Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 13 December 2024

Jorge Laurel · ·2 min read ·Issue #54


It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


Category: Critical Infrastructure and Software Risks

  • ⚠️ 90% of software in U.S. critical infrastructure contains code developed in China, posing systemic risks. (Published on 12/9/2024, Dark Reading). Read More

  • 🛠️ Forrester panel explores software supply chain vulnerabilities and global IT security challenges. (Published on 12/10/2024, InformationWeek). Read More


Category: Cyber Attacks and Vulnerabilities

  • 🧑‍💻 Prompt injection vulnerabilities in DeepSeek AI could allow account hijacking—now patched. (Published on 12/9/2024, The Hacker News). Read More

  • 🔐 AWS credentials stolen by cybercrime gangs due to cloud misconfigurations. (Published on 12/10/2024, Dark Reading). Read More

  • 🐾 New ZLoader malware uses DNS tunneling for stealthy command-and-control. (Published on 12/11/2024, The Hacker News). Read More

  • 🌐 27 DDoS-for-hire platforms shut down globally in Operation PowerOFF. (Published on 12/11/2024, BleepingComputer). Read More

  • 🕵️ Microsoft Azure MFA bypassed in an hour due to critical rate-limiting flaw. (Published on 12/11/2024, Dark Reading). Read More

  • 🧬 Low-code/no-code environments face rising OData injection risks. (Published on 12/13/2024, Dark Reading). Read More

  • 🐱 PUMAKIT Linux rootkit uses advanced stealth to evade detection. (Published on 12/13/2024, The Hacker News). Read More


Category: Cybersecurity Impacts on Businesses and Individuals

  • 🕵️ Fake job emails deploy AppLite Trojan to target job seekers. (Published on 12/10/2024, Hackread). Read More

  • 🍩 Krispy Kreme suffers a cyberattack, disrupting online ordering in the U.S. (Published on 12/11/2024, IoT and Edge). Read More


Category: Privacy and Regulatory Oversight

  • 🛑 After 13 years, Firefox retires the ineffective “Do Not Track” feature. (Published on 12/12/2024, Ars Technica). Read More

  • 📡 Sen. Wyden criticizes FCC’s failure to enforce telecom security rules. (Published on 12/12/2024, Dark Reading). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!