IT Security News Weekly Summary 21

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-05-25
• 20:31 : FBI Warns of Silent Ransom Group Targeting Law Firms via Scam Calls
• 16:31 : Pen Test Partners Uncovers Major Vulnerability in Microsoft Copilot AI for SharePoint
• 15:4 : Here’s How to Safeguard Your Smartphone Against Zero-Click Attacks
• 15:4 : AI Can Create Deepfake Videos of Children Using Just 20 Images, Expert Warns
• 14:32 : India’s Cyber Scams Create International Turmoil
• 14:2 : Last 24 hours: TechCrunch Disrupt 2025 Early Bird Deals will fly away after today
• 14:2 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46
• 13:6 : Security Affairs newsletter Round 525 by Pierluigi Paganini – INTERNATIONAL EDITION
• 10:5 : Operation ENDGAME disrupted global ransomware infrastructure
• 8:33 : Week in review: Trojanized KeePass allows ransomware attacks, cyber risks of AI hallucinations
• 8:33 : Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware
• 23:32 : Feel Empowered by Mastering NHI Compliance
• 23:31 : Your Assurance in Securing NHIs Properly
• 23:31 : Stay Reassured with Latest NHI Security Practices
• 23:5 : IT Security News Hourly Summary 2025-05-25 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-05-24
• 18:2 : Cybercrime is ‘orders of magnitude’ larger than state-backed ops, says ex-White House advisor
• 18:2 : Brno May 2025: Hosting OpenSSL Projects and Corporation BAC Members for Alignment and Connection
• 17:31 : BSidesLV24 – PasswordsCon – That’s Not My Name
• 17:5 : IT Security News Hourly Summary 2025-05-24 18h : 2 posts
• 17:2 : Google Claims Attackers That Hit UK Firms Now Targeting American Stores
• 16:2 : Silent Ransom Group targeting law firms, the FBI warns
• 15:31 : Danabot under the microscope
• 15:2 : Spain Investigates Cybersecurity of Power Suppliers After Widespread Grid Outage
• 15:2 : Cyberattackers Use JPG Files to Deploy Ransomware Undetected
• 14:31 : Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected
• 14:5 : IT Security News Hourly Summary 2025-05-24 15h : 2 posts
• 13:2 : SK Telecom Uncovers Two-Year Malware Attack, Leaking 26M IMSI Records
• 12:31 : Remembering John Young, co-founder of web archive Cryptome
• 11:5 : IT Security News Hourly Summary 2025-05-24 12h : 3 posts
• 11:4 : The US Is Building a One-Stop Shop for Buying Your Data
• 11:4 : Leader of Qakbot cybercrime network indicted in U.S. crackdown
• 10:4 : GitLab Duo Vulnerability Let Attack Inject Malicious link & Steal Source Code
• 10:4 : 184 Million Users’ Passwords Exposed From an Open Directory Controlled by Hackers
• 10:4 : .Net Based Chihuahua Infostealer Exploit Google Drive Steals Browser Credentials and Crypto Wallets
• 8:5 : IT Security News Hourly Summary 2025-05-24 09h : 1 posts
• 6:33 : From English Literature to Cybersecurity: A Journey Through Blockchain and Security
• 5:5 : IT Security News Hourly Summary 2025-05-24 06h : 2 posts
• 5:4 : Ransomware May Soon Target the Brain of Your Computer — Here’s What You Need to Know
• 3:31 : Russian Cybercriminal Charged in $24 Million Qakbot Ransomware Scheme
• 3:31 : Cyber Heads Up: “BadSuccessor”—A Critical Active Directory Privilege Escalation Vulnerability in Windows Server 2025
• 2:31 : Naukri exposed recruiter email addresses, researcher says
• 1:6 : Offensive Threat Intelligence
• 23:32 : 184 Million Records Database Leak: Microsoft, Apple, Google, Facebook, PayPal Logins Found
• 23:32 : GenAI Assistant DIANNA Uncovering New Obfuscated Malware
• 23:32 : Threat Actor Selling Burger King Backup System RCE Vulnerability for $4,000
• 23:32 : Bypassing Zero-Trust Policies to Exploit Vulnerabilities & Manipulate NHI Secrets
• 23:31 : Feel Protected: Advances in NHI Security Techniques
• 23:31 : Ensuring Stability with Robust NHI Strategies
• 23:31 : Week in Review: Disabling Microsoft Defender, corrupted power inverters, bipartisan training bill
