Friday Wrap Up: 27 June 2025
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
๐ก๏ธ Cyber Threats & State-Linked Activity
๐ต๏ธ Salt Typhoon hacks a Canadian telecom using Cisco flaws, confirming China-linked espionage. (Published on 6/23/2025, BleepingComputer). Read More
๐จ Salt Typhoon exploits router flaws to spy on global telecoms, FBI and Canada warn. (Published on 6/23/2025, Hackread). Read More
๐บ Chinese group Silver Fox uses fake websites to spread Sainbox RAT and hidden rootkit. (Published on 6/27/2025, The Hacker News). Read More
๐ค AI & Cybersecurity
- ๐ญ โEcho Chamberโ attack bypasses advanced LLM safeguards with subtle conversational manipulation. (Published on 6/23/2025, SecurityWeek). Read More
๐ธ Breaches & Ransomware
๐๏ธ Ahold Delhaize breach affects 2.2 million peopleโs financial and health data. (Published on 6/27/2025, BleepingComputer). Read More
๐ณ๏ธ BreachForums: Four ShinyHunters members arrested; IntelBroker revealed as Kai West. (Published on 6/26/2025, Hackread). Read More
๐ต๏ธ FBI tracked IntelBroker via email, crypto wallet, and YouTube activity. (Published on 6/26/2025, Hackread). Read More
โ๏ธ Infrastructure & Cloud Attacks
๐ฑ Attackers use Docker APIs and Tor to stealthily deploy crypto miners, echoing Commando Catโs methods. (Published on 6/23/2025, Dark Reading). Read More
๐ฆ New WordPress malware hides on checkout pages, imitating Cloudflare to steal cards. (Published on 6/25/2025, Hackread). Read More
๐ช Hackers exploit ConnectWise ScreenConnect installer to build signed remote access malware. (Published on 6/25/2025, BleepingComputer). Read More
๐ซ Androxgh0st botnet expands, exploiting US university servers including UC San Diego. (Published on 6/24/2025, Hackread). Read More
๐ Credential Attacks
๐ฉป SonicWall warns of trojanized NetExtender stealing VPN logins. (Published on 6/24/2025, BleepingComputer). Read More
๐ฏ Hackers target over 70 Microsoft Exchange servers with keyloggers to steal credentials. (Published on 6/24/2025, The Hacker News). Read More
โ๏ธ Industrial & Regulatory
- ๐ ๏ธ CISA releases two ICS advisories covering Mitsubishi Electric and TrendMakers Sight Bulb Pro vulnerabilities. (Published on 6/26/2025, CISA Alerts). Read More
๐ Internet & Access
- ๐ซ Russia throttles Cloudflare, making sites inaccessible for many users since June 9. (Published on 6/27/2025, BleepingComputer). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.