Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patch Tuesday: Microsoft fixes 5 actively exploited zero-days On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively…
IT Security News Hourly Summary 2025-05-18 09h : 1 posts
1 posts were published in the last hour 6:32 : PupkinStealer Attacks Windows System to Steal Login Credentials & Desktop Files
PupkinStealer Attacks Windows System to Steal Login Credentials & Desktop Files
A new information-stealing malware dubbed “PupkinStealer” has been identified by cybersecurity researchers, targeting sensitive user data through a straightforward yet effective approach. First observed in April 2025, this .NET-based malware written in C# focuses on stealing browser credentials, messaging app…
This Free Tool Helps You Find Out if Your Personal Information Is Exposed Online
Many people don’t realize how much of their personal data is floating around the internet. Even if you’re careful and don’t use the internet much, your information like name, address, phone number, or email could still be listed on…
IT Security News Hourly Summary 2025-05-18 00h : 3 posts
3 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-05-17 22:2 : Malware Defense 101 – Identifying and Removing Modern Threats 21:8 : OAuth 2.0 Overview
Ensuring Satisfaction in Managing Non-Human Identities
Why is NHI Management Integral to Your Cybersecurity Strategy? If you’ve ever wondered, “How can I make my cybersecurity strategy more robust and reduce the risk of security breaches?” then Non-Human Identity (NHI) management could be the answer you’re looking…
Are You Capable of Securing Your Digital Assets?
Is Your Organization Capable of Securing its Digital Assets? Reflect for a moment: are your digital assets comprehensively protected from security threats? With the proliferation of non-human identities (NHIs) and the need for a safe cloud environment, a rigorous approach…
IT Security News Daily Summary 2025-05-17
53 posts were published in the last hour 21:8 : OAuth 2.0 Overview 20:7 : AI Security Frameworks – Ensuring Trust in Machine Learning 20:5 : IT Security News Hourly Summary 2025-05-17 21h : 1 posts 19:4 : The Coinbase…
Malware Defense 101 – Identifying and Removing Modern Threats
The cybersecurity landscape in 2025 is defined by increasingly sophisticated malware threats, with attackers leveraging artificial intelligence, evasion tactics, and polymorphic code to bypass traditional defenses. Stealers, ransomware, and remote access trojans (RATs) dominate the threat matrix, while AI-driven malware…
OAuth 2.0 Overview
Ever clicked a “Login with Google” button or granted a new photo app permission to access your Dropbox files? If so, you’ve already experienced OAuth 2.0 — even if you didn’t realize it at the time. Think of it like…
AI Security Frameworks – Ensuring Trust in Machine Learning
As artificial intelligence transforms industries and enhances human capabilities, the need for strong AI security frameworks has become paramount. Recent developments in AI security standards aim to mitigate risks associated with machine learning systems while fostering innovation and building public…
IT Security News Hourly Summary 2025-05-17 21h : 1 posts
1 posts were published in the last hour 19:4 : The Coinbase Data Breach: A Breakdown of What Went Wrong
The Coinbase Data Breach: A Breakdown of What Went Wrong
How did a $400 million data breach happen at Coinbase? It wasn’t a tech failure—it was a human one. Learn how social engineering exploited trust and what it means for cybersecurity. The post The Coinbase Data Breach: A Breakdown of…
Preventing Phishing Attacks on Cryptocurrency Exchanges
Cryptocurrency exchanges are intensifying security measures in 2025 to focus on preventing phishing attacks, as these scams reach alarming levels and have caused millions in losses for investors. As digital assets continue gaining mainstream adoption, cybercriminals deploy increasingly sophisticated techniques…
US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials
FBI warns ex-officials are targeted with deepfake texts and AI voice messages impersonating senior U.S. officials. The FBI warns that ex-government officials are being targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials. The FBI warns of…
Compromised npm Package ‘rand-user-agent’ Used to Spread Remote Access Trojan
A widely-used npm package, rand-user-agent, has fallen victim to a supply chain attack, where cybercriminals injected obfuscated code designed to install a Remote Access Trojan (RAT) on users’ systems. Originally developed to generate randomized user-agent strings—helpful in web scraping,…
IT Security News Hourly Summary 2025-05-17 18h : 4 posts
4 posts were published in the last hour 16:2 : Boffins devise technique that lets users prove location without giving it away 16:2 : FBI Warns Consumers to Replace Outdated Routers Hijacked by TheMoon Malware 16:2 : LockBit Ransomware Platform…
Boffins devise technique that lets users prove location without giving it away
ZKLP system allows apps to confirm user presence in a region without exposing exactly where Computer scientists from universities in Germany, Hong Kong, and the United Kingdom have proposed a way to provide verifiable claims about location data without surrendering…
FBI Warns Consumers to Replace Outdated Routers Hijacked by TheMoon Malware
The FBI has issued an urgent warning to American consumers and businesses: replace outdated internet routers immediately or risk becoming an unwitting accomplice in cybercrime. According to the agency, cybercriminals are actively targeting “end-of-life” routers—older models that no longer…
LockBit Ransomware Platform Breached Again, Ops Data Leaked
A breach of an administration panel used by the LockBit ransomware outfit resulted in the exposure of information that can be extremely valuable to law enforcement and the cybersecurity community. The breach was discovered on May 7, when a…
BSidesLV24 – GroundFloor – Adversaries Also Lift & Shift: Cloud Threats Through The Eyes Of An Adversary
Authors/Presenters: Roei Sherman, Adi inov Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink The…
Adversarial Machine Learning – Securing AI Models
As AI systems using adversarial machine learning integrate into critical infrastructure, healthcare, and autonomous technologies, a silent battle ensues between defenders strengthening models and attackers exploiting vulnerabilities. The field of adversarial machine learning (AML) has emerged as both a threat…
Coinbase Data Breach: Customer Data Compromised Through Insider Threat
Coinbase, a leading cryptocurrency exchange, has disclosed a data breach resulting due to social engineering attack targeting some… The post Coinbase Data Breach: Customer Data Compromised Through Insider Threat appeared first on Hackers Online Club. This article has been indexed…
IT Security News Hourly Summary 2025-05-17 15h : 3 posts
3 posts were published in the last hour 12:31 : New Ransomware Attack Mocking Elon Musk Supporters Using PowerShell to Deploy Payloads 12:31 : Blockchain Security – Protecting Decentralized Systems 12:31 : Sophisticated NPM Attack Exploits Google Calendar C2 For…
Shields up US retailers. Scattered Spider threat actors can target them
Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. companies, shifting their focus across the Atlantic. The financially motivated group UNC3944 (also known as Scattered Spider, 0ktapus) is known for social engineering and extortion.…
Critical WordPress Plugin Vulnerability Exposes 10K+ Sites to Cyber Attack
A severe privilege escalation vulnerability has been discovered in the popular WordPress plugin Eventin, putting more than 10,000 websites at risk of complete compromise. The vulnerability, now tracked as CVE-2025-47539, allows unauthenticated attackers to create administrator accounts without any user…
10 Best NGINX Monitoring Tools – 2025
NGINX monitoring tools ensure NGINX web servers’ optimal performance and reliability. These tools provide comprehensive insights into server metrics such as uptime, response time, request rates, and error rates. They enable administrators to track real-time performance, detect anomalies, and troubleshoot…