Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 7 March 2025

Jorge Laurel Β· Β·3 min read Β·Issue #69


It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


πŸ”₯ Cybersecurity Incidents & Threats

  • πŸ”‘ Rubrik rotates authentication keys after log server breach – A breach in Rubrik’s log server led to the rotation of potentially leaked authentication keys. (Published on 3/3/2025, Bleeping Computer). Read More

  • 🎭 North Korean fake IT workers pose as blockchain developers – Fraudulent personas on GitHub are helping North Korean operatives secure blockchain development jobs in the U.S. and Japan. (Published on 3/5/2025, SecurityWeek). Read More

  • πŸ“Έ Deepfake videos of YouTube CEO phish creators – Scammers are using deepfake tactics to impersonate YouTube leadership and steal creator credentials. (Published on 3/6/2025, Dark Reading). Read More

  • πŸŽ₯ Employee charged with stealing unreleased movies – A Memphis man was arrested for stealing and leaking digital copies of unreleased films. (Published on 3/7/2025, Bleeping Computer). Read More

πŸ›‘ Exploits, Vulnerabilities & Patches

  • πŸ› οΈ Hackers exploit Paragon Partition Manager driver vulnerability – A zero-day flaw (CVE-2025-0289) is being used in ransomware attacks to escalate privileges and execute arbitrary code. (Published on 3/3/2025, The Hacker News). Read More

  • πŸ”“ Android zero-day vulnerabilities actively exploited – Google’s March 2025 update patches two actively abused zero-days. Update ASAP! (Published on 3/5/2025, Malwarebytes). Read More

  • πŸ›‘οΈ Broadcom patches 3 VMware zero-days – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 were actively exploited before Broadcom’s patch release. (Published on 3/4/2025, SecurityWeek). Read More

  • πŸ‘οΈ Malicious Chrome extensions spoof password managers – A new polymorphic attack allows extensions to mimic trusted apps like password managers and crypto wallets. (Published on 3/6/2025, BleepingComputer). Read More

🚨 Ransomware & Cyber Attacks

  • πŸ΄β€β˜ οΈ Over 4,000 ISP IPs targeted in brute-force attacks – Attackers are deploying info stealers and cryptominers across ISP networks in China and the U.S. (Published on 3/4/2025, The Hacker News). Read More

  • πŸ”— Silk Typhoon hackers target IT supply chains – The Chinese cyber-espionage group is now exploiting remote management tools and cloud services to access downstream networks. (Published on 3/5/2025, BleepingComputer). Read More

  • πŸ”₯ Tata Technologies hit by Hunters International ransomware – The ransomware gang threatens to leak 1.4TB of stolen data. (Published on 3/6/2025, Hackread). Read More

  • πŸŽ₯ Ransomware gang encrypts network using a webcam – Akira ransomware operators bypassed EDR protections by launching an encryption attack from an unsecured webcam. (Published on 3/7/2025, BleepingComputer). Read More

⚑ Emerging Tech & AI Security

  • 🧠 How new AI agents will transform credential stuffing attacks – AI-powered “Computer-Using Agents” enable cybercriminals to automate web attacks at low cost and effort. (Published on 3/4/2025, The Hacker News). Read More

  • βš›οΈ Quantum Wars: Google, Microsoft, and Amazon’s race to fault-tolerant qubits – Amazon introduces a scalable microchip with cat qubit technology, intensifying competition in quantum computing. (Published on 3/3/2025, SecurityWeek). Read More

  • πŸ€– Why using multiple AIs is trending now – Organizations are shifting towards leveraging multiple AI models for better accuracy, security, and efficiency. (Published on 3/7/2025, InformationWeek). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!