Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 30 May 2025

Jorge Laurel · ·2 min read ·Issue #80


This week’s cyber headlines are packed with breaches, bots, BitM attacks, and even a courtroom confession. Dive into the Friday Wrap-Up to stay ahead—and maybe even stay safe. 🧠🛡️


Cybersecurity Threats & Malware Attacks

This week brought an array of fresh threats and major disclosures:

  • ⚠️ Over 70 malicious npm and VS Code packages steal user data and crypto via Discord endpoints. (Published on 5/26/2025, The Hacker News). Read More

  • 🛡️ Chinese hackers exploit a Cityworks zero-day to breach US local governments. (Published on 5/26/2025, Hackread). Read More

  • 💸 Hackers use SEO poisoning to redirect payroll portals, stealing paychecks. (Published on 5/27/2025, The Hacker News). Read More

  • 🎭 Vietnamese hackers spread info-stealers via fake AI video tool ads. (Published on 5/28/2025, Hackread). Read More

  • 🐾 PumaBot botnet targets IoT devices with SSH brute force attacks. (Published on 5/28/2025, BleepingComputer). Read More

  • 🌐 Fullscreen BitM attack in Safari used to steal credentials. (Published on 5/29/2025, Hackread). Read More

  • 🕵️ Safari flaw allows browser-in-the-middle attacks stealing credentials. (Published on 5/29/2025, BleepingComputer). Read More

Data Breaches & Legal Actions

From courtroom convictions to data breaches, accountability is making waves:

  • ⚖️ Iranian man pleads guilty in Baltimore ransomware conspiracy. (Published on 5/27/2025, SecurityWeek). Read More

  • 🧵 Adidas suffers data breach after customer service provider is hacked. (Published on 5/27/2025, BleepingComputer). Read More

  • 🇩🇪 Germany names TrickBot and Conti ransomware leader. (Published on 5/30/2025, BleepingComputer). Read More

Cyber Espionage & State-Sponsored Activity

Cyber conflict is heating up with escalating actions from state-affiliated actors:

  • 🌍 ‘Earth Lamia’ Chinese group targets diverse global industries. (Published on 5/29/2025, SecurityWeek). Read More

  • 🖥️ ConnectWise breach targets ScreenConnect customers via ASP.NET flaw. (Published on 5/30/2025, Dark Reading). Read More

  • 🛰️ ConnectWise confirms state-sponsored hack impacting remote management. (Published on 5/30/2025, SecurityWeek). Read More

Tech & AI Trends

Meanwhile in the tech lane, AI is trying to be helpful—really:

  • 🤖 Google defends AI search ads, claiming users find them ‘helpful’. (Published on 5/26/2025, BleepingComputer). Read More

  • ⏱️ Modern stealers hijack sessions in under 24 hours, targeting enterprises. (Published on 5/28/2025, The Hacker News). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!