This Week in Cybersecurity - May 9, 2025
- Jordan Santos
- May 9
- 3 min read
Updated: May 16
Cybersecurity is always changing—and 2025 is no exception. New threats are popping up, but so are smarter ways to stay protected. This week, we’re breaking down the latest security stories you should know.
Top Threats This Week
Google Deploys On-Device AI to Tackle Evolving Online Scams at the Source
Google is stepping up its fight against online scams by integrating artificial intelligence (AI), specifically its on-device large language model Gemini Nano, into Chrome, Search, and Android. This model enhances Safe Browsing by quickly identifying scam websites—even ones that haven’t been seen before—directly on users’ devices. Initially focusing on tech support scams, the system looks for suspicious behavior like attempts to lock keyboards or impersonate trusted services. Google’s AI tools have already helped reduce fake airline support pages by 80% and government impersonation scams by 70%. Additional features, such as scam-detecting alerts in Chrome for Android and broader scam detection for package tracking or toll scams, are also on the way. These tools run locally to maintain user privacy and performance.
Takeaway: AI is becoming a critical tool in the fight against evolving scams—especially ones targeting employees through browsers and mobile devices. Small businesses should ensure their teams use up-to-date browsers and devices with AI-enhanced protection features like Safe Browsing in Chrome to stay ahead of modern threats.
U.S. Dismantles Global Botnet Operation, Charges Russian Nationals
The U.S. Department of Justice, in collaboration with Lumen Technologies’ Black Lotus Labs and law enforcement in the Netherlands and Thailand, has successfully taken down two major proxy services—Anyproxy and 5socks—powered by a botnet of compromised home routers and IoT devices. These services, which had been quietly operating for years, rented access to thousands of infected devices for use in cybercrime, including ad fraud, DDoS attacks, and credential theft. Four suspects, including three Russian nationals and one from Kazakhstan, were charged but remain at large. The 5socks service alone reportedly earned over $46 million. The operation, dubbed Operation Moonlander, highlights the continued risk posed by outdated, end-of-life devices.
Takeaway: Outdated routers and smart devices aren’t just a personal risk—they can become gateways for large-scale cybercrime. Small businesses should replace unsupported hardware, keep firmware up to date, and monitor networks to prevent their systems from being unknowingly conscripted into criminal botnets.
U.S. Cybersecurity Experts Warn of Risky Russian Ties in Open Source Tool
Security researchers are raising concerns about the open source tool easyjson, a code serialization package for Go that's widely used in U.S. government systems and critical industries. Though no vulnerabilities have been found, the software’s links to Russian developers and its management under VK Group—a company led by a sanctioned CEO with close ties to the Kremlin—are prompting fears of potential supply chain threats. Experts warn that while the tool currently appears safe, it could be altered in the future for espionage or disruption. The case highlights the growing geopolitical scrutiny surrounding open source software and the evolving nature of digital trust in global development ecosystems.
Takeaway: Even trusted tools can carry hidden risks if their origins or maintainers are compromised. SMBs that rely on open source software should evaluate the sources of their tools, stay informed about emerging threats, and consider partnering with IT providers who can help monitor and vet software for potential security concerns.
(Wired)
Cyber Tip of the Week
Don’t Ignore End-of-Life Devices. Old routers, smart devices, and unsupported software can silently become part of global cybercrime networks. If a device is no longer receiving updates, it’s time to replace it or isolate it from your business-critical systems. Botnets thrive on forgotten tech—don’t let yours be part of one.
Stat of the Week
$46 million — the amount cybercriminals made by renting access to hacked home routers and IoT devices through the 5socks proxy network.
Final Thoughts
From Google's AI-powered scam detection to botnet takedowns and risks in open source software, the message is clear: modern threats are stealthy, persistent, and increasingly tied to outdated or overlooked technology. Whether it’s securing your browsers, retiring vulnerable hardware, or vetting the tools your business depends on, proactive steps today can prevent costly breaches tomorrow.
Have questions about your cybersecurity posture? Let’s talk.