IT Security News Daily Summary 2025-06-25

210 posts were published in the last hour

• 21:34 : ‘They’re Not Breathing’: Inside the Chaos of ICE Detention Center 911 Calls
• 21:34 : Citrix bleeds again: This time a zero-day exploited – patch now
• 21:34 : Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)
• 20:36 : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
• 20:36 : Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky’ Document Practices
• 20:36 : US Warns of Iranian Cyber Threats as Tensions Rise Over Middle East Conflict
• 20:36 : Facial recognition: Where and how you can opt out
• 20:5 : IT Security News Hourly Summary 2025-06-25 21h : 17 posts
• 20:4 : US Bipartisan Bill Seeks To Block Chinese AI In Federal Agencies
• 20:3 : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
• 20:3 : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests
• 20:3 : Protect Your Privacy: Best Secure Messaging Apps in 2025
• 19:32 : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa
• 19:32 : Hackers deploy fake SonicWall VPN App to steal corporate credentials
• 19:32 : Amazon’s Ring can now use AI to ‘learn the routines of your residence’
• 19:3 : North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages
• 19:3 : How Avast’s free AI-powered Scam Guardian protects you from online con artists
• 19:2 : CISA Adds Three Known Exploited Vulnerabilities to Catalog
• 19:2 : ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
• 18:39 : Russia Frees REvil Hackers, Despite Guilty Pleas
• 18:39 : Five Hackers Behind Notorious Data Selling Platform BreachForums Arrested
• 18:39 : New BRAODO Stealer Campaign Abuses GitHub To Host Payloads And Evade Detection
• 18:39 : Beyond Backup: How Coveware is Revolutionizing Veeam’s Ransomware Defense
• 18:39 : The Era of Agentic Security with Microsoft Security Copilot
• 18:39 : RedirectionGuard: Mitigating unsafe junction traversal in Windows
• 18:9 : Threat Brief: Escalation of Cyber Risk Related to Iran
• 18:9 : Provider-Agnostic OIDC Auth Flow for Your Apps (PyJWT + FastAPI)
• 18:9 : Chart Your SASE Transformation with Prisma SD-WAN
• 18:9 : Supply chain attacks surge with orgs ‘flying blind’ about dependencies
• 18:9 : Computer vision research feeds surveillance tech as patent links spike 5×
• 18:9 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 18:8 : Microsoft Named a Leader in the 2025 IDC CNAPP MarketScape: Key Takeaways for Security Buyers
• 17:36 : Sam Altman Admits Speaking With Microsoft’s Nadella Over Partnership
• 17:36 : Why AI scam protection is more important than ever
• 17:36 : Anthropic just made every Claude user a no-code app developer
• 17:36 : New Malware Spotted in The Wild Using Prompt Injection to Manipulate AI Models Processing Sample
• 17:35 : LinuxFest Northwest: Securing Your Web Server
• 17:35 : Fortanix Adds Dashboard to Better Prioritize Remediation Efforts for PQC Era
• 17:35 : Air India Express Flight Returns Mid-Air After Suspected GPS Spoofing Near Jammu Border
• 17:35 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 17:35 : nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
• 17:5 : IT Security News Hourly Summary 2025-06-25 18h : 21 posts
• 16:33 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 16:33 : Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
• 16:5 : What is single sign-on (SSO)?
