Reaching Day 100 feels surreal. What started as a daily discipline โ just a reflection here and there โ has become a ritual of pattern recognition. The themes of today? Scale, subtlety, and sabotage. Whether itโs 420,000 compromised sites or poisoned open-source patches, weโre witnessing how digital war is increasingly waged in plain sight.
๐ท๏ธ AkiraBot Targets 420K+ Sites via WordPress Plugin Supply Chain
AkiraBot is now exploiting a compromised plugin to breach over 420,000 WordPress sites, turning a trusted ecosystem into a massive botnet beachhead. This isnโt just a plugin problem โ itโs a trust-chain nightmare.
๐ https://thehackernews.com/2025/04/akirabot-targets-420000-sites-with.html
๐ฆ Malicious npm Package Targets Atomic Wallet Users
A sneaky npm package is harvesting secrets from developers who interact with Atomic Wallet โ another sign that package ecosystems are becoming infiltration highways. One npm install and you’re compromised.
๐ https://thehackernews.com/2025/04/malicious-npm-package-targets-atomic.html
๐ฌ Email Bombing Campaigns Used as Distraction and Data Cover
Researchers are connecting email bombing โ floods of spam to a userโs inbox โ with more malicious follow-ups like password resets or account takeovers. Flooding hides the real threat. This is misdirection as attack vector.
๐ https://www.darkreading.com/cyberattacks-data-breaches/threat-actors-spam-bombing-malicious-motives
๐ https://www.securitymagazine.com/articles/101528-new-research-identifies-analyzes-an-email-bombing-attack
๐ Poisoned Open-Source Commits Infect Local Environments
Attackers are quietly submitting poisoned patches to open-source projects, which then infect local developer environments during builds. Itโs a terrifying twist โ like salting the fields you rely on to grow code.
๐ https://www.darkreading.com/cloud-security/open-source-poisoned-patches-infect-local-software
๐ฉ๏ธ Zero-Day Hits CentreStack Platform
A zero-day vulnerability in the CentreStack cloud collaboration suite is under active exploitation. Itโs another reminder that even lesser-known platforms are prime targets โ and that patch windows must shrink.
๐ https://www.darkreading.com/vulnerabilities-threats/zero-day-centrestack-platform-under-attack
๐งช Google Rebrands and Refocuses Security Stack
Google is merging its scattered security offerings into a more cohesive platform, signaling a shift toward holistic cloud defense. Visibility and control under one pane โ but the execution will determine whether it’s useful or just a new dashboard.
๐ https://www.darkreading.com/cloud-security/google-merges-security-offerings-cohesive-suite
๐ฑ China-Based SMS Phishing Ring Shifts Tactics
A China-linked SMS phishing triad is pivoting its focus to financial institutions, targeting U.S. banking customers with surgical credential-stealing campaigns. Social engineering never sleeps โ it evolves.
๐ https://krebsonsecurity.com/2025/04/china-based-sms-phishing-triad-pivots-to-banks/
๐ช๏ธ Salt Typhoon & the U.S. Response Gap
A new op-ed challenges the U.S. governmentโs reactive posture to large-scale threats like the recent โSalt Typhoonโ breach. The question isnโt just โwhat happened?โ โ itโs โwhat now?โ and โwhatโs next?โ
๐ https://www.darkreading.com/cyberattacks-data-breaches/what-should-us-do-salt-typhoon
๐ญ Reflection
Itโs Day 100, and what strikes me is how subtle modern threat vectors have become. We used to chase brute-force attacks and obvious exploits. Now weโre watching commits, plugins, and spam folders for signs of infiltration. As I push through CISSP and prepare to deepen my DevSecOps fluency, Iโm reminded that this field isnโt just about fixing problems โ itโs about detecting the invisible.
A hundred days down. More to go. The signalโs just getting stronger. ๐ก๐ฅ๐ป
