IT Security News Daily Summary 2025-10-30

155 posts were published in the last hour

21:34 : Hidden npm Malware Exposes New Supply Chain Weakness
21:4 : Gartner Recognizes Flowable in 2025 Magic Quadrant for Business Orchestration and Automation Technologies
20:35 : OpenAI’s Aardvark is an AI Security Agent Combating Code Vulnerabilities
20:5 : IT Security News Hourly Summary 2025-10-30 21h : 4 posts
20:4 : How Android provides the most effective protection to keep you safe from mobile scams
19:34 : Public Exploit Code Released for Critical BIND 9 DNS Vulnerability
19:34 : Canada Warns of Cyberattacks Targeting Industrial Control Systems
19:33 : Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
19:4 : New Windows-Based Airstalk Malware Employs Multi-Threaded C2 Communication to Steal Logins
19:4 : New Agent-Aware Cloaking Leverages OpenAI ChatGPT Atlas Browser to Deliver Fake Content
19:4 : New Lampion Stealer Uses ClickFix Attack to Silently Steal Login Credentials
19:4 : Proton trains new service to expose corporate infosec cover-ups
19:4 : The 5 generative AI security threats you need to know about detailed in new e-book
18:34 : Spyware-Plugged ChatGPT, DALL·E and WhatsApp Apps Target US Users
18:34 : Latest Windows 11 Update Hit by Task Manager Bug – It Won’t Close!
18:34 : Brush exploit can cause any Chromium browser to collapse in 15-60 seconds
18:34 : US Defense Contractor Boss Sold Zero Days to Russia — Cops a Plea
18:4 : Trick, treat, repeat
18:4 : WhatsApp adds passkey protection to end-to-end encrypted backups
18:4 : RediShell RCE Vulnerability Exposes 8,500+ Redis Instances to Code Execution Attacks
18:4 : 700+ Malicious Android Apps Abusing NFC Relay to Exfiltrate Banking Login Credentials
17:34 : Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks
17:34 : Google’s Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month
17:5 : ICE Wants to Build a Shadow Deportation Network in Texas
17:5 : IT Security News Hourly Summary 2025-10-30 18h : 9 posts
17:5 : CISA Releases Two Industrial Control Systems Advisories
17:4 : International Standards Organization ISO 15118-2
17:4 : The Hidden Cost of Secrets Sprawl
17:4 : Veeam Sets Data Graph Course Following Acquisition of Securiti AI
17:4 : Is Unsupported OpenJDK for Universities Good Enough?
17:4 : Your Enterprise LAN Security Is a Problem—Nile Can Fix It
17:4 : Critical Flaws Found in Elementor King Addons Affect 10,000 Sites
16:34 : Year-Long Nation-State Hack Hits US Telecom Ribbon Communications
16:34 : Docker Compose vulnerability opens door to host-level writes – patch pronto
16:33 : New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
16:4 : Wordfence Intelligence Weekly WordPress Vulnerability Report (October 20, 2025 to October 26, 2025)
16:4 : NASA’s Quiet Supersonic Jet Takes Flight
16:4 : 12 Malicious Extension in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials
16:4 : New Malware Targeting WooCommerce Sites with Malicious Plugins Steals Credit Card Data
16:4 : CISA Releases Best Security Practices Guide for Hardening Microsoft Exchange Server
16:4 : How scammers use your data to create personalized tricks that work
16:4 : Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery
16:4 : FCC will vote to scrap telecom cybersecurity requirements
15:34 : CISA, NSA and Global Partners Unveil Security Blueprint for Hardening Microsoft Exchange Servers
15:34 : New Guidance Released on Microsoft Exchange Server Security Best Practices
15:34 : Fortinet Honored by Crime Stoppers International for Global Leadership in Cybercrime Prevention
15:34 : Ransomware gang claims Conduent breach: what you should watch for next
15:34 : Madras High Court says cryptocurrencies are property, not currency — what the ruling means for investors
15:34 : CISA updates guidance and warns security teams on WSUS exploitation
15:4 : Russian-Linked Cyberattacks Continue to Target Ukrainian Organizations
