Two hundred days in, and the landscape still feels like it’s accelerating. The stories today aren’t just technical — they speak to a wider truth: when trust becomes frictionless, attackers flow faster. This isn’t just about patching anymore — it’s about questioning the platforms, habits, and shortcuts that got us here.
🧬 EncryptHub: New Threat Group Targets Web3 Devs
Web3 developers are being singled out by a new threat group dubbed EncryptHub, which is leveraging social engineering, fake SDKs, and browser exploits to inject backdoors into decentralized apps. This feels like a test case for the next era of blockchain compromise — where codebases are weaponized before deployment.
🔗 https://thehackernews.com/2025/07/encrypthub-targets-web3-developers.html
📌 SharePoint Zero-Day (CVE-2025-53770): Exploitation Ongoing
The SharePoint vulnerability reported earlier this week continues to escalate, with no patch yet released. It holds a CVSS of 9.8 and is being used in live campaigns. For hybrid or legacy deployments, air-gapping won’t save you if remote access points aren’t tightly managed.
🔗 https://thehackernews.com/2025/07/critical-microsoft-sharepoint-flaw.html
📦 Malicious npm Packages Strike Again
Six compromised npm packages made it into active developer environments, designed to exfiltrate sensitive environment variables and tokens. This type of attack isn’t novel, but the frequency suggests we haven’t collectively learned to treat package repositories like untrusted input.
🔗 https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html
🗂️ CrushFTP Flaw Exploited in the Wild
A critical vulnerability in CrushFTP is being actively weaponized. Attackers are using it to pivot laterally once inside enterprise environments — a reminder that niche tooling can become high-value footholds when not hardened.
🔗 https://thehackernews.com/2025/07/hackers-exploit-critical-crushftp-flaw.html
🛡️ Fake VPN Tools Appear on GitHub
A new wave of fake VPN utilities on GitHub has been spotted, many of which function as spyware or credential stealers. With so many open-source tools repackaged and trusted by default, this is a wake-up call for anyone treating “free” as a shortcut to “safe.”
🔗 https://www.cysecurity.news/2025/07/new-cyber-threat-fake-vpns-on-github.html
Closing Notes
Trust is the new exploit. The more we automate our trust — through package managers, open-source tools, or vendor platforms — the more fragile our defenses become. SharePoint continues to highlight legacy risk debt. Tools that were never designed for cloud-scale threat models are being stress-tested — and breaking. Web3 and AI are new frontiers, but the old playbooks still apply. Just faster, flashier, and with less time to respond.