IT Security News Daily Summary 2025-05-05

207 posts were published in the last hour

• 21:32 : Chat App Used by Trump Admin Suspends Operation Amid Hack
• 21:32 : Issue and Present Verifiable Credentials With Spring Boot and Android
• 21:32 : Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked
• 21:2 : “Mirai” Now Exploits Samsung MaginINFO CMS (CVE-2024-7399), (Mon, May 5th)
• 21:2 : Signal chat app clone used by Signalgate’s Waltz was apparently an insecure mess
• 20:32 : ‘Golden Chickens’ Resurfaces with Two Dangerous Malware Tools Targeting Passwords and Crypto Wallets
• 20:5 : IT Security News Hourly Summary 2025-05-05 21h : 5 posts
• 20:2 : U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases
• 19:32 : Windows 11 Version 24H2 Enters Final Deployment Phase, Microsoft Lists Known Issues
• 19:32 : Redefining Application Security: Imperva’s Vision for the Future
• 19:32 : Randall Munroe’s XKCD ‘Unstoppable Force And Immovable Object’
• 19:32 : BSidesLV24 – Proving Ground – A New Host Touches The Beacon
• 19:32 : Vulnerability Summary for the Week of April 28, 2025
• 19:2 : GlobalX, airline used for Trump deportations, gets hacked: report
• 18:32 : Unlocking the Benefits of a Private API in AWS API Gateway
• 18:32 : CISA Adds One Known Exploited Vulnerability to Catalog
• 18:32 : Hackers Attacking HR Departments with Fake Resumes That Drop More_eggs Malware
• 18:32 : Hackers Weaponized 21 Apps to Gain Full Control of Ecommerce Servers
• 18:3 : Eutelsat Appoints New CEO, Amid European Push To Reduce US Reliance
• 18:3 : Visa launches ‘Intelligent Commerce’ platform, letting AI agents swipe your card—safely, it says
• 18:3 : Kelly Benefits December data breach impacted over 400,000 individuals
• 18:3 : Understanding the UK’s New Rule on Ransomware Payments in the Public Sector
• 18:3 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 18:3 : Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
• 18:3 : Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
• 17:32 : TeleMessage, a modified Signal clone used by US government officials, has been hacked
• 17:32 : Digital Danger Zone: America’s Rising Cybersecurity Threats
• 17:32 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 17:5 : Blinde KI-Gläubigkeit? Nur 27 Prozent der Deutschen prüfen ChatGPT-Ergebnisse nach
• 17:5 : Neue Nutzer bekommen keines mehr: So will Microsoft das Passwort jetzt endgültig abschaffen
• 17:5 : Warum ein Janet-Jackson-Song zahlreiche Windows-Laptops abstürzen ließ
• 17:5 : Vibe-Coding: Wie KI das Programmieren revolutioniert – und warum das gefährlich sein kann
• 17:5 : Windows 11 24H2 lässt sich nicht mehr vermeiden: Bei wem das Update jetzt automatisch lädt
• 17:5 : IT Security News Hourly Summary 2025-05-05 18h : 26 posts
• 17:3 : Seceon Wins Three Global Infosec Awards at RSAC 2025
• 17:3 : BSidesLV24 – Proving Ground – An Adversarial Approach To Airline Revenue Management
• 17:3 : IRONSCALES Extends Email Security Platform to Combat Deepfakes
• 17:3 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 16:33 : Anzeige: So werden Microsoft-365-Umgebungen abgesichert
• 16:33 : Chinese Group TheWizards Exploits IPv6 to Drop WizardNet Backdoor
• 16:33 : While Performing Dependency Selection, I Avoid the Loss Of Sleep From Node.js Libraries’ Dangers
• 16:33 : A whopping 94% of leaked passwords are not unique – will you people ever learn?
• 16:32 : Another Move in the Deepfake Creation/Detection Arms Race
• 16:32 : RomCom RAT Attacking UK Organizations Via Customer Feedback Portals
• 16:32 : Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
• 16:32 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 16:5 : Kunbus RevolutionPi: CISA-Warnung vor Sicherheitslücken
• 16:4 : UK Seeks Feedback On Banning Consumers From Borrowing To Buy Crypto
• 16:4 : Gunra Ransomware’s Double‑Extortion Playbook and Global Impact
• 16:4 : What is a registration authority (RA)?
