IT Security News Weekly Summary January

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-12-31
• 21:31 : NDSS 2025 – Impact Tracing: Identifying The Culprit Of Misinformation In Encrypted Messaging Systems
• 21:31 : Randall Munroe’s XKCD ‘Inverted Catenaries’
• 21:31 : NDSS 2025 – • Decentralized Infrastructure For Sharing Trusted Encrypted Facts And Nothing More
• 20:31 : Microsoft Makes Teams ‘Secure by Default’ Starting January 2026
• 20:5 : IT Security News Hourly Summary 2025-12-31 21h : 1 posts
• 19:36 : Apache StreamPipes Flaw Lets Anyone Become Admin
• 18:32 : Malicious Jackson Lookalike Library Slips Into Maven Central
• 18:31 : Communicating AI Risk to the Board With Confidence | Kovrr
• 18:31 : Two US Banks Disclose Customer Data Exposure Linked to Marquis Software Ransomware Attack
• 18:31 : Advanced Rootkit Used to Conceal ToneShell Malware in Targeted Cyberespionage Attacks
• 18:2 : Self-Propagating GlassWorm Weaponizing VS Code Extensions to Attack macOS Users
• 17:32 : Malicious Manipulation of LLMs for Scalable Vulnerability Exploitation
• 17:32 : DarkSpectre Malware Campaign Hits Chrome, Edge, and Firefox Users
• 17:32 : NeuroSploit v2 Launches as AI-Powered Penetration Testing Framework
• 17:32 : New Cybercrime Tool “ErrTraffic” Enables Automated ClickFix Attacks
• 17:31 : GlassWorm Malware Turns VS Code Extensions into an Attack Vector Against macOS
• 17:31 : Security and Governance Patterns for Your Conversational AI
• 17:31 : Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
• 17:5 : IT Security News Hourly Summary 2025-12-31 18h : 5 posts
• 17:2 : Everest Ransomware Leaks 1TB of Stolen ASUS Data
• 17:2 : ESA disclosed a data breach, hackers breached external servers
• 17:2 : European Space Agency hit again as cybercrims claim 200 GB data up for sale
• 16:31 : Avoid BigQuery SQL Injection in Go With saferbq
• 16:31 : DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
• 15:32 : CVE-2025-14847: All You Need to Know About MongoBleed
• 15:32 : DarkSpectre Hackers Infected 8.8 Million Chrome, Edge, and Firefox Users with Malware
• 15:32 : New Cybercrime Tool ErrTraffic Let Attackers Automate ClickFix Attacks
• 15:32 : Best of 2025: News alert: SquareX research finds browser AI agents are proving riskier than human employees
• 15:32 : Holiday Scams Surge: How to Protect Yourself This Season
• 15:32 : Trust Wallet Reports 2596 Wallets Drained
• 15:32 : Sax Accounting Data Breach Affects 220,000
• 15:31 : US Cybersecurity Experts Plead Guilty
• 15:31 : French Software Firm Fined For Breach
• 15:31 : Coupang Recovers Laptop From River
• 15:2 : Singapore CSA warns of maximun severity SmarterMail RCE flaw
• 14:32 : DevSecOps as a Strategic Imperative for Modern DevOps
• 14:32 : Threat Actors Manipulating LLMs for Automated Vulnerability Exploitation
• 14:31 : Critical IBM API Connect Vulnerability Let Attackers Bypass Logins
• 14:31 : Best of 2025: NOT-So-Great Firewall: China Blocks the Web for 74 Min.
• 14:5 : IT Security News Hourly Summary 2025-12-31 15h : 6 posts
• 14:2 : FCC Rules Out Foreign Drone Components to Protect National Networks
• 14:2 : Airbus Signals Shift Toward European Sovereign Cloud to Reduce Reliance on US Tech Giants
• 14:2 : Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry
• 14:2 : IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
• 13:31 : 2 US Cybersecurity Experts Guilty of Extortion Scheme for ALPHV Ransomware
• 13:31 : APT36 Malware Campaign Targeting Windows LNK Files to Attack Indian Government Entities
• 13:2 : Why Visibility Alone Fails and Context Wins in 2026
• 13:2 : Top Data Breaches of December 2025
• 12:31 : LinkedIn Job Scams
• 12:2 : 30,000 Korean Air Employee Records Stolen as Cl0p Leaks Data Online
• 12:2 : Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist
• 11:31 : NeuroSploitv2 – AI-Powered Pentesting Tool With Claude, GPT, and Gemini models to Detect vulnerabilities
• 11:31 : In 2025, age checks started locking people out of the internet
• 11:5 : IT Security News Hourly Summary 2025-12-31 12h : 3 posts
• 11:2 : Fears Mount That US Federal Cybersecurity Is Stagnating—or Worse
• 11:2 : How AI Helps Recover Both Technical Dept & Innovation Debt?
