Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 27 June 2024

Jorge Laurel · ·3 min read ·Issue #29


Another week, another buffet of breaches, botnets, and bureaucratic advisories! 🍽️

The FBI unmasked IntelBroker using email trails, crypto wallets, and YouTube activity, reminding us that your “anonymous” OPSEC is only as good as your weakest Like button 👍.

If you’re feeling overwhelmed, you’re not alone. The pace of attacks continues to remind us that no matter how strong your defenses, there’s always a misconfigured Docker API somewhere ready to turn into a crypto-mining hotspot. 🐈‍⬛💻

🔍 This week’s key takeaways:

✅ Check router and VPN configurations (yes, again)

✅ Patch Cisco and SonicWall systems

✅ Monitor AI policies, because jailbreaks aren’t theoretical

✅ Watch for stealthy web malware on checkout pages

✅ Remind your team: “Security is a process, not a checkbox.”

Cybersecurity isn’t boring, and this week proves it again. Stay patched, stay aware, and don’t let a Salt Typhoon ruin your Friday.


🛡️ Cyber Threats & State-Linked Activity

  • 🕵️ Salt Typhoon hacks a Canadian telecom using Cisco flaws, confirming China-linked espionage. (Published on 6/23/2025, BleepingComputer). Read More

  • 🚨 Salt Typhoon exploits router flaws to spy on global telecoms, FBI and Canada warn. (Published on 6/23/2025, Hackread). Read More

  • 🐺 Chinese group Silver Fox uses fake websites to spread Sainbox RAT and hidden rootkit. (Published on 6/27/2025, The Hacker News). Read More

🤖 AI & Cybersecurity

  • 🎭 “Echo Chamber” attack bypasses advanced LLM safeguards with subtle conversational manipulation. (Published on 6/23/2025, SecurityWeek). Read More

💸 Breaches & Ransomware

  • 🛍️ Ahold Delhaize breach affects 2.2 million people’s financial and health data. (Published on 6/27/2025, BleepingComputer). Read More

  • 🕳️ BreachForums: Four ShinyHunters members arrested; IntelBroker revealed as Kai West. (Published on 6/26/2025, Hackread). Read More

  • 🕵️ FBI tracked IntelBroker via email, crypto wallet, and YouTube activity. (Published on 6/26/2025, Hackread). Read More

☁️ Infrastructure & Cloud Attacks

  • 🐱 Attackers use Docker APIs and Tor to stealthily deploy crypto miners, echoing Commando Cat’s methods. (Published on 6/23/2025, Dark Reading). Read More

  • 🦠 New WordPress malware hides on checkout pages, imitating Cloudflare to steal cards. (Published on 6/25/2025, Hackread). Read More

  • 🪝 Hackers exploit ConnectWise ScreenConnect installer to build signed remote access malware. (Published on 6/25/2025, BleepingComputer). Read More

  • 🏫 Androxgh0st botnet expands, exploiting US university servers including UC San Diego. (Published on 6/24/2025, Hackread). Read More

🔑 Credential Attacks

  • 🩻 SonicWall warns of trojanized NetExtender stealing VPN logins. (Published on 6/24/2025, BleepingComputer). Read More

  • 🎯 Hackers target over 70 Microsoft Exchange servers with keyloggers to steal credentials. (Published on 6/24/2025, The Hacker News). Read More

⚙️ Industrial & Regulatory

  • 🛠️ CISA releases two ICS advisories covering Mitsubishi Electric and TrendMakers Sight Bulb Pro vulnerabilities. (Published on 6/26/2025, CISA Alerts). Read More

🌐 Internet & Access

  • 🚫 Russia throttles Cloudflare, making sites inaccessible for many users since June 9. (Published on 6/27/2025, BleepingComputer). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!