From open-source trust failures to mobile surveillance and Chrome token theft on Linux, today’s threat landscape shows how the weakest link isn’t always obscure — it’s just overlooked. And that’s where adversaries thrive.
📦 Over 70 Malicious NPM and VS Code Packages Discovered
Attackers pushed more than 70 packages into NPM and the VS Code Marketplace, leveraging typosquatting and obfuscated payloads to deliver credential stealers. When the dev environment is the entry point, you’re already behind.
🔗 https://thehackernews.com/2025/05/over-70-malicious-npm-and-vs-code.html
📲 GhostSpy: New Android RAT Steals Banking Info, Bypasses Protections
A new Android remote access trojan (RAT) called GhostSpy has been discovered stealing banking credentials and evading modern security frameworks. It uses accessibility abuse and clever overlays to remain invisible.
🔗 https://securityonline.info/ghostspy-advanced-android-rat-steals-banking-info-bypasses-security/
🧪 Chrome Zero-Day Leaks Login Tokens on Linux Systems
A newly disclosed Chrome flaw on Linux could allow attackers to extract stored session tokens, exposing everything from email access to SSO sessions. The flaw has been patched — but browser trust is once again in question.
🔗 https://linuxsecurity.com/news/security-vulnerabilities/chrome-zero-day-flaw-exposes-login-tokens-on-linux
🧷 Weekly Recap: APT Campaigns, Browser Exploits, and App Store Deceptions
From recent zero-days to a spike in deceptive app store listings, The Hacker News’ recap shows a steady climb in APT campaigns targeting public-facing platforms and personal endpoints alike.
🔗 https://thehackernews.com/2025/05/weekly-recap-apt-campaigns-browser.html
🔒 Nova Scotia Hit by Ransomware Attack, Public Services Affected
A ransomware attack disrupted multiple systems across Nova Scotia’s digital infrastructure, impacting services from healthcare to transit. This isn’t a story of high-value targets — it’s a story of wide blast radius.
🔗 https://cybersecuritynews.com/nova-scotia-ransomware-attack/
🧬 Security Culture Still Lags in Critical Sectors, Study Finds
New research shows that while awareness of threats is growing, practical implementation of cyber hygiene in critical industries like energy and healthcare remains inconsistent and fragmented.
🔗 http://www.securitymagazine.com/articles/101646
🧱 AlmaLinux Patches Security Flaws — Package Management Still Core Attack Vector
AlmaLinux released ALSA-2025-7425, addressing several low-to-medium severity issues — a reminder that package managers are not passive tools. They are core to trust and threat propagation.
🔗 https://errata.almalinux.org/9/ALSA-2025-7425.html
💭 Reflection
Day 146 is a tapestry of access points:
A poisoned package A browser leak A fake login screen A mobile rat A neglected Linux patch
None of them alone is shocking — but together, they remind me that cybersecurity isn’t about single points of failure. It’s about the accumulation of blind spots.
As I keep building momentum through CISSP prep and practical analysis, I’m shifting how I think:
“Is this secure?” is no longer enough.
Now it’s: “Where is trust assumed — and why?”
That’s where the breach begins.
Or where resilience can be rebuilt. 🧠🧱🔍