15:4 : Spektrum Labs Emerges From Stealth to Help Companies Prove Resilience
15:4 : AI Poisoning: How Malicious Data Corrupts Large Language Models Like ChatGPT and Claude
15:4 : Canadian authorities warn of hacktivists targeting exposed ICS devices
14:34 : Discover the 3 Stages of Cloud Maturity by Taking Our Quiz
14:34 : NASA’s Quiet Supersonic Jet Takes Flight
14:34 : Critical Vulnerability in Chromium’s Blink Let Attackers Crash Chromium-based Browsers Within Seconds
14:34 : Multiple Jenkins Vulnerability SAML Authentication Bypass And MCP Server Plugin Permissions
14:34 : Invisible npm malware pulls a disappearing act – then nicks your tokens
14:34 : The CISO’s Guide to Model Context Protocol (MCP)
14:34 : The Wild West of AI-Driven Fraud
14:34 : Volkswagen Faces Cybersecurity Concerns Amid Ransomware Claims
14:5 : IT Security News Hourly Summary 2025-10-30 15h : 20 posts
14:4 : Lampion Stealer Resurfaces with ClickFix Attack to Steal User Credentials Stealthily
14:4 : Threat Actors Abuse AzureHound Tool to Enumerate Azure and Entra ID Environments
14:4 : Fake PayPal invoice from Geek Squad is a tech support scam
14:4 : Threat Actors Weaponizing Open Source AdaptixC2 Tied to Russian Underworld
14:4 : Critical Oracle Suite Flaw Actively Exploited; CISA Orders Urgent Patch
14:4 : WhatsApp now lets you secure chat backups with passkeys
13:34 : X-Request-Purpose: Identifying “research” and bug bounty related scans?, (Thu, Oct 30th)
13:34 : Critical Blink Vulnerability Lets Attackers Crash Chromium Browsers in Seconds
13:34 : Save 20% on OffSec’s Learn One!
13:34 : Stolen Credentials and Valid Account Abuse Remain Integral to Financially Motivated Intrusions
13:34 : Millions Impacted by Conduent Data Breach
13:34 : Reflectiz Raises $22 Million for Website Security Solution
13:34 : Why Frost & Sullivan named AppOmni a Growth & Innovation Leader in the 2025 Frost Radar™ for SSPM
13:34 : AppOmni Awarded the 2025 Frost & Sullivan Technology Innovation Leadership Recognition
13:34 : AppOmni Named Growth and Innovation Leader in 2025 Frost Radar™ for SaaS Security Posture Management, Earns Tech Innovation Leadership Recognition
13:34 : How Can Generative AI Transform the Future of Identity and Access Management
13:33 : Upwind unveils AI-powered Exposure Validation Engine to redefine dynamic CSPM
13:33 : Shadow AI: One In Four Employees Use Unapproved AI Tools, Research Finds
13:5 : Hezi Rash: Rising Kurdish Hacktivist Group Targets Global Sites
13:5 : Major US Telecom Backbone Firm Hacked by Nation-State Actors
13:4 : Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
13:4 : The Death of the Security Checkbox: BAS Is the Power Behind Real Defense
13:4 : Cloaked AI Attack Makes Crawlers Cite Lies
13:4 : Vermont Hacker Avoids Jail For Data Theft
13:4 : Alleged FINTOCH Scam Mastermind Arrestedv
13:4 : Family Health West Hit By Cyberattack
13:4 : Canada Warns Hackers Breach Critical ICS
12:34 : Airstalk Malware: Multi-Threaded C2 Steals Windows Logins
12:34 : 8 Best Password Managers (2025), Tested and Reviewed
12:33 : Cyberpunks mess with Canada’s water, energy, and farm systems
12:33 : The Correlation Between MSP Growth and Proper Client Prospecting
12:33 : Aembit Introduces Identity and Access Management for Agentic AI
12:4 : Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks
12:4 : PhantomRaven Attack Involves 126 Malicious npm Packages with Over 86,000 Downloads Hiding Malicious Code
12:4 : Canada Says Hackers Tampered With ICS at Water Facility, Oil and Gas Firm
11:35 : NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details
11:35 : Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia
11:34 : AI Application Security with MCP Server | Contrast MCP Server | Contrast Security
11:34 : PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
11:34 : ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
11:5 : IT Security News Hourly Summary 2025-10-30 12h : 16 posts