• 23:5 : IT Security News Hourly Summary 2025-05-24 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-05-23
• 22:31 : Hackers Attacking macOS Users With Fake Ledger Apps to Deploy Malware
• 22:2 : BadSuccessor Exploits Windows Server 2025 Flaw for Full AD Takeover
• 20:5 : IT Security News Hourly Summary 2025-05-23 21h : 3 posts
• 20:4 : ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks
• 20:4 : Russian Hackers Target Western Firms Aiding Ukraine, Spy on Shipments
• 19:31 : Apple CEO reportedly urged Texas’ governor to ditch online child safety bill
• 19:31 : New Formjacking Malware Attacking E-Commerce Pages to Steal Credit Card Data
• 19:8 : Proactive Security in Distributed Systems: A Developer’s Approach
• 19:8 : Microsoft, DOJ Take Actions Against ‘Favored Info-Stealing Malware’ Lumma
• 18:32 : Researchers Uncovered Infrastructure & TTPs Used by ALCATRAZ Malware
• 18:31 : How to Respond to Data Breaches – A Comprehensive Guide
• 18:31 : Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique
• 18:4 : Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets
• 18:4 : Ransomware scum leaked Nova Scotia Power customers’ info
• 17:32 : Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
• 17:32 : Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware
• 17:32 : Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability
• 17:32 : Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000
• 17:32 : Most AI chatbots devour your user data – these are the worst offenders
• 17:32 : 2025 Cybersecurity Trends – Key Threats and Solutions
• 17:32 : Threats Actors Using Copyright Phishing Lures to Deliver Rhadamanthys Stealer
• 17:32 : Enterprise Security Solutions – Building a Resilient Defense
• 17:32 : U.S. Authorities Seize DanaBot Malware Operation, Indict 16
• 17:6 : Lumma Stealer: Down for the count
• 17:6 : Danabot: Analyzing a fallen empire
• 17:6 : CISA says SaaS providers in firing line after Commvault zero-day Azure attack
• 17:5 : IT Security News Hourly Summary 2025-05-23 18h : 6 posts
• 16:31 : FTC Drops Case To Block Microsoft’s $69bn Activision Purchase
• 16:2 : Sui Cetus DEX Hit By Suspected $200M Hack
• 16:2 : Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more
• 16:2 : Cybercriminals Employ Fake AI tools to Propagate the Infostealer Noodlophile
• 15:32 : A 3X Leader in Gartner 2025 Magic Quadrant for SSE
• 15:32 : TAG-110 Hackers Weaponize Word Templates for Targeted Attacks
• 15:31 : iPhone Phishing Defense – Recognizing and Blocking Attacks
• 14:32 : At TechCrunch Sessions: AI, Artemis Seaford and Ion Stoica confront the ethical crisis — when AI crosses the line
• 14:32 : Protecting iPhones from Spyware – Tools and Tips
• 14:32 : DanaBot Malware With 150 Active C2 servers & 1,000 Daily Victims Busted in Operation Endgame
• 14:32 : Threat Actors Deliver Winos 4.0 Impersonate as VPN & QQBrowser
• 14:32 : Chinese Nexus Hackers Actively Exploiting Ivanti Endpoint Manager Mobile Vulnerability
• 14:32 : Securing Android in the Enterprise – Policies and Solutions
• 14:31 : Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’
• 14:31 : Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
• 14:5 : IT Security News Hourly Summary 2025-05-23 15h : 14 posts
• 14:4 : Trump Threatens Tariffs On Apple iPhones, EU Products
• 14:4 : EU Targets Stark Industries in Cyberattack Sanctions Crackdown
• 14:4 : Oversharing online? 5 ways it makes you an easy target for cybercriminals
• 14:4 : In Other News: Volkswagen App Hacked, DR32 Sentenced, New OT Security Solution
• 14:4 : Two Factor Authentication Under Threat as Sim Swap Fraud Escalates Sharply
• 14:4 : AI in Cybersecurity Market Sees Rapid Growth as Network Security Leads 2024 Expansion
• 13:32 : Google Touts ‘AI Mode’ For Search Engine
• 13:32 : Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats
