IT Security News Daily Summary 2025-06-02

176 posts were published in the last hour

• 21:31 : Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
• 21:5 : Google quietly launches AI Edge Gallery, letting Android phones run AI without the cloud
• 21:5 : Qualcomm Fixes Three Adreno GPU Flaws Abused in Android Attacks
• 20:31 : The EU’s “Encryption Roadmap” Makes Everyone Less Safe
• 20:31 : Ukrainians smuggle drones hidden in cabins on trucks to strike Russian airfields
• 20:5 : IT Security News Hourly Summary 2025-06-02 21h : 13 posts
• 20:2 : CFOs Targeted in Sophisticated Phishing Campaign Using Legit NetBird Tool
• 20:2 : AI Adoption Accelerates Despite Growing Security Concerns: Report
• 20:2 : FBI Cracks Down on Dark Web Drug Dealers
• 20:2 : Hackers Use Popular Anime Titles to Lure Gen Z into Malware Traps, Warns Kaspersky
• 19:32 : How to Keep Your Litecoin Safe: A Practical Guide
• 19:32 : Threat Actors Leverage ClickFix Technique to Deploy EddieStealer Malware
• 19:32 : Securing DevOps Pipelines: A Practical Guide to Balancing Speed and Security
• 19:31 : 245 Days Without Justice: Laila Soueif’s Hunger Strike and the Fight to Free Alaa Abd el-Fattah
• 19:31 : Survey: Changing Threat Landscape Drives Cybersecurity Spending Shifts
• 19:2 : Stealth Syscall Technique Allows Hackers to Evade Event Tracing and EDR Detection
• 19:2 : CISA Adds Five Known Exploited Vulnerabilities to Catalog
• 19:2 : Admin Rights Are the Problem, Not Which Antivirus You Choose
• 19:2 : Survey Surfaces Rise on Cyberattacks Fueled by AI
• 18:32 : Linux Crash Reporting Flaws (CVE-2025-5054, 4598) Expose Password Hashes
• 18:32 : Enterprise Data Loss Prevention (DLP) Security Policies and Tuning
• 18:32 : Breaking the Lifecycle of Stolen Credentials Before It Breaks You
• 18:31 : INE Security Alert: $16.6 Billion in Cyber Losses Underscore Critical Need for Advanced Security Training
• 18:31 : U.S., Dutch Agencies Shut Down AVCheck Services Used by Threat Groups
• 18:5 : The DOGE effect on cybersecurity: Efficiency vs. risk
• 18:5 : Vanta bug exposed customers’ data to other customers
• 18:5 : Future of Passwords Biometrics and Passwordless Authentication
• 18:5 : Ransomware Negotiation When and How to Engage Attackers
• 17:32 : What is a next-generation firewall (NGFW)?
• 17:32 : Southwest has new rule that changes how you charge your phone mid-flight
• 17:32 : Randall Munroe’s XKCD ‘Archaea’
• 17:32 : EU Sanctions Actors Involved in Russian Hybrid Warfare
• 17:32 : Discover how automatic attack disruption protects critical assets while ensuring business continuity
• 17:31 : Attackers breached ConnectWise, compromised customer ScreenConnect instances
• 17:5 : Malware Masquerades as Legitimate, Hidden WordPress Plugin with Remote Code Execution Capabilities
• 17:5 : Vodafone Promises £1.3bn Investment As Three Merger Concludes
• 17:5 : What is compliance automation?
• 17:5 : The DOGE effect on cyber: What’s happened and what’s next?
