Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 20 June 2025

Jorge Laurel · ·3 min read ·Issue #83

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


Ransomware & Backup Threats

  • 💀 New Anubis ransomware encrypts and permanently wipes files—recovery impossible even after payment. (Published on 6/16/2025, The Hacker News). Read More

  • 🔄 Ransomware gangs now target backup infrastructures first to cripple recovery options. (Published on 6/17/2025, The Hacker News). Read More

  • 💾 Chain IQ and UBS data stolen in a ransomware attack claiming millions of files exfiltrated. (Published on 6/19/2025, SecurityWeek). Read More

Vulnerability Exploits

  • 🐛 Critical Langflow flaw exploited to unleash the Flodrix botnet for system compromise and DDoS. (Published on 6/17/2025, Dark Reading). Read More

  • 🐧 Two local privilege escalation bugs in Linux udisks let attackers gain root on major distros. (Published on 6/18/2025, BleepingComputer). Read More

  • 🐍 Over 200 trojanized GitHub repositories found distributing malicious Python payloads to gamers and developers. (Published on 6/20/2025, The Hacker News). Read More

Social Engineering & Targeted Attacks

  • 🚨 U.S. insurance companies breached using all Scattered Spider tactics, now shifting focus to insurers. (Published on 6/16/2025, BleepingComputer). Read More

  • 🎭 Russian hackers pose as U.S. State Department staff to trick victims into surrendering Google app-specific passwords, bypassing Gmail MFA. (Published on 6/18/2025, SecurityWeek). Read More

  • 🤖 BlueNoroff uses deepfake Zoom calls of executives to infect a crypto employee’s Mac with a backdoor. (Published on 6/19/2025, The Hacker News). Read More

  • 🏥 Aflac duped by social-engineering attack in continued insurer targeting spree by Scattered Spider. (Published on 6/20/2025, CyberScoop). Read More

Malware & Steganography

  • 🖼️ Steganography: a JPEG discovered hiding a malicious payload over the weekend. (Published on 6/16/2025, SANS Internet Storm Center). Read More

  • 📱 GodFather Android malware runs legitimate apps in a sandbox to stealthily steal banking and crypto data. (Published on 6/18/2025, Hackread). Read More

Infrastructure & DDoS Defense

  • ⚙️ CISA releases five Industrial Control Systems advisories covering Siemens Mendix, LS Electric GMWin, Fuji Smart Editor, Dover ProGauge, and an update for Siemens SENTRON Powercenter. (Published on 6/17/2025, CISA Alerts). Read More

  • 🌐 Cloudflare mitigates a record-breaking 7.3 Tbps DDoS attack against a hosting provider. (Published on 6/20/2025, BleepingComputer). Read More

Data Leak Clarifications

  • 🗂️ The “16 billion credentials” leak is not a new breach but an aggregation of previously exposed data. (Published on 6/19/2025, BleepingComputer). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!

Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.