• 13:32 : ThreatCloud AI Gives Harmony SASE Customers an Edge Against Cyber Threats
• 13:31 : Key Insights from the 2025 Global Conference on Cyber Capacity Building
• 13:3 : Hackers Expose 184 Million User Passwords via Open Directory
• 13:2 : GenAI Assistant DIANNA Uncovers New Obfuscated Malware
• 13:2 : ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices
• 13:2 : Survey Surfaces Limited Amount of Post Quantum Cryptography Progress
• 13:2 : TikTok videos + ClickFix tactic = Malware infection
• 12:32 : GitLab Duo Vulnerability Exploited to Inject Malicious Links and Steal Source Code
• 12:32 : New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data
• 12:32 : Tracking the Cost of Quantum Factoring
• 12:32 : Android Security Patches – How to Stay Updated and Protected
• 12:32 : Apple XNU kernel Vulnerability Let Attackers Escalate Privileges
• 12:32 : New Blackhat AI Tool Venice.ai Let Attackers Create Malware in Minutes
• 12:31 : On Demand: Threat Detection & Incident Response (TDIR) Summit
• 12:7 : Researchers Uncover Infrastructure and TTPs Behind ALCATRAZ Malware
• 12:7 : 300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide
• 11:32 : Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity
• 11:32 : 3AM Ransomware Attackers Pose as IT Support to Compromise Networks
• 11:32 : Signal Blocks Windows Recall
• 11:31 : Russian Qakbot Gang Leader Indicted in US
• 11:31 : DanaBot botnet disrupted, QakBot leader indicted
• 11:5 : IT Security News Hourly Summary 2025-05-23 12h : 7 posts
• 11:4 : Winos 4.0 Malware Masquerades as VPN and QQBrowser to Target Users
• 11:4 : TAG-110 Hackers Deploy Malicious Word Templates in Targeted Attacks
• 11:4 : Critical NETGEAR Router Vulnerability Let Attackers Gain Full Admin Access
• 11:4 : Companies Warned of Commvault Vulnerability Exploitation
• 10:31 : NETGEAR Router Flaw Allows Full Admin Access by Attackers
• 10:31 : SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection
• 10:31 : Law Enforcement Busts Initial Access Malware Used to Launch Ransomware
• 10:7 : Scarcity signals: Are rare activities red flags?
• 10:7 : Threat Brief: CVE-2025-31324 (Updated May 23)
• 10:7 : Mysterious hacking group Careto was run by the Spanish government, sources say
• 10:6 : Operation RapTor led to the arrest of 270 dark web vendors and buyers
• 10:6 : ModSecurity Vulnerability Exposes Millions of Web Servers to Severe DoS Condition
• 10:6 : LockBit Data Leak Unveils Most Active Affiliates & Their Innerworkings
• 10:6 : Exploitable Vulnerabilities in Canon Printers Allow Attackers to Gain Admin Privileges
• 9:32 : ViciousTrap Hackers Breaches 5,500+ Edge Devices from 50+ Brands, Turns Them into Honeypots
• 9:32 : Inside LockBit: Data Leak Reveals Leading Affiliates and How They Operate
• 9:32 : Apple XNU Kernel Flaw Enables Attackers to Escalate Privileges
• 9:32 : Operation Endgame Crushes DanaBot Malware, Shuts Down 150 C2 Servers and Halts 1,000 Daily Attacks
• 9:31 : Grandpa-conning crook jailed over sugar-coated drug scam
• 9:31 : Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
• 9:31 : Detect Vulnerabilities Faster With Website Scanner
• 9:4 : DanaBot Botnet Disrupted, 16 Suspects Charged
• 9:4 : Global Dark Web Sting Sees 270 Arrested
• 8:31 : Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors
• 8:31 : DragonForce Engages in “Turf War” for Ransomware Dominance
• 8:5 : Russian Hacker Indicted Over $24 Million Qakbot Ransomware Operation
• 8:5 : CISA Alerts on Threat Actors Targeting Commvault’s Azure App to Steal Secrets
• 8:5 : ViciousTrap Hacker Compromised 5,500+ Edge Devices From 50+ Brands & Turned Them Into Honeypots
• 8:5 : ModSecurity Vulnerability Exposes Millions of Web Servers to Severe Denial-of-Service
• 8:5 : IT Security News Hourly Summary 2025-05-23 09h : 7 posts
• 8:4 : Token Security unveils MCP Server for non-human identity security
