TCE Weekly Roundup: Top Cybersecurity News & Insights - The Cyber Express - HEAL Security Inc. - Cyber Threat Intelligence for the Healthcare Sector

New GitHub Actions Attack Chain Uses Fake CI Updates to Exfiltrate Secrets and Tokens

A new attack campaign is actively targeting open-source repositories on GitHub by carefully disguising malicious code as completely routine CI build configuration updates. The campaign,

DPRK Cyber Program Uses Modular Malware Strategy to Evade Attribution and Survive Takedowns

North Korea’s cyber program has fundamentally shifted how it builds and deploys malware. Rather than relying on one all-purpose hacking tool, the regime has assembled

Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data

A malicious PyPI package, hermes-px, that masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a private university AI service.

From Data Ownership to Learning Velocity in Direct-to-Consumer Healthcare

As commercialization increasingly reflects direct engagement dynamics, differentiation depends less on the volume of data controlled and more on the speed at which systems incorporate

News and Analysis