Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 25 July 2025

Jorge Laurel · ·3 min read ·Issue #88


This week, it’s cyber whack-a-mole: one forum admin down, another mirror site up. Meanwhile, malware gets cuddly (hi, pandas 🐼), and brands like Microsoft remain prime phishing bait.

A dash of espionage, a pinch of legal drama, and a travel scam twist—because hackers need vacations too.

👇 Dive in for the full roundup before your inbox gets spoofed.


Major Cyberattacks & Incidents

Breaches, takedowns, and court battles highlight the ever-evolving cyber threat landscape.

  • 🗃️ World Leaks claims 1.3 TB Dell breach with 400K+ internal files and data. (Published on 7/21/2025, Hackread). Read More

  • 🖥️ Dell rebuts breach claim, says leaked data is synthetic from a demo environment. (Published on 7/22/2025, SecurityWeek). Read More

  • 🧑‍⚖️ Clorox sues Cognizant for $380M, blaming them for 2023 hack that exposed credentials. (Published on 7/24/2025, SecurityWeek). Read More

  • 🔁 XSS cybercrime forum resurfaces on dark web a day after admin arrest. (Published on 7/24/2025, Hackread). Read More

Malware & Vulnerabilities

A blend of newly patched, active zero-days and creatively concealed malware strains.

  • 🚨 Microsoft pushes emergency fix for exploited SharePoint ‘ToolShell’ zero-day (CVE-2025-53770). (Published on 7/21/2025, Dark Reading). Read More

  • 🐼 Koske malware hides in panda JPEGs to infect Linux systems via memory. (Published on 7/24/2025, BleepingComputer). Read More

  • 🔓 Mitel patches critical auth bypass flaw in MiVoice MX-ONE communication platform. (Published on 7/25/2025, SecurityWeek). Read More

Espionage & Data Extraction

Privacy continues to erode as surveillance and infiltration tactics evolve globally.

  • 🛰️ Surveillance firm bypasses SS7 protections to obtain user locations. (Published on 7/21/2025, SecurityWeek). Read More

  • 👩‍💻 Arizona woman sentenced for aiding North Korean IT workers infiltrate 309 US firms. (Published on 7/25/2025, BleepingComputer). Read More

Ransomware & Infrastructure Threats

Ransomware continues to strain business continuity and critical infrastructure.

  • ⚠️ CISA and FBI warn of escalating Interlock ransomware targeting key sectors. (Published on 7/22/2025, BleepingComputer). Read More

  • 🏛️ Cyber resilience demands critical infrastructure security, not just prevention. (Published on 7/22/2025, Dark Reading). Read More

Cybercrime Economy & Fraud

Criminal innovation extends into unexpected markets—like travel bookings.

  • ✈️ Hackers on the dark web now double as travel agents using stolen rewards. (Published on 7/23/2025, Dark Reading). Read More

Brand Exploitation & Phishing

Attackers continue impersonating trusted brands to deceive and compromise.

  • 🎣 Microsoft topped the list of most impersonated brands in Q2 phishing scams. (Published on 7/23/2025, Hackread). Read More

Privacy Tools & Consumer Protection

A small win for privacy-conscious users in the browser wars.

  • 🧭 Brave blocks Windows Recall from screenshotting browser content by default. (Published on 7/23/2025, BleepingComputer). Read More

Law Enforcement & Cybercrime Takedowns

Major arrests signal progress in dismantling long-standing threat actors.

  • 🚓 Europol arrests XSS forum admin in Kyiv after 12 years of cybercrime activity. (Published on 7/24/2025, The Hacker News). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!