• 17:5 : NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’
• 17:5 : Vulnerability Summary for the Week of May 26, 2025
• 17:5 : IT Security News Hourly Summary 2025-06-02 18h : 15 posts
• 17:4 : A deep dive into data protection sessions at AWS re:Inforce 2025
• 16:32 : MediaTek Vulnerabilities Let Attackers Escalate Privileges Without User Interaction
• 16:32 : Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection
• 16:32 : DSPM vs. DLP:Understanding the Key Differences
• 16:32 : Qualcomm Adreno GPU 0-Day Vulnerabilities Exploited to Attack Android Users
• 16:32 : Vietnam Blocks Telegram Messaging App
• 16:31 : Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
• 16:31 : Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
• 16:4 : US Sanctions Philippines’ Funnull Technology Over $200M Crypto Scam
• 16:4 : Qualcomm fixed three zero-days exploited in limited, targeted attacks
• 16:4 : Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure
• 16:4 : Announcing a new strategic collaboration to bring clarity to threat actor naming
• 15:32 : Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands
• 15:32 : New PyPI Supply Chain Attacks Python & NPM Users on Windows and Linux
• 15:32 : Haozi’s Plug-and-Play Phishing Attack Stolen Over $280,000 From Users
• 15:32 : HuluCaptcha – A FakeCaptcha Kit That Trick Users to Run Code via The Windows Run Command
• 15:32 : Threat Actors Using ClickFix Technique to Deliver EddieStealer Malware
• 15:32 : Prioritizing Vulnerabilities in a Sea of Alerts
• 15:32 : Hackers Tricking Employees with Fake IT Calls and Email Floods in New Ransomware Scam
• 15:32 : Balancing Consumer Autonomy and Accessibility in the Age of Universal Opt-Outs
• 15:32 : FBI Busts 270 in Operation RapTor to Disrupt Dark Web Drug Trade
• 15:32 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 15:31 : Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
• 15:4 : Police took down several popular counter-antivirus (CAV) services, including AvCheck
• 15:4 : Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently
• 15:4 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 15:4 : New Linux Vulnerabilities Expose Password Hashes via Core Dumps
• 14:32 : IBM DataStage Bug Exposes Database Credentials in Plain Tex
• 14:32 : Risk maturity model: How it works and how to use one
• 14:32 : Sysdig Reveals Discovery of Cyberattack Aimed at Tool to Build AI Apps
• 14:31 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 14:31 : Sophisticated Malware Campaign Targets Windows and Linux Systems
• 14:5 : IT Security News Hourly Summary 2025-06-02 15h : 8 posts
• 14:3 : Critical MediaTek Flaws Allow Hackers to Gain Elevated Access with No User Input
• 14:3 : Rise of Deepfake Attacks Detection and Prevention Tips
• 14:3 : Hackers Could Use Stealth Syscall Execution to Bypass Event Tracing & EDR Detection
• 14:2 : Hackers Allegedly Selling Windows Crypter Claims Bypass of All Antiviruses
• 14:2 : Bluetooth HCI Adaptor Realtek Vulnerability Let Attackers Delete Arbitrary Files
• 14:2 : CISO Roles Expand Beyond Cybersecurity as Organizations Embrace Strategic Security Leadership
• 14:2 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 14:2 : Cryptojacking Campaign Targets DevOps Servers Including Nomad
• 13:31 : BarracudaONE boosts threat protection and cyber resilience
• 13:31 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 13:5 : Maximize Your Minecraft: Optimal PC Setup and Server Hosting Essentials
• 13:5 : Iranian Robbinhood Ransomware Operator Pleads Guilty in US City Attacks
• 13:5 : HuluCaptcha: Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
• 13:5 : Realtek Bluetooth Driver Flaw Allows Attackers to Delete Any File on Windows Systems
• 13:5 : New Study Uncovers Vulnerable Code Pattern Exposes GitHub Projects To Path Traversal Attacks
• 13:5 : Securing APIs Protecting Backbone of Modern Applications
• 13:5 : 50,000+ Azure AD Users Access Token Exposed From Unauthenticated API Endpoint
• 13:5 : Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
• 13:4 : vBulletin Vulnerability Exploited in the Wild
• 13:4 : How Artificial Intelligence Phishing Detection Is Reshaping K–12 Email Protection
• 13:4 : DoControl helps organizations enforce zero trust security strategies
• 13:4 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 13:4 : #Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’
• 12:31 : US community bank says thieves drained customer data through third party hole
• 12:31 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
• 12:3 : Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
• 11:32 : Hackers Weaponize Free SSH Client PuTTY to Deliver Malware on Windows
• 11:32 : New PyPI Supply Chain Attacks Target Python and NPM Users on Windows and Linux
• 11:32 : Haozi’s Plug-and-Play Phishing Attack Steals Over $280,000 From Users
• 11:32 : Australia Requires Ransomware Victims to Declare Payments
• 11:32 : Role of Threat Intelligence in Proactive Defense Strategies
