IT Security News Daily Summary 2025-11-07

148 posts were published in the last hour

• 22:34 : LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
• 22:9 : Friday Squid Blogging: Squid Game: The Challenge, Season Two
• 22:8 : How Android provides the most effective protection to keep you safe from mobile scams
• 22:8 : Previously unknown Landfall spyware used in 0-day attacks on Samsung phones
• 21:33 : Malicious NuGet Packages Hide Time-Delayed Sabotage Code
• 21:8 : Crowdstrike: AI Accelerating Ransomware Attacks Across Europe
• 21:8 : ClickFix Malware Evolves with Multi-OS Support and Video Tutorials
• 20:34 : Phishing Campaign “I Paid Twice” Targets Booking.com Hotels and Guests
• 20:34 : Randall Munroe’s XKCD ‘’Planetary Rings”
• 20:34 : NDSS 2025 – SCAMMAGNIFIER: Piercing The Veil Of Fraudulent Shopping Website Campaigns
• 20:5 : IT Security News Hourly Summary 2025-11-07 21h : 6 posts
• 20:4 : ClickFix Attacks Evolved With Weaponized Videos That Tricks Users via Self-infection Process
• 20:4 : Malwarebytes scores 100% in AV-Comparatives Stalkerware Test 2025
• 19:34 : News brief: Collaboration apps face security scrutiny — again
• 19:34 : Congressional Budget Office Hit by Cyberattack During Shutdown
• 19:34 : Cisco Warns of Active Exploitation of ASA and FTD 0-Day Vulnerability
• 19:34 : Washington Post confirms data breach linked to Oracle hacks
• 18:37 : Amazon WorkSpaces Linux Bug Lets Attackers Steal Credentials
• 18:37 : Cisco ISE Bug Exposes Networks to Remote Restart Attacks
• 18:37 : Hackers Can Attack Active Directory Sites to Escalate Privileges and Compromise the Domain
• 18:37 : Herodotus Android Banking Malware Takes Full Control Of Device Evading Antivirus
• 18:37 : Malwarebytes scores 100% in AV Comparatives Stalkerware Test 2025
• 18:37 : ​​Whisper Leak: A novel side-channel attack on remote language models
• 18:37 : Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp
• 17:38 : Understanding Proxies and the Importance of Japanese Proxies in Modern Networking
• 17:38 : Nevada ransomware attack traced back to malware download by employee
• 17:7 : Congressional Budget Office confirms it was hacked
• 17:7 : Spektrum Labs Previews Cryptographic Platform for Proving Cyber Resilience
• 17:7 : Multi-Crore Fake GST Registration Racket Busted Across 23 States
• 17:6 : Delhi Airport Hit by Rare GPS Spoofing Attacks Causing Flight Delays and Diversions
• 17:6 : Video Game Studios Exploit Legal Rights of Children
• 17:6 : AIjacking Threat Exposed: How Hackers Hijacked Microsoft’s Copilot Agent Without a Single Click
• 17:6 : Cybercriminals Target Fans Ahead of 2026 FIFA World Cup, Norton Warns
• 17:6 : From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools
• 17:6 : Cyberattacks surge against IoT, mobile devices in critical infrastructure
• 17:5 : IT Security News Hourly Summary 2025-11-07 18h : 4 posts
• 16:36 : How to Protect Personal Data in Today’s API Economy
• 16:36 : In Other News: Controversial Ransomware Report, Gootloader Returns, More AN0M Arrests
• 16:36 : Stop Paying the Password Tax: A CFO’s Guide to Affordable Zero-Trust Access
• 16:36 : Fortinet’s Fabric-Based Approach to Cloud Security
• 16:4 : “I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix
• 15:34 : Microsoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attacks
• 15:34 : New Android Malware ‘Fantasy Hub’ Intercepts SMS Messages, Contacts and Call Logs
• 15:34 : New Analysis Uncovers LockBit 5.0 Key Capabilities and Two-Stage Execution Model
• 15:34 : Fake CAPTCHA sites now have tutorial videos to help victims install malware