• 16:4 : AI-enabled phishing attacks on consumers: How to detect and protect
• 16:3 : Microsoft Launches Recall AI for Windows 11 Copilot+ PCs with Enhanced Privacy Measures
• 16:3 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 15:44 : Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials
• 15:44 : RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals
• 15:44 : Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware
• 15:44 : Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers
• 15:44 : Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel
• 15:44 : Kelly Associates Data Breach Exposes 410,000+ Users Personal Data
• 15:44 : Ransomware Groups Allegedly Breach IT Networks, Stealing Data from UK Retailers
• 15:44 : The AI chatbot cop squad is here (Lock and Code S06E09)
• 15:44 : White House Proposal Slashes Half-Billion from CISA Budget
• 15:44 : Microsoft Alerts Users About Password-spraying Attack
• 15:44 : Data Security Alert as Novel Exfiltration Method Emerges
• 15:44 : Brave Browser’s New ‘Cookiecrumbler’ Tool Aims to Eliminate Annoying Cookie Consent Pop-Ups
• 15:44 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 15:23 : Nvidia Tweaking AI Chips For China Amid Export Ban – Report
• 15:23 : 5 Tips You Should Know before Developing an Innovative Product
• 15:23 : Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses
• 15:23 : Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000
• 15:23 : LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands
• 15:23 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 14:33 : Why Secure Document Management Matters Against Cybersecurity Threats
• 14:32 : MediaTek Fixes Multiple Security Flaws in Smartphone, Tablet, and TV Chipsets
• 14:32 : Iranian Hackers Breaches Critical National Infrastructure With multiple Webshells & Backdoors
• 14:32 : xAI Dev Leaked API Key on GitHub for Private SpaceX, Tesla & Twitter/X
• 14:32 : MediaTek Patches Multiple Vulnerabilities Affecting Tablets, Smartphones & TV Chipsets
• 14:32 : Microsoft Shuts Down Skype After 23 Years, Urges Users to Switch to Teams
• 14:32 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 14:8 : xAI Developer Accidentally Leaks API Key Granting Access to SpaceX, Tesla, and X LLMs
• 14:8 : Doppel Banks $35M for AI-Based Digital Risk Protection
• 14:8 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 14:5 : IT Security News Hourly Summary 2025-05-05 15h : 19 posts
• 13:34 : High-Tech-Kriminalität setzt Europa unter Druck
• 13:34 : Anonymisierendes Linux: Tails 6.15 mit kleinen Fehlerkorrekturen
• 13:32 : Secure Coding in DevOps: Shifting Left for Stronger Security
• 13:32 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 13:32 : Microsoft removes Authenticator App feature to promote Microsoft Edge
• 13:4 : Anonymisierendes Linux: Tails 6.15 fixt GRUB-Loader-Anzeige
• 13:3 : Skype Shuts Down Today (5 May), After 22 Years Of Service
• 13:3 : NCSC Warns UK Retailers After Spate Of Cyberattacks
• 13:3 : 7 ways to lock down your phone’s security – before it’s too late
• 13:3 : 10 passkey survival tips: Prepare for your passwordless future now
• 13:3 : A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov
• 13:3 : Enhancing UK Government Operations with Emerging Technology
• 13:3 : Kelly Benefits Data Breach Impact Grows to 400,000 Individuals
• 13:3 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 12:34 : “Mir reicht’s”: Curl-Entwickler spricht Machtwort gegen “KI-Schrott”
• 12:33 : North Korean Hacker Tries to Infiltrate Kraken Through Job Application
• 12:33 : Hackers Selling SS7 0-Day Vulnerability on Hacker Forums for $5000
• 12:33 : Hackers Leveraging Email Input Fields to Exploit Vulnerabilities Ranging from XSS to SSRF
• 12:33 : North Korean Hacker Tries to Breach Kraken Platform by Submitting Job Application
