It's been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.

🚨 Cybersecurity Breaches & Attacks

• 🛠️ HPE investigates breach as a hacker claims to have stolen sensitive documents from its developer environments. (Published on 1/20/2025, BleepingComputer). Read More

• 🔓 PowerSchool data breach exposes students’ and educators’ personal information in a December 2024 cyberattack. (Published on 1/21/2025, SecurityWeek). Read More

• 🚨 Conduent confirms cybersecurity incident that caused a recent outage, impacting government and business services. (Published on 1/22/2025, BleepingComputer). Read More

• 🎭 Hacker infects 18,000 "script kiddies" with a fake malware builder, secretly taking control of their systems. (Published on 1/24/2025, BleepingComputer). Read More

🔥 Critical Vulnerabilities

• ⚠️ Unsecured tunneling protocols expose 4.2 million internet hosts, including VPNs and routers, to potential hijacking. (Published on 1/20/2025, The Hacker News). Read More

• 🔥 New backdoor "J-Magic" discovered, specifically targeting Juniper routers to execute remote commands. (Published on 1/23/2025, CyberScoop). Read More

• 🛑 Palo Alto firewalls found vulnerable to Secure Boot bypass and firmware exploits, raising security concerns. (Published on 1/23/2025, The Hacker News). Read More

• 🚨 SonicWall warns of SMA1000 RCE flaw actively exploited as a zero-day in real-world attacks. (Published on 1/23/2025, BleepingComputer). Read More

• 🚗 Subaru Starlink vulnerability exposed vehicles to potential remote hacking across multiple regions. (Published on 1/24/2025, SecurityWeek). Read More

🎯 Emerging Threats & Trends

• 📈 Phishing attacks remain the top smartphone threat, as most devices fail to detect malicious messages. (Published on 1/20/2025, Dark Reading). Read More

• 🤖 Non-human identity (NHI) attacks are rising, showing momentum from late 2024 into 2025. (Published on 1/22/2025, Dark Reading). Read More

• 🌐 New Mirai variant "Murdoc_Botnet" leverages IoT exploits to launch large-scale DDoS attacks. (Published on 1/21/2025, Hackread). Read More

🏛️ Industry & Policy Changes

• 🏢 Enterprises still struggle with legacy systems, increasing cybersecurity risks and operational complexity. (Published on 1/21/2025, InformationWeek). Read More

• ⚖️ CISOs must navigate regulatory chaos while maintaining security amid ever-evolving threats. (Published on 1/21/2025, Dark Reading). Read More

• 🛑 Trump administration fires cybersecurity review board members, drawing criticism over the decision. (Published on 1/22/2025, TechCrunch). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!