The Good, the Bad and the Ugly in Cybersecurity – Week 22

**Executive Summary:** The report details several active threats: Dutch and international law enforcement dismantled a hosting network (Stark Industries/WorkTitans B.V./THE.Hosting) that supported Russian-linked cyberattacks and disinformation operations; a Romanian national was sentenced for selling access to an Oregon state network and other intrusions; Silent Ransom Group (UNC3753) has escalated to in-person data-extortion operations targeting legal and financial organizations; and the TrapDoor supply-chain campaign distributed credential-stealing malware across npm, PyPI, and Crates.io to harvest developer secrets, SSH keys, cloud credentials, and crypto wallets.