IT Security News Daily Summary 2025-05-05

161 posts were published in the last hour

• 21:32 : Chat App Used by Trump Admin Suspends Operation Amid Hack
• 21:31 : Issue and Present Verifiable Credentials With Spring Boot and Android
• 21:31 : Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked
• 21:2 : “Mirai” Now Exploits Samsung MaginINFO CMS (CVE-2024-7399), (Mon, May 5th)
• 21:2 : Signal chat app clone used by Signalgate’s Waltz was apparently an insecure mess
• 20:32 : ‘Golden Chickens’ Resurfaces with Two Dangerous Malware Tools Targeting Passwords and Crypto Wallets
• 20:5 : IT Security News Hourly Summary 2025-05-05 21h : 5 posts
• 20:2 : U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases
• 19:32 : Windows 11 Version 24H2 Enters Final Deployment Phase, Microsoft Lists Known Issues
• 19:32 : Redefining Application Security: Imperva’s Vision for the Future
• 19:32 : Randall Munroe’s XKCD ‘Unstoppable Force And Immovable Object’
• 19:31 : BSidesLV24 – Proving Ground – A New Host Touches The Beacon
• 19:31 : Vulnerability Summary for the Week of April 28, 2025
• 19:2 : GlobalX, airline used for Trump deportations, gets hacked: report
• 18:32 : Unlocking the Benefits of a Private API in AWS API Gateway
• 18:31 : CISA Adds One Known Exploited Vulnerability to Catalog
• 18:31 : Hackers Attacking HR Departments with Fake Resumes That Drop More_eggs Malware
• 18:31 : Hackers Weaponized 21 Apps to Gain Full Control of Ecommerce Servers
• 18:3 : Eutelsat Appoints New CEO, Amid European Push To Reduce US Reliance
• 18:2 : Visa launches ‘Intelligent Commerce’ platform, letting AI agents swipe your card—safely, it says
• 18:2 : Kelly Benefits December data breach impacted over 400,000 individuals
• 18:2 : Understanding the UK’s New Rule on Ransomware Payments in the Public Sector
• 18:2 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 18:2 : Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
• 18:2 : Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
• 17:31 : TeleMessage, a modified Signal clone used by US government officials, has been hacked
• 17:31 : Digital Danger Zone: America’s Rising Cybersecurity Threats
• 17:31 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 17:5 : IT Security News Hourly Summary 2025-05-05 18h : 25 posts
• 17:2 : Seceon Wins Three Global Infosec Awards at RSAC 2025
• 17:2 : BSidesLV24 – Proving Ground – An Adversarial Approach To Airline Revenue Management
• 17:2 : IRONSCALES Extends Email Security Platform to Combat Deepfakes
• 17:2 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 16:32 : Chinese Group TheWizards Exploits IPv6 to Drop WizardNet Backdoor
• 16:32 : While Performing Dependency Selection, I Avoid the Loss Of Sleep From Node.js Libraries’ Dangers
• 16:32 : A whopping 94% of leaked passwords are not unique – will you people ever learn?
• 16:32 : Another Move in the Deepfake Creation/Detection Arms Race
• 16:32 : RomCom RAT Attacking UK Organizations Via Customer Feedback Portals
• 16:31 : Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
• 16:31 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 16:3 : UK Seeks Feedback On Banning Consumers From Borrowing To Buy Crypto
• 16:3 : Gunra Ransomware’s Double‑Extortion Playbook and Global Impact
• 16:3 : What is a registration authority (RA)?
