Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 14 March 2025

Jorge Laurel Β· Β·2 min read Β·Issue #70


It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


Cybersecurity Threats & Incidents πŸ”₯

  • 🚨 Americans lost a record $12.5 billion to fraud in 2024, marking a 25% increase from the previous year. (Published on 3/10/2025, BleepingComputer). Read More

  • πŸ΄β€β˜ οΈ A former employee was found guilty of a revenge kill-switch scheme, locking out users if their account was disabled. (Published on 3/10/2025, Dark Reading). Read More

  • πŸ’€ Chinese cyberspies have backdoored Juniper routers, exploiting outdated hardware for stealthy access. (Published on 3/12/2025, BleepingComputer). Read More

  • 🦠 GitHub-hosted malware infected 1M Windows users via a complex malvertising attack chain. (Published on 3/11/2025, Dark Reading). Read More

  • 🎭 North Korea’s ScarCruft group deployed KoSpy malware to spy on Android users via fake utility apps. (Published on 3/13/2025, The Hacker News). Read More

  • ⚑ Salt Typhoon cyberattacks highlight critical infrastructure vulnerabilities, urging stronger defenses. (Published on 3/13/2025, Dark Reading). Read More

Vulnerabilities & Security Updates πŸ”§

  • πŸ”₯ Microsoft patched 57 security flaws, including six actively exploited zero-days. (Published on 3/12/2025, The Hacker News). Read More

  • πŸ› οΈ GitLab patched critical authentication bypass vulnerabilities in Community and Enterprise Editions. (Published on 3/13/2025, BleepingComputer). Read More

  • πŸ—οΈ SAP released critical security updates for Commerce and NetWeaver platforms. (Published on 3/11/2025, SecurityWeek). Read More

  • βš™οΈ SCADA vulnerabilities in Mitsubishi Electric and Iconics could facilitate industrial cyberattacks. (Published on 3/10/2025, SecurityWeek). Read More

  • πŸ“‘ Cisco patched a critical IOS XR vulnerability that could crash BGP routers with a single update message. (Published on 3/14/2025, BleepingComputer). Read More

Emerging Cybercrime Techniques πŸ•΅οΈβ€β™‚οΈ

  • πŸ”— New Ballista IoT botnet linked to an Italian threat actor, targeting TP-Link Archer routers. (Published on 3/11/2025, SecurityWeek). Read More

  • πŸ”“ PowerSchool’s portal was compromised months before its massive data breach, exposing user credentials. (Published on 3/12/2025, SecurityWeek). Read More

  • πŸ΄β€β˜ οΈ Black Basta ransomware gang developed an automated brute-force tool to breach VPNs and firewalls. (Published on 3/14/2025, BleepingComputer). Read More

  • πŸ”‘ Remote access infrastructure remains the riskiest corporate attack surface, tripling ransomware risks. (Published on 3/14/2025, Dark Reading). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!