By Ashwani Mishra, Editor-Technology, 63SATS Cybertech
Global cyber tensions escalated as the U.S. warned China of potential retaliation over critical infrastructure attacks, while India thwarted multiple Pakistan-backed hacking attempts targeting educational institutions. A supply chain attack compromised 1,000 e-commerce sites via backdoored Magento plugins, and dating app Raw exposed users’ sensitive data due to poor security practices.
Meanwhile, over a third of users reported account breaches due to weak passwords, though passkey adoption is rising. In the UK, patients remain uninformed nearly a year after a ransomware attack on Synnovis leaked sensitive health data, highlighting persistent gaps in breach communication and accountability.
U.S. Warns China: Cyber Retaliation on the Table
A top White House official has issued a stern warning to China over cyber intrusions into U.S. critical infrastructure.
Speaking at RSA 2025, Alexei Bulazel, Senior Director for Cyber at the National Security Council, emphasized that continued passivity toward nation-state cyberattacks signals acceptance. He warned that the U.S. under the Trump Administration would retaliate, asserting, “If you come and do this to us, we’ll punch back.” Bulazel criticized past administrations for hesitating to act, calling it an abdication of their responsibility to protect American private sector interests against increasingly brazen digital aggressions.
Weak Passwords Still a Global Threat, Passkeys Gain Momentum
Over a third of users experienced online account breaches due to poor or stolen passwords, reveals a new FIDO Alliance study. Encouragingly, the adoption of passkeys—secure, password-less login alternatives—is on the rise. Nearly half of the top 100 global websites now support passkeys.
About 69% of users have enabled them on at least one account, and 38% use them wherever possible. Most users cited both better security (53%) and ease of use (54%) as key benefits. Frustratingly, 48% admitted to abandoning online purchases simply because they forgot their passwords, highlighting the urgent need for better authentication methods.
Supply Chain Attack Hits E-Commerce Giants via Magento Plugins
Between 500 and 1,000 online stores, including one from a $40 billion multinational, were compromised in a coordinated supply chain attack involving 21 backdoored Magento extensions. According to Sansec researchers, the malware was dormant since 2019 and only activated in April 2025. The exploit inserted PHP backdoors into licensing files within the extensions.
The attackers appear to have breached multiple vendors, making this a complex and far-reaching campaign. Weltpixel’s GoogleTagManager plugin was also found compromised, though it remains unclear whether the breach originated from the vendor or an infected website using the extension.
Dating App ‘Raw’ Leaks Sensitive User Data
TechCrunch reports that a security lapse at dating app Raw led to the exposure of personal user data, including precise GPS locations. The breach also exposed display names, dates of birth, and sensitive preferences, putting users at risk. Raw, which launched in 2023 with over 500,000 Android downloads, promotes “authentic interactions” by encouraging daily selfies.
However, its failure to secure location data may now put users in physical danger. Despite the magnitude of the exposure, the company has yet to publicly disclose the number of affected users or details on how the breach occurred.
India Thwarts Multiple Pakistan-Backed Cyber Intrusions
Indian cybersecurity agencies successfully neutralized a series of cyberattacks launched by Pakistan-linked hacker groups on Thursday. The groups, including HOAX1337 and National Cyber Crew, attempted to deface websites of Army Public Schools in Jammu with provocative messages linked to the recent Pahalgam terror incident. Authorities intercepted the attacks in real time, preventing serious damage.
The ongoing cyber confrontations highlight rising digital tensions between the two nations, with India’s proactive defense capabilities being tested frequently. This latest incident underscores the need for continuous vigilance and enhanced inter-agency coordination to counter politically motivated digital threats.
UK Lab Breach Leaves Patients Uninformed for Nearly a Year
Nearly a year after ransomware group Qilin attacked London-based pathology firm Synnovis, many patients remain unaware of what personal health data was exposed. The 2024 breach disrupted multiple NHS hospitals and leaked sensitive details on STIs and cancer diagnoses.
Synnovis has acknowledged that names, NHS numbers, and test codes were compromised but has yet to provide an accurate count of affected individuals or full disclosure on leaked content. The lack of transparency raises concerns about accountability and patient rights in the wake of serious healthcare data breaches that can have lasting reputational and psychological impacts.
