GitHub Breach Exposes Secrets: Act Now to Protect!

Welcome to your daily cybersecurity update, where we break down the latest developments in the digital security realm. Today’s roundup covers a significant supply chain breach on GitHub, a series of critical vulnerabilities affecting D-Link’s DAP-1620 device, and an upbeat note on Kraken Robotics’ market performance.

GitHub Supply Chain Breach: Coinbase Attack Exposes Repositories and CI/CD Secrets

On March 14, 2025, a supply chain attack targeting the popular tj-actions project on GitHub resulted in a breach that exposed 218 repositories and leaked several CI/CD credentials. This incident, assigned CVE-2025-30066, highlights the ever-present risks in the open-source ecosystem and the potential for attackers to gain access to sensitive project data. In simple terms, it’s a bit like having a key to your house accidentally left under the doormat—a small oversight that can lead to big problems. Organisations, especially those relying on continuous integration and deployment pipelines, must review and tighten their security practices.

D-Link DAP-1620 Vulnerabilities: A Haul of Critical Buffer Overflows

D-Link’s DAP-1620 version 1.03 is in the spotlight today following the discovery of several critical vulnerabilities. Each of these issues, with a severity rating of 9.8, involves buffer overflow weaknesses that could allow remote attackers to execute malicious code:

CVE-2025-2621 – Stack-Based Buffer Overflow in Cookie Check

This vulnerability impacts the function check_dws_cookie within the /storage file, enabling attackers to trigger a stack-based buffer overflow remotely. The exploit has been disclosed publicly, emphasising the urgent need for users to be cautious—even if the product is no longer under active support.

CVE-2025-2620 – Stack-Based Buffer Overflow in Authentication Handler

A similar issue was found in the mod_graph_auth_uri_handler function of the Authentication Handler component, where manipulation can lead to a critical overflow, again removable over the network. With the same critical rating, the risk to legacy systems remains high.

CVE-2025-2619 – Additional Stack-Based Buffer Overflow in Cookie Handler

This vulnerability, also affecting the check_dws_cookie function but within the Cookie Handler, reinforces the repeated pattern of risky code practices in this device. Its remote exploitability means attackers could potentially infiltrate without needing physical access.

CVE-2025-2618 – Heap-Based Buffer Overflow in Path Handler

The final vulnerability impacts the set_ws_action function within the /dws/api/ path of the Path Handler. Unlike the previous vulnerabilities, this one leads to a heap-based overflow, underscoring the diverse methods attackers can employ. With these devices no longer supported by the maintainer, the responsibility for risk mitigation falls squarely on the users’ ability to isolate and secure these outdated systems.

Market Spotlight: Kraken Robotics Impresses Shareholders

In lighter news, Kraken Robotics has registered a remarkable 50% CAGR over the past five years, with a noteworthy 10% surge in the last week alone. While not directly a cybersecurity threat, this performance reminder underlines the importance of corresponding robust security measures—especially as innovative tech companies often become lucrative targets for cyber adversaries.

As we wrap up today’s update, it’s clear that vigilance remains key in our ever-evolving cybersecurity landscape. Whether you’re managing risk in your software supply chain or maintaining older network devices, proactive attention to potential threats can make all the difference. At Synergos Consultancy, we understand that security isn’t just about technology—it’s also about ensuring compliance and safeguarding your business operations. Stay safe and keep your digital doors firmly locked!