• 15:34 : Cybercrims plant destructive time bomb malware in industrial .NET extensions
• 15:34 : Radical Empowerment From Your Leadership: Understood by Few, Essential for All
• 15:34 : Landfall Android Spyware Targeted Samsung Phones via Zero-Day
• 15:9 : Google Warns of AI-Driven Threat Escalation in 2026
• 15:8 : Securing the AI-Enabled Enterprise
• 15:8 : US Budget Office Hit By Cyberattack
• 14:36 : Threat Actors Leverage AI to Accelerate Ransomware Attacks Across Europe
• 14:7 : German ISP aurologic GmbH Identified as Key Hub for Malicious Hosting Infrastructure
• 14:7 : Expanding CloudGuard: Our Journey to Secure GenAI Apps
• 14:6 : Data Exposure Vulnerability Found in Deep Learning Tool Keras
• 14:6 : Clop Claims Washington Post Breach
• 14:6 : Hyundai AutoEver Reports Data Breach
• 14:6 : French Police Seize Millions In Crypto
• 14:6 : UK Carriers To Block Spoofed Calls
• 14:6 : Google Warns AI Will Boost Cybercrime
• 14:5 : IT Security News Hourly Summary 2025-11-07 15h : 6 posts
• 13:34 : Threat Actors Use Stolen RDP Credentials to Deploy Cephalus Ransomware
• 13:34 : New Phising Attack Targeting Travellers from Hotel’s Compromised Booking.com Account
• 13:33 : 15+ Weaponized npm Packages Attacking Windows Systems to Deliver Vidar Malware
• 13:33 : ClickFix Attacks Against macOS Users Evolving
• 13:5 : Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code
• 13:5 : ClickFix Attack Evolves: Weaponized Videos Trigger Self-Infection Tactics
• 13:5 : ESET APT Activity Report Q2 2025–Q3 2025
• 13:4 : Doubling Down in Vegas: The High-Stakes Question of Whether to Pay
• 13:4 : Unsecured Corporate Data Found Freely Accessible Through Simple Searches
• 13:4 : Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation
• 12:37 : Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools
• 12:36 : Workload Identities: Bridging Infrastructure and Application Security
• 12:36 : Cisco fixes critical UCCX flaw allowing Root command execution
• 12:36 : LeakyInjector and LeakyStealer Malwares Attacks Users to Steal Crypto’s and Browser History
• 12:36 : Researchers Evaded Elastic EDR’s Call Stack Signatures by Exploiting Call Gadgets
• 12:36 : Chinese Hackers Organization Influence U.S. Government Policy on International Issues
• 12:36 : Microsoft’s data sovereignty: Now with extra sovereignty!
• 12:36 : Russian Hacking Group Sandworm Deploys New Wiper Malware in Ukraine
• 12:9 : New Analysis Reveals LockBit 5.0’s Core Features and Dual-Stage Attack Model
• 12:9 : U.S. Congressional Budget Office Hit by Cyberattack, Sensitive Data Compromised
• 12:9 : Bank of England says JLR’s cyberattack contributed to UK’s unexpectedly slower GDP growth
• 11:34 : LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
• 11:34 : Attackers Exploit Active Directory Sites to Escalate Privileges and Compromise Domain
• 11:34 : New Android Malware ‘Fantasy Hub’ Spies on Users’ Calls, Contacts, and Messages
• 11:34 : Mexico City Is the Most Video-Surveilled Metropolis in the Americas
• 11:34 : ‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones
• 11:34 : DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz
• 11:34 : The Shift Toward Zero-Trust Architecture in Cloud Environments
• 11:33 : Attackers upgrade ClickFix with tricks used by online stores
• 11:6 : Chrome 142 Update Patches High-Severity Flaws
• 11:6 : The Congressional Budget Office Was Hacked. It Says It Has Implemented New Security Measures
• 11:6 : Simulating Cyberattacks to Strengthen Defenses for Smart Buildings
• 11:6 : Enterprise Credentials at Risk – Same Old, Same Old?
