IT Security News Weekly Summary 50

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-12-14
• 22:4 : NDSS 2025 – Secret Spilling Drive: Leaking User Behavior Through SSD Contention
• 20:5 : IT Security News Hourly Summary 2025-12-14 21h : 1 posts
• 19:34 : U.S. Startup Launches Mobile Service That Requires No Personal Identification
• 18:34 : Wireshark 4.6.2 Released, (Sun, Dec 14th)
• 18:34 : Upcoming Speaking Engagements
• 18:34 : Cybersecurity News Weekly Newsletter – Windows, Chrome, and Apple 0-days, Kali Linux 2025.4, and MITRE Top 25
• 18:34 : 2025: The Year Cybersecurity Crossed the AI Rubicon
• 18:34 : Cybercriminals Exploit Law Enforcement Data Requests to Steal User Information
• 18:34 : Holiday Scam Alerts Rise: How to Spot Fake Links and Stay Safe From Phishing Attacks
• 18:34 : FTC Refuses to Lift Ban on Stalkerware Company that Exposed Sensitive Data
• 15:2 : Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION
• 15:2 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75
• 14:32 : CISA Warns of Windows Cloud Files Mini Filter 0-Day Vulnerability Exploited in Attacks
• 14:5 : IT Security News Hourly Summary 2025-12-14 15h : 3 posts
• 14:2 : 7 Best Security Awareness Training Platforms For MSPs in 2026
• 14:2 : CyberVolk Ransomware Fails to Gain Traction After Encryption Misstep
• 13:32 : Gartner Warns: Block AI Browsers to Avert Data Leaks and Security Risks
• 10:2 : Experts found an unsecured 16TB database containing 4.3B professional records
• 9:2 : Week in review: 40 open-source tools securing the stack, invisible IT to be the next workplace priority
• 7:2 : 2025 Cyber Attack Recap: The Year of AI-Augmented Threats and Supply Chain Havoc
• 3:32 : How does NHI support the implementation of least privilege?
• 3:32 : How are secrets scanning technologies getting better?
• 3:32 : Can Agentic AI provide solutions that make stakeholders feel assured?
• 3:32 : Why are companies free to choose their own AI-driven security solutions?
• 23:5 : IT Security News Hourly Summary 2025-12-14 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-12-13
• 20:5 : IT Security News Hourly Summary 2025-12-13 21h : 6 posts
• 20:2 : ClickFix Attacks Still Using the Finger, (Sat, Dec 13th)
• 19:32 : Hackers Launch Rust-Based Luca Stealer Targeting Linux and Windows
• 19:32 : Kali Linux 2025.4 Released Featuring 3 New Hacking Tools and Wifipumpkin3
• 19:32 : Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users
• 19:31 : Empire 6.3.0 Released as Updated Post-Exploitation Framework for Red Teams
• 19:31 : Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack
• 19:2 : Germany calls in Russian Ambassador over air traffic control hack claims
• 18:31 : Home Renovation Choices That Often Do Not Deliver Real Value
• 17:5 : IT Security News Hourly Summary 2025-12-13 18h : 2 posts
• 17:2 : IDESaster Report: Severe AI Bugs Found in AI Agents Can Lead to Data Theft and Exploit
• 16:32 : NDSS 2025 – A Systematic Evaluation Of Novel And Existing Cache Side Channels
• 16:2 : UK’s ICO Fine LastPass £1.2 Million Over 2022 Security Breach
• 15:32 : Fake GitHub OSINT Tools Spread PyStoreRAT Malware
• 15:32 : AI Browsers Raise Privacy and Security Risks as Prompt Injection Attacks Grow
• 15:32 : Apple Addresses Two Actively Exploited Zero-Day Security Flaws
• 15:31 : 5 Critical Situations Where You Should Never Rely on ChatGPT
• 14:32 : CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks
• 14:32 : Empire 6.3.0 Launches With New Features for Red Teams and Penetration Testers
• 14:32 : Google Warns Multiple Hacker Groups Are Exploiting React2Shell to Spread Malware
• 13:2 : CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
• 12:4 : AI Toys for Kids Talk About Sex, Drugs, and Chinese Propaganda
• 12:4 : U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog
• 9:2 : Rust-Based Luca Stealer Spreads Across Linux and Windows Systems
• 8:5 : IT Security News Hourly Summary 2025-12-13 09h : 2 posts
• 7:31 : Hackers Target Windows Systems Using Phantom Stealer Hidden in ISO Files
• 7:31 : New Phantom Stealer Campaign Hits Windows Machines Through ISO Mounting
• 6:32 : Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
• 6:2 : Black Hat Europe 2025: Was that device designed to be on the internet at all?
