Article Details

⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More. Power doesn't just disappear in one big breach. It slips away in the small stuff—a patch that's missed, a setting that's wrong, a system no one is watching. Security usually doesn't fail all at once; it breaks slowly, then suddenly. Staying safe isn't about knowing everything—it's about acting fast and clear before problems pile up. Clarity keeps control. Hesitation creates risk. Here are this week's signals—each one pointing to where action matters most. ⚡ Threat of the Week Ghost Tap NFC-Based Mobile Fraud Takes Off — A new Android trojan called PhantomCard has become the latest malware to abuse near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. In these attacks, users who end up installing the malicious apps are instructed to place their credit/debit card on the back of the phone to begin the verification process, only for the card data to be sent to an attacker-controlled NFC relay server. The stolen card details are passed on to money mules who link the information to contactless payment systems like Apple Pay or Google Pay in person to obtain physical goods. Security from Code to Cloud: IaC Best Practices Cloud misconfigurations don't wait. Neither should you. Infrastructure-as-Code (IaC) accelerates development, but even small mistakes in templates can become major production risks—like unencrypted S3 buckets or overly permissive access settings. This best practices guide shows you how to fix IaC misconfigurations at the source to secure your cloud environment from the start. 🔔 Top News 🔥 Trending CVEs Hackers don't wait—they strike within hours of a flaw being exposed. A missed patch, a hidden bug, or even a single overlooked CVE is enough to hand them the keys. What starts as "just one gap" can escalate into disruption, theft, or compromise before defenders even realize it's happening. Below are this week's high-risk vulnerabilities. Review them, patch quickly, and stay ahead before someone else makes the first move. This week's list includes — CVE-2025-20265 (Cisco Secure Firewall Management Center), CVE-2025-8671 (HTTP/2), CVE-2025-8875, CVE-2025-8876 (N-able N-central), CVE-2025-25256 (Fortinet FortiSIEM), CVE-2025-53779 (Microsoft Windows), CVE-2025-49457 (Zoom Clients for Windows), CVE-2025-8355, CVE-2025-8356 (Xerox FreeFlow Core), CVE-2024-42512, CVE-2024-42513, CVE-2025-1468 (OPC UA .NET Standard Stack), CVE-2025-42950, CVE-2025-42957 (SAP), CVE-2025-54472 (Apache bRPC), CVE-2025-5456, CVE-2025-5462 (Ivanti Connect Secure), CVE-2025-53652 (Jenkins), CVE-2025-49090, CVE-2025-54315 (Matrix), CVE-2025-52970 (Fortinet FortiWeb),CVE-2025-7384 (Database for Contact Form 7, WPforms, Elementor forms plugin), CVE-2025-53773 (GitHub Copilot), CVE-2025-6186, CVE-2025-7739, CVE-2025-7734 (GitLab), CVE-2025-8341 (Grafana Infinity Datasource Plugin), CVE-2025-47227, CVE-2025-47228 (ScriptCase), CVE-2025-30404, CVE-2025-30405, CVE-2025-54949, CVE-2025-54950, CVE-2025-54951, CVE-2025-54952 (Meta ExecuTorch), CVE-2025-55154, and CVE-2025-55004 (ImageMagick). 📰 Around the Cyber World 🎥 Cybersecurity Webinars 🔧 Cybersecurity Tools Disclaimer: These newly released tools are for educational use only and haven't been fully audited. Use at your own risk—review the code, test safely, and apply proper safeguards. 🔒 Tip of the Week Clipboard Permissions — A Hidden Data Leak Waiting to Happen — Most people think of their clipboard as a harmless convenience — copy some text, paste it where you need it, done. But in modern browsers like Chrome, the clipboard is a shared space between your computer and any website you grant permission to. Once allowed, a site can read whatever is currently in your clipboard — not just what you copied from that site, but from anywhere: your password manager, a PDF, a corporate document, or even secure notes. The danger isn't just "technical paranoia" — clipboard access is a known target for attackers because it bypasses a lot of security boundaries. If you've allowed a site to read your clipboard: For example, you allow design-tool[.]com to read your clipboard because you want to paste an image directly into the site. Later in the day, you copy: While you're still working in design-tool[.]com, its code could (maliciously or due to a compromise) send each clipboard read to a remote server — without you ever pressing "paste." Unlike file downloads or microphone access, Chrome's clipboard permission is "all or nothing" for that site. Once allowed, the site can read at will until you manually revoke the permission. What You Can Do Clipboard access is like giving a stranger a window into your desk — you may only want them to look once, but if you leave the window open, they can keep peeking without asking. Treat clipboard permissions as carefully as camera or microphone access. Conclusion The pace isn't slowing down, and the risks aren't waiting. Every delay, every blind spot, becomes an opening someone else is ready to use. What's urgent isn't just patching or reacting—it's staying one step ahead.