Reaching Day 100 feels surreal. What started as a daily discipline β just a reflection here and there β has become a ritual of pattern recognition. The themes of today? Scale, subtlety, and sabotage. Whether itβs 420,000 compromised sites or poisoned open-source patches, weβre witnessing how digital war is increasingly waged in plain sight.
π·οΈ AkiraBot Targets 420K+ Sites via WordPress Plugin Supply Chain
AkiraBot is now exploiting a compromised plugin to breach over 420,000 WordPress sites, turning a trusted ecosystem into a massive botnet beachhead. This isnβt just a plugin problem β itβs a trust-chain nightmare.
π https://thehackernews.com/2025/04/akirabot-targets-420000-sites-with.html
π¦ Malicious npm Package Targets Atomic Wallet Users
A sneaky npm package is harvesting secrets from developers who interact with Atomic Wallet β another sign that package ecosystems are becoming infiltration highways. One npm install and you’re compromised.
π https://thehackernews.com/2025/04/malicious-npm-package-targets-atomic.html
π¬ Email Bombing Campaigns Used as Distraction and Data Cover
Researchers are connecting email bombing β floods of spam to a userβs inbox β with more malicious follow-ups like password resets or account takeovers. Flooding hides the real threat. This is misdirection as attack vector.
π https://www.darkreading.com/cyberattacks-data-breaches/threat-actors-spam-bombing-malicious-motives
π https://www.securitymagazine.com/articles/101528-new-research-identifies-analyzes-an-email-bombing-attack
π Poisoned Open-Source Commits Infect Local Environments
Attackers are quietly submitting poisoned patches to open-source projects, which then infect local developer environments during builds. Itβs a terrifying twist β like salting the fields you rely on to grow code.
π https://www.darkreading.com/cloud-security/open-source-poisoned-patches-infect-local-software
π©οΈ Zero-Day Hits CentreStack Platform
A zero-day vulnerability in the CentreStack cloud collaboration suite is under active exploitation. Itβs another reminder that even lesser-known platforms are prime targets β and that patch windows must shrink.
π https://www.darkreading.com/vulnerabilities-threats/zero-day-centrestack-platform-under-attack
π§ͺ Google Rebrands and Refocuses Security Stack
Google is merging its scattered security offerings into a more cohesive platform, signaling a shift toward holistic cloud defense. Visibility and control under one pane β but the execution will determine whether it’s useful or just a new dashboard.
π https://www.darkreading.com/cloud-security/google-merges-security-offerings-cohesive-suite
π± China-Based SMS Phishing Ring Shifts Tactics
A China-linked SMS phishing triad is pivoting its focus to financial institutions, targeting U.S. banking customers with surgical credential-stealing campaigns. Social engineering never sleeps β it evolves.
π https://krebsonsecurity.com/2025/04/china-based-sms-phishing-triad-pivots-to-banks/
πͺοΈ Salt Typhoon & the U.S. Response Gap
A new op-ed challenges the U.S. governmentβs reactive posture to large-scale threats like the recent βSalt Typhoonβ breach. The question isnβt just βwhat happened?β β itβs βwhat now?β and βwhatβs next?β
π https://www.darkreading.com/cyberattacks-data-breaches/what-should-us-do-salt-typhoon
π Reflection
Itβs Day 100, and what strikes me is how subtle modern threat vectors have become. We used to chase brute-force attacks and obvious exploits. Now weβre watching commits, plugins, and spam folders for signs of infiltration. As I push through CISSP and prepare to deepen my DevSecOps fluency, Iβm reminded that this field isnβt just about fixing problems β itβs about detecting the invisible.
A hundred days down. More to go. The signalβs just getting stronger. π‘π₯π»
