Friday Wrap Up: 28 March 2025
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
π‘οΈ Cyberattack Campaigns & Threat Actor Activity
A surge in advanced persistent threats and ransomware highlights the evolving cybercrime landscape.
π Chinese Weaver Ant hackers infiltrated a telecom network for over 4 years using compromised Zyxel routers. (Published on 3/24/2025, BleepingComputer). Read More
𧬠Medusa ransomware disables EDR tools using stolen certificates for stealthy system takeovers. (Published on 3/25/2025, Hackread). Read More
π΅οΈββοΈ New ransomware group Arkana claims attack on US telecom provider WideOpenWest. (Published on 3/26/2025, SecurityWeek). Read More
π° Malaysia’s PM refuses to pay $10M ransomware demand after attack on Kuala Lumpur airport. (Published on 3/28/2025, Dark Reading). Read More
π Critical Vulnerabilities & Exploits
Newly disclosed flaws across popular platforms signal urgent patching needs.
π¨ ‘IngressNightmare’ Kubernetes flaws put over 40% of clusters at serious risk. (Published on 3/24/2025, Dark Reading). Read More
β οΈ Critical Next.js flaw CVE-2025-29927 could let attackers bypass middleware authorization. (Published on 3/24/2025, The Hacker News). Read More
π 46 critical flaws found in solar inverters from Sungrow, Growatt, and SMA. (Published on 3/28/2025, The Hacker News). Read More
π» Cloud & Enterprise Security
Trust and security in cloud platforms and defense contractors face serious challenges.
βοΈ Oracle customers confirm stolen data in alleged cloud breach is valid, despite denials. (Published on 3/26/2025, BleepingComputer). Read More
π§Ύ Defense contractor MORSE to pay $4.6M over cybersecurity failure allegations. (Published on 3/27/2025, SecurityWeek). Read More
πͺπΊ Europe seeks alternatives to US cloud providers amid rising trust concerns. (Published on 3/25/2025, Ars Technica). Read More
π£ Phishing & PhaaS Evolution
Emerging phishing kits and services show increasing sophistication and global reach.
π¦ New Morphing Meerkat phishing kit mimics 114 brands via DNS email record abuse. (Published on 3/27/2025, The Hacker News). Read More
𧬠Morphing Meerkat phishing operation evades detection using DNS-over-HTTPS. (Published on 3/28/2025, BleepingComputer). Read More
π Platform Abuse & Web Infrastructure Challenges
Open source maintainers and web admins face growing strain from misuse and excessive traffic.
π Open source devs report 97% of traffic from AI crawlers, forcing country-level blocks. (Published on 3/25/2025, Slashdot). Read More
π§ The 4 most targeted WordPress plugin flaws of Q1 2025 revealed. (Published on 3/27/2025, BleepingComputer). Read More
π± Messaging & Communication Security
High-stakes communication requires better practicesβencryption isn’t enough.
- β οΈ Pentagon warned against using Signal for open group chats before Yemen leak fiasco. (Published on 3/25/2025, Gizmodo). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.