• 5:32 : The Hidden Danger of Storing Secrets Online | Interview with Jake Knott from Watchtower
• 4:2 : Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users
• 3:2 : Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)
• 2:5 : IT Security News Hourly Summary 2025-12-13 03h : 1 posts
• 1:32 : The Autonomous MSSP: How to Turn XDR Volume into a Competitive Advantage
• 1:2 : Emergency fixes deployed by Google and Apple after targeted attacks
• 0:49 : Fake Microsoft Teams and Google Meet Downloads Spread Oyster Backdoor
• 0:34 : Fake Microsoft Teams and Google Meet Downloads Spread Oyster Backdoor
• 23:34 : Friday Squid Blogging: Giant Squid Eating a Diamondback Squid
• 23:5 : IT Security News Hourly Summary 2025-12-13 00h : 6 posts
• 23:4 : Development Team Augmentation: A Strategic Approach for High-Performance Teams
• 23:4 : Notepad++ fixed updater bugs that allowed malicious update hijacking
• 22:55 : IT Security News Daily Summary 2025-12-12
• 22:34 : Microsoft RasMan DoS 0-day gets unofficial patch – and a working exploit
• 22:34 : Fake Leonardo DiCaprio Torrent Spreads Agent Tesla Malware
• 22:34 : NDSS 2025 – KernelSnitch: Side Channel-Attacks On Kernel Data Structures
• 22:4 : Exploitation of Critical Vulnerability in React Server Components (Updated December 12)
• 22:4 : Windows Defender Firewall Bug Leaks Sensitive Memory
• 22:4 : Implementing HTTP Strict Transport Security (HSTS) across AWS services
• 21:4 : News brief: Future of security holds bigger budgets, new threats
• 21:4 : Google and Apple roll out emergency security updates after zero-day attacks
• 20:34 : Zero Trust in CI/CD Pipelines: A Practical DevSecOps Implementation Guide
• 20:34 : Malicious VS Code Extensions Hide Malware in PNG Files
• 20:5 : IT Security News Hourly Summary 2025-12-12 21h : 8 posts
• 20:4 : Microsoft Expands its Bug Bounty Program to Include Third-Party Code
• 20:4 : What Tech Leaders Need to Know About MCP Authentication in 2025
• 19:34 : Secrets in Code: Understanding Secret Detection and Its Blind Spots
• 19:34 : Three New React Vulnerabilities Surface on the Heels of React2Shell
• 19:34 : As Capabilities Advance Quickly OpenAI Warns of High Cybersecurity Risk of Future AI Models
• 19:34 : Funding of Israeli Cybersecurity Soars to Record Levels
• 19:34 : Microsoft Expands Its Bug Bounty Program to Include Third-Party Code
• 19:34 : Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
• 19:4 : How Akamai Is Powering Trust in Tomorrow’s AI-Driven Ecosystem
• 19:4 : Stop Overpaying for East-West Traffic Control: Firewalls vs. Security Groups
• 19:4 : Guide to cloud container security risks and best practices
• 19:4 : The US digital doxxing of H-1B applicants is a massive privacy misstep
• 19:4 : Prompt Injection Can’t Be Fully Mitigated, NCSC Says Reduce Impact Instead
• 18:34 : Kali Linux 2025.4 Released With 3 New Hacking Tools and Wifipumpkin3
• 18:34 : New React vulns leak secrets, invite DoS attacks
• 18:34 : In Other News: PromptPwnd Attack, macOS Bounty Complaints, Chinese Hackers Trained in Cisco Academy
• 18:33 : Cyber Risk is Business Risk: Embedding Resilience into Corporate Strategy
• 18:4 : New PyStoreRAT Malware Targets OSINT Researchers Through GitHub
• 18:4 : Data breach at credit check giant 700Credit affects at least 5.6 million
• 17:34 : Keeper Security Launches ServiceNow Integration to Improve Visibility and Response to Cyber Attacks
• 17:34 : Meet digital sovereignty needs with AWS Dedicated Local Zones expanded services
• 17:5 : IT Security News Hourly Summary 2025-12-12 18h : 10 posts
• 17:4 : Home Depot exposed access to internal systems for a year, says researcher
• 17:4 : React issues new patches after security researchers flag additional flaws
• 16:34 : Blockchain Use Cases in Test Automation You’ll See Everywhere in 2026
• 16:34 : OT Security Lessons from 2025: Why Essential Eight Needs an OT Lens
• 16:34 : 5 Cybersecurity Predictions for 2026: An Industry Insider’s Analysis
• 16:34 : New JSCEAL Infostealer Malware Attacking Windows Systems to Steal Login Credentials
• 16:34 : Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
• 16:34 : React Fixes Two New RSC Flaws as Security Teams Deal with React2Shell
• 16:34 : Indian Government Proposes Compulsory Location Tracking in Smartphones, Faces Backlash
• 16:33 : React urges new patch upgrades after security researchers flag additional flaws
• 16:4 : Flaw in photo booth maker’s website exposes customers’ pictures
• 16:4 : In Other News: PromptPwnd Attack, Small macOS Bounties, Chinese Hackers Trained in Cisco Academy
• 16:4 : Spiderman and Cybersecurity.
