Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 23 January 2025

Jorge Laurel · ·5 min read ·Issue #61


Another week, another mountain of security incidents to digest. From Fortinet’s double-feature vulnerability showcase to AI systems getting tricked into leaking your calendar (thanks, Gemini!), the headlines remind us that “fully patched” is more of a suggestion than a guarantee.

Highlights? Tesla got pwned for half a million dollars, Microsoft blamed a “coding error” for Outlook crashes (aren’t they all?), and Curl is officially done with AI-generated bug bounty spam. Somewhere, a developer shed a single tear.

The real MVP: Mandiant basically saying “if you’re still using NTLMv1, here’s how to crack it—maybe that’ll motivate you.”

Read the full Friday Wrap Up below for categorized summaries, zero-day drama, and why your firewall configs might already be someone else’s weekend reading.

#FWU #fridaywrapup #CyberSecurity #InfoSec #ZeroDay #ThreatIntel #AIGoneWild


Major Cyberattacks & Incidents

This week saw significant breaches spanning IT giants, automotive systems, and retail sectors.

  • 🚨 Ingram Micro disclosed that a July 2025 ransomware attack exposed data of 42,000 current and former employees, including SSNs and birth dates. (Published on 19-Jan-2026, BleepingComputer). Read More

  • ⚠️ RansomHouse claims data breach at Apple contractor Luxshare, though no evidence has been released and links remain offline. (Published on 20-Jan-2026, Hackread). Read More

  • 🏆 Security researchers hacked Tesla’s Infotainment System and earned $516,500 exploiting 37 zero-days on day one of Pwn2Own Automotive 2026. (Published on 21-Jan-2026, BleepingComputer). Read More

  • 🎣 Milano-Cortina 2026 Winter Olympics faces cyber threats with phishing and spoofed websites identified as primary attack vectors. (Published on 21-Jan-2026, Infosecurity). Read More

  • 🔑 LastPass users targeted by backup-themed phishing emails, likely timed to exploit US holiday weekend for increased success rates. (Published on 21-Jan-2026, SecurityWeek). Read More

  • 🔥 Automated attacks targeting Fortinet FortiGate devices create rogue accounts and steal firewall configuration data, according to Arctic Wolf. (Published on 22-Jan-2026, BleepingComputer). Read More

  • 👕 Under Armour investigating data breach affecting customers’ email addresses and other personal information, incident details still emerging. (Published on 23-Jan-2026, SecurityWeek). Read More

  • âš–ï¸ Russian national Ianis Antropenko pleaded guilty to leading ransomware crew in four-year crime spree affecting 50+ victims, faces 25 years. (Published on 22-Jan-2026, CyberScoop). Read More

Malware & Vulnerabilities Critical flaws and sophisticated malware dominated security disclosures this week.

  • 🕵️ XSS vulnerability in StealC malware control panel allowed researchers to monitor threat actor operations and collect system fingerprints. (Published on 19-Jan-2026, The Hacker News). Read More

  • 📷 TP-Link patched vulnerability in VIGI cameras allowing remote hacking, with over 2,500 internet-exposed devices discovered by researchers. (Published on 19-Jan-2026, SecurityWeek). Read More

  • 📄 PDFSIDER malware discovered using advanced anti-VM checks and hidden techniques for long-term covert system access. (Published on 19-Jan-2026, Infosecurity). Read More

  • 🔧 Three security vulnerabilities disclosed in Anthropic’s MCP Git server enable arbitrary file access and code execution via prompt injection. (Published on 20-Jan-2026, The Hacker News). Read More

  • ☁️ Cloudflare fixed ACME validation bug allowing attackers to bypass WAF controls and directly access origin servers. (Published on 20-Jan-2026, The Hacker News). Read More

  • 🤖 VoidLink Linux malware framework, built with AI assistance by single developer, reached 88,000 lines of sophisticated code. (Published on 21-Jan-2026, The Hacker News). Read More

  • 🔐 GitLab patched high-severity 2FA bypass vulnerability affecting both community and enterprise editions of its development platform. (Published on 21-Jan-2026, BleepingComputer). Read More

  • ⚡ Cisco released critical patches for zero-day CVE-2026-20045 actively exploited in Unified CM and Webex Calling Dedicated Instance. (Published on 22-Jan-2026, The Hacker News). Read More

  • 🏡 RealHomes CRM plugin vulnerability affected 30,000+ WordPress sites by allowing malicious file uploads; patches now released. (Published on 22-Jan-2026, Infosecurity). Read More

  • 🛡️ Fortinet confirms active FortiCloud SSO bypass exploitation on fully-patched FortiGate firewalls, working on complete fix. (Published on 23-Jan-2026, The Hacker News). Read More

Cybersecurity Tools & Techniques Google’s Mandiant took an unconventional approach to forcing security upgrades.

  • 🌈 Mandiant released NTLMv1 rainbow table lookup to demonstrate protocol’s insecurity, enabling credential recovery in 12 hours on $600 hardware. (Published on 19-Jan-2026, CSO Online). Read More

Vulnerability Research & Industry Analysis Researchers showcased both offensive capabilities and defensive innovations.

  • 💰 Pwn2Own Automotive 2026 concluded with researchers earning $1,047,000 for exploiting 76 zero-day vulnerabilities across three days. (Published on 23-Jan-2026, BleepingComputer). Read More

  • ⚙️ Austrian researchers optimized Linux page cache attacks, reviving old exploit techniques with dramatically improved speed and efficiency. (Published on 22-Jan-2026, SecurityWeek). Read More

AI & Policy Artificial intelligence created both security challenges and operational headaches this week.

  • 🤖 Google Gemini bypassed via natural language prompt injection, allowing attackers to create misleading Calendar events and leak private data. (Published on 20-Jan-2026, BleepingComputer). Read More

  • 🇪🇺 EU proposes mandatory 5G cybersecurity measures targeting high-risk telecom suppliers, widely seen as aimed at Chinese vendors. (Published on 20-Jan-2026, SecurityWeek). Read More

  • 🚫 Curl developer ending HackerOne bug bounty program after overwhelming flood of low-quality AI-generated vulnerability reports. (Published on 22-Jan-2026, BleepingComputer). Read More

DDoS, Outages & Infrastructure Microsoft acknowledged a stability issue affecting mobile users.

  • 📱 Microsoft confirmed Outlook for iOS crashes and freezes on iPad devices due to coding error, fix in progress. (Published on 23-Jan-2026, BleepingComputer). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!