IT Security News Daily Summary 2025-07-17

205 posts were published in the last hour

• 21:34 : Slack will generate thread summaries and AI notes from your huddles now
• 21:11 : The best web hosting services of 2025: Expert tested and reviewed
• 21:11 : Dell’s new Pro Max lineup offers top-tier laptops for sky-high prices
• 21:11 : Chinese State-Sponsored Hackers Attacking Semiconductor Industry with Weaponized Cobalt Strike
• 21:11 : Ukraine Hackers Claimed Cyberattack on Major Russian Drone Supplier
• 20:36 : CVE-2024-12029 – InvokeAI Deserialization of Untrusted Data vulnerability
• 20:7 : Massive Data Leak at Texas Adoption Agency Exposes 1.1 Million Records
• 20:7 : How Hackers Exploit Spring Core Vulnerability in 2025: Proactive Measures to Detect Emerging Cyber Threats
• 20:7 : Best email hosting services 2025: My top picks for personal and business use
• 20:5 : IT Security News Hourly Summary 2025-07-17 21h : 10 posts
• 19:36 : Move over, Tesla Powerwall: EcoFlow’s new home backup system claims to reduce energy bills by up to 90%
• 19:36 : Best MagSafe battery packs 2025: I tested the best options to boost your phone’s battery
• 19:36 : Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
• 19:3 : Fighting AI with AI, finance firms prevented $5 million in fraud – but at what cost?
• 19:3 : Researchers Uncover on How Hacktivist Groups Gaining Attention and Selecting Targets
• 19:3 : Watch out, another max-severity, make-me-root Cisco bug on the loose
• 19:3 : Emerging Cloaking-as-a-Service Offerings are Changing Phishing Landscape
• 18:7 : This is your sign to step away from the keyboard
• 18:7 : ChatGPT isn’t just for chatting anymore – now it will do your work for you
• 18:7 : 4M+ Internet-Exposed Systems at Risk From Tunneling Protocol Vulnerabilities
• 18:7 : Hackers Exploiting DNS Blind Spots to Hide and Deliver Malware
• 18:7 : H2Miner Attacking Linux, Windows, and Containers to Mine Monero
• 18:7 : Chinese Attackers Suspected of Breaching a Prominent DC Law Firm
• 17:35 : You can buy a 4-pack of Apple AirTags for just $80 on Amazon right now
• 17:35 : Linux has over 6% of the desktop market? Yes, you read that right – here’s how
• 17:34 : How to detect and fix a rooted Android phone
• 17:34 : Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen
• 17:34 : Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud
• 17:5 : IT Security News Hourly Summary 2025-07-17 18h : 12 posts
• 17:3 : Meet ChatGPT agent, a new AI assistant ready to carry out complex tasks for you – try it now
• 17:3 : An explanation of identity and access management
• 17:3 : CISA Releases Three Industrial Control Systems Advisories
• 17:3 : Panoramic Corporation Digital Imaging Software
• 17:3 : Leviton AcquiSuite and Energy Monitoring Hub
• 17:2 : 123456 Password Leads to McDonald’s Data Breach
• 16:34 : Police Shut Down 100 Servers Tied to Russian NoName057(16), Arrest 2
• 16:34 : Best AirTag wallets 2025: I tested the best options to track your cards and cash
• 16:33 : 7 useful things the Flipper Zero can do that still blows my mind – two years later
• 16:33 : Iranian Threat Actors Leveraging AI-Crafted Emails to Target Cybersecurity Researchers and Academics
• 16:33 : Armenian Hacker Extradited to U.S. After Ransomware Attacks on Tech Firms
• 16:33 : UNG0002 Actors Deploys Weaponize LNK Files Using ClickFix Fake CAPTCHA Verification Pages
• 16:33 : Massistant Chinese Mobile Forensic Tooling Gain Access to SMS Messages, Images, Audio and GPS Data
• 16:32 : 1Password Adds MCP Server to Trelica Governance Platform
• 16:32 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 16:32 : Transparency on Microsoft Defender for Office 365 email security effectiveness
• 16:7 : Wordfence Intelligence Weekly WordPress Vulnerability Report (July 7, 2025 to July 13, 2025)
• 16:7 : Microsoft Teams Exploited to Deliver Matanbuchus Ransomware Payload
• 16:7 : This TCL Mini LED TV remains one of my top picks, even as last year’s model
