusion
This week’s stories weren’t just headlines—they were warning shots. The tools we trust, the systems we rely on, and even the apps we barely notice are all part of the modern attack surface.
Cybersecurity isn’t just about blocking threats—it’s about understanding how fast the rules are changing. From code to cloud, from RATs to regulations, the landscape keeps shifting under our feet.
Stay curious, stay sharp, and don’t underestimate the small stuff—it’s often where the big breaches begin.
Until next week, patch smart and think like an attacker.