• 12:33 : Critical Commvault Vulnerability in Attacker Crosshairs
• 12:33 : California Man Will Plead Guilty to Last Year’s Disney Hack
• 12:32 : UK retailers under cyber attack: Co-op member data compromised
• 12:32 : Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace
• 12:32 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 12:3 : [UPDATE] [hoch] Mozilla Firefox, Firefox ESR, Thunderbird and Thunderbird ESR: Mehrere Schwachstellen
• 12:3 : [UPDATE] [mittel] expat: Schwachstelle ermöglicht Denial of Service
• 12:3 : Germany Most Targeted Country in Q1 2025 DDoS Attacks
• 12:3 : Multiple Flaws in Tenda RX2 Pro Let Attackers Gain Admin Access
• 12:2 : Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks
• 12:2 : Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist
• 11:34 : [NEU] [mittel] Hashicorp Vault: Mehrere Schwachstellen
• 11:33 : [NEU] [niedrig] poppler: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:32 : New LUMMAC.V2 Stealer Using ClickFix Technique to Trick Users in Execute Malicious Commands
• 11:32 : Hackers Selling SS7 0-Day Vulnerability on Hacker Froums for $5000
• 11:5 : Microsoft schaltet Skype ab: Wie uns der Messenger mit der Welt verbunden hat
• 11:5 : IT Security News Hourly Summary 2025-05-05 12h : 12 posts
• 11:5 : Vodafone: Warum jetzt bei manchen Anrufen das Wort "Betrug" im Display aufleuchtet
• 11:5 : ChatGPT-User erstellen Bilder von sich als Action-Figur : Warum Experten vor diesem Trend warnen
• 11:4 : Darum bringt Elon Musks Grok Trump-Fans auf die Palme
• 11:4 : [NEU] [mittel] Red Hat Enterprise Linux (yelp): Schwachstelle ermöglicht Offenlegung von Informationen
• 11:4 : [UPDATE] [hoch] Apple iOS und iPadOS: Mehrere Schwachstellen
• 11:2 : Ransomware Group Claims Attacks on UK Retailers
• 11:2 : The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey
• 10:33 : [UPDATE] [mittel] ffmpeg: Schwachstelle ermöglicht Denial of Service
• 10:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
• 10:33 : [UPDATE] [hoch] bluez: Schwachstelle ermöglicht Codeausführung
• 10:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
• 10:33 : [UPDATE] [hoch] ffmpeg: Mehrere Schwachstellen
• 10:32 : US Asks Judge To Break Up Google Ad Tech Business
• 10:32 : Security Researchers Warn a Widely Used Open Source Tool Poses a ‘Persistent’ Risk to the US
• 10:32 : New Luna Moth Domains Attacking Users Via Weaponized Helpdesk Domains
• 10:4 : Microsoft Authenticator: Zurück vom Passwort-Manager zum Authenticator
• 10:4 : Die digitale Illusion: Millennials und Online-Sicherheitsrisiken | Offizieller Blog von Kaspersky
• 10:3 : [NEU] [mittel] IBM Business Automation Workflow: Mehrere Schwachstellen
• 10:3 : TeleMessage, a modified Signal clone used by US govt. officials, has been hacked
• 10:3 : NIS2 Compliance Checklist
• 10:3 : PoC Published for Exploited SonicWall Vulnerabilities
• 10:2 : TikTok Fined €530m Over Transfers of European User Data to China
• 9:34 : Apple warnt erneut Aktivisten und Journalisten vor Staats-Malware
• 9:34 : [NEU] [UNGEPATCHT] [niedrig] NetApp ActiveIQ Unified Manager: Schwachstelle ermöglicht Offenlegung von Informationen
• 9:34 : [NEU] [UNGEPATCHT] [mittel] ffmpeg: Schwachstelle ermöglicht Denial of Service
• 9:33 : [NEU] [hoch] Webmin: Schwachstelle ermöglicht Privilegieneskalation
• 9:33 : Hackers Exploit Email Fields to Launch XSS and SSRF Attacks
• 9:4 : Quellcode kursiert im Netz: Von US-Regierung genutzter Signal-Klon gehackt
• 9:3 : Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims
• 9:3 : Getting Email Security Right
• 9:3 : Strengthening Cybersecurity Incident Response Part 2: From Detection to Recovery
• 9:3 : EU Adopts New Cybersecurity Rules for Critical Infrastructure Under NIS2 Directive
• 9:3 : Researcher Integrated Copilot with WinDbg to Analyze Windows Crash Dumps
• 9:3 : New SonicBoom Attack Allows Bypass of Authentication for Admin Access
