IT Security News Daily Summary 2025-11-24

135 posts were published in the last hour

• 22:34 : Android Users at Risk as RadzaRat Trojan Evades Detection
• 22:34 : Praise Amazon for raising this service from the dead
• 22:34 : How is the lifecycle of NHIs supported in enterprise environments?
• 22:33 : How can Agentic AI be adaptable to regulatory changes?
• 22:33 : What exciting advancements are coming in NHIs management?
• 22:33 : How does Secrets Management deliver value in Agentic AI management?
• 21:31 : When Chatbots Go Rogue: Securing Conversational AI in Cyber Defense
• 21:31 : The hidden costs of illegal streaming and modded Amazon Fire TV Sticks
• 21:2 : SitusAMC Breach Exposes Data From 100+ Financial Institutions
• 21:2 : Illegal streaming is costing people real money, research finds
• 20:33 : SitusAMC Cyber Breach Sparks Fallout for JPMorgan, Citi, and Morgan Stanley
• 20:32 : Ex-CISA officials, CISOs dispel ‘hacklore,’ spread cybersecurity truths
• 20:5 : IT Security News Hourly Summary 2025-11-24 21h : 5 posts
• 20:2 : Shopping Online This Holiday Season? 5 Ways to Stay Cyber Safe
• 20:2 : Harvard reports vishing breach exposing alumni and donor contact data
• 20:2 : The Death of Legacy MFA and What Must Rise in Its Place
• 19:31 : Tanium Converge: AI Comes to Enterprise Security, IT Needs
• 19:31 : Vulnerability Summary for the Week of November 17, 2025
• 19:2 : Is Your Android TV Streaming Box Part of a Botnet?
• 18:31 : Critical Firefox Bug Leaves 180M Users Exposed
• 18:31 : ​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​
• 18:31 : Black Friday scammers offer fake gifts from big-name brands to empty bank accounts
• 18:2 : How To Hide Your Country Location on X (Twitter) by Switching to Region
• 18:2 : Podcast Empowers Professionals to Thrive in Their Cybersecurity Careers
• 18:2 : Hackers Leveraging WhatsApp That Silently Harvest Logs and Contact Details
• 18:2 : Shai-Hulud 2.0: over 14,000 secrets exposed
• 18:2 : Hack of SitusAMC Puts Data of Financial Services Firms at Risk
• 17:5 : IT Security News Hourly Summary 2025-11-24 18h : 10 posts
• 17:3 : DOGE days are over as Trump disbands Elon Musk’s team of federal cost-cutters
• 17:3 : Dropping Elephant Hacker Group Attacks Defense Sector Using Python Backdoor via MSBuild Dropper
• 17:2 : Sha1-Hulud Supply Chain Attack: 800+ npm Packages and Thousands of GitHub Repos Compromised
• 17:2 : PoC released for W3 Total Cache Vulnerability that Exposes 1+ Million Websites to RCE Attacks
• 17:2 : Chinese-Linked Hackers Exploit Claude AI to Run Automated Attacks
• 16:32 : Matrix Push C2 abuses browser notifications to deliver phishing and malware
• 16:31 : When the Browser Becomes the Battleground for AI and Last-Mile Attacks
• 16:31 : Apple’s Digital ID Tool Sparks Privacy Debate Despite Promised Security
• 16:31 : Cybercriminals Speed Up Tactics as AI-Driven Attacks, Ransomware Alliances, and Rapid Exploitation Reshape Threat Landscape
• 16:31 : Hackers steal sensitive data from major banking industry vendor
• 16:2 : Shai Hulud npm Worm Impacts 26,000+ Repos in Supply Chain Attack
• 16:2 : New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
• 16:2 : Delta Dental of Virginia data breach impacts 145,918 customers
• 16:2 : CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability
• 15:31 : Years-old bugs in open source tool left every major cloud open to disruption
• 15:31 : CrowdStrike Insider Helped Hackers Falsely Claim System Breach
• 15:2 : Conflicts between URL mapping and URL based access control., (Mon, Nov 24th)
• 15:2 : LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuels the Development of Fully Autonomous Malware
• 15:2 : Tenda N300 Vulnerabilities Let Attacker to Execute Arbitrary Commands as Root User
• 15:2 : APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods
• 15:2 : Intrusion at real estate finance biz sparks concern for big banks
• 15:2 : Flaws Expose Risks in Fluent Bit Logging Agent
• 15:2 : Iberia Alerts Customers To Data Breach
• 15:2 : Delta Dental Virginia Breach Hits 146000
• 15:2 : Microsoft To Remove WINS After 2025
• 15:2 : Scattered Spider Members Deny TfL Charges
• 15:2 : Google Adds AirDrop Support To Android
• 14:32 : Amazon Is Using Specialized AI Agents for Deep Bug Hunting
• 14:31 : US banks scramble to assess data theft after hackers breach financial tech firm
• 14:31 : Shai-Hulud worm returns, belches secrets to 25K GitHub repos
• 14:31 : Trend Vision One AI Security Package delivers proactive protection for AI environments
• 14:5 : IT Security News Hourly Summary 2025-11-24 15h : 16 posts
• 14:4 : GhostAd: Hidden Google Play Adware Drains Devices and Disrupts Millions of Users
• 14:4 : Attackers deliver ShadowPad via newly patched WSUS RCE bug
• 14:4 : Microsoft Highlights Security Risks Introduced by New Agentic AI Feature
• 14:4 : Russian-linked Malware Campaign Hides in Blender 3D Files
• 13:32 : Phantom Stores: Retail Impersonation Spreads Ahead of Black Friday Powered by Video Ads and Modular…
• 13:32 : Zapier’s NPM Account Hacked – Multiple Packages Infected with Self-Propagating Shai Hulud Malware
