
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Major Cyber Incidents, Vulnerabilities & Industry Updates
This week’s cybersecurity roundup captures a surge in targeted malware activity, new zero-day exposures, and escalating incidents impacting major retailers and service providers. From destructive malware disguised as AI tools to a critical flaw threatening 100,000+ WordPress sites, the threat landscape continues to shift rapidly. Here's a breakdown of the most notable developments:
New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data
Cybercriminals have launched a campaign using EDDIESTEALER, a Rust-based stealer malware capable of bypassing Chrome's app-bound encryption to extract sensitive browser data. The infection begins via a ClickFix tactic - using fake CAPTCHA verification pages loaded through compromised sites. These pages lure users into a multi-step process, allowing the attackers to implant malware with stealth and precision.
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools
Threat actors are exploiting interest in AI by distributing malicious installers that masquerade as tools like ChatGPT and InVideo AI. Victims end up downloading threats such as CyberLock and Lucky_Gh0$t ransomware, or worse Numero, a GUI-targeting malware that renders infected Windows machines unusable by manipulating interface components.
ConnectWise Breached, ScreenConnect Customers Targeted
Remote IT management provider ConnectWise confirmed a breach linked to a sophisticated nation-state actor. The company’s ScreenConnect customers may be at risk, though few technical details have been released. This breach underscores the ongoing risk faced by IT infrastructure providers themselves.
Cybersecurity Firm SentinelOne Suffers Major Outage
SentinelOne experienced a significant disruption that interfered with endpoint monitoring and cloud app oversight across customer environments. The incident began on Thursday and affected critical functions like software updates and service visibility.
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
A Chinese threat actor previously linked to SAP NetWeaver exploits is now connected to wider cyber campaigns affecting multiple nations including Brazil, India, Indonesia, and more. These operations leverage vulnerabilities in SAP and SQL systems to infiltrate corporate environments, targeting sectors throughout Southeast Asia.
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
Researchers have disclosed a critical vulnerability in the TI WooCommerce Wishlist plugin, affecting over 100,000 active WordPress installations. The flaw, which remains unpatched, allows unauthenticated file uploads - posing significant risk for e-commerce operators using the plugin to enable customer wishlists and social sharing.
Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next
Cloud security spending is poised to reach $111 billion in 2025, representing about 3% of total IT spend. Microsoft is expected to dominate with over $37B in security revenue alone. These figures, provided by HG Insights, reflect a landscape ripe for both acquisition and strategic growth among larger players and startups alike.
Victoria’s Secret Website Taken Offline After Cyberattack
Victoria’s Secret suffered a cyberattack that led to its website being taken offline. While the nature of the breach is not confirmed, ransomware remains a likely cause given the scale and suddenness of the disruption. At the time of reporting, the website remains inaccessible.
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Botnets, Bounties, and the AI Balancing Act
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
To: Paratus
Thank you for reaching out to us. Your request has been received, and we will get back to you within the next 24 hours. Alternatively, you can also reach us at [email protected]
To: Paratus
To: Paratus