IT Security News Daily Summary 2025-06-18

171 posts were published in the last hour

• 21:32 : Healthcare services company Episource data breach impacts 5.4 Million people
• 21:32 : Minecraft cheaters never win … but they may get malware
• 21:4 : 100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin
• 20:34 : OpenAI Signs $200M Defense Department Deal, Then Calms Fears About Weaponized AI
• 20:34 : Cyber Risk Management Strategy: How to Plan
• 20:5 : IT Security News Hourly Summary 2025-06-18 21h : 5 posts
• 20:2 : GodFather Android Malware Runs Real Apps in a Sandbox to Steal Data
• 20:2 : Asana’s cutting-edge AI feature ran into a little data leakage problem
• 19:35 : How to Master a DevSecOps Pipeline that Devs and AppSec Love
• 19:35 : Iran Reduces Internet Access After Israeli Airstrikes, Cyberattacks
• 19:7 : AI Revolutionizes PLA Military Intelligence with Rapid Deployment Across Operations
• 19:6 : Chollima Hackers Target Windows and MacOS with New GolangGhost RAT Malware
• 19:6 : Russian Hackers Bypass Gmail MFA with App Specific Password Ruse
• 18:31 : Iran’s Internet Blackout Adds New Dangers for Civilians Amid Israeli Bombings
• 18:7 : A week with a “smart” car
• 18:7 : Zoox Launches Robotaxi Production Facility
• 18:6 : Russia’s Digital Arsenal: The Strategic Use of Private Companies and Hacktivists in Cyber Operations
• 18:6 : Publisher’s Spotlight: NAKIVO Backup & Replication v11
• 17:35 : What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
• 17:35 : Internet collapses across Iran, say web-monitoring firms
• 17:35 : Big Brother’s Little Problem | EFFector 37.6
• 17:35 : LGBT Q&A: Your Online Speech and Privacy Questions, Answered
• 17:35 : Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection
• 17:34 : AWS Extends Scope of Cybersecurity Alliance with CrowdStrike
• 17:5 : IT Security News Hourly Summary 2025-06-18 18h : 7 posts
• 17:3 : Building a Quantum-Safe Internet: The IETF’s Plan for TLS
• 17:3 : Trump To Extend TikTok Deadline For Third Time
• 17:3 : Halo Security Honored with 2025 MSP Today Product of the Year Award
• 17:3 : NordPass lets you store passports and other IDs now – but is this safe?
• 17:2 : 5 New Trends In Phishing Attacks On Businesses – Must Aware Threats
• 17:2 : New SuperCard Malware Using Hacked Android Phones to Relay Data from Users Payment Cards to Attackers Device
• 17:2 : Insecure GitHub Actions in Open Source Projects MITRE and Splunk Exposes Critical Vulnerabilities
• 17:2 : UEBA: A Smarter Way to Fight AI-Driven Cyberattacks
• 17:2 : New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains
• 17:2 : Empower AI agents with user context using Amazon Cognito
• 16:34 : AgentSmith Flaw in LangSmith’s Prompt Hub Exposed User API Keys, Data
• 16:34 : Secure DevOps in Serverless Architecture
• 16:34 : Internet collapses across Iran, say web monitoring firms
• 16:34 : Trump’s TikTok Tarry — Yet Again, Ban-Can Kicked Down the Road
• 16:34 : Data Breach Reporting for regulatory requirements with Microsoft Data Security Investigations​​
• 16:12 : Elon Musk’s X Sues New York Over ‘Problematic Posts’ Requirement
• 16:12 : Two WormGPT Clones That Use Grok and Mixtral Found in Underground Forum
• 16:12 : TikTok bans explained: Everything you need to know
• 16:11 : ‘SmartAttack’: New Covert Threat Uses Smartwatches to Steal Data from Air-Gapped Systems via Ultrasound
• 15:32 : Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System
• 15:32 : RapperBot Botnet Attack Peaks 50,000+ Attacks Targeting Network Edge Devices
• 15:32 : Microsoft Defender for Office 365 to Block Email Bombing Attacks
• 15:32 : PLA Rapidly Deploys AI Technology Across Military Intelligence Operations
• 15:32 : Researchers Uncovered on How Russia Leverages Private Companies, Hacktivist to Strengthen Cyber Capabilities
• 15:32 : 1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub
• 15:31 : Critical Linux Flaws Discovered Allowing Root Access Exploits
• 15:5 : Finland Accuses Senior Ship Crew Of Undersea Cable Damage
• 15:4 : Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System
• 15:4 : Ghostwriting Scam
• 15:4 : Cyberattack in Dubai Compromises Patient Health Records
• 15:4 : AWS launches new cloud security features
• 15:4 : AI Now Generates Majority of Spam and Malicious Emails
• 14:35 : Hackers steal and destroy millions from Iran’s largest crypto exchange
• 14:34 : Watch out, Veeam fixed a new critical bug in Backup & Replication product
• 14:34 : CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
• 14:34 : Fake bank ads on Instagram scam victims out of money
• 14:34 : AWS Makes Bevy of Updates to Simplify Cloud Security
• 14:34 : Ransomware Attacks Continue to Rise in an Alarming Trend
• 14:34 : Telegram’s Alleged Ties to Russian Intelligence Raise Global Surveillance Fears
• 14:7 : What is an advanced persistent threat (APT)?
