šŸ›”ļø Weekly Cyber Update – May 12–18, 2025: Breaches, Fines & Deepfake Threats

:shield: Weekly Cyber Update – May 12–18, 2025: Breaches, Fines & Deepfake Threats

This week’s update spans May 12–18, 2025, delivering 20 must-know cybersecurity stories. For everyone, we’ve got breaches, scams, and simple safety tips. For pros, dive into zero-days, botnets, and supply chain threats with technical twists. Plus, handy tools and questions to keep you in the game—let’s dive in!


Cybersecurity for Everyone

Your online life’s at risk this week! Ascension and Pearson breaches, Google’s $1.4B fine, and fake AI apps target health, education, and wallets. Secure accounts and dodge scams with our simple safety tips.

:police_car_light: Top Stories

1. Ascension Health Breach Hits Over 430,000 Patients :hospital:

  • Summary: Hackers broke into Ascension Health, leaking personal and medical details of over 430,000 patients.
  • Why it matters: If you’re a patient, check your medical records for errors and add two-factor authentication to your health accounts.
  • :link: Read more

2. Google Fined $1.4 Billion for Tracking :round_pushpin:

  • Summary: Google shelled out $1.4 billion to Texas after secretly tracking users’ locations and storing face data.
  • Why it matters: Open your Google privacy settings and limit what you share—less data, less risk!
  • :link: Read more

3. Fake AI Video Tools Spread Malware :movie_camera:

  • Summary: Scammers tricked people with fake AI video apps that installed malware to steal info.
  • Why it matters: Stick to trusted app stores like Google Play or the App Store—avoid sketchy downloads.
  • :link: Read more

4. iClicker Hack Targets Students :graduation_cap:

  • Summary: Hackers used fake CAPTCHAs on iClicker’s site to trick students into downloading malware.
  • Why it matters: Beware odd pop-ups—check a site’s security before clicking anything weird.
  • :link: Read more

5. Pearson Education Data Stolen :books:

  • Summary: A cyberattack nabbed customer data from Pearson, the big education company.
  • Why it matters: If you use Pearson, watch your accounts for odd activity and change your passwords.
  • :link: Read more

6. LockBit Hackers Get Hacked :unlocked:

  • Summary: The LockBit gang’s site got breached, spilling victim chats and payment secrets.
  • Why it matters: Even crooks get hit! Use strong, unique passwords to stay out of ransomware messes.
  • :link: Read more

7. Insight Partners Breach Exposes Investors :briefcase:

  • Summary: A cyberattack on Insight Partners stole employee and investor data from the VC firm.
  • Why it matters: If you’re connected, watch out for phishing emails using that stolen info.
  • :link: Read more

8. PowerSchool Extortion Targets Schools :school:

  • Summary: Hackers hit PowerSchool, then demanded cash from schools using the platform.
  • Why it matters: If your school uses it, protect your details and report strange emails fast.
  • :link: Read more

9. Masimo Hit, Delays Medical Devices :factory:

  • Summary: A cyberattack on Masimo disrupted production of vital medical equipment.
  • Why it matters: If you depend on their gear, stay updated—delays could affect your care.
  • :link: Read more

10. Coinbase Faces Data Breach After Extortion :money_bag:

  • Summary: Rogue staff at Coinbase leaked customer data; hackers demanded $20 million to keep quiet.
  • Why it matters: If you use Coinbase, check your account for odd changes and update security.
  • :link: Read more

Pro Insights: Advanced Cyber Threats (Advanced)

Pros and learners, it’s a tough week! Supply chain attacks, deepfake scams, and botnets hit solar grids, retail, and drones, exploiting Chromium and SAP flaws. Sharpen defenses with our technical tools.