• 16:4 : CISA updates cybersecurity benchmarks for critical infrastructure organizations
• 15:34 : Rust-Based 01flip Ransomware Hits Windows and Linux
• 15:34 : Researchers Revive 2000s ‘Blinkenlights’ Technique to Dump Smartwatch Firmware via Screen Pixels
• 15:34 : New Research Details on What Happens to Data Stolen in a Phishing Attack
• 15:34 : Brave Experiments With Automated AI Browsing Under Tight Security Checks
• 15:4 : What Happens Inside PDFAid in Seconds: From Upload to Download
• 15:4 : Fake ChatGPT Support Installs AMOS Infostealer on macOS
• 15:4 : Google ads funnel Mac users to poisoned AI chats that spread the AMOS infostealer
• 15:4 : Asus Supplier Breach Sparks Security Concerns After Everest Ransomware Claims Data Theft
• 14:34 : Top 20 Most Exploited Vulnerabilities of 2025: A Comprehensive Analysis
• 14:34 : New AiTM Attack Campaign That Bypasses MFA Targeting Microsoft 365 and Okta Users
• 14:34 : New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
• 14:6 : Check Point CloudGuard Network Security Advances Auto-Scaling Support for Oracle Cloud Workloads
• 14:6 : Microsoft promises more bug payouts, with or without a bounty program
• 14:6 : Gladinet CentreStack Flaw Exploited to Hack Organizations
• 14:6 : ImmuniWeb enhances AI vulnerability testing and compliance reporting
• 14:5 : IT Security News Hourly Summary 2025-12-12 15h : 12 posts
• 13:36 : Cisco-Trained Hackers Lead Sophisticated Attacks on Cisco Devices
• 13:36 : Critical GitLab Vulnerabilities Expose DevOps Pipelines
• 13:36 : Jenkins DoS Vulnerability Lets Attackers Freeze CI/CD Pipelines
• 13:36 : Uncle Sam sues ex-Accenture manager over Army cloud security claims
• 13:36 : Fieldtex Data Breach Impacts 238,000
• 13:36 : Emerging Predator Spyware Technique Enables Zero-Click Compromise
• 13:6 : NANOREMOTE Malware Leverages Google Drive API for Command-and-Control (C2) to Attack Windows Systems
• 13:6 : New ConsentFix Attack Let Attackers Hijack Microsoft Accounts by Leveraging Azure CLI
• 13:6 : CyberVolk Hackers Group With New VolkLocker Payloads Attacks both Linux and Windows Systems
• 13:6 : UK watchdog urged to probe GDPR failures in Home Office eVisa rollout
• 13:6 : 3 Compliance Processes to Automate in 2026
• 13:6 : Aisuru Botnet Unleashes Record 29.7 Tbps DDoS Attack
• 12:36 : Recent GeoServer Vulnerability Exploited in Attacks
• 12:6 : Elastic detects stealthy NANOREMOTE malware using Google Drive as C2
• 12:6 : Building Trustworthy AI Agents
• 12:6 : MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities
• 11:38 : Abusing DLLs EntryPoint for the Fun, (Fri, Dec 12th)
• 11:38 : Illegal Streaming and Piracy Are on the Rise
• 11:38 : Apple Wins Concessions In Epic Games Appeal
• 11:38 : Nick Clegg Joins VC Firm To Invest In European Start-Ups
• 11:38 : Epic Games’ Fortnite Returns To Google Play In US
• 11:38 : Silicon UK AI for Your Business Podcast: Trust at Speed: Governing Enterprise AI Without Losing Momentum
• 11:38 : Do Kwon Sentenced To 15 Years In Prison Over Crypto Collapse
• 11:38 : Severe Flaws in React Server Components Enable DoS Attacks and Code Exposure
• 11:38 : Ashen Lepus Hacker Group Targets Eastern Diplomatic Entities with AshTag Malware Attack
• 11:38 : Notepad++ Flaw Allows Attackers to Hijack Update Traffic and Deploy Malware
• 11:38 : Gogs 0-Day Actively Exploited to Compromise Over 700 Servers
• 11:38 : Locks, SOCs and a cat in a box: What Schrödinger can teach us about cybersecurity
• 11:38 : Black Hat Europe 2025: Reputation matters – even in the ransomware economy