• 16:3 : AI-enabled phishing attacks on consumers: How to detect and protect
• 16:3 : Microsoft Launches Recall AI for Windows 11 Copilot+ PCs with Enhanced Privacy Measures
• 16:3 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 15:43 : Nvidia Tweaking AI Chips For China Amid Export Ban – Report
• 15:43 : Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials
• 15:43 : RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals
• 15:43 : Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware
• 15:43 : Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers
• 15:43 : Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel
• 15:43 : Kelly Associates Data Breach Exposes 410,000+ Users Personal Data
• 15:43 : Ransomware Groups Allegedly Breach IT Networks, Stealing Data from UK Retailers
• 15:43 : The AI chatbot cop squad is here (Lock and Code S06E09)
• 15:43 : White House Proposal Slashes Half-Billion from CISA Budget
• 15:43 : Microsoft Alerts Users About Password-spraying Attack
• 15:43 : Data Security Alert as Novel Exfiltration Method Emerges
• 15:42 : Brave Browser’s New ‘Cookiecrumbler’ Tool Aims to Eliminate Annoying Cookie Consent Pop-Ups
• 15:42 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 15:22 : 5 Tips You Should Know before Developing an Innovative Product
• 15:22 : Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses
• 15:22 : Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000
• 15:22 : LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands
• 15:22 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 14:32 : Why Secure Document Management Matters Against Cybersecurity Threats
• 14:32 : MediaTek Fixes Multiple Security Flaws in Smartphone, Tablet, and TV Chipsets
• 14:32 : Iranian Hackers Breaches Critical National Infrastructure With multiple Webshells & Backdoors
• 14:32 : xAI Dev Leaked API Key on GitHub for Private SpaceX, Tesla & Twitter/X
• 14:32 : MediaTek Patches Multiple Vulnerabilities Affecting Tablets, Smartphones & TV Chipsets
• 14:31 : Microsoft Shuts Down Skype After 23 Years, Urges Users to Switch to Teams
• 14:31 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 14:8 : xAI Developer Accidentally Leaks API Key Granting Access to SpaceX, Tesla, and X LLMs
• 14:8 : Doppel Banks $35M for AI-Based Digital Risk Protection
• 14:8 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 14:5 : IT Security News Hourly Summary 2025-05-05 15h : 17 posts
• 13:31 : Secure Coding in DevOps: Shifting Left for Stronger Security
• 13:31 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 13:31 : Microsoft removes Authenticator App feature to promote Microsoft Edge
• 13:2 : Skype Shuts Down Today (5 May), After 22 Years Of Service
• 13:2 : NCSC Warns UK Retailers After Spate Of Cyberattacks
• 13:2 : 7 ways to lock down your phone’s security – before it’s too late
• 13:2 : 10 passkey survival tips: Prepare for your passwordless future now
• 13:2 : A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov
• 13:2 : Enhancing UK Government Operations with Emerging Technology
• 13:2 : Kelly Benefits Data Breach Impact Grows to 400,000 Individuals
• 13:2 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 12:32 : North Korean Hacker Tries to Infiltrate Kraken Through Job Application
• 12:32 : Hackers Selling SS7 0-Day Vulnerability on Hacker Forums for $5000
• 12:32 : Hackers Leveraging Email Input Fields to Exploit Vulnerabilities Ranging from XSS to SSRF
• 12:32 : North Korean Hacker Tries to Breach Kraken Platform by Submitting Job Application
• 12:32 : Critical Commvault Vulnerability in Attacker Crosshairs
• 12:32 : California Man Will Plead Guilty to Last Year’s Disney Hack
• 12:32 : UK retailers under cyber attack: Co-op member data compromised
• 12:31 : Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace
• 12:31 : ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
• 12:2 : Germany Most Targeted Country in Q1 2025 DDoS Attacks
• 12:2 : Multiple Flaws in Tenda RX2 Pro Let Attackers Gain Admin Access
• 12:2 : Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks
• 12:2 : Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist
• 11:31 : New LUMMAC.V2 Stealer Using ClickFix Technique to Trick Users in Execute Malicious Commands
