IT Security News Daily Summary 2025-06-06

147 posts were published in the last hour

• 21:7 : Anthropic appoints a national security expert to its governing trust
• 21:7 : Friday Squid Blogging: Squid Run in Southern New England
• 21:7 : EFF to Department Homeland Security: No Social Media Surveillance of Immigrants
• 21:6 : Week in Review: Senators’ CSRB bid, Deepfakes dodge detection, Microsoft-CrowdStrike collaboration
• 20:32 : Italian lawmakers say Italy used spyware to target phones of immigration activists, but not against journalist
• 20:32 : How to update Chrome on every operating system
• 20:32 : 2025 ISO and CSA STAR certificates now available with three new Regions
• 20:6 : How to choose and set up a mobile VPN for an Android phone
• 20:6 : News brief: CISA and partners face budget overhauls, cuts
• 20:6 : Cybercriminals Are Hiding Malicious Web Traffic in Plain Sight
• 20:6 : Russia-linked threat actors targets Ukraine with PathWiper wiper
• 20:5 : New PathWiper Malware Attacking Critical Infrastructure To Deploy Administrative Tools
• 20:5 : Beware of Fake AI Business Tools That Hides Ransomware
• 20:5 : DragonForce Ransomware Claimed To Compromise Over 120 Victims in The Past Year
• 20:5 : New ClickFix Attack Exploits Fake Cloudflare Human Check to Install Malware Silently
• 20:5 : EFF to Court: Young People Have First Amendment Rights
• 20:5 : ChatGPT used for evil: Fake IT worker resumes, misinfo, and cyber-op assist
• 20:5 : IT Security News Hourly Summary 2025-06-06 21h : 4 posts
• 20:4 : They Deepfaked Through the Bathroom Window: How Cybercriminals Are Targeting Executives & Key Personnel at Home
• 19:32 : Popular Chrome Extensions Found Leaking Data via Unencrypted Connections
• 19:32 : Secure IaC With a Shift-Left Approach
• 19:31 : New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
• 18:33 : New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers
• 18:33 : Hearing on the Federal Government and AI
• 18:32 : Threat Actors Using ViperSoftX Malware to Exfiltrate Sensitive Details
• 18:32 : How to use on-demand rotation for AWS KMS imported keys
• 17:4 : Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
• 16:33 : Hackers Leverage New ClickFix Tactic to Exploit Human Error with Deceptive Prompts
• 16:33 : FBI Issues Play Ransomware Security Advisory & Mitigation Steps to Take Now
• 16:32 : How to navigate the Windows Hello for Business requirements
• 16:32 : OpenAI forced to preserve ChatGPT chats
• 16:32 : Fresh strain of pro-Russian wiper flushes Ukrainian critical infrastructure
• 16:32 : Want to Leave Facebook? Do this.
• 16:2 : OpenAI Appeals User Data Preservation Order In NYT Lawsuit
• 16:2 : ClickFix Attack Uses Fake Cloudflare Verification to Silently Deploy Malware
• 16:2 : Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
• 15:33 : NEOM McLaren Formula E Team & Trend Micro Innovation History
• 15:33 : Beware: Fake AI Business Tools Spreading Hidden Ransomware
• 15:33 : DragonForce Ransomware Reportedly Compromised Over 120 Victims in the Past Year
• 15:32 : Privacy-Preserving AI: How Multimodal Models Are Changing Data Security
• 15:32 : The Rise of Vibe Coding: Innovation at the Cost of Security
• 15:32 : Enhancing SQL Server Security With AI-Driven Anomaly Detection
• 15:32 : The Synergy of Security and Development: Integrating Threat Models With DevOps
• 15:32 : Apple Mail freezing after updating to iOS 18.5? Here’s a fix you can try
• 15:32 : Report on the Malicious Uses of AI
• 15:32 : Long-Standing NATO Partnership Strengthens Our Collective Cyber Defenses
• 15:31 : WhatsApp Launches First Dedicated iPad App with Full Multitasking and Calling Features
