Hoplon InfoSec Weekly Summary
Cybersecurity never sleeps, and this week Hoplon InfoSec gave us important information about new threats, phishing attacks, ransomware, AI risks, and more. Here is a full summary of the week’s most important news:
Source code for the ERMAC V3.0 banking trojan has been made public.
Hackers put out the source code for ERMAC V3.0, a well-known banking trojan. This information could help hackers make personalized versions of the malware, which could put users’ financial information at risk. The article goes into detail about how the Trojan works, how it attacks, and what users can do to protect their banking information.
Important Points:
• Always check your bank accounts for strange activity.
• Turn on multi-factor authentication (MFA) whenever you can.
• Banks and other financial institutions need to improve their defenses against malware to lower risks.
Read on: ERMAC V3.0 banking Trojan source code leak
Cybersecurity in the Water Industry
Cyberattacks are most likely to happen to water utilities because their services are so important. This article talks about the specific weaknesses in the water sector, such as old industrial control systems and mistakes made by people, and gives tips on how to stop attacks.
Important Points:
• Set up intrusion detection systems (IDS) and network segmentation.
• Check the access rights of employees and industrial control systems on a regular basis.
• Teach workers how to spot strange behavior.
Read more: Critical Alert: Water Sector Cybersecurity 2025
A new phishing attack on Gmail steals login information.
A new phishing attack is sending Gmail users fake emails that ask them to enter their login information. Hackers are getting better at using advanced social engineering to trick people.
Important Points:
• Always double-check the email address of the sender.
• Don’t click on links or scan QR codes from people you don’t know.
• For extra protection, use MFA and anti-phishing tools.
Read more: New Gmail phishing attack steals credentials
Scams for back-to-school shopping in 2025
While students and parents shop online for the new school year, cybercriminals take advantage of this time by setting up fake online stores and making false offers. The article talks about recent scams and how to spot them before you get caught up in one.
Important Points:
• Check out online stores before you buy anything.
• Don’t take deals that seem too good to be true.
• Use credit cards and other payment methods that protect you from fraud.
Read more: Back-to-School Shopping Scams Parents Must Avoid in 2025
Mobile security features that keep bugs from happening
Hackers are going after mobile devices more and more. This article talks about the security features that are most important for keeping smartphones and tablets safe, such as encryption, app permissions, and the ability to wipe the device remotely.
Important Points:
• Make sure your device’s operating system is always up to date.
• Only install apps that you trust and limit their permissions.
• Turn on biometric authentication and encryption for private information.
Read more: Mobile security features
Your Drives and the Windows 11 24H2 Update
The most recent Windows 11 24H2 update changes how storage drives are handled. This article talks about the possible risks, such as losing data or misconfiguring a drive, and gives tips on how to keep your system safe and stable.
Key Points:
• Before installing updates, make sure to back up important files.
• After the update, keep an eye on the drive’s performance and look for errors.
• Use Microsoft’s official instructions for managing drives.
Read more: windows 11 24h2 ssd/hdd failure
Hackers with ties to China are going after Taiwan’s semiconductor industry.
Taiwan’s semiconductor industry was recently the target of a complex cyber-espionage campaign. The article talks about how the attackers got in, what they might have wanted, and how it could affect technology supply chains around the world.
Important Points:
• Sensitive industries need to use advanced network monitoring.
• To stop phishing and social engineering attacks, you need to train your employees.
• Working together between government and business can make defense better across the board.
More information can be found here: Chinese Hackers Infiltrated Taiwan’s Semiconductor Sector
The Noodlophile Malware Campaign’s Growing Shadow
A new malware campaign named Noodlophile is spreading across multiple platforms. It highlights how quickly threats can escalate and the importance of keeping systems patched.
Key Takeaways:
Patch systems immediately to reduce risks.
Malware is spreading rapidly across devices.
Multi-platform security is essential.
Read on here: The Noodlophile Malware Campaign’s Growing Shadow
Novel 5G Attack Bypassing Base Station
Researchers discovered a new 5G attack that bypasses base station protections by exploiting signaling protocols. This stealthy vulnerability could impact IoT devices, autonomous systems, and critical networks. Staying updated, monitoring network activity, and using encryption are key steps to stay protected.
More information can be found here: Novel 5G attack bypassing base station
Action Table
| Topic | Key Points |
|---|---|
| ERMAC V3.0 Banking Trojan Source Code Leak | Monitor accounts; enable MFA; banks must improve defenses |
| Cybersecurity in the Water Industry | IDS and network segmentation; check employee access; train workers to spot suspicious behavior |
| Gmail Phishing Attack Steals Login Info | Verify sender; avoid unknown links/QR codes; use MFA and anti-phishing tools |
| Back-to-School Shopping Scams 2025 | Check stores before buying; avoid too-good-to-be-true deals; use secure payment methods |
| Mobile Security Features | Keep OS updated; install trusted apps with limited permissions; enable encryption & biometrics |
| Windows 11 24H2 Update & Drives | Backup files; monitor drive performance; follow official guidance |
| The Noodlophile Malware Campaign’s Growing Shadow | Malware spreading rapidly; targets multiple platforms; patch systems immediately |
| Novel 5G Attack Bypassing Base Station | Exploits signaling protocols; bypasses base station security; risks IoT and smart devices; monitor traffic and apply updates |
In short:
This week, Hoplon InfoSec talked about serious threats in a number of fields, including AI, ransomware, phishing, and industrial espionage. Both people and businesses need to stay up-to-date and follow the suggested security measures in order to stay safe in a cyber landscape that is becoming more complicated.
Explore our main services:
- Mobile Security
- Endpoint Security
- Deep and Dark Web Monitoring
- ISO Certification and AI Management System
- Web Application Security Testing
- Penetration Testing
For more services, go to our homepage. Follow us on X (Twitter) and LinkedIn for more cybersecurity news and updates. Stay connected on YouTube, Facebook, and Instagram as well. At Hoplon Infosec, we’re committed to securing your digital world
