It's been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.

Cybersecurity Threats & Incidents 🔥

• 🚨 Americans lost a record $12.5 billion to fraud in 2024, marking a 25% increase from the previous year. (Published on 3/10/2025, BleepingComputer). Read More

• 🏴‍☠️ A former employee was found guilty of a revenge kill-switch scheme, locking out users if their account was disabled. (Published on 3/10/2025, Dark Reading). Read More

• 💀 Chinese cyberspies have backdoored Juniper routers, exploiting outdated hardware for stealthy access. (Published on 3/12/2025, BleepingComputer). Read More

• 🦠 GitHub-hosted malware infected 1M Windows users via a complex malvertising attack chain. (Published on 3/11/2025, Dark Reading). Read More

• 🎭 North Korea’s ScarCruft group deployed KoSpy malware to spy on Android users via fake utility apps. (Published on 3/13/2025, The Hacker News). Read More

• ⚡ Salt Typhoon cyberattacks highlight critical infrastructure vulnerabilities, urging stronger defenses. (Published on 3/13/2025, Dark Reading). Read More

Vulnerabilities & Security Updates 🔧

• 🔥 Microsoft patched 57 security flaws, including six actively exploited zero-days. (Published on 3/12/2025, The Hacker News). Read More

• 🛠️ GitLab patched critical authentication bypass vulnerabilities in Community and Enterprise Editions. (Published on 3/13/2025, BleepingComputer). Read More

• 🏗️ SAP released critical security updates for Commerce and NetWeaver platforms. (Published on 3/11/2025, SecurityWeek). Read More

• ⚙️ SCADA vulnerabilities in Mitsubishi Electric and Iconics could facilitate industrial cyberattacks. (Published on 3/10/2025, SecurityWeek). Read More

• 📡 Cisco patched a critical IOS XR vulnerability that could crash BGP routers with a single update message. (Published on 3/14/2025, BleepingComputer). Read More

Emerging Cybercrime Techniques 🕵️‍♂️

• 🔗 New Ballista IoT botnet linked to an Italian threat actor, targeting TP-Link Archer routers. (Published on 3/11/2025, SecurityWeek). Read More

• 🔓 PowerSchool’s portal was compromised months before its massive data breach, exposing user credentials. (Published on 3/12/2025, SecurityWeek). Read More

• 🏴‍☠️ Black Basta ransomware gang developed an automated brute-force tool to breach VPNs and firewalls. (Published on 3/14/2025, BleepingComputer). Read More

• 🔑 Remote access infrastructure remains the riskiest corporate attack surface, tripling ransomware risks. (Published on 3/14/2025, Dark Reading). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!