• 10:31 : Discovering the Dimensions of a New Cold War
• 10:2 : Threat Actors Advertising AI-Enhanced Metamorphic Crypter with Claims of Windows Defender Bypass
• 10:2 : European Space Agency Confirms Breach After Hacker Offers to Sell Data
• 10:2 : Ask Me Anything Cyber
• 9:31 : Top Cybersecurity Job Openings (December)
• 9:2 : MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs
• 9:2 : Critical Apache StreamPipes Vulnerability Let Attackers Seize Admin Control
• 8:31 : ISPs and Vendors Need Each Other
• 8:31 : Silver Fox targets Indian users, Mustang Panda deploys ToneShell, will prompt injection ever be ‘solved’?
• 8:5 : IT Security News Hourly Summary 2025-12-31 09h : 2 posts
• 7:32 : Open-Source C2 Platform AdaptixC2 Released With Enhanced Stability, Performance, and Speed
• 7:32 : Duplicati: Free, open-source backup client
• 7:2 : PQC-Hardened Model Context Protocol Transport Layer Security
• 7:2 : NSFOCUS Monthly APT Insights – November 2025
• 7:2 : What consumers expect from data security
• 7:2 : U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware
• 6:31 : Illegal streaming grew into an organized, profitable, and dangerous industry
• 6:2 : Security coverage is falling behind the way attackers behave
• 5:32 : New Open-Source C2 Framework AdaptixC2 Debuts With Improved Stability and Speed
• 5:32 : New AI-Enhanced Crypter Promoted as Capable of Evading Windows Defender
• 5:32 : 2025-12-30: Lumma Stealer infection with follow-up malware
• 5:31 : Ransomware’s new playbook is chaos
• 5:31 : Inside the Dark Web: Exploring Cybercrime with Expert David Décary-Hétu
• 5:5 : IT Security News Hourly Summary 2025-12-31 06h : 1 posts
• 5:2 : Hong Kong’s newest anti-scam technology is over-the-counter banking
• 2:5 : IT Security News Hourly Summary 2025-12-31 03h : 1 posts
• 2:2 : Cybersecurity pros admit to moonlighting as ransomware scum
• 1:2 : New York’s incoming mayor bans Raspberry Pi at his inauguration party
• 0:31 : How to Prevent Credential Stuffing Attacks: Detection & Protection Strategies
• 23:5 : IT Security News Hourly Summary 2025-12-31 00h : 5 posts
• 23:2 : How does AI decision making help companies stay ahead of threats
• 23:2 : Are NHIs safe from unauthorized access in cloud environments
• 23:2 : How powerful are current AI solutions in detecting NHIDR
• 23:2 : What innovations are driving secure NHI management
• 22:55 : IT Security News Daily Summary 2025-12-30
• 21:31 : New ‘GhostPairing’ Technique Enables Undetected WhatsApp Access
• 21:2 : EmEditor Website Breach Turns Trusted Installer Into Infostealer Malware
• 21:2 : Coupang announces $1.17B compensation plan for 33.7M data breach victims
• 21:2 : Palo Alto Networks Allies with Google to Secure AI
• 20:5 : IT Security News Hourly Summary 2025-12-30 21h : 4 posts
• 19:32 : An early end to the holidays: ‘Heartbleed of MongoDB’ is now under active exploit
• 19:31 : Bluetooth Headphones Can Be Weaponized to Hack Phones
• 19:31 : Hackers Advertised VOID ‘AV Killer’ with Kernel-level Termination Claims
• 19:31 : Massive Magecart with 50+ Malicious Scripts Hijacking Checkout and Account Creation Flows
• 19:2 : Widely Used Malicious Extensions Steal ChatGPT, DeepSeek Conversations
• 18:31 : ESET Warns AI-driven Malware Attack and Rapidly Growing Ransomware Economy
• 18:2 : Copilot Studio Feature Enables Silent AI Backdoors
• 18:2 : CISA Releases Two Industrial Control Systems Advisories
• 18:2 : Hackers Infiltrated Maven Central Masquerading as a Legitimate Jackson JSON Library
• 18:2 : European Space Agency Confirms Breach of Servers Outside the Corporate Network
• 18:2 : New Spear-Phishing Attack Targeting Security Individuals in Israel Region
• 17:32 : New Spear-Phishing Attack Targeting Security Individuals in the Israel Region
• 17:32 : Critical IBM API Connect Flaw Allows Attackers to Bypass Authentication
• 17:32 : ESET Flags Rising Threat of AI-Driven Malware and Ransomware
• 17:32 : Hackers Promote “VOID” AV Killer Claiming Kernel-Level Defense Evasion
• 17:32 : Magecart Campaign Deploys 50+ Malicious Scripts to Hijack E-Commerce Transactions
• 17:32 : WHILL Model C2 Electric Wheelchairs and Model F Power Chairs
• 17:32 : NDSS 2025 – Distributed Function Secret Sharing And Applications
• 17:31 : Korean Air Confirms Employee Data Leak Linked to Third-Party Breach
• 17:31 : CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
• 17:5 : IT Security News Hourly Summary 2025-12-30 18h : 2 posts
• 16:32 : 2.5M Malicious Requests Hit Adobe ColdFusion and Others in Holiday Attack
• 16:31 : Azure Fundamentals Study Notes: Your Ultimate Guide to AZ-900
• 16:2 : Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver
• 16:2 : Chinese Hackers Use Rootkit to Hide ToneShell Malware Activity
• 16:2 : Interview QnA: Blockchain for Cybersecurity
• 15:32 : HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks
• 15:32 : Best of 2025: How Secure Are Your Machine Identities in the Cloud?
