Cybersecurity & Ethical Hacking Weekly Recap – May 31, 2025
As digital threats grow in scale and sophistication, the last week of May 2025 served fresh reminders of how important effective cybersecurity practices have become. Right now we are seeing vaguely AI-enabled phishing scams that are almost impossible to discern, state-backed hackers leveraging previously unknown software vulnerabilities, and the threats are very real.
This elevated threat level is creating an expected increase in demand to keep cybersecurity talent. More people in India are looking to find the best way to upskill in structured and practical learning – enrolling onto a balanced cyber security course in India is proving to be one of the most practical ways.
As businesses, institutions, and governments are solidifying their digital defences, looking for qualified professionals is not an option anymore, it’s an urgency. At the velocity at which current threats are evolving, staying current and engaging with how to defend against these threats is more than an exercise in professional development, it is a critical process.
1. Major Cybersecurity Events
a. Victoria’s Secret Website Down
Victoria’s Secret experienced a major disruption when its U.S. web site was taken down due to a “security incident”. While the company would not elaborate, the fact that the web site went down suggests a cyberattack may have occurred. Part of the disruption included the closing of store services due to the breach’s severity.
b. Commvault SaaS Platform Hack
Commvault’s Metallic SaaS platform (provides backup for data environments for Microsoft 365) was a victim of a hack when attackers exploited a zero-day vulnerability (CVE-2025-3928) that resulted in deploying web shells and utilizing client secrets to launch into affected customer’s Microsoft 365 environments.
The Cybersecurity and Infrastructure Security Agency (CISA) is collaborating with victims and releasing advisories for organizations to reconsider their procedures.
c. New Botnet of ASUS Routers
A convoluted botnet campaign called “ViciousTrap” contaminated thousands of ASUS routers through CVE-2023-39780. Attackers employed multiple failed login attempts and bypassed authentication to pass to get host access and deploy backdoors, even with firmware updates. ASUS patched this vulnerability, but users should think about verifying SSH configurations and performing factory resets.
2. New and Emerging Threats and Vulnerabilities
a. AI Enhanced Phishing Campaigns
There is a disturbing phishing campaign, impersonating Susie Wiles (Chief of Staff for former President Donald Trump), which is aimed at high-profile victims. The reported attack used AI deep fakes of voice messages as well as other common techniques to create levels of trust when the messages identified requests for sensitive information or financial transactions. The involvement of the FBI indicates an increase in social engineering attacks being elevated by AI.
b. State Sponsored Cyber Attacks
In addition, ConnectWise, a leading provider of IT management software, was targeted by a suspected nation-state actor in a cyber-attack. Reportedly, this breach we’ve been seeing with vendors was enacted via a vulnerability that Could be patched (CVE-2025-3935). Google Mandiant has been engaged to provide digital forensic services in the review of this event.
In addition, threat actors, linked to China, are exploiting vulnerabilities in SAP NetWeaver and (CVE-2025-31324) and Microsoft SQL Server for targeting organizations in Asia and Brazil. We need to have timely patches, policies on patch management, and vigilance of vulnerabilities in applications (Vulnerability Management).
3. Ethical Hacking Developments
a. Recognition of Young Ethical Hackers
High school junior Md Shariar Shanaz Shuvon, an independent ethical hacker from Bangladesh, was awarded recognition by NASA for identifying a significant vulnerability in their systems. He was able to utilize Insecure Direct Object Reference (IDOR), in combination with Server-Side Request Forgery (SSRF) to find a bug that potentially could lead to massive data breaches.
b. Artificial Intelligence in Ethical Hacking Education
Jonathan Gregory, a student at Central Michigan University has gained some recognition for his research relating to the use of artificial intelligence for information technology and has considered the possibilities for more readily automating penetration testing and enhancing cyber security education.
4. Global Cybersecurity Initiatives
a. UK’s Offensive Cyber Strategy
As the cyber landscape continues to change and cyber threats grow, the UK has policy plans to ramp up its offensive cyber actions against adversaries like Russia and China. The UK’s Ministry of Defence reported it faced 90,000 “cyber incidents” from state-affiliated sources over the past two years. The UK will have a new cyber command, combining soldiers from the Army, Navy, and Royal Air Force, that will lead these actions.
b. India’s IMD in Cybersecurity Measures
The Maharashtra government allocated ₹ 4 crores for the development of secure digital identity cards with QR codes and holographic elements for over 51,000 personnel of the Mumbai Police to avoid impersonation scams. An interactive app will enable citizens to check the identity of their local officers.
5. Cybersecurity Industry Trends
a. Zscaler’s Financial Gains
Cybersecurity company Zscaler saw its stock increase by 7.7% after reporting strong third quarterly earnings beyond analyst expectations. As concerns increase surrounding AI driven cyber attacks, Zscaler’s Zero Trust Exchange platform continues to gain market share.
b. Cybersecurity Demand
There is a massive shortage of cybersecurity professionals for roles especially for ethical hackers when it comes to UK retail in the aftermath of cyber-attacks. There is an estimated 17,000 openings in the industry to fill with qualified candidates.
Take an Ethical Hacking Course in India to Advance your career.
As aforesaid cyber threats continue to grow in sophistication it is more important than even to have skilled ethical hackers. An ethical hacking course in India will provide students with instruction and knowledge to find vulnerabilities in systems, protect those systems, and help protect the cyber world.
These courses will benefit budding cybersecurity professionals or existing professionals looking to improve job prospects through improving skills and taking advantage of training offered today to prepare them for cyber threats we face now and in the future.
Conclusion
This week’s events exemplify the ever-changing landscape of cyber threat-related dangers, and that the role of ethical hacking in defending against this danger is, without a doubt, crucial.
Conducting risk assessments in response to AI’s influence on offensive or defensive cyber-related aspects is, and will be, extremely important, along with the need to continue to gather information as threats change.
Education in specific areas, such as an ethical hacking course in India, builds individual capacity and overall collective defenses against cyber threats.
Cyber Security Course in Mumbai | Cyber Security Course in Bengaluru | Cyber Security Course in Hyderabad | Cyber Security Course in Delhi | Cyber Security Course in Pune | Cyber Security Course in Kolkata | Cyber Security Course in Thane | Cyber Security Course in Chennai