• 11:38 : Half of exposed React servers remain unpatched amid active exploitation
• 11:37 : U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog
• 11:37 : Turn me on, turn me off: Zigbee assessment in industrial environments
• 11:37 : Following the digital trail: what happens to data stolen in a phishing attack
• 11:37 : From Breach Fatigue to Brand Loyalty: Winning Customer Confidence in an Era of Constant Threats
• 11:37 : Apache Struts 2 DoS Vulnerability Let Attackers Crash Server
• 11:37 : Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware
• 11:37 : MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025
• 11:37 : Beware of Fake Leonardo DiCaprio Movie Torrent File Drops Agent Tesla Malware
• 11:37 : New BlackForce Phishing Kit Lets Attackers Steal Credentials Using MitB Attacks and Bypass MFA
• 11:37 : How private is your VPN?
• 11:37 : $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits
• 11:37 : Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking
• 11:37 : Microsoft Bug Bounty Program Expanded to Third-Party Code
• 11:37 : Hong Kong’s New Critical Infrastructure Ordinance will be effective by 1 January 2026 – What CIOs Need to Know
• 11:37 : How Root Cause Analysis Improves Incident Response and Reduces Downtime?
• 11:37 : AI Threat Detection: How Machines Spot What Humans Miss
• 11:36 : FBI Alerts Public about Scammers Using Altered Online Photos to Stage Fake Kidnappings
• 11:36 : Ransomware keeps widening its reach
• 11:36 : LLM privacy policies keep getting longer, denser, and nearly impossible to decode
• 11:36 : What 35 years of privacy law say about the state of data protection
• 11:36 : Firewalla Orange brings zero trust anywhere
• 11:36 : Swissbit adds HID Seos to iShield Key 2
• 11:36 : CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
• 11:36 : React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
• 11:36 : New React RSC Vulnerabilities Enable DoS and Source Code Exposure
• 11:36 : Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
• 11:36 : South Korean Police Raid Coupang Over Data Breach as CEO Resigns
• 11:36 : ICO Fines LastPass £1.2m After 2022 Breach
• 11:36 : NCSC Plugs Gap in Cyber-Deception Guidance
• 11:36 : ‘DroidLock’ demands ransom, Google fixes secret Chrome 0-day, UK fines LastPass over 2022 breach
• 3:33 : New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks
• 3:4 : Trump Signs Executive Order to Block State AI Regulations
• 2:5 : IT Security News Hourly Summary 2025-12-12 03h : 3 posts
• 2:4 : ISC Stormcast For Friday, December 12th, 2025 https://isc.sans.edu/podcastdetail/9736, (Fri, Dec 12th)
• 2:4 : Crypto-crasher Do Kwon jailed for 15 years over $40bn UST bust
• 2:4 : Behavioral Analysis of AI Models Under Post-Quantum Threat Scenarios.
• 0:8 : News alert: INE sees surge in Q4 budget shifts as enterprises embrace hands-on training for AI roles
• 23:48 : SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics
• 23:5 : IT Security News Hourly Summary 2025-12-12 00h : 19 posts
• 23:4 : Over 600K Sites Exposed to Critical React Server Components Flaw
• 23:4 : Spiderman Phishing Kit Lets Attackers Clone European Banks in Seconds
• 22:55 : IT Security News Daily Summary 2025-12-11
• 22:34 : Perspectives on Cybersecurity
• 22:34 : Doxers Posing as Cops Are Tricking Big Tech Firms Into Sharing People’s Private Data
• 22:34 : Warnings Mount in Congress Over Expanded US Wiretap Powers
• 22:34 : CISA Adds One Known Exploited Vulnerability to Catalog
• 22:34 : Varex Imaging Panoramic Dental Imaging Software
• 22:34 : Johnson Controls iSTAR