What needs to change • Patch Chromium and ALEOS • Prioritise KEV-listed flaws in public-sector risk management • Segment and harden edge routers • Monitor endpoints and network edges #PatchManagement #ZeroTrust #PublicSectorSecurity

Why this matters Exploitation of citizen and public servant browsers and disruption to connectivity to critical services risks service disruption, credential theft, and compromise of identity-enabled public systems. #GovTech #DigitalIdentity #CriticalInfrastructure

CISA has added actively exploited vulnerabilities in Google Chromium and Sierra Wireless AirLink ALEOS routersto its Known Exploited Vulnerabilities (KEV) catalog. https://t.co/J6VloOfZNe #CISA #KEV #CyberSecurity

What needs to change • Patch / upgrade affected React/Next.js • Enforce secure-by-default SSR/RSC configurations • Add app-layer DoS protections beyond network controls • Restrict server-only code and secrets from render paths #SecureByDesign #ZeroTrust #PublicSectorTech

Why this matters Many citizen portals, identity gateways, and public services rely on React-based stacks. These threats threaten service availability and authentication logic - undermining trust, resilience, and inclusion #GovTech #IdentitySecurity #Resilience

A flaw in React Server Components can enable denial-of-service attacks and unintended source-code exposure. Attackers can overload servers or extract sensitive server logic from apps built with modern React/Next.js patterns. https://t.co/xAhPzr5tBk #React #NextJS #CyberSecurity

What needs to change • Enforce secure-by-default configs • Add blockchain-aware detection to SOCs • Use WAFs tuned for SSR/React attack patterns • Isolate identity-verification workflows from web front ends #AppSec #BlockchainSecurity #NationalCERT #IdentityProtection

Gov portals, digital-ID services, and citizen apps frequently run on modern JavaScript frameworks. A successful React-layer exploit could compromise authentication and data to undermine trust in national digital platforms. #DigitalIdentity #GovTechSecurity #DPI

DPRK operators exploited React2Shell to plant EtherRAT, a malware implant using Ethereum smart contracts for command-and-control. Making takedown extremely difficult and enables persistent access to public-facing apps. https://t.co/pP0J8NROQv #React2Shell #Ethereum #ThreatIntel

What needs to change • Require SBOMs and signed packages • Enforce provenance attestation • Monitor dependency health continuously • Isolate critical identity flows from unvetted OSS • Invest in maintenance of public OSS #SBOM #ZeroTrust #OpenSourceSecurity #GovTech

DPI relies heavily on open-source. A compromised supply chain can poison citizen-facing services, identity verification platforms, and authentication flows. Trust frameworks collapse if core libraries become attack vectors. #DigitalPublicInfrastructure #OSS #IdentitySecurity

A new campaign—Shai-Hulud V2—has compromised dozens of npm packages, injecting malicious scripts that activate on install, silently embedding risks into apps, CI/CD pipelines, and cloud workloads. https://t.co/xWi0NI4GNm #npm #CyberSecurity #Infosec

What needs to change - enforce strong multi-factor device attestation - monitor for abnormal remote-wipe commands - assume device compromise is possible — control trust at the credential/back-end layer, not just the device. #IdentitySecurity #MobileDefense #ZeroTrust

Impact to DPI When tools like Find Hub are weaponised, identity-linked mobile systems and national DPI ecosystems become vulnerable, compromised devices sever authentication channels, wipe identity credentials and disrupt access to services. #DigitalIdentity #ServiceDisruptioI

A threat actor linked to KONNI exploited KakaoTalk phishing campaigns and compromised Google accounts to hijack Google Find Hub, remotely wipe Android devices and propagate malware via trusted contacts. source: https://t.co/nOpcbx9N2o #Malware #Android #KakaoTalk #Spyware

What needs to change -Enforce runtime protection on mobile devices -Deny/monitor HCE registration for untrusted apps -Ensure NFC-relay detection is built in -Integrate device attestation, behavioural analytics, and strong authentication #IdentityGovernance #MobileThreatDefense

Impact to DPI NGate blurs the line between a user’s device and an identity credential — undermining trust. A compromise could ripple through national ID-linked services, financial rails, and cross-border identity networks. #DigitalIdentity #DPI #RiskManagement #PaymentsSecurity

NGate NFC-Relay Malware A new Android malware family uses Host Card Emulation (HCE) and NFC relay to capture card data and PINs, then replay them at an ATM — allowing withdrawals without a physical card. Source: https://t.co/AC9WgoHvxa #CyberThreat #BankingFraud #NFCRelay

What needs to change - Enforce least-privilege access, continuous credential-monitoring and behavioural anomaly detection - Use multi-factor authentication and rapid credential revocation, to stop stolen credentials from becoming entry points #CloudSecurity #CyberResilience

Impact to DPI When cloud credentials are compromised, attackers can impersonate organisations, breach sensitive systems and erode trust in digital public infrastructure, impacting national identity registries, citizen services and payment systems alike. #TrustedInfrastructure