• 16:7 : A hidden Google Earth slider lets you travel up to 80 years back in time – here’s how to try it
• 16:7 : Out-of-Band Update: Tripwire Enterprise 9.3.1
• 16:7 : Hackers are trying to steal passwords and sensitive data from users of Signal clone
• 16:7 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 15:33 : Ukrainian Hackers Claim Cyberattack on Major Russian Drone Supplier
• 15:33 : I put this buzzworthy 2-in-1 robot vacuum to work in my house – here’s how it fared
• 15:32 : AI agents will change work and society in internet-sized ways, says AWS VP
• 15:32 : This slick gadget is like a Swiss Army Knife for my keys (and fully trackable)
• 15:32 : This flat chip uses twisted light to reveal hidden images
• 15:32 : WordPress Plugin Breach: Hackers Gain Control Through Manual Downloads
• 15:32 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 15:5 : H2Miner Targets Linux, Windows, and Containers to Illicitly Mine Monero
• 15:5 : I found a budget Android tablet qualified to replace my Kindle (and the price is right)
• 15:5 : Got ChatGPT Plus? You can record and summarize meetings on a Mac now – here’s how
• 15:5 : North Korean hackers blamed for record spike in crypto thefts in 2025
• 15:5 : Adoption agency leaks over a million records
• 15:5 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 15:4 : Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads
• 14:35 : Chinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt Strike
• 14:35 : SquareX Collaborates With Top Fortune 500 CISOs To Launch The Browser Security Field Manual At Black Hat
• 14:35 : Massistant: Chinese Mobile Forensic Tool Accesses SMS, Images, Audio, and GPS Data
• 14:35 : 11 Best Practices for Developing Secure Web Applications
• 14:35 : How I started my own LinkedIn newsletter for free – in 5 easy steps
• 14:35 : I tested the Ferrari of robot mowers for a month – here’s my verdict
• 14:35 : Researchers from OpenAI, Anthropic, Meta, and Google issue joint AI safety warning – here’s why
• 14:35 : Meta AI chatbot bug could have allowed anyone to see private conversations
• 14:35 : OpenAI Launching AI-Powered Web Browser to Rival Chrome, Drive ChatGPT Integration
• 14:34 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 14:34 : Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
• 14:6 : What is supply chain risk management (SCRM)?
• 14:5 : 1-Click Oracle Cloud Code Editor RCE Vulnerability Lets Attackers Upload Malicious Files
• 14:5 : NVIDIA Container Toolkit Vulnerability Allows Elevated Arbitrary Code Execution
• 14:5 : WeTransfer walks back clause that said it would train AI on your files
• 14:5 : Google Gemini AI Flaw Could Lead to Gmail Compromise, Phishing
• 14:5 : Global Encryption at Risk as China Reportedly Advances Decryption Capabilities
• 14:5 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 14:5 : IT Security News Hourly Summary 2025-07-17 15h : 17 posts
• 13:33 : Over 4 Million Exposed Devices Used in Two New DoS Attack Campaigns
• 13:33 : AI-Powered Security for the Modern Software Supply Chain: Reinforcing Software Integrity in an Era of Autonomous Code and Expanding Risk
• 13:33 : Global Cyber Attacks Surge 21% in Q2 2025 — Europe Experiences the Highest Increase of All Regions
• 13:33 : Adobe Firefly can now generate AI sound effects for videos – and I’m seriously impressed
• 13:33 : How I started my own LinkedIn newsletter – in 5 easy steps
• 13:33 : Hackers Can Hide Malicious Code in Gemini’s Email Summaries
• 13:33 : Improving Cloud Intrusion Detection and Triage with FortiCNAPP Composite Alerts
• 13:33 : Empirical Security Raises $12 Million for AI-Driven Vulnerability Management
• 13:32 : SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat
• 13:32 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 13:5 : Blaxel raises $7.3M seed round to build ‘AWS for AI agents’ after processing billions of agent requests
• 13:5 : Adobe Firefly can now generate sound effects for videos – and I’m seriously impressed
• 13:5 : Chrome fixes 6 security vulnerabilities. Get the update now!