• 11:5 : IT Security News Hourly Summary 2025-11-07 12h : 8 posts
• 10:36 : Motion Picture Association Takes Meta To Task Over PG-13 Label
• 10:36 : Netherlands Believes Nexperia Chip Shipments Set To Resume
• 10:36 : Security vs. Compliance: What’s the Difference?
• 10:36 : Amazon WorkSpaces For Linux Vulnerability Let Attackers Extract Valid Authentication Token
• 10:36 : Cavalry Werewolf Attacking Government Organizations to Deploy Backdoor for Network Access
• 10:5 : EMEA data Centre Growth Slows Amid Power Constraints
• 10:5 : Washington Post Hit By Oracle Software Hack
• 10:5 : Over 15 Malicious npm Packages Exploiting Windows to Deploy Vidar Malware
• 10:4 : Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
• 9:36 : Researchers Bypass Elastic EDR Call-Stack Signatures Using Call Gadgets
• 9:36 : Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems
• 9:36 : How TeamViewer builds enterprise trust through security-first design
• 9:36 : 18 Arrested in Crackdown on Credit Card Fraud Rings
• 9:36 : Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector
• 9:5 : France Demands EU Act On Shein Over Pornography, Weapons
• 9:5 : OPNsense Firewall Update Addresses Multiple Security Issues and Enhances Features
• 9:5 : FreeBSD-based OPNsense Firewall Released for Security Issues and Improvements
• 8:34 : Reddit Added To Australia Teen Social Media Ban
• 8:34 : New Phishing Campaign Targets Travelers via Compromised Hotel Booking.com Accounts
• 8:34 : Hackers use Hyper-V, Cisco UCCX flaw, The Louvre’s password
• 8:6 : Rockstar Games Accused Of ‘Blatant’ Union-Busting
• 8:6 : Attackers Deploy LeakyInjector and LeakyStealer to Hijack Crypto Wallets and Browser Info
• 8:6 : Influence of Chinese Hacker Organizations on U.S. Foreign Policy
• 8:5 : IT Security News Hourly Summary 2025-11-07 09h : 5 posts
• 7:36 : Postman expands platform with features for building AI-ready APIs
• 7:36 : November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?
• 7:36 : Tufin Orchestration Suite R25-2 strengthens network, cloud, and SASE policy automation
• 7:36 : Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
• 7:6 : Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story
• 6:38 : Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor
• 6:38 : Old privacy laws create new risks for businesses
• 6:38 : What keeps phishing training from fading over time
• 6:6 : How Fast and Secure Customer Support Relies on Internet Privacy Tools
• 6:6 : Elevating Customer Support with Smarter Access Solutions in an AI-Constrained World
• 6:6 : Hospitals are running out of excuses for weak cyber hygiene
• 6:6 : Innovative Tools and Tactics in Cybersecurity
• 5:36 : Amazon WorkSpaces for Linux Vulnerability Exposes Valid Auth Tokens to Attackers
• 5:36 : Sandworm Hackers Target Ukrainian Organizations With Data-Wiping Malware
• 5:11 : Claude Desktop Hit by Critical RCE Flaws Allowing Remote Code Execution
• 5:11 : New infosec products of the week: November 7, 2025
• 3:36 : Cisco Identity Services Engine Vulnerability Allows Attackers to Restart ISE Unexpectedly
• 3:36 : NVIDIA NVApp for Windows Vulnerability Let Attackers Execute Malicious Code
• 3:6 : What Are Passkeys and How Do They Work?
• 3:6 : The public’s one account for government services
• 2:8 : ISC Stormcast For Friday, November 7th, 2025 https://isc.sans.edu/podcastdetail/9690, (Fri, Nov 7th)
• 0:6 : A CIO’s First Principles Reference Guide for Securing AI by Design
• 0:6 : Closing the Zero Trust Loop: ZTNA + CDR
• 23:38 : Sandworm Hackers Attacking Ukranian Organizations with Data Wiper Malwares
• 23:38 : Closing the Card Fraud Detection Gap
• 23:6 : Account Takeover: What Is It and How to Fight It
• 23:6 : Gootloader malware back for the attack, serves up ransomware
• 23:5 : IT Security News Hourly Summary 2025-11-07 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-11-06