Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 28 March 2025

Jorge Laurel Β· Β·3 min read Β·Issue #72

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


πŸ›‘οΈ Cyberattack Campaigns & Threat Actor Activity

A surge in advanced persistent threats and ransomware highlights the evolving cybercrime landscape.

  • 🐜 Chinese Weaver Ant hackers infiltrated a telecom network for over 4 years using compromised Zyxel routers. (Published on 3/24/2025, BleepingComputer). Read More

  • 🧬 Medusa ransomware disables EDR tools using stolen certificates for stealthy system takeovers. (Published on 3/25/2025, Hackread). Read More

  • πŸ•΅οΈβ€β™‚οΈ New ransomware group Arkana claims attack on US telecom provider WideOpenWest. (Published on 3/26/2025, SecurityWeek). Read More

  • πŸ’° Malaysia’s PM refuses to pay $10M ransomware demand after attack on Kuala Lumpur airport. (Published on 3/28/2025, Dark Reading). Read More


πŸ”“ Critical Vulnerabilities & Exploits

Newly disclosed flaws across popular platforms signal urgent patching needs.

  • 🚨 ‘IngressNightmare’ Kubernetes flaws put over 40% of clusters at serious risk. (Published on 3/24/2025, Dark Reading). Read More

  • ⚠️ Critical Next.js flaw CVE-2025-29927 could let attackers bypass middleware authorization. (Published on 3/24/2025, The Hacker News). Read More

  • 🌞 46 critical flaws found in solar inverters from Sungrow, Growatt, and SMA. (Published on 3/28/2025, The Hacker News). Read More


πŸ’» Cloud & Enterprise Security

Trust and security in cloud platforms and defense contractors face serious challenges.

  • ☁️ Oracle customers confirm stolen data in alleged cloud breach is valid, despite denials. (Published on 3/26/2025, BleepingComputer). Read More

  • 🧾 Defense contractor MORSE to pay $4.6M over cybersecurity failure allegations. (Published on 3/27/2025, SecurityWeek). Read More

  • πŸ‡ͺπŸ‡Ί Europe seeks alternatives to US cloud providers amid rising trust concerns. (Published on 3/25/2025, Ars Technica). Read More


🎣 Phishing & PhaaS Evolution

Emerging phishing kits and services show increasing sophistication and global reach.

  • 🦊 New Morphing Meerkat phishing kit mimics 114 brands via DNS email record abuse. (Published on 3/27/2025, The Hacker News). Read More

  • 🧬 Morphing Meerkat phishing operation evades detection using DNS-over-HTTPS. (Published on 3/28/2025, BleepingComputer). Read More


πŸ“‰ Platform Abuse & Web Infrastructure Challenges

Open source maintainers and web admins face growing strain from misuse and excessive traffic.

  • 🌐 Open source devs report 97% of traffic from AI crawlers, forcing country-level blocks. (Published on 3/25/2025, Slashdot). Read More

  • πŸ”§ The 4 most targeted WordPress plugin flaws of Q1 2025 revealed. (Published on 3/27/2025, BleepingComputer). Read More


πŸ“± Messaging & Communication Security

High-stakes communication requires better practicesβ€”encryption isn’t enough.

  • ⚠️ Pentagon warned against using Signal for open group chats before Yemen leak fiasco. (Published on 3/25/2025, Gizmodo). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!

Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.