Friday Wrap Up: 18 July 2025
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
Cybersecurity Tools & Techniques New developments in tools and frameworks are shaping both offense and defense in the cybersecurity landscape.
🛠️ TREVORspray is a fast, stealthy credential spray toolkit for Azure, Okta, and OWA login portals. (Published on 7/14/2025, Darknet). Read More
🛡️ MITRE introduces AADAPT framework to defend financial systems and crypto assets. (Published on 7/15/2025, Dark Reading). Read More
Major Cyberattacks & Incidents A series of notable breaches and attacks highlight the continued threat from sophisticated actors and criminal groups.
🧸 Elmo’s X account hacked, publishing racist and antisemitic content before being locked. (Published on 7/14/2025, TechCrunch). Read More
🥃 Russian vodka giant Novabev Group hit by ransomware, disrupting operations and stores. (Published on 7/18/2025, Malware Analysis). Read More
Malware & Vulnerabilities Ongoing discoveries of malware campaigns and software vulnerabilities keep defenders on alert.
🪤 North Korean malware XORIndex found in 67 npm packages to target developers. (Published on 7/15/2025, BleepingComputer). Read More
💬 Matanbuchus 3.0 malware spreads via Microsoft Teams, evading detection and delivering payloads. (Published on 7/16/2025, The Hacker News). Read More
🪙 Hackers exploit Apache HTTP Server flaw to mine cryptocurrency on Linux servers. (Published on 7/17/2025, The Hacker News). Read More
🐧 Years-long Linux cryptominer campaign hides malware using legit sites and known bugs. (Published on 7/18/2025, Hackread). Read More
💻 Gigabyte motherboard firmware flaws expose supply chains to persistent attack risks. (Published on 7/18/2025, Dark Reading). Read More
📢 TeleMessage SGNL flaw exploited by hackers; CISA urges urgent patching by July 22. (Published on 7/17/2025, Hackread). Read More
DDoS, Outages & Infrastructure Organizations face relentless DDoS attacks and infrastructure disruptions—some natural, some not.
🌐 Cloudflare blocked more DDoS attacks in 2025 so far than in all of 2024. (Published on 7/15/2025, SecurityWeek). Read More
⚡ Cloudflare clarifies 1.1.1.1 outage was due to internal misconfiguration, not an attack. (Published on 7/16/2025, BleepingComputer). Read More
Espionage & Data Extraction New threats emerge as authorities and adversaries alike develop advanced methods for extracting sensitive data.
- 📱 Chinese authorities use new malware to extract sensitive data from seized phones. (Published on 7/16/2025, Slashdot). Read More
Vulnerability Research & Industry Analysis Decades-old and newly uncovered vulnerabilities show the lasting impact of software flaws.
- 🚂 Train systems vulnerable for 20 years could let hackers remotely force trains to brake. (Published on 7/14/2025, SecurityWeek). Read More
AI & Policy The potential threat from generative AI remains a hot topic, but experts see more hype than reality.
- 🤖 UK expert says generative AI’s terrorist potential remains mostly theoretical for now. (Published on 7/17/2025, ComputerWeekly.com). Read More


Images created using RSS data from the past 7 days from 12 cybersecurity focused feeds and may not be indicative of actual cybersecurity threat levels.
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.