• 16:5 : Multiple Brother Devices Vulnerabilities Open Devices for Hacking
• 16:5 : Beware of Weaponized Wedding Invite Scams That Deploys SpyMax RAT on Android Devices
• 16:4 : French cybercrime police arrest five suspected BreachForums admins
• 16:4 : Jailbroken Mistral And Grok Tools Are Used by Attackers to Build Powerful Malware
• 16:4 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 16:4 : Hackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in Africa
• 15:35 : ispace Blames Laser for Moon Crash Landing
• 15:34 : Threat Actors Distribute Compromised SonicWall SSL VPN NetExtender to Steal Sensitive Data
• 15:34 : Enterprises must rethink IAM as AI agents outnumber humans 10 to 1
• 15:34 : European Cybersecurity Leader Heimdal Partners with Montreal’s Fusion Cyber Group for Canadian Market Expansion
• 15:34 : Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild
• 15:34 : North Korean Hackers as Recruiters Attacking Developers With 35 New Malicious npm Packages
• 15:34 : INTERPOL Warns of Sharp Rise in Cyber Attacks Targeting Western and Eastern Africa
• 15:34 : From Insight to Action: How Tenable One KPIs Drive Exposure Management Success
• 15:34 : CISA Warns of Renewed Exploits Targeting TP-Link Routers with Critical Flaws
• 15:34 : Scania Targeted in Extortion Attempt Following Data Breach
• 15:34 : New Malicious Python Package Found Stealing Cloud Credentials
• 15:33 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 15:5 : Have Fun Teaching – 27,126 breached accounts
• 15:5 : Robinsons Malls – 195,597 breached accounts
• 15:5 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 15:5 : NSA and CISA Urge Adoption of Memory Safe Languages for Safety
• 14:34 : Bumble Axes 30 Percent Of Global Workforce
• 14:34 : AI Agents Are Creating Insider Security Threat Blind Spots, Research Finds
• 14:34 : Thousands of SaaS Apps Could Still Be Susceptible to nOAuth
• 14:34 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 14:34 : Tines allows teams to choose the right AI level for any workflow
• 14:5 : IT Security News Hourly Summary 2025-06-25 15h : 11 posts
• 14:3 : Hacktivist Groups Target U.S. Companies and Military Domains in Retaliation for Iran Attacks
• 14:3 : NetNerve – AI Powered PCAP Analysis to Detect Anomalies & Potential Threats
• 14:3 : Windows 11 Update Configuration Hangs During Update Scanning
• 14:3 : Kubernetes NodeRestriction Vulnerability Allows Nodes to Bypass Resource Allocation Checks
• 14:2 : Hacktivist Groups Attacking U.S. Companies & Military Domains Following Attacks on Iran
• 14:2 : Threat Actors Distribute Hacked Version of SonicWall’s SSL VPN NetExtender to Steal Sensitive Data
• 14:2 : Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
• 13:35 : Keep Your Tech FLAME Alive: Akamai Trailblazer Maite Vitar
• 13:35 : Windows 11 Configuration Bug Freezes Update Scanning Process
• 13:35 : Firefox 140 Launches with Critical Code Execution Bug Fix – Update Now
• 13:35 : Educated Manticore Reemerges: Iranian Spear-Phishing Campaign Targeting High-Profile Figures
• 13:35 : AI Evasion: The Next Frontier of Malware Techniques
• 13:35 : Frost & Sullivan Report Validates Value of Consolidated Security
• 13:35 : Welcome to the New Cyber Battleground
• 13:35 : Post-Quantum Cryptography Implementation Enterprise-Readiness Analysis
• 13:34 : Many data brokers are failing to register with state consumer protection agencies
• 13:34 : Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears
• 13:34 : LapDogs Campaign Shows Chinese Groups’ Growing Use of ORB Networks
• 13:34 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 13:34 : Stellar Cyber updates MITRE ATT&CK Aligned Coverage Analyzer
• 13:34 : Mitiga Helios AI accelerates alert triage and incident response for SecOps teams
• 13:34 : Fortanix PQC Central boosts post-quantum readiness
• 13:34 : Microsoft nOAuth Flaw Still Exposes SaaS Apps Two Years After Discovery
• 13:5 : The Road Trip of Threat Modeling: A Journey to Efficiency, Effectiveness, And Value
• 13:5 : Does your generative AI protect your privacy? New study ranks them best to worst
• 13:5 : Ring’s new generative AI feature is here to answer your ‘who’s there?’ or ‘what was that?’ questions
• 13:5 : Ring cameras and doorbells now use AI to provide specific descriptions of motion activity
• 13:5 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 13:5 : OpenRouter raises $40 million to simplify AI model overload
• 13:5 : SAP GUI Input History Found Vulnerable to Weak Encryption
• 12:33 : Realtek Bluetooth Flaw Allows Attackers to Launch DoS Attacks During Pairing
• 12:33 : Authorization sprawl: Attacking modern access models
• 12:33 : I’ve Seen Things, pt II
• 12:32 : Program Execution, follow-up
• 12:32 : Chrome Security Update: Patch for 11 Vulnerabilities Enabling Malicious Code Execution
• 12:32 : Threat Actors Poison Search Results & Exploits Popularity of ChatGPT and Luma AI to Deliver Malicious Payloads
• 12:32 : CISA Releases Guide to Reduce Memory Safety Vulnerabilities in Modern Software Development
• 12:32 : Critical Kibana Vulnerabilities Allows Heap Corruption and Remote Code Execution
• 12:32 : Hackers Abuse ConnectWise to Hide Malware
• 12:32 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 12:3 : Chrome Releases Security Patch for 11 Code Execution Vulnerabilities
• 12:3 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 12:2 : Windows 10: How to get security updates for free until 2026
• 11:35 : Silicon UK In Focus Podcast: From Data to Decisions
• 11:35 : Tesla Robotaxis Catch Attention Of Federal Safety Regulators
• 11:35 : Threat Actors Manipulate Search Results, Exploit ChatGPT and Luma AI Popularity to Deliver Malicious Payloads
• 11:35 : CISA Publishes Guide to Address Memory Safety Vulnerabilities in Modern Software Development
• 11:34 : Mainline Health Systems data breach impacted over 100,000 individuals
• 11:34 : What LLMs Know About Their Users
• 11:34 : New Vulnerabilities Expose Millions of Brother Printers to Hacking
• 11:34 : SonicWall Warns of Trojanized NetExtender Stealing User Information
• 11:34 : How to Tame Your Multi-Cloud Attack Surface with Pentesting
• 11:34 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 11:34 : Beware the Hidden Risk in Your Entra Environment
• 11:34 : Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
• 11:5 : IT Security News Hourly Summary 2025-06-25 12h : 14 posts
• 11:3 : Akamai Reveals New Strategies for Defenders to Combat Cryptominer Attacks
• 11:3 : NetNerve: AI-Powered Tool for Deep PCAP Threat Detection
• 11:3 : Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization
• 11:3 : Linux CentOS Web Panel Vulnerability Let Attackers Execute Malicious Remote Code – PoC Released
• 11:2 : Code Execution Vulnerability Patched in GitHub Enterprise Server
• 11:2 : Why Sincerity Is a Strategic Asset in Cybersecurity
• 11:2 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 11:2 : Mastercard adds secure on-chain access to crypto
• 11:2 : Ransomware Attacks Dip in May Despite Persistent Retail Targeting
• 10:32 : APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications
• 10:32 : Incogni vs. DeleteMe: Which service removes your personal data best?
• 10:32 : Disrupting the operations of cryptocurrency mining botnets
• 10:32 : AI and collaboration tools: how cyberattackers are targeting SMBs in 2025
• 10:32 : Chrome 138, Firefox 140 Patch Multiple Vulnerabilities
• 10:32 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 10:4 : Cybercriminal abuse of large language models
• 10:4 : Akamai Shares New Techniques for Defenders to Shutdown Cryptominer Attacks
• 10:4 : New U.S. Visa Rule Requires Applicants to Change Social Media Accounts Privacy to Public
• 10:3 : NVIDIA Megatron LM Vulnerability Let Attackers Inject Malicious Code
• 10:3 : CISA Issued ICS Advisories Covering Current Vulnerabilities and Exploits
• 10:3 : Sextortion email scammers increase their “Hello pervert” money demands
• 10:3 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 10:3 : XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
• 10:2 : SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
• 10:2 : UK Ransom Payments Double as Victims Fall Behind Global Peers
• 9:36 : UK govt dept website that campaigns against encryption hijacked to advertise … payday loans
• 9:36 : Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People
• 9:36 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 9:36 : Common Good Cyber Fund Launched to Support Non-Profit Security Efforts
• 9:4 : Google Plans to Remove Chrome’s Tab Scrolling Feature
• 9:3 : Securing Our Water: Understanding the Water Cybersecurity Enhancement Act of 2025
• 9:3 : How Secure Login Enhances the Accuracy of Your Marketing Dashboards
• 9:3 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 9:3 : Half of Customer Signups Are Now Fraudulent
• 8:33 : CentOS Web Panel Vulnerability Allows Remote Code Execution – PoC Released
• 8:33 : Critical Kibana Flaws Enable Heap Corruption and Remote Code Execution
• 8:32 : Prometei botnet activity has surged since March 2025
• 8:32 : APT Hackers Abuse Microsoft ClickOnce to Execute Malware as Trusted Host
• 8:32 : TeamViewer for Windows Vulnerability Let Attackers Delete Files Using SYSTEM Privileges
• 8:32 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 8:32 : North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
• 8:5 : IT Security News Hourly Summary 2025-06-25 09h : 13 posts
• 8:3 : Best Practices for Secrets Management in the Cloud
• 8:2 : A Guide to Secret Remediation Best Practices
• 8:2 : Managing Encryption Keys vs. Access Keys
• 8:2 : Moving Beyond Static Credentials in Cloud-Native Environments
• 8:2 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 7:34 : New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare
• 7:34 : Updating to Android 16 gives you 2 useful security features – but you need to enable them
• 7:34 : Russian APT Hits Ukrainian Government With New Malware via Signal
• 7:34 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 7:34 : 70 Microsoft Exchange servers targeted, Apple, Netflix, Microsoft sites hacked, data breach hits Aflac
• 7:5 : Is my phone infected with spyware? How to tell
• 7:5 : TeamViewer for Windows Vulnerability Lets Hackers Delete Files with SYSTEM Rights
• 7:5 : CISA Releases New ICS Advisories Highlighting Ongoing Threats and Exploits
• 7:5 : These battery-powered 4K security cameras give Ring and Blink a run for their money
• 7:5 : Quantum computers just got an upgrade – and it’s 10× more efficient
• 7:5 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 7:4 : BackBox 8.0 empowers organizations to strengthen their cyber resilience strategy
• 7:4 : Cybersecurity Today: Balancing Trust, Risks, and Innovations
• 6:38 : NVIDIA Megatron LM Flaw Allows Attackers to Inject Malicious Code
• 6:38 : You may qualify for AT&T’s $177 million data breach settlement – how to file a claim today
• 6:38 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 6:37 : Why the SOC needs its “Moneyball” moment
• 6:37 : Abstract Security unveils cloud-native cold storage for security telemetry
• 6:37 : The tiny amplifier that could supercharge quantum computing
• 6:37 : Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options
• 6:5 : New FileFix Exploit Uses Windows File Explorer to Run Malicious Commands
• 6:5 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 6:5 : From posture to prioritization: The shift toward unified runtime platforms
• 5:36 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 5:36 : Why should companies or organizations convert to FIDO security keys?
• 5:5 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 5:5 : IT Security News Hourly Summary 2025-06-25 06h : 2 posts
• 4:32 : Black Duck Teams with Arm to Boost EU Cyber Resilience Act Compliance
• 4:32 : Keeper Security Achieves SOC 3 Compliance
• 4:32 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 4:32 : Users lack control as major AI platforms share personal info with third parties
• 4:32 : Companies negotiate their way to lower ransom payments
• 4:4 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 3:31 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​