• 14:7 : Beware of Fake CAPTCHA Pop-Up Windows That Silently Installs LightPerlGirl Malware
• 14:7 : System Admins Beware! Weaponized Putty Ads in Bing Installs Remote Access Tools
• 14:7 : Veeam patches third critical RCE bug in Backup & Replication in space of a year
• 14:6 : Bitdefender acquires Mesh to boost email protection for businesses and MSPs
• 14:6 : Cloudflare Log Explorer detects security and performance issues
• 14:6 : GodFather Malware Upgraded to Hijack Legitimate Mobile Apps
• 14:5 : IT Security News Hourly Summary 2025-06-18 15h : 13 posts
• 13:34 : MITRE and Splunk Expose Critical Vulnerabilities in Open Source GitHub Actions
• 13:34 : Microsoft Enhances Office 365 Defender to Stop Email Bombing Campaigns
• 13:34 : Hackers Exploit Transit Mode in Apple Pay and GPay to Steal Money
• 13:34 : Zyxel NWA50AX Pro Hit by N-Day Flaw Allowing Arbitrary File Deletion
• 13:34 : SuperCard Malware Hijacks Android Devices to Steal Payment Card Data and Relay it to Attackers
• 13:34 : Minecraft Players Targeted in Sophisticated Malware Campaign
• 13:34 : Eufy’s new smart display gives Amazon and Google a run for their money – how it works
• 13:34 : Critical Vulnerability Patched in Citrix NetScaler
• 13:2 : Critical Flaw Uncovered in SUSE Linux- Full Root Access at Risk
• 13:2 : Qilin Emerges as a New Dominant Ransomware Attacking Windows, Linux, and ESXi Systems
• 13:2 : DMV-Themed Phishing Attacks Targeting U.S. Citizens to Steal Sensitive Data
• 13:2 : BlackHat AI Hacking Tool WormGPT Variant Powered by Grok and Mixtral
• 12:34 : U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog
• 12:34 : From Frankenstack to Framework: How MSPs Can Build Simpler, Smarter Security with Ross Brouse
• 12:34 : Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation
• 12:9 : WormGPT Makes a Comeback Using Jailbroken Grok and Mixtral Models
• 12:9 : DMV-Style Phishing Scams Target U.S. Citizens to Harvest Sensitive Information
• 12:9 : RapperBot Botnet Surges with 50,000+ Attacks Targeting Network Edge Devices
• 12:9 : AdaCore and CodeSecure Merge to Form a Global Company Providing Embedded Software Security and Safety Solutions
• 12:9 : Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)
• 12:8 : ClickFix Helps Infostealers Use MHSTA for Defense Evasion
• 11:32 : Iran Asks Citizens To Delete WhatsApp
• 11:32 : BlackHat AI Tool WormGPT Enhanced with Grok and Mixtral
• 11:32 : Google Chrome Vulnerabilities Enable Arbitrary Code Execution – Update Now!