11:4 : Postcode Lottery’s lucky dip turns into data slip as players draw each other’s info
11:4 : 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times
11:4 : Proton Claims 300 Million Records Compromised So Far This Year
10:34 : Critical RediShell RCE Vulnerability Threatens 8,500+ Redis Deployments Worldwide
10:34 : Tata Motors Breach Exposed 70TB of Sensitive Data Before Fix
10:34 : Microsoft Windows Cloud Files Minifilter Privilege Escalation Vulnerability Exploited
10:34 : Dentsu has Disclosed that its U.S.-based Subsidiary Merkle Suffers Cyberattack
10:34 : Canada Warns of Hackers Breached ICS Devices Controlling Water and Energy Facilities
10:34 : New Attack Combines Ghost SPNs and Kerberos Reflection to Elevate Privileges on SMB Servers
10:34 : PolarEdge Botnet Infected 25,000+ Devices and 140 C2 Servers Exploiting IoT Vulnerabilities
10:34 : France jacks into the Matrix for state messaging – and pays too
10:6 : Dynamic binary instrumentation (DBI) with DynamoRio
10:6 : New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
10:6 : Deepfake-as-a-Service 2025 – How Voice Cloning and Synthetic Media Fraud Are Changing Enterprise Defenses
10:6 : Former US Defense Contractor Executive Admits to Selling Exploits to Russia
10:6 : Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
9:34 : US Telco Services Firm Reports Nation-State Hack
9:34 : Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
9:34 : Impenetrable Security for Non-Human Identities
9:34 : Free Your Organization from Identity Threats
9:4 : Amazon Brings ‘Rainier’ Data Centre Project Online
9:4 : New Malware Infects WooCommerce Sites Through Fake Plugins to Steal Credit Card Data
9:4 : Privilege Escalation Exploit Targets Windows Cloud Files Minifilter
9:4 : Akeyless introduces AI Agent Identity Security for safer AI operations
9:4 : Confluent Private Cloud enables real-time data streaming and governance for regulated industries
8:34 : Rare Earth Supply Constraints Hit German Manufacturers
8:34 : Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution
8:34 : Chrome 142 Released With Fix for 20 Vulnerabilities that Allows Malicious Code Execution
8:34 : StrongestLayer launches AI Advisor to verify unknown senders in real time
8:34 : New OpenText capabilities enhance enterprise defense with AI across identity, data, and apps
8:5 : IT Security News Hourly Summary 2025-10-30 09h : 4 posts
8:4 : US Senate Proposes AI Companion Ban For Minors
8:4 : 12 Malicious Extensions in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials
7:33 : How neighbors could spy on smart homes
7:33 : LG Uplus confirms breach, Conduent attack impacts 10M+, hackers exploit tools against Ukraine
7:4 : How the City of Toronto embeds security across governance and operations
6:34 : Your photo could be all AI needs to clone your voice
6:4 : WordPress Plugin Vulnerability Lets Attackers Read Any Server File
6:4 : CISA Alerts on Active Exploitation of WSUS Vulnerability
6:4 : PhantomRaven Attack Discovered in 126 Malicious npm Packages, Exceeding 86,000 Downloads
6:4 : Hottest cybersecurity open-source tools of the month: October 2025
5:33 : PolarEdge Botnet Hits 25K IoT Devices in Major Cyber Campaign
5:33 : CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability
5:33 : Email breaches are the silent killers of business growth
5:5 : IT Security News Hourly Summary 2025-10-30 06h : 1 posts
5:4 : SUSE Linux Enterprise Server 16 puts AI in the operating system
2:5 : IT Security News Hourly Summary 2025-10-30 03h : 1 posts
2:4 : ISC Stormcast For Thursday, October 30th, 2025 https://isc.sans.edu/podcastdetail/9678, (Thu, Oct 30th)
0:33 : Planning 2026 Managed Services Budget: Approval Strategies That Work
23:34 : Microsoft Outage Hits Azure, 365, Xbox, Minecraft and More
23:5 : IT Security News Hourly Summary 2025-10-30 00h : 3 posts
22:55 : IT Security News Daily Summary 2025-10-29

Share this:

Related

Post navigation