• 9:3 : New Chimera Malware That Outsmarts Antivirus, Firewalls, & Humans
• 9:3 : A week in security (April 27 – May 3)
• 8:34 : [UPDATE] [hoch] Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen
• 8:34 : [UPDATE] [mittel] Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen ermöglichen Denial of Service
• 8:34 : [UPDATE] [mittel] Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen
• 8:34 : [UPDATE] [hoch] Red Hat FUSE: Mehrere Schwachstellen
• 8:34 : [UPDATE] [hoch] Red Hat OpenShift: Mehrere Schwachstellen
• 8:32 : A list of topics we covered in the week of April 27 to May 3 of 2025
• 8:32 : Cybersecurity M&A Roundup: 31 Deals Announced in April 2025
• 8:32 : Ransomware Attacks Fall in April Amid RansomHub Outage
• 8:5 : IT Security News Hourly Summary 2025-05-05 09h : 6 posts
• 8:3 : Git-Konfigurationsdateien im Visier von Angreifern – Vorfälle häufen sich
• 8:3 : Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis
• 8:3 : SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control
• 8:3 : Sansec uncovered a supply chain attack via 21 backdoored Magento extensions
• 8:3 : TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
• 8:2 : Why EASM Projects Fail: Three Pitfalls to Avoid
• 7:33 : Commerz Real setzt auf europäische Cloud-Lösung
• 7:33 : Jetzt Daten sichern: Microsoft Authenticator verliert seine Autofill-Funktion
• 7:32 : Apache Parquet Java Vulnerability Enables Remote Code Execution
• 7:32 : Trump promises protection for TikTok, for which he has a ‘warm spot in my heart’
• 7:32 : Beyond Traditional Vendor Management: Navigating AI Risks in the Supply Chain
• 7:32 : Are You Too Reliant on Third-Party Vendors for Cybersecurity?
• 7:32 : Microsoft Authenticator passkeys, StealC malware upgraded, CISA budget slashed
• 7:3 : 14 Years Strong: A Heartfelt Thank You from Hackers Online Club!
• 7:3 : Microsoft to Block Emails With 550 5.7.15 Access denied Error
• 7:3 : Apache Parquet Java Vulnerability Let Attackers Execute Arbitrary Code
• 7:3 : Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
• 7:3 : Signal Version Used In National Security Scandal Has Flaws
• 6:32 : How CISOs can talk cybersecurity so it makes sense to executives
• 6:2 : New Cyber threats emerge from Cyber Attacks on UK Companies
• 6:2 : The Growing Cyber Threat of Steganography: Concealing Malicious Activity in Plain Sight
• 5:32 : Vodafone warnt Handykunden bei Betrugsanrufen
• 5:32 : NCSC Warns of Ransomware Attacks Targeting UK Organisations
• 5:32 : How OSINT supports financial crime investigations
• 5:5 : IT Security News Hourly Summary 2025-05-05 06h : 4 posts
• 5:4 : Entwicklung des Quantencomputers stellt Risiko für Cybersicherheit dar
• 5:4 : Isolierte Cloud für Regierungen und Verteidigungsorganisationen
• 5:4 : Enkeltrick auf Milliardenniveau: KI-Sabotage im Finanzsektor
• 5:3 : Signal-Affäre: US-Regierung benutzt modifizierten Messenger – der wurde geknackt
• 5:2 : Review: Effective Vulnerability Management
• 4:31 : Vuls: Open-source agentless vulnerability scanner
• 4:2 : ISC Stormcast For Monday, May 5th, 2025 https://isc.sans.edu/podcastdetail/9436, (Mon, May 5th)
• 4:2 : India’s chipmaking ambitions hurt by Zoho’s no-go and Adani unease
• 4:2 : Ransomware spike exposes cracks in cloud security
• 3:32 : Critical Webmin Vulnerability Let Remote Attackers Escalate Privileges to Root-Level
• 2:32 : Flexibility in Choosing the Right NHIs Solutions
• 2:32 : Relax with Robust NHI Security Measures
• 2:32 : Stay Calm: Your NHIs Are Protecting You
• 1:31 : US authorities have indicted Black Kingdom ransomware admin
• 0:2 : Microsoft tries to knife passwords once and for all – at least for consumers
• 23:5 : IT Security News Hourly Summary 2025-05-05 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 18
• 22:55 : IT Security News Daily Summary 2025-05-04