• 13:5 : Armenian Man Extradited to US Over Ryuk Ransomware Attacks
• 13:5 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 13:5 : AI Cloaking Tools Enable Harder-to-Detect Cyber-Attacks
• 12:33 : GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine
• 12:32 : Researchers Reveal How Hacktivist Groups Gain Attention and Choose Their Targets
• 12:32 : This hidden Google Maps feature is making people emotional – here’s why
• 12:32 : United Natural Foods Expects $400M revenue impact from June cyber attack
• 12:32 : PyPI Bans Inbox.ru Domains Following Massive 1,500+ Fake Project Uploads
• 12:32 : Critical SharePoint RCE Vulnerability Exploited Using Malicious XML Payload Within Web Part
• 12:32 : Hackers Exploit DNS Queries for C2 Operations and Data Exfiltration
• 12:32 : GhostContainer Malware Hacking Exchange Servers in the Wild Using N-day Vulnerability
• 12:32 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 12:32 : Stellar Cyber enhances identity security with ITDR capabilities
• 12:5 : UNG0002 Actors Weaponize LNK Files via ClickFix Fake CAPTCHA Pages
• 12:5 : Hackers Are Finding New Ways to Hide Malware in DNS Records
• 12:5 : Mobile Forensics Tool Used by Chinese Law Enforcement Dissected
• 12:5 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 12:5 : CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025
• 12:5 : Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
• 11:36 : 1-Click Oracle Cloud Code Editor RCE Flaw Allows Malicious File Upload to Shell
• 11:35 : NVIDIA Container Toolkit Vulnerability Allows Privileged Code Execution by Attackers
• 11:35 : UK’s Co-op Retailer Hit by Cyberattack, 6.5 Million Members’ Data Exposed
• 11:35 : The best streaming lights of 2025: Expert tested for Twitch, TikTok, and YouTube
• 11:35 : Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity
• 11:35 : Security Vulnerabilities in ICEBlock
• 11:35 : Quantum code breaking? You’d get further with an 8-bit computer, an abacus, and a dog
• 11:34 : Are We Truly Prepared for the Era of Quantum Computing?
• 11:34 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 11:7 : Chinese Salt Typhoon Infiltrated US National Guard Network for Months
• 11:7 : The password manager I recommend most has its own VPN and long list of features
• 11:6 : Threat Actors Weaponized 28+ New npm Packages to Infect Users With Protestware Scripts
• 11:6 : Europol Disrupted “NoName057(16)” Hacking Group’s Infrastructure of 100+ Servers Worldwide
• 11:6 : Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure
• 11:6 : Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations
• 11:6 : Collaboration is Key: How to Make Threat Intelligence Work for Your Organization
• 11:5 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 11:5 : Microsoft Exposes Scattered Spider’s Latest Tactics
• 11:5 : One in 12 US/UK Employees Uses Chinese GenAI Tools
• 11:5 : IT Security News Hourly Summary 2025-07-17 12h : 57 posts
• 10:7 : MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
• 10:7 : Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data
• 10:7 : Iranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Researchers and Academics
• 10:7 : Claude Code revenue jumps 5.5x as Anthropic launches analytics dashboard
• 10:6 : I’ve been reviewing TVs for 10 years and these are the best of 2025
• 10:6 : Bridging the Visibility Gap: 2025 Global Cybersecurity Maturity Report
• 10:6 : test draft
• 10:6 : “Prove Your Age, Lose Your Privacy”: How Free Speech Coalition v. Paxton Turns Porn Sites into Surveillance Platforms
• 10:5 : I Hacked (Logged) In Through The Front Door
• 10:5 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 10:5 : Review: Passwork 7.0, self-hosted password manager for business
• 9:41 : ISC Stormcast For Thursday, July 17th, 2025 https://isc.sans.edu/podcastdetail/9530, (Thu, Jul 17th)
• 9:41 : Hiding Payloads in Linux Extended File Attributes, (Thu, Jul 17th)
• 9:41 : How hard is it to buy a Nintendo Switch 2?
