It's been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.

🔥 Cybersecurity Incidents & Threats

• 🔑 Rubrik rotates authentication keys after log server breach – A breach in Rubrik’s log server led to the rotation of potentially leaked authentication keys. (Published on 3/3/2025, Bleeping Computer). Read More

• 🎭 North Korean fake IT workers pose as blockchain developers – Fraudulent personas on GitHub are helping North Korean operatives secure blockchain development jobs in the U.S. and Japan. (Published on 3/5/2025, SecurityWeek). Read More

• 📸 Deepfake videos of YouTube CEO phish creators – Scammers are using deepfake tactics to impersonate YouTube leadership and steal creator credentials. (Published on 3/6/2025, Dark Reading). Read More

• 🎥 Employee charged with stealing unreleased movies – A Memphis man was arrested for stealing and leaking digital copies of unreleased films. (Published on 3/7/2025, Bleeping Computer). Read More

🛑 Exploits, Vulnerabilities & Patches

• 🛠️ Hackers exploit Paragon Partition Manager driver vulnerability – A zero-day flaw (CVE-2025-0289) is being used in ransomware attacks to escalate privileges and execute arbitrary code. (Published on 3/3/2025, The Hacker News). Read More

• 🔓 Android zero-day vulnerabilities actively exploited – Google’s March 2025 update patches two actively abused zero-days. Update ASAP! (Published on 3/5/2025, Malwarebytes). Read More

• 🛡️ Broadcom patches 3 VMware zero-days – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 were actively exploited before Broadcom’s patch release. (Published on 3/4/2025, SecurityWeek). Read More

• 👁️ Malicious Chrome extensions spoof password managers – A new polymorphic attack allows extensions to mimic trusted apps like password managers and crypto wallets. (Published on 3/6/2025, BleepingComputer). Read More

🚨 Ransomware & Cyber Attacks

• 🏴‍☠️ Over 4,000 ISP IPs targeted in brute-force attacks – Attackers are deploying info stealers and cryptominers across ISP networks in China and the U.S. (Published on 3/4/2025, The Hacker News). Read More

• 🔗 Silk Typhoon hackers target IT supply chains – The Chinese cyber-espionage group is now exploiting remote management tools and cloud services to access downstream networks. (Published on 3/5/2025, BleepingComputer). Read More

• 🔥 Tata Technologies hit by Hunters International ransomware – The ransomware gang threatens to leak 1.4TB of stolen data. (Published on 3/6/2025, Hackread). Read More

• 🎥 Ransomware gang encrypts network using a webcam – Akira ransomware operators bypassed EDR protections by launching an encryption attack from an unsecured webcam. (Published on 3/7/2025, BleepingComputer). Read More

⚡ Emerging Tech & AI Security

• 🧠 How new AI agents will transform credential stuffing attacks – AI-powered "Computer-Using Agents" enable cybercriminals to automate web attacks at low cost and effort. (Published on 3/4/2025, The Hacker News). Read More

• ⚛️ Quantum Wars: Google, Microsoft, and Amazon’s race to fault-tolerant qubits – Amazon introduces a scalable microchip with cat qubit technology, intensifying competition in quantum computing. (Published on 3/3/2025, SecurityWeek). Read More

• 🤖 Why using multiple AIs is trending now – Organizations are shifting towards leveraging multiple AI models for better accuracy, security, and efficiency. (Published on 3/7/2025, InformationWeek). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!