• 11:32 : Chrome to Distrust Chunghwa Telecom and Netlock Certificates
• 11:31 : The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
• 11:5 : IT Security News Hourly Summary 2025-06-02 12h : 12 posts
• 11:3 : CISO Roles Take on Strategic Security Leadership Roles Beyond Cybersecurity as Organizations
• 11:2 : Alleged Conti, TrickBot Gang Leader Unmasked
• 10:32 : Meta To Work With Anduril On US Military Tech
• 10:32 : Anthropic ‘Reaches $3bn’ AI Revenue Rate, Spurred By Business
• 10:31 : Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint
• 10:31 : OneDrive flaw can give websites and apps full access to your files, even if you pick just one
• 10:5 : ISC Stormcast For Monday, June 2nd, 2025 https://isc.sans.edu/podcastdetail/9474, (Mon, Jun 2nd)
• 10:5 : Backdoors in Python and NPM Packages Target Windows and Linux
• 10:5 : Critical Denodo Scheduler Flaw Allows Remote Code Execution by Attackers
• 10:4 : AI-Driven Threat Intelligence Staying Ahead of Attackers
• 10:4 : Critical Roundcube Vulnerability Let Attackers Execute Remote Code
• 10:4 : Threat Actors Actively Exploiting Critical vBulletin Vulnerability in the Wild
• 10:4 : Denodo Scheduler Vulnerability Let Attackers Execute Remote Code
• 10:4 : Technical Details Published for Critical Cisco IOS XE Vulnerability
• 9:32 : Second New York Crypto Torture Suspect Arrested
• 9:32 : Upgrade To DeepSeek’s R1 AI Model ‘Matches’ OpenAI
• 9:32 : Nvidia Plans New AI Chip For China, Rules Out Hopper
• 9:32 : Google, DOJ Clash Over AI In Closing Arguments
• 9:31 : The Evolution of Phishing Attacks: Why Traditional Detection Methods Are Failing
• 9:31 : Is Continuous Deployment Too Risky? Security Concerns and Mitigations
• 9:31 : Counter Antivirus Service AVCheck Shut Down by Law Enforcement
• 9:3 : Active Exploits Detected Targeting Critical vBulletin Vulnerability
• 9:3 : TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
• 9:3 : US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles
• 9:3 : Dutch Police Lead Shut Down of Counter AV Service AVCheck
• 8:32 : New Study Reveals Vulnerable Code Pattern Putting GitHub Projects at Risk of Path Traversal Attacks
• 8:32 : Critical Roundcube Flaw Allows Remote Code Execution by Attackers
• 8:31 : Securing Remote Work Zero Trust for Distributed Workforces
• 8:31 : CISA Warns of Consilium Fire Panel Vulnerabilities Allowing Remote Takeover
• 8:31 : CISOs Guide to Regulatory Compliance in Global Landscapes
• 8:31 : In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked
• 8:6 : Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188
• 8:6 : A cyberattack hit hospitals operated by Covenant Health
• 8:5 : IT Security News Hourly Summary 2025-06-02 09h : 7 posts
• 7:32 : Victoria’s Secret, Adidas Hit By Cyber-Attacks
• 7:32 : MITRE Releases Roadmap for Transition to Post-Quantum Cryptography
• 7:32 : A week in security (May 26 – June 1)
• 7:31 : Cisco IOS XE exploit, Senators’ CSRB request, Australia ransomware law
• 7:31 : Cybersecurity Incidents: Eddie Steeler Malware, ConnectWise Breach, and Nova Scotia Power Data Theft
• 7:4 : New Linux Security Bugs Could Expose Password Hashes Across Millions of Devices
• 7:4 : Exclusive! Entire Conti Ransomware Gang Including Key Leaders With Photo & Infrastructure Exposed
• 7:4 : Blockchain for Cybersecurity Real-World Applications and Limits
• 7:4 : Conducting Risk Assessments That Drive Business Value
• 7:4 : Product showcase: Smarter pentest reporting and exposure management with PlexTrac
• 7:4 : Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
• 7:4 : Share your user story
• 6:4 : CISO 3.0: Leading AI governance and security in the boardroom
• 5:31 : Simple SSH Backdoor, (Mon, Jun 2nd)
• 5:5 : IT Security News Hourly Summary 2025-06-02 06h : 4 posts
• 5:2 : Evolution of DDoS Attacks Mitigation Strategies for 2025
• 5:2 : Security awareness training isn’t stopping breaches. Can AI help?
• 5:2 : Review: Metasploit, 2nd Edition
• 4:31 : 48% of security pros are falling behind compliance requirements
• 4:4 : Human Firewall Training Employees as First Line of Defense
• 4:4 : Critical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwide
• 4:4 : Breaking Down Silos Aligning IT and Security Teams
• 4:4 : Finding Stability in Cloud-Native Security Solutions
• 2:2 : Penetration Testing in the AI Era Tools and Techniques
• 1:31 : Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data
• 23:31 : Identity and Access Management Trends Shaping 2025
• 23:31 : Building a Cyber Incident Response Plan That Works
• 23:5 : IT Security News Hourly Summary 2025-06-02 00h : 4 posts
• 23:2 : Flowable’s Smart Automation Tools Are Reshaping How Enterprises Operate in 2025
• 23:2 : What does Facebook know about me? (Lock and Code S06E11)
• 22:58 : IT Security News Weekly Summary 22
• 22:55 : IT Security News Daily Summary 2025-06-01
• 22:31 : Cloud Misconfigurations The Silent Threat to Data Security
• 22:6 : Future-proofing your enterprise: the role of crypto-agile PKI in long-term security