• 9:41 : BADBOX 2.0 Found Preinstalled on Android IoT Devices Worldwide
• 9:41 : How Secure Is Online Fax: Privacy and Data Protection Standards
• 9:41 : Cisco Unified Intelligence Center Flaw Lets Remote Attackers Upload Arbitrary Files
• 9:40 : Hackers Actively Exploited CitrixBleed 2 Flaw Ahead of PoC Disclosure
• 9:40 : Critical SharePoint RCE Vulnerability Exploited via Malicious XML in Web Part
• 9:40 : PyPI Blocks Inbox.ru Domains After 1,500+ Fake Package Uploads
• 9:40 : Threat Actors Deploy 28+ Malicious Packages to Spread Protestware Scripts
• 9:40 : The Invisible Risk in Your Middleware: A Next.js Flaw You Shouldn’t Ignore
• 9:40 : Introducing Check Point Quantum Spark 2500: Smarter Security, Faster Connectivity, and Simpler MSP Management
• 9:40 : I recommend this OnePlus phone over other budget Androids – and it’s $100 off
• 9:39 : This 9-inch tablet singlehandedly changed my mind about gaming on Android
• 9:39 : Top Tech Conferences & Events to Add to Your Calendar in 2025
• 9:39 : Microsoft’s July Patch Might Be to Blame If Azure VM Isn’t Loading
• 9:39 : Google’s Big Sleep Foils Hackers by Spotting SQLite Flaw Before Exploit
• 9:39 : The 5 Best VPNs for Small Businesses on a Budget
• 9:39 : Adoption Agency Data Exposure Revealed Information About Children and Parents
• 9:39 : DHS Faces New Pressure Over DNA Taken From Immigrant Children
• 9:39 : Call of Duty cheaters complain after Activision launches new wave of mass-bans
• 9:38 : Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)
• 9:38 : UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations
• 9:38 : GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
• 9:38 : Hacking Trains
• 9:38 : AI Appreciation Day: Celebrating Progress, Embracing Responsibility
• 9:38 : Infostealers Distributed with Crack Apps Emerges as Top Attack Vector For June 2025
• 9:38 : SonicWall SMA Devices 0-Day RCE Vulnerability Exploited to Deploy OVERSTEP Ransomware
• 9:38 : Microsoft Congratulates MSRC’s Most Valuable Security Researchers
• 9:37 : Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files
• 9:37 : Threat Actors Weaponizing SVG Files to Embed Malicious JavaScript
• 9:37 : Operation Eastwood shutters 100+ servers used to DDoS websites supporting Ukraine
• 9:37 : Ukrainian hackers claim to have destroyed major Russian drone maker’s entire network
• 9:37 : Microsoft offers vintage Exchange and Skype server users six more months of security updates
• 9:37 : Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network
• 9:37 : Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime
• 9:37 : Oracle Patches 200 Vulnerabilities With July 2025 CPU
• 9:36 : Cisco Patches Another Critical ISE Vulnerability
• 9:36 : VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched
• 9:36 : Politically Motivated Hacktivist Stole Data of 2.5 Million Columbia University Students And Employees
• 9:36 : Newly Found AMD Processor Flaws Raise Concerns, Though Risk Remains Low
• 9:36 : Protecting customers from Octo Tempest attacks across multiple industries
• 9:36 : Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
• 9:36 : Machine unlearning gets a practical privacy upgrade
• 9:36 : What a mature OT security program looks like in practice
• 9:35 : Akeyless SecretlessAI protects machine-to-machine communication
• 9:35 : Legit Security delivers automated security reviews for AppSec and development teams
• 9:35 : Socure Workforce Verification detects manipulated or fabricated identities
• 9:35 : Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
• 9:35 : Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
• 9:35 : Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors
• 9:35 : Pro-Russian Cybercrime Network Demolished in Operation Eastwood
• 9:35 : SquidLoader Malware Campaign Targets Hong Kong Financial Sector
• 9:35 : Most European Financial Firms Still Lagging on DORA Compliance
• 9:34 : US Data Breaches Head for Another Record Year After 11% Surge
• 9:34 : Google’s AI tool finds bugs, Europol disrupts hacktivist group, SquidLoader targets Hong Kong
• 9:34 : AWS successfully completes CCAG 2024 pooled audit with European financial institutions