• 14:34 : Amazon Cuts More Jobs, This Time At Books Division
• 14:34 : Scattered Spider Hackers Target Tech Company Help-Desk Administrators
• 14:33 : Chrome Extensions Vulnerability Exposes API Keys, Secrets, and Tokens
• 14:33 : Microsoft Unveils European Security Program to Target Cybercriminal Networks
• 14:33 : Booking.com reservation abused as cybercriminals steal from travelers
• 14:33 : In Other News: FBI Warns of BadBox 2, NSO Disputes WhatsApp Fine, 1,000 Leave CISA
• 14:32 : OAuth Tokens: The Danger Behind the Commvault Breach
• 14:32 : Adidas Confirms Data Leak After User Service Provider Hack
• 14:7 : NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU
• 14:7 : ViperSoftX Malware Used by Threat Actors to Steal Sensitive Information
• 14:7 : Microsoft Unveils European Security Effort to Disrupt Cybercrime Networks
• 14:7 : New Mirai Variant Exploits TBK DVR Flaw for Remote Code Execution
• 14:6 : 86 million AT&T customer records reportedly up for sale on the dark web
• 14:6 : North Korea’s Innovative Laptop Farm Scam Alarms Cybersecurity Experts
• 14:6 : Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam
• 14:6 : Empower Users and Protect Against GenAI Data Loss
• 14:6 : Scattered Spider Uses Tech Vendor Impersonation and Phishing Kits to Target Helpdesks
• 14:5 : IT Security News Hourly Summary 2025-06-06 15h : 5 posts
• 13:32 : U.S. Offers $10M Bounty for Information on RedLine Malware Creator
• 13:32 : No Excuses: Why Multi-Factor Authentication is Non-Negotiable
• 13:32 : Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring
• 13:32 : 3 Reasons to Visit IRONSCALES at Pax8 Beyond 2025
• 13:2 : 86 million A&T customer records reportedly up for sale on the dark web
• 13:2 : US to Offer $10 Million Reward for Details About RedLine Malware Developer
• 13:2 : Cybersecurity M&A Roundup: 42 Deals Announced in May 2025
• 13:2 : Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
• 12:31 : Tesla Sinks As Elon Musk, Donald Trump Feud Erupts
• 12:2 : U.S. Offers $10M bounty for info on RedLine malware creator and state hackers
• 12:2 : Your ransomware nightmare just came true – now what?
• 12:2 : Top AI-Driven Pentest Tools 2025
• 11:32 : How Enterprises Can Meet AI Literacy Requirements Before They’re Forced
• 11:32 : Critical RCE Vulnerability in AWS Amplify Studio – PoC Now Public
• 11:32 : ANY.RUN Empowers Government Agencies with Real-Time Threat Detection
• 11:32 : MIND Raises $30 Million for Data Loss Prevention
• 11:32 : Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
• 11:31 : #Infosec2025: Top Six Cyber Trends CISOs Need to Know
• 11:5 : IT Security News Hourly Summary 2025-06-06 12h : 11 posts
• 11:2 : BADBOX 2.0 Infected Over 1 Million Android Devices Worldwide
• 11:2 : HPE Insight Remote Support Vulnerability Let Attackers Execute Remote Code
• 10:33 : Innovation, Not Infrastructure: Akamai?s Managed Cloud Services
• 10:33 : Blitz Malware: A Tale of Game Cheats and Code Repositories
• 10:33 : Beyond Code: The Leadership Imperative in the Age of AI
• 10:32 : The Common Challenges of API Development and How to Overcome Them
• 10:32 : US Offers $10 Million Reward for Tips About State-Linked RedLine Cybercriminals
• 10:32 : Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure
• 10:3 : Critical FreeRTOS-Plus-TCP Flaw Allows Code Execution or System Crash
• 10:3 : Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
• 10:3 : Cisco Patches Critical ISE Vulnerability With Public PoC
• 10:2 : 145 criminal domains linked to BidenCash Marketplace seized
• 9:32 : Critical RCE Flaw Found in HPE Insight Remote Support Tool
• 9:32 : Chrome Extensions Flaw Exposes Sensitive API Keys, Secrets and Tokens