• 8:4 : U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
• 7:32 : Fortinet Zero-Day Under Attack: PoC Now Publicly Available
• 7:32 : Signal shutters Recall, Windows Server vulnerability, pathology lab breach
• 7:2 : CISA Alerts on Threat Actors Targeting Commvault Azure App to Steal Secrets
• 7:2 : Global Crackdown Nets 270 Dark Web Vendors in Major Arrests
• 7:2 : Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks
• 6:31 : Is privacy becoming a luxury? A candid look at consumer data use
• 6:5 : Why continuous discovery is critical to closing security gaps
• 6:5 : Outsourcing cybersecurity: How SMBs can make smart moves
• 6:5 : Cybersecurity Threats and Breaches: Critical Updates and Insights
• 5:31 : GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
• 5:31 : CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
• 5:7 : Florida Scraps Controversial Law That Threatened Online Privacy
• 5:6 : Shift left strategy creates heavy burden for developers
• 5:6 : Digital trust is cracking under the pressure of deepfakes, cybercrime
• 5:5 : IT Security News Hourly Summary 2025-05-23 06h : 1 posts
• 4:31 : New infosec products of the week: May 23, 2025
• 4:6 : Material Nonpublic Information: Why It Deserves Enterprise-Grade Protection
• 3:35 : PoC Published For Fortinet 0-Day Vulnerability That Being Exploited in the Wild
• 2:5 : IT Security News Hourly Summary 2025-05-23 03h : 1 posts
• 2:4 : ISC Stormcast For Friday, May 23rd, 2025 https://isc.sans.edu/podcastdetail/9464, (Fri, May 23rd)
• 2:4 : Phone theft is on the rise – 7 ways to protect your device before it’s too late
• 2:4 : Suspected creeps behind DanaBot malware that hit 300K+ computers revealed
• 1:6 : The best malware removal software of 2025: Expert tested and reviewed
• 1:6 : Ivanti makes dedicated fans of Chinese spies who just can’t resist attacking its buggy kit
• 0:31 : US Navy sailor charged in horrific child sextortion case
• 0:4 : News alert: INE Security, Abadnet Institute partner to deliver cybersecurity training in Saudi Arabia
• 0:4 : News Alert: Halo Security reaches SOC 2 milestone, validating its security controls and practices
• 23:5 : IT Security News Hourly Summary 2025-05-23 00h : 2 posts
• 23:4 : How lean security teams can build resilient defenses
• 23:4 : U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog
• 22:55 : IT Security News Daily Summary 2025-05-22
• 22:31 : Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims
• 22:31 : Feds finger Russian behind Qakbot malware that hit 700,000 computers
• 22:4 : Oops: DanaBot Malware Devs Infected Their Own PCs
• 20:31 : Feds Charge 16 Russians Allegedly Tied to Botnets Used in Ransomware, Cyberattacks, and Spying
• 20:6 : AI in Cybersecurity: How AI Is Impacting the Fight Against Cybercrime
• 20:5 : The Role of AI in Identity and Access Management for Organizations
• 20:5 : Why 3D-Printing an Untraceable Ghost Gun Is Easier Than Ever
• 20:5 : IT Security News Hourly Summary 2025-05-22 21h : 5 posts
• 19:32 : Operation RapTor: 270 Arrested in Global Crackdown on Dark Web Vendors
• 19:32 : ESET takes part in global operation to disrupt Lumma Stealer
• 19:32 : What is FileZilla?
• 19:32 : Gujarat Teen Behind 50+ Cyberattacks During ‘Operation Sindoor’ Arrested
• 19:32 : CefSharp Enumeration Tool Reveals Security Vulnerabilities in .NET Desktop Apps
• 19:31 : Randall Munroe’s XKCD ‘Baker’s Units’
• 19:31 : BSidesLV24 – PasswordsCon – Breaking Historical Ciphertexts With Modern Means
• 19:2 : Operation RapTor: Global Police Arrests 270 Dark Web Vendors
• 18:32 : Microsoft Fires Staffer Who Interrupted CEO Satya Nadella
• 18:32 : 7 ways to thwart phone thieves – and avoid China’s infamous ‘stolen iPhone building’
• 18:31 : Microsoft says Lumma password stealer malware found on 394,000 Windows PCs
• 18:31 : Chinese snoops tried to break into US city utilities, says Talos
• 18:4 : Ghosted by a cybercriminal