:police_car_light: Top Technical Updates

1. Chinese Devices Raise Solar Security Concerns :sun:

  • Summary: Hidden cellular radios in Chinese-made power inverters at US solar farms could let attackers shut down grids remotely.
  • Why it matters: Supply chain risks are real—audit your hardware to block backdoors like these.
  • :link: Read more

2. FBI Warns of AI Voice Scams :studio_microphone:

  • Summary: Scammers used AI-generated texts and voice messages to impersonate US officials, targeting ex-staff.
  • Why it matters: Deepfakes are getting slick—use multi-factor authentication and verify callers.
  • :link: Read more

3. New Tool Disables Windows Defender :shield:

  • Summary: ā€˜Defendnot’ pretends to be an antivirus to trick Windows into shutting off Defender.
  • Why it matters: Keep Defender updated and monitor system tweaks to stop this sneaky bypass.
  • :link: Read more

4. Scattered Spider Targets Retail Sector :shopping_cart:

  • Summary: The group hitting UK retailers now targets US stores with social engineering and ransomware.
  • Why it matters: Retail pros, train staff on phishing and tighten access controls—attacks are spiking.
  • :link: Read more

5. CISA Flags Chromium, DrayTek, SAP Flaws :clipboard:

  • Summary: The Cybersecurity and Infrastructure Security Agency listed exploited bugs in Google Chromium, DrayTek routers, and SAP NetWeaver.
  • Why it matters: Patch these fast—hackers are already in the wild with them.
  • :link: Read more

6. Chinese Intel Targets Laid-Off Workers :briefcase:

  • Summary: China’s spies used fake LinkedIn job offers to recruit fired US government workers.
  • Why it matters: Insider threats soar—vet job offers and train staff on social engineering tricks.
  • :link: Read more

7. Pwn2Own Hackers Earn $260K :money_bag:

  • Summary: Bug hunters nabbed $260K on day one of Pwn2Own Berlin, exploiting VMware, SharePoint, and more.
  • Why it matters: Zero-days (new flaws hackers use) are live—patch often and lean on threat intel.
  • :link: Read more

8. HTTPBot Botnet Hits Gaming and Tech :video_game:

  • Summary: The HTTPBot botnet slammed China’s gaming and tech sectors with distributed denial-of-service (DDoS) attacks.
  • Why it matters: Online services, beef up DDoS defenses—watch traffic and scale fast.
  • :link: Read more

9. Dynamic DNS Aids Cyberattacks :globe_with_meridians:

  • Summary: Attackers use dynamic DNS to mask phishing and malware sites, slipping past blacklists.
  • Why it matters: Block shady domains and use threat intel to catch these slippery tactics.
  • :link: Read more

10. Earth Ammit Targets Drone Supply Chains :airplane:

  • Summary: China-linked Earth Ammit hit drone makers in Taiwan and South Korea via enterprise software flaws.
  • Why it matters: Supply chain attacks are rising—secure your vendors and patch systems now.
  • :link: Read more

:brain: Takeaway

Hackers are hitting health, wallets, and AI—stay one step ahead!

  • :locked: Secure health and school accounts with two-factor authentication.
  • :mobile_phone_with_arrow: Limit app downloads to trusted stores to dodge malware.
  • :man_detective: Verify calls and emails to outsmart AI fakes.

:hammer_and_wrench: Tools of the Week

  • DuckDuckGo Privacy Essentials (Everyone) — A browser extension that blocks trackers, perfect for dodging Google’s $1.4B fine-worthy tracking tactics.
  • Wireshark (Pros) — A network analysis suite to spot rogue traffic from hidden devices like those in solar grids or botnets.

:speech_balloon: Community Questions

  • Everyone: After Google’s $1.4B fine and fake AI app scams, what’s your #1 privacy tweak—blocking trackers, using a VPN, or something else? Share your best tip!
  • Pros: With rogue solar devices and drone supply chain attacks, how are you reducing supply-chain risk in your environment this quarter? Let’s trade strategies!

:globe_with_meridians: Stay Connected and Secure

Want more? :bell: Join the Crushing Security newsletter for the latest news and tips: Sign up here.
Drop your thoughts below—let’s keep the convo rolling!

:repeat_button: Suggestions

:light_bulb: Got ideas to make these updates better? Comment below, visit the feedback page, or ping Steve.