Friday Wrap Up: 28 February 2024

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
π¨ Cybersecurity Threats & Attacks
π Hackers exploit Google Docs and Steam to spread ACRStealer, a new infostealer malware targeting users via trusted platforms. (Published on 2/24/2025, Hackread). Read More
π OpenAI bans ChatGPT accounts linked to Chinese threat actors who allegedly used the AI model for espionage tool development. (Published on 2/24/2025, SecurityWeek). Read More
π A Michigan man faces charges for purchasing and selling stolen credentials from Genesis Market. (Published on 2/24/2025, SecurityWeek). Read More
π₯ The Chinese Silver Fox APT group is hiding ValleyRAT malware in trojanized medical imaging software, posing a critical cybersecurity risk. (Published on 2/25/2025, Hackread). Read More
π΅οΈββοΈ A new Linux malware, βAuto-Color,β enables full remote access to infected systems, targeting universities and government entities. (Published on 2/26/2025, The Hacker News). Read More
π A Chinese APT exploited an unpatched VPN vulnerability to infiltrate OT organizations in the aviation and aerospace sectors. (Published on 2/27/2025, Dark Reading). Read More
π Data Breaches & Leaks
π Have I Been Pwned adds 284 million stolen accounts from infostealer malware found on Telegram. (Published on 2/25/2025, BleepingComputer). Read More
π’ A background check firm, DISA Global Solutions, suffered a data breach exposing 3.3 million records. (Published on 2/26/2025, Hackread). Read More
π Millions of users of stalkerware apps Spyzie, Cocospy, and Spyic had their data leaked, again. (Published on 2/28/2025, Malwarebytes). Read More
π¨ A roundup of the biggest data breaches of 2025 so far, covering government, education, and healthcare records. (Published on 2/28/2025, TechCrunch). Read More
π₯ Emerging Cyber Threats
π¬ Microsoftβs Active Directory remains a major attack target even after 25 years, facing new identity-based threats. (Published on 2/25/2025, Dark Reading). Read More
πΆοΈ CrowdStrikeβs latest report reveals 26 new cyber threat groups detected in 2024, with increasing attack speed. (Published on 2/27/2025, SecurityWeek). Read More
π’ Cybercrime & Legal Actions
π΄ββ οΈ A PyPi package with over 100K downloads was secretly pirating music from Deezer for years. (Published on 2/26/2025, BleepingComputer). Read More
π΅οΈββοΈ A U.S. Army soldier linked to the Snowflake attack spree allegedly attempted to sell stolen data to foreign spies. (Published on 2/27/2025, CyberScoop). Read More
π Tech & Industry Updates
- π Microsoft confirms that Skype will officially shut down on May 5, with users transitioning to Teams. (Published on 2/28/2025, Ars Technica). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!