• 11:31 : Hackers Selling SS7 0-Day Vulnerability on Hacker Froums for $5000
• 11:5 : IT Security News Hourly Summary 2025-05-05 12h : 5 posts
• 11:2 : Ransomware Group Claims Attacks on UK Retailers
• 11:2 : The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey
• 10:31 : US Asks Judge To Break Up Google Ad Tech Business
• 10:31 : Security Researchers Warn a Widely Used Open Source Tool Poses a ‘Persistent’ Risk to the US
• 10:31 : New Luna Moth Domains Attacking Users Via Weaponized Helpdesk Domains
• 10:2 : TeleMessage, a modified Signal clone used by US govt. officials, has been hacked
• 10:2 : NIS2 Compliance Checklist
• 10:2 : PoC Published for Exploited SonicWall Vulnerabilities
• 10:2 : TikTok Fined €530m Over Transfers of European User Data to China
• 9:32 : Hackers Exploit Email Fields to Launch XSS and SSRF Attacks
• 9:2 : Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims
• 9:2 : Getting Email Security Right
• 9:2 : Strengthening Cybersecurity Incident Response Part 2: From Detection to Recovery
• 9:2 : EU Adopts New Cybersecurity Rules for Critical Infrastructure Under NIS2 Directive
• 9:2 : Researcher Integrated Copilot with WinDbg to Analyze Windows Crash Dumps
• 9:2 : New SonicBoom Attack Allows Bypass of Authentication for Admin Access
• 9:2 : New Chimera Malware That Outsmarts Antivirus, Firewalls, & Humans
• 9:2 : A week in security (April 27 – May 3)
• 8:31 : A list of topics we covered in the week of April 27 to May 3 of 2025
• 8:31 : Cybersecurity M&A Roundup: 31 Deals Announced in April 2025
• 8:31 : Ransomware Attacks Fall in April Amid RansomHub Outage
• 8:5 : IT Security News Hourly Summary 2025-05-05 09h : 6 posts
• 8:2 : Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis
• 8:2 : SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control
• 8:2 : Sansec uncovered a supply chain attack via 21 backdoored Magento extensions
• 8:2 : TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
• 8:2 : Why EASM Projects Fail: Three Pitfalls to Avoid
• 7:32 : Apache Parquet Java Vulnerability Enables Remote Code Execution
• 7:32 : Trump promises protection for TikTok, for which he has a ‘warm spot in my heart’
• 7:32 : Beyond Traditional Vendor Management: Navigating AI Risks in the Supply Chain
• 7:31 : Are You Too Reliant on Third-Party Vendors for Cybersecurity?
• 7:31 : Microsoft Authenticator passkeys, StealC malware upgraded, CISA budget slashed
• 7:2 : 14 Years Strong: A Heartfelt Thank You from Hackers Online Club!
• 7:2 : Microsoft to Block Emails With 550 5.7.15 Access denied Error
• 7:2 : Apache Parquet Java Vulnerability Let Attackers Execute Arbitrary Code
• 7:2 : Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
• 7:2 : Signal Version Used In National Security Scandal Has Flaws
• 6:31 : How CISOs can talk cybersecurity so it makes sense to executives
• 6:2 : New Cyber threats emerge from Cyber Attacks on UK Companies
• 6:2 : The Growing Cyber Threat of Steganography: Concealing Malicious Activity in Plain Sight
• 5:31 : NCSC Warns of Ransomware Attacks Targeting UK Organisations
• 5:31 : How OSINT supports financial crime investigations
• 5:5 : IT Security News Hourly Summary 2025-05-05 06h : 4 posts
• 5:2 : Review: Effective Vulnerability Management
• 4:31 : Vuls: Open-source agentless vulnerability scanner
• 4:2 : ISC Stormcast For Monday, May 5th, 2025 https://isc.sans.edu/podcastdetail/9436, (Mon, May 5th)
• 4:2 : India’s chipmaking ambitions hurt by Zoho’s no-go and Adani unease
• 4:2 : Ransomware spike exposes cracks in cloud security
• 3:31 : Critical Webmin Vulnerability Let Remote Attackers Escalate Privileges to Root-Level
• 2:31 : Flexibility in Choosing the Right NHIs Solutions
• 2:31 : Relax with Robust NHI Security Measures
• 2:31 : Stay Calm: Your NHIs Are Protecting You
• 2:5 : IT Security News Hourly Summary 2025-05-05 03h : 1 posts
• 1:2 : US authorities have indicted Black Kingdom ransomware admin
• 0:2 : Microsoft tries to knife passwords once and for all – at least for consumers
• 23:5 : IT Security News Hourly Summary 2025-05-05 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 18
• 22:55 : IT Security News Daily Summary 2025-05-04