You are here

Home

Cybersecurity

(TLP:CLEAR) The U.S. Intelligence Community’s 2025 Annual Threat Assessment Highlights the Growing Cyber Threat to the Water Sector and the Enduring Threat of Violent Extremists

Summary: This week, the Office of the Director of National Intelligence (ODNI) published its “Annual Threat Assessment of the U.S. Intelligence Community.” The assessment focuses on the most direct, serious threats to the U.S. in 2025 and beyond and reflects the collective insights of the U.S. Intelligence Community (IC). The report notably underscores the growing cyber threat to water and wastewater utilities, as well as the heightened threat environment from violent extremists.

(TLP:CLEAR) Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066

Summary: A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was recently compromised. This GitHub Action is designed to detect which files have changed in a pull request or commit. The supply chain compromise allows for information disclosure of secrets including, but not limited to, valid access keys, GitHub Personal Access Tokens (PATs), npm tokens, and private RSA keys. This has been patched in v46.0.1. 

(TLP:CLEAR) Mitigating People’s Republic of China (PRC) Living Off the Land (LOTL) Techniques Training Course

Summary: CISA is hosting a training course titled “Navigating the Storm - Understanding, Detecting, and Mitigating PRC LOTL Techniques in Critical Infrastructure Training Course.” The two-hour session will include presentations by CISA and the FBI and will help participants gain insights into the sophisticated methods used by PRC-actors to help them blend into legitimate network activities to avoid detection.

(TLP:CLEAR) DEF CON Franklin - Securing Water Infrastructure in Rural Communities

Summary: A new collaboration initiative called DEF CON Franklin has established a Cyber Volunteer Task Force for water that provides DEF CON technologist volunteers to critical infrastructure in need of cybersecurity help. The effort is being established between the Cyber Policy Initiative (CPI), DEF CON, and NRWA. It specifically targets water systems across the nation that are the most vulnerable  and least protected from cyber threats.

(TLP:CLEAR) Supplemental Cyber Highlights – March 20, 2025

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience & OT/ICS Vulnerability Management

(TLP:CLEAR) New Jersey Fusion Center 2025 Threat Assessment Report

Summary: The New Jersey Office of Homeland Security and Preparedness (NJOHSP), the state’s fusion center, has published its “2025 Threat Assessment,” report. Similar to last year, the assessment highlights enduring homegrown violent and racially motivated extremism threats, in addition to elevated cybersecurity risks and foreign nation-state threats.

Pages

Subscribe to Cybersecurity