• 9:32 : CIAM Across Industries: A Journey Through Digital Identity Neighborhoods
• 9:5 : New pathWiper Malware Targets Critical Infrastructure to Deploy Admin Tools
• 9:5 : US Offering $10 Million Reward for RedLine Malware Developer
• 9:5 : HPE Patches Critical Vulnerability in StoreOnce
• 9:5 : New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
• 8:33 : BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
• 8:5 : IT Security News Hourly Summary 2025-06-06 09h : 7 posts
• 8:3 : Paste.ee Turned Cyber Weapon: XWorm and AsyncRAT Delivered by Malicious Actors
• 8:3 : OpenAI Report: 10 AI Threat Campaigns Revealed Including Windows-Based Malware, Fake Resumes
• 8:3 : Play ransomware group hit 900 organizations since 2022
• 8:3 : Iranian APT ‘BladedFeline’ Stays Silent in Organizations Network for 8 Years
• 7:32 : PoC Exploit Released for Apache Tomcat DoS Vulnerability
• 7:32 : Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentials
• 7:32 : Kettering data published, Reddit sues Anthropic, North Face breached
• 7:3 : How to secure your portable devices against cyberthreats
• 7:3 : Hackers Exploit Roundcube Vulnerability to Steal User Credentials via XSS Attack
• 7:3 : Hackers Using New Sophisticated iMessage 0-Click Exploit to Attack iPhone Users
• 7:2 : June 2025 Patch Tuesday forecast: Second time is the charm?
• 6:34 : Claroty enhances xDome platform with Device Purpose and Risk Benchmarking capabilities
• 6:33 : Pathlock helps organizations protect their SAP environments from development to deployment
• 6:33 : Cyber Extortion, Ukraine’s Cyber Offensive, and Chrome Trust Shake-up
• 6:4 : Protecting patient data starts with knowing where it’s stored
• 6:4 : Why IAM should be the starting point for AI-driven cybersecurity
• 5:31 : BladedFeline: Whispering in the dark
• 5:5 : IT Security News Hourly Summary 2025-06-06 06h : 2 posts
• 5:4 : Ransomware and USB attacks are hammering OT systems
• 5:4 : AI becomes key player in enterprise ransomware defense
• 4:32 : Misconfigured HMIs Expose US Water Systems to Anyone With a Browser
• 4:31 : New infosec products of the week: June 6, 2025
• 4:2 : PumaBot: A New Malware That Sneaks into Smart Devices Using Weak Passwords
• 4:2 : Cerebras Unveils World’s Fastest AI Chip, Beating Nvidia in Inference Speed
• 2:31 : AMOS macOS Stealer Distributed Via Clickfix Bypasses macOS Security & Execute Malware
• 2:31 : CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code
• 2:5 : ISC Stormcast For Friday, June 6th, 2025 https://isc.sans.edu/podcastdetail/9482, (Fri, Jun 6th)
• 2:5 : IT Security News Hourly Summary 2025-06-06 03h : 5 posts
• 1:2 : Upcoming DShield Honeypot Changes and Customizations, (Fri, Jun 6th)
• 1:2 : The best secure browsers for privacy in 2025: Expert tested
• 1:2 : DCRat Attacking Users In Latin America To Steal Banking Credentials
• 1:2 : SCATTERED SPIDER Hackers Attacking IT Support Teams & Bypass Multi-Factor Authentication
• 1:2 : Threat Actors Using Malware Loaders To Bypass Android 13+ Accessibility Restrictions
• 0:4 : Keeping the Web Up Under the Weight of AI Crawlers
• 23:32 : Securing AI at scale: Databricks and Noma close the inference vulnerability gap
• 23:32 : Proxy Services Feast on Ukraine’s IP Address Exodus
• 23:32 : Uncle Sam puts $10M bounty on RedLine dev and Russia-backed cronies
• 23:32 : Skybox Is Gone. The Risk of Waiting Isn’t.
• 23:5 : IT Security News Hourly Summary 2025-06-06 00h : 5 posts
• 22:55 : IT Security News Daily Summary 2025-06-05
• 22:31 : AT&T not sure if new customer data dump is déjà vu
• 22:4 : U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog