IT Security News Daily Summary 2025-07-10

156 posts were published in the last hour

• 21:37 : Ducex Packer for Android Evades Detection with Heavy Obfuscation Techniques
• 21:36 : Weaponized AI Extension Used by Hackers to Swipe $500,000 in Crypto
• 21:36 : UK NCA arrested four people over M&S, Co-op cyberattacks
• 21:36 : Android Packer Ducex Employs Serious Obfuscation Techniques and Detects Analysis Tools Presence
• 21:36 : Hackers Stolen $500,000 in Crypto Assets by Weaponizing AI Extension
• 21:36 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 21:7 : Modernize Your IAM Into Identity Fabric Powered by Connectors
• 21:6 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 20:37 : Ex-ASML engineer who stole chip tech for Russia gets three years in Dutch prison
• 20:36 : Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands
• 20:36 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 20:5 : IT Security News Hourly Summary 2025-07-10 21h : 8 posts
• 19:33 : US Sanctions Key Threat Actors Tied to North Korea’s Remote IT Worker Scheme
• 19:32 : SafePay Ransomware Uses RDP and VPN Access to Infiltrate Organizational Networks
• 19:32 : Schneider Electric Flaws Expose Systems to OS Command Injection Attacks
• 19:32 : CISO’s guide to creating a cybersecurity board report
• 19:32 : PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda
• 19:32 : Palo Alto Networks GlobalProtect Vulnerability Allows Root User Privilege Escalation
• 19:32 : Microsoft Exchange Online Service Down – Millions of Users Unable to Access Their Mailbox
• 19:32 : SafePay Ransomware Leverages RDP and VPN for Intruding Into Organizations Network
• 19:32 : US Sanction Key Threat Actors Linked With North Korea’s Remote IT Worker Scheme
• 19:31 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 19:2 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 18:32 : Patch, track, repeat
• 18:32 : Cyberattacks on User Logins Jump 156%, Fueled by Infostealers and Phishing Toolkits
• 18:32 : Hackers Exploit GitHub to Distribute Malware Disguised as VPN Software
• 18:32 : UK Charges Four in ‘Scattered Spider’ Ransom Group
• 18:32 : French police arrest Russian basketball player accused of ransomware: Report
• 18:32 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 18:31 : Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
• 17:33 : How passkeys work: Your passwordless journey begins here
• 17:5 : IT Security News Hourly Summary 2025-07-10 18h : 9 posts
• 16:34 : UK Arrests Woman and Three Men for Cyberattacks on M&S Co-op and Harrods
• 16:34 : What CISOs need to know about AI governance frameworks
• 16:34 : Siemens TIA Project-Server and TIA Portal
• 16:34 : Siemens TIA Administrator
• 16:34 : Advantech iView
• 16:33 : Siemens SIMATIC CN 4100
• 16:33 : CISA Releases Thirteen Industrial Control Systems Advisories
• 16:33 : CREST introduces a staged pathway for advancement to globally-recognised CREST cybersecurity accreditation
• 16:33 : Forescout Vedere Labs shows “vibe hacking” isn’t quite the threat it’s made out to be… yet
• 16:33 : Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges
• 16:33 : INE Security Unveiled Enhanced eMAPT Certification
• 16:33 : Hackers Abused GitHub to Spread Malware Mimic as VPN
• 16:32 : ServiceNow Platform Vulnerability Let Attackers Exfiltrate Sensitive Data
• 16:32 : Four Hackers Arrested by UK Police for Attacks on M&S, Co-op and Harrods Stores
• 16:32 : Why your AppSec Tool Stack Is Failing in the Age of AI
• 16:32 : 4 Arrests in Dawn Raid of Scattered-Spider Suspects
• 16:32 : ​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
• 16:3 : Fast Food, Weak Passwords: McDonald’s AI Hiring Tool Exposed Millions of Applicants’ Data
• 16:3 : CVE-2025-27636 – Remote Code Execution in Apache Camel via Case-Sensitive Header Filtering Bypass
• 16:3 : Office 365’s Microsoft Defender Now Thwarts Email Bombing Assaults
• 16:3 : Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
• 15:33 : Asus and Adobe vulnerabilities
• 15:32 : Fed up with AI scraping your content? This open-source bot blocker can help – here’s how
• 15:32 : French police arrest Russian basketball player accused of ransomware: report
• 15:32 : Russia, hotbed of cybercrime, says nyet to ethical hacking bill
• 15:32 : Chinese Scientists Develop Quantum-Resistant Blockchain Storage Technology
• 15:4 : Authorities arrest four hackers linked to UK retail hacking spree
• 15:4 : Establishing a European trust service provider for the AWS European Sovereign Cloud
• 14:36 : INE Security Launches Enhanced eMAPT Certification
• 14:35 : AI-Powered Browser Comet From Perplexity Launches ‘To Amplify Our Intelligence’
• 14:35 : New PerfektBlue Attack Exposes Millions of Cars to Remote Hacking
• 14:35 : Critical mcp-remote Vulnerability Exposes LLM Clients to Remote Code Execution Attacks
• 14:35 : Ransomware Operations Surge Following Qilin’s New Pattern of Attacks
• 14:35 : Hackers Exploiting GeoServer RCE Vulnerability to Deploy CoinMiner
• 14:35 : eSIM Hack Allows for Cloning, Spying
• 14:35 : FBI Urges Airlines to Prepare for Evolving Threat Scenarios
• 14:34 : Four arrested in connection with M&S, Co-op ransomware attacks
• 14:7 : Wordfence Intelligence Weekly WordPress Vulnerability Report (June 30, 2025 to July 6, 2025)
• 14:7 : How AI Bots Are Rewriting the Rules of Publishing
• 14:7 : Deepfake criminals impersonate Marco Rubio to uncover government secrets
• 14:7 : Four Arrested in UK Over M&S, Co-op Cyberattacks
• 14:7 : Ingram Micro Restores Systems Impacted by Ransomware
• 14:7 : LLMs Fall Short in Vulnerability Discovery and Exploitation
• 14:5 : IT Security News Hourly Summary 2025-07-10 15h : 12 posts
• 13:33 : Latin America 2025 Mid-Year Cyber Snapshot Reveals 39% Surge in Attacks as AI Threats Escalate Regional Risk
• 13:33 : Fortinet Champions MITRE CTID Ambiguous Techniques
• 13:32 : Catching Smarter Mice with Even Smarter Cats
• 13:32 : McDonald’s AI bot spills data on job applicants
• 13:32 : Qantas Confirms 5.7 Million Impacted by Data Breach
• 13:32 : Four Arrested in Connection with April UK Retail Attacks
• 13:32 : TikTok’s Handling of EU User Data in China Comes Under Scrutiny Again
• 13:3 : Strategies for Implementing End-To-End Security in Financial Services and Web3 Environments
• 13:3 : ServiceNow Platform Vulnerability Enables Attackers to Exfiltrate Sensitive Data
• 13:3 : Four Hackers Arrested by UK Police After Attacks on M&S Co‑op and Harrods
• 13:2 : Ingram Micro Ransomware Attack Shakes IT Supply Chain
• 13:2 : Ruckus network management solutions riddled with unpatched vulnerabilities
• 12:36 : Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks
• 12:36 : CISA Warns ValveLink Products May Expose Sensitive System Information
• 12:36 : Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
• 12:36 : New Opossum Attack Allows Hackers to Compromise Secure TLS Channels with Malicious Messages
• 12:36 : New Scraper Botnet with 3,600+ Unique Devices Attacking Targets in US and UK
• 12:36 : Critical Vulnerabilities in Bluetooth Protocol Stack Expose Millions of Devices to Remote Code Execution Attacks
• 12:36 : Sigma360 AI Investigator Agent reduces manual reviews
• 12:3 : NCA arrests four in connection with UK retail ransomware attacks
• 12:3 : Booz Allen Invests in Machine Identity Firm Corsha
• 12:3 : AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
• 12:2 : New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
• 12:2 : What Security Leaders Need to Know About AI Governance for SaaS
• 12:2 : Nippon Steel IT Subsidiary Hit by “Zero-Day Attack,” Causing Data Breach
• 11:32 : Rhadamanthys Infostealer Uses ClickFix Technique to Steal Login Credentials
• 11:32 : Brave Browser For Android via F‑Droid: Now Fully Available
• 11:32 : Most Cryptocurrency Stocks Are Rising. Join ALR MINER And Earn $8,700 In BTC Every Day
• 11:32 : Code highlighting with Cursor AI for $500,000
• 11:32 : Using Signal Groups for Activism
• 11:31 : Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack
• 11:7 : GitLab Vulnerabilities Allow Execution of Malicious Actions via Content Injection
• 11:7 : GitPhish – A New Tool that Automates GitHub Device Code Phishing Attack
• 11:7 : Sovereign-ish: Google Cloud keeps AI data in UK, but not the support
• 11:7 : What Can Businesses Do About Ethical Dilemmas Posed by AI?
• 11:7 : The Rise of Agentic AI: A New Frontier for API Security
• 11:5 : IT Security News Hourly Summary 2025-07-10 12h : 7 posts
• 10:41 : Fix the Click: Preventing the ClickFix Attack Vector
• 10:41 : Critical Ruckus Wireless Flaws Threaten Enterprise Wi‑Fi Security
• 10:40 : Qantas data breach impacted 5.7 million individuals
• 10:40 : Contributors to the OpenSSL Library (June 2025)
• 10:2 : AirMDR Raises $15.5 Million for MDR Solution
• 9:35 : 10 Best Secure Network As A Service (NaaS) For MSSP Providers – 2025
• 9:35 : Best SOC 2 Type 2 Certified Complaint Solutions – 2025
• 9:35 : ChatGPT Tricked into Disclosing Windows Home, Pro, and Enterprise Editions Keys
• 9:35 : Microsoft Outlook Down: Users Unable to Access Mailboxes
• 9:35 : Rhadamanthys Infostealer Leveraging ClickFix Technique to Steal Login Credentials
• 9:35 : Tribunal Ruling Brings ICO’s £12.7m TikTok Fine Closer
• 9:2 : Rethinking API Security: Confronting the Rise of Business Logic Attacks (BLAs)
• 8:38 : Ransomware Activity Spikes Amid Qilin’s New Wave of Targeted Attacks
• 8:38 : Qantas Confirms 5.7 Million Customers Hit by Data Breach
• 8:5 : Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners
• 8:5 : Researchers Trick ChatGPT into Leaking Windows Product Keys
• 8:5 : New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages
• 8:5 : Review: How Passwork 7 helps tame business passwords
• 8:5 : IT Security News Hourly Summary 2025-07-10 09h : 3 posts
• 8:4 : At last, a use case for AI agents with sky-high ROI: Stealing crypto
• 8:4 : ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
• 7:32 : At last, a use case for AI agents with high sky-high ROI: Stealing crypto
• 7:32 : Cynomi’s platform updates enable service providers to prioritize their security efforts
• 7:32 : AMD has CPU meltdown, Mozilla Thunderbird has vulnerabilities, Indian defense sector attacked
• 7:4 : Massive Scraper Botnet of 3,600+ Devices Targets US and UK Websites
• 7:4 : McDonald’s AI Hiring Bot With Password ‘123456’ Leaks Millions of Job-Seekers Data
• 7:4 : Lepide Protect detects, prioritizes, and revokes excessive permissions
• 6:2 : Fake online stores look real, rank high, and trap unsuspecting buyers
• 6:2 : What EU’s PQC roadmap means on the ground
• 5:36 : Open source has a malware problem, and it’s getting worse
• 5:10 : GitPhish: New Tool Automates GitHub Device Code Phishing Attacks
• 5:9 : McDonald’s AI Hiring Bot Exposed with ‘123456’ Password — Millions of Job‑Seekers’ Data at Risk
• 5:9 : Critical mcp‑remote Vulnerability Enables LLM Clients to Remote Code Execution
• 5:9 : C-suites step up on OT cybersecurity, and it’s paying off
• 4:4 : Microsoft Confirms Teams Outage for Users, Investigation Underway – Updated
• 4:4 : Global software supply chain visibility remains critically low
• 2:5 : ISC Stormcast For Thursday, July 10th, 2025 https://isc.sans.edu/podcastdetail/9520, (Thu, Jul 10th)
• 2:5 : How passkeys work: Do your favorite sites even support passkeys?
• 1:34 : DoNot APT is expanding scope targeting European foreign ministries
• 1:5 : SSH Tunneling in Action: direct-tcp requests [Guest Diary], (Wed, Jul 9th)
• 23:5 : IT Security News Hourly Summary 2025-07-10 00h : 1 posts
• 23:4 : How to trick ChatGPT into revealing Windows keys? I give up
• 22:55 : IT Security News Daily Summary 2025-07-09