Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 18 April 2025

Jorge Laurel · ·3 min read ·Issue #75


From rogue restarts in Windows Server 2025 to ransomware giving dialysis clinics a real headache, this week was anything but quiet.

State-backed hackers were busy playing malware bingo, Fortinet and Cisco had some uninvited guests, and 4chan may have just been out-trolled by a rival forum (yes, really).

Meanwhile, AI continues its sneaky takeover—half of your coworkers are probably using unapproved tools, and Google’s swatting down billions of bad ads like it’s a high-stakes arcade game.

Want the full scoop on digital espionage, enterprise breaches, and AI mischief? Read this week’s Friday Wrap Up for all these stories and a few more.


⚠️ Critical Infrastructure & Enterprise Risks
Rising threats are hitting core IT systems and critical service providers. Here’s what you need to know:

  • 🔧 Microsoft warns Windows Server 2025 restarts may break domain controller connectivity. (Published on 4/14/2025, BleepingComputer). Read More

  • 💉 DaVita dialysis services disrupted in a ransomware attack, raising concerns for healthcare security. (Published on 4/15/2025, SecurityWeek). Read More

  • 🚗 Hertz confirms customer data breach tied to a Cleo software vulnerability. (Published on 4/16/2025, Hackread). Read More

  • 🛒 Ahold Delhaize reports data theft from U.S. systems after INC ransomware attack. (Published on 4/17/2025, BleepingComputer). Read More


🕵️ State-Backed and Advanced Threats
State actors and APTs are evolving tactics to target vulnerabilities at scale.

  • 🐉 Chinese APTs exploit EDR blind spots across firewalls, IoT, and cloud environments. (Published on 4/14/2025, Dark Reading). Read More

  • 🐧 UNC5174 targets Linux using SNOWLIGHT malware and open-source VShell tool. (Published on 4/15/2025, The Hacker News). Read More

  • 👥 State-backed hackers from Iran, North Korea, and Russia use ‘ClickFix’ phishing to spread malware. (Published on 4/17/2025, The Hacker News). Read More


💻 Vulnerabilities & Exploits
New vulnerabilities and zero-days are surfacing rapidly—patching is critical.

  • 🔓 Fortinet zero-day bug allows code execution; disclosed the same day as exploitation alert. (Published on 4/14/2025, Dark Reading). Read More

  • 🧠 Cisco Webex flaw allows remote code execution via malicious meeting links. (Published on 4/18/2025, BleepingComputer). Read More


📊 Cybercrime & Emerging Tactics
Cybercriminals are leveraging AI and social engineering in creative new ways.

  • 🧬 AI-powered Gamma platform used to spoof Microsoft SharePoint login pages. (Published on 4/16/2025, The Hacker News). Read More

  • 🤖 XorDDoS malware expands to Docker, Linux, and IoT; 71% of U.S. DDoS targets hit. (Published on 4/18/2025, The Hacker News). Read More

  • 😱 4chan possibly breached; rival forum member claims source code leak. (Published on 4/15/2025, Hackread). Read More


📉 Digital Safety & Responsible Tech Use
From ad abuse to Shadow AI, digital ecosystems face growing oversight challenges.

  • 🚫 Google blocked 5.1 billion ads in 2024 amid surge in AI-driven scams. (Published on 4/16/2025, BleepingComputer). Read More

  • 🕶️ 50% of workers reportedly use unapproved AI tools, sparking concerns about Shadow AI. (Published on 4/18/2025, SecurityWeek). Read More

  • 👨‍💻 Poorly designed security tools drive users to unsafe workarounds, experts warn. (Published on 4/17/2025, Dark Reading). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!