Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 27 June 2025

Jorge Laurel ยท ยท3 min read ยทIssue #84

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿ›ก๏ธ Cyber Threats & State-Linked Activity

  • ๐Ÿ•ต๏ธ Salt Typhoon hacks a Canadian telecom using Cisco flaws, confirming China-linked espionage. (Published on 6/23/2025, BleepingComputer). Read More

  • ๐Ÿšจ Salt Typhoon exploits router flaws to spy on global telecoms, FBI and Canada warn. (Published on 6/23/2025, Hackread). Read More

  • ๐Ÿบ Chinese group Silver Fox uses fake websites to spread Sainbox RAT and hidden rootkit. (Published on 6/27/2025, The Hacker News). Read More

๐Ÿค– AI & Cybersecurity

  • ๐ŸŽญ โ€œEcho Chamberโ€ attack bypasses advanced LLM safeguards with subtle conversational manipulation. (Published on 6/23/2025, SecurityWeek). Read More

๐Ÿ’ธ Breaches & Ransomware

  • ๐Ÿ›๏ธ Ahold Delhaize breach affects 2.2 million peopleโ€™s financial and health data. (Published on 6/27/2025, BleepingComputer). Read More

  • ๐Ÿ•ณ๏ธ BreachForums: Four ShinyHunters members arrested; IntelBroker revealed as Kai West. (Published on 6/26/2025, Hackread). Read More

  • ๐Ÿ•ต๏ธ FBI tracked IntelBroker via email, crypto wallet, and YouTube activity. (Published on 6/26/2025, Hackread). Read More

โ˜๏ธ Infrastructure & Cloud Attacks

  • ๐Ÿฑ Attackers use Docker APIs and Tor to stealthily deploy crypto miners, echoing Commando Catโ€™s methods. (Published on 6/23/2025, Dark Reading). Read More

  • ๐Ÿฆ  New WordPress malware hides on checkout pages, imitating Cloudflare to steal cards. (Published on 6/25/2025, Hackread). Read More

  • ๐Ÿช Hackers exploit ConnectWise ScreenConnect installer to build signed remote access malware. (Published on 6/25/2025, BleepingComputer). Read More

  • ๐Ÿซ Androxgh0st botnet expands, exploiting US university servers including UC San Diego. (Published on 6/24/2025, Hackread). Read More

๐Ÿ”‘ Credential Attacks

  • ๐Ÿฉป SonicWall warns of trojanized NetExtender stealing VPN logins. (Published on 6/24/2025, BleepingComputer). Read More

  • ๐ŸŽฏ Hackers target over 70 Microsoft Exchange servers with keyloggers to steal credentials. (Published on 6/24/2025, The Hacker News). Read More

โš™๏ธ Industrial & Regulatory

  • ๐Ÿ› ๏ธ CISA releases two ICS advisories covering Mitsubishi Electric and TrendMakers Sight Bulb Pro vulnerabilities. (Published on 6/26/2025, CISA Alerts). Read More

๐ŸŒ Internet & Access

  • ๐Ÿšซ Russia throttles Cloudflare, making sites inaccessible for many users since June 9. (Published on 6/27/2025, BleepingComputer). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!

Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.