• 13:32 : ToddyCat APT Accessing Organizations Internal Communications of Employees at Target Companies
• 13:32 : New EtherHiding Attack Uses Web-Based Attacks to Deliver Malware and Rotate Payloads
• 13:32 : Hackers Leverage Malicious PyPI Package to Attack Users and Steal Cryptocurrency Details
• 13:32 : FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk
• 13:32 : Security is at a Tipping Point: Why Complexity is the New Risk Vector
• 13:32 : Users Will Soon Text From External Apps Directly Inside WhatsApp
• 13:32 : Checkout Refuses ShinyHunters Ransom, Donates Funds to Cybersecurity Research
• 13:32 : Black Friday 2025 cybersecurity deals to explore
• 13:32 : ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More
• 13:31 : Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft
• 13:2 : Fake Prettier Extension on VSCode Marketplace Dropped Anivia Stealer
• 13:2 : Elite Cyber Veterans Launch Blast Security with $10M to Turn Cloud Detection into Prevention
• 13:2 : To buy or not to buy: How cybercriminals capitalize on Black Friday
• 13:2 : Mazda Says No Data Leakage or Operational Impact From Oracle Hack
• 12:32 : Linux 6.18-rc7 Released With New Bug Fixes and Driver Updates
• 12:32 : Zapier’s NPM Account Hacked, Multiple Packages Infected with Malware
• 12:32 : IACR Nullifies Election Because of Lost Decryption Key
• 12:31 : CISA orders feds to patch Oracle Identity Manager zero-day after signs of abuse
• 12:31 : Spanish Airline Iberia Notifies Customers of Data Breach
• 12:31 : Securing GenAI in Enterprises: Lessons from the Field
• 12:2 : New RadzaRat Spyware Poses as File Manager to Hijack Android Devices
• 12:2 : Threats Actors Leverage Python-based Malware to Inject Process into a Legitimate Windows Binary
• 12:2 : 146,000 Impacted by Delta Dental of Virginia Data Breach
• 12:2 : Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
• 11:36 : New EtherHiding Technique Uses Web Attacks to Deploy Malware and Rotate Payloads
• 11:36 : Malicious PyPI Package Used by Hackers to Steal Users’ Crypto Information
• 11:36 : PoC Published for W3 Total Cache Flaw Exposing 1M+ Sites to RCE
• 11:36 : Iberia Airlines Hit by Data Breach Exposing Customer Personal Details
• 11:36 : LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuel the Development of Fully Autonomous Malware
• 11:36 : vLLM Vulnerability Enables Remote Code Execution Via Malicious Payloads
• 11:36 : Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials
• 11:5 : IT Security News Hourly Summary 2025-11-24 12h : 4 posts
• 11:2 : AI attack agents are accelerators, not autonomous weapons: the Anthropic attack
• 11:2 : Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims
• 11:2 : CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager
• 10:31 : Iberia Airlines Notifies Customers of Supply Chain Data Breach
• 9:31 : The Role of NSPM in Microsegmentation and Attack Surface Reduction
• 9:31 : MoD Launches World’s First Military Gaming Tournament
• 9:4 : Championing cyber security: the national UK cyber team’s journey at the European Cyber Security Challenge
• 9:4 : Scattered Spider alleged members deny TfL charges
• 9:4 : A week in security (November 17 – November 23)
• 9:4 : ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
• 8:31 : DeepSeek-R1 Makes Code for Prompts With Severe Security Vulnerabilities
• 8:31 : Beware of North Korean Fake Job Platform Targeting U.S. Based AI-Developers
• 8:31 : CrowdStrike insider catch, Spanish airline breach, AI not insurable
• 7:2 : Roblox introduces additional age-verification tools
• 7:2 : cnspec: Open-source, cloud-native security and policy project
• 7:2 : Quantum encryption is pushing satellite hardware to its limits
• 6:34 : Signing In to Online Accounts
• 6:34 : AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage
• 6:33 : The privacy tension driving the medical data shift nobody wants to talk about
• 6:4 : Wireshark Vulnerabilities Let Attackers Crash by Injecting a Malformed Packet
• 6:4 : Cryptology boffins’ association to re-run election after losing encryption key needed to count votes
• 6:4 : What happens when vulnerability scores fall apart?
• 6:4 : Checkout.com Takes a Bold Stance, SolarWinds Case Dismissed, and FCC Reverses Mandate
• 5:5 : IT Security News Hourly Summary 2025-11-24 06h : 2 posts
• 5:4 : Email blind spots are back to bite security teams
• 4:36 : CISA Warns of Oracle’s Identity Manager RCE Vulnerability Actively Exploited in Attacks
• 2:5 : IT Security News Hourly Summary 2025-11-24 03h : 6 posts
• 2:2 : ISC Stormcast For Monday, November 24th, 2025 https://isc.sans.edu/podcastdetail/9712, (Mon, Nov 24th)
• 2:2 : Why should I feel confident in adopting Agentic AI tech?
• 2:2 : Can I be reassured of data integrity with Agentic AI?
• 2:2 : How are Agentic AI systems kept safe from cyber threats?
• 2:2 : How does Agentic AI drive innovation in cloud security?
• 1:36 : 70-hour work weeks no longer enough for Infosys founder, who praises China’s 996 culture
• 23:5 : IT Security News Hourly Summary 2025-11-24 00h : 3 posts
• 23:2 : Weaponized file name flaw makes updating glob an urgent job
• 22:58 : IT Security News Weekly Summary 47
• 22:55 : IT Security News Daily Summary 2025-11-23