• 11:32 : VMware Unveils Cloud Foundation 9.0 With AI and Next-Gen Workloads
• 11:32 : News Flodrix botnet targets vulnerable Langflow servers
• 11:32 : VMware Cloud Foundation 9.0 Released With Modern Workloads & AI Services
• 11:32 : SCATTERED SPIDER Using Aggressive Social Engineering Techniques to Deceive IT Support Teams
• 11:32 : Jumio Liveness Premium combats deepfakes and injection attacks
• 11:32 : Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign
• 11:31 : FedRAMP at Startup Speed: Lessons Learned
• 11:6 : OpenAI to Help DoD With Cyber Defense Under New $200 Million Contract
• 11:5 : Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security
• 11:5 : UK Government Publishes Plan to Boost Cyber Sector Growth
• 11:5 : IT Security News Hourly Summary 2025-06-18 12h : 2 posts
• 10:32 : When legitimate tools go rogue
• 10:32 : Amazon Boss Admits AI Will Mean More Job Losses For Staff
• 10:32 : Hackers Allegedly Claim Breach of Scania Financial Services, Sensitive Data Stolen
• 10:31 : Ransomware Group Qilin Offers Legal Counsel to Affiliates
• 10:7 : Famous Chollima deploying Python version of GolangGhost RAT
• 10:7 : Qilin Ransomware Emerges as a Major Threat Targeting Windows, Linux, and ESXi Systems
• 10:7 : Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone number
• 10:7 : 5 riskiest places to get scammed online
• 10:7 : Chrome 137 Update Patches High-Severity Vulnerabilities
• 10:7 : The Hidden Dangers of AI Copilots and How to Strengthen Security and Compliance
• 9:34 : Cybercriminals Leverage ClickFix Strategy to Deploy RATs and Data-Stealing Malware
• 9:34 : Why AI Agents are the Secret to a Proactive Cybersecurity Defense
• 9:3 : New Winos 4.0 Malware Strain Emerges as Major Threat to Windows Systems
• 9:3 : Critical Privilege Escalation Flaws Grant Full Root Access on Multiple Linux Distros
• 9:3 : Hackers Using ClickFix Technique to Deploy Remote Access Trojans and Data-Stealing Malware
• 9:3 : Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products
• 9:2 : Can Deepfakes Fool Your HR or IT Teams? What Every Remote-First Company Must Know in 2025
• 9:2 : Paddle Pays $5m to Settle Tech Support Scam Allegations
• 8:34 : Continuous Threat Exposure Management (CTEM): The Future of Vulnerability Assessment
• 8:5 : Hackers Claim Breach of Scania Financial Services, Leak Sensitive Data
• 8:5 : How to bridge the MFA gap
• 8:5 : Critical Linux Privilege Escalation Vulnerabilities Let Attackers Gain Full Root Access
• 8:5 : CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks
• 8:5 : Chrome Vulnerabilities Let Attackers Execute Arbitrary Code – Update Now!
• 8:5 : Podcast Episode: Securing Journalism on the ‘Data-Greedy’ Internet
• 8:5 : Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack
• 8:5 : Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People
• 8:5 : IT Security News Hourly Summary 2025-06-18 09h : 7 posts
• 8:4 : Out of Juice? TSA Says Don’t Plug Into Airport USB Ports
• 8:4 : Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents
• 8:4 : CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
• 7:31 : Hackers exploit Langflow flaw, TP-Link routers still vulnerable, Russia detects SuperCard malware attacks
• 7:6 : How many people have a credit score of 850?
• 7:6 : CISA Alerts to Active Exploits of Linux Kernel Improper Ownership Management Vulnerability
• 7:6 : Scattered Spider Targets US Insurance, Microsoft Zero-Day, Major Database Breach, and AI Poison Pill
• 6:37 : Google’s Gerrit Platform Flaw Exposes 18 Google Projects, Including ChromiumOS, to Hackers
• 6:37 : Threat Actors Attacking Windows System With New Winos 4.0 Malware
• 6:37 : Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security
• 6:37 : Kusari Inspector improves supply chain security
• 6:37 : Dashlane’s AI model alerts businesses to phishing risks
• 6:37 : Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict
• 6:37 : Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
• 5:34 : Citrix NetScaler ADC & Gateway Flaws Expose Sensitive Data to Hackers
• 5:34 : Veeam Vulnerabilities Expose Backup Servers to Remote Attacks
• 5:34 : 35 open-source security tools to power your red team, SOC, and cloud security
• 5:7 : Scattered Spider New Target: US Insurance Giants Under Cyber Attack
• 5:7 : Beyond Playbooks and AI Agents: Embracing Persistent, Autonomous Security Operations
• 5:7 : AI is changing cybersecurity roles, and entry-level jobs are at risk
• 5:5 : IT Security News Hourly Summary 2025-06-18 06h : 6 posts
• 4:32 : From cleaners to creepers: The risk of mobile privilege escalation
• 4:4 : Web Application Security Report 2025 – Evolving Threats, Strategies, and Best Practices
• 4:4 : Your Backup System Is Your Biggest Security Blind Spot
• 4:4 : Securing the Gaps: Firewalls in a Hybrid Cloud World
• 4:4 : A New Breed of Ransomware Threatens Total Data Destruction
• 4:4 : Trump administration set to waive TikTok sell-or-die deadline for a third time
• 4:4 : Employees are using AI where they know they shouldn’t
• 2:31 : MY TAKE: Microsoft takes ownership of AI risk — Google, Meta, Amazon, OpenAI look the other way
• 1:35 : Why a Layered Approach Is Essential for Cybersecurity and Zero Trust
• 1:6 : Don?t Make it Easier than it Already is?..Default Passwords [Guest Diary], (Wed, Jun 18th)
• 23:5 : IT Security News Hourly Summary 2025-06-18 00h : 5 posts
• 22:55 : IT Security News Daily Summary 2025-06-17
• 22:2 : Ensure Certainty in Your Cloud-Native Security
• 22:2 : Make Your Team Capable with Advanced NHIDR
• 22:2 : How Safe Are Your Secrets in the Cloud?