• 15:32 : SQL Study Notes Part I: Foundations of Structured Query Language
• 15:32 : Cyber Briefing: 2025.12.30
• 15:2 : Trend Micro’s Pivotal Role in INTERPOL’s Operation Sentinel: Dismantling Digital Extortion Networks Across Africa
• 15:2 : Get Executives on board with managing Cyber Risk
• 15:2 : Zero-Day RCE Exposes 70,000+ XSpeeder Devices Worldwide
• 15:2 : A Year of Unprecedented Cybersecurity Incidents Redefined Global Risk in 2025
• 15:2 : SOC Analyst Study Notes Part IV: Malware Analysis and Reverse Engineering
• 14:32 : Edge Security Is Not Enough: Why Agentic AI Moves the Risk Inside Your APIs
• 14:32 : Best of 2025: Oracle Breach: The Impact is Bigger Than You Think | Grip
• 14:32 : Aflac Data Breach Impacts Millions
• 14:32 : Korean Air Data Hit In Oracle Hack
• 14:32 : Coupang To Issue Vouchers After Breach
• 14:31 : Hacker Arrested In KMSAuto Malware Case
• 14:31 : Fake Bank Sites Linked To 28 Million Fraud
• 14:5 : IT Security News Hourly Summary 2025-12-30 15h : 5 posts
• 14:2 : Cyber Resilience Starts with Training: Why Skills Define Security Success
• 14:2 : SOC Analyst Study Notes Part II: Insider Threats
• 13:32 : Tenant Isolation in Multi-Tenant Systems: Architecture, Identity, and Security
• 13:31 : Ex-Cybersecurity Pros Plead Guilty in $9.5M Ransomware Spree
• 13:31 : SOC Analyst Study Notes 2025: A Structured Guide to Security Operations
• 13:2 : CISA Warns of MongoDB Server Vulnerability(CVE-2025-14847) Exploited in Attacks
• 13:2 : Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
• 13:2 : Lessons Learned from Top 10 Ransomware Incidents in 2025
• 12:32 : This month in security with Tony Anscombe – December 2025 edition
• 12:32 : Using AI-Generated Images to Get Refunds
• 12:31 : 8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025
• 12:3 : EmEditor Homepage Download Button Served Malware for 4 Days
• 12:3 : Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems
• 11:31 : Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
• 11:5 : IT Security News Hourly Summary 2025-12-30 12h : 8 posts
• 11:2 : 2025 exposed the risks we ignored while rushing AI
• 11:2 : How to Integrate AI into Modern SOC Workflows
• 10:32 : Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access
• 10:32 : Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts
• 10:32 : 70,000+ MongoDB Servers Vulnerable to MongoBleed Exploit – PoC Released
• 10:32 : Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit
• 10:31 : Evasive Panda Uses DNS Poisoning to Deploy MgBot Backdoor in Long-Running Espionage Campaign
• 10:31 : Grubhub Branding Misused to Promote Exponential Crypto Returns
• 9:2 : U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog
• 9:2 : EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack
• 9:2 : Korean Air Data Compromised in Oracle EBS Hack
• 9:2 : Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor
• 8:31 : Coupang recovers laptop in river, Trust Wallet reports 2k+ wallets drained, Sax discloses 2024 data breach
• 8:5 : IT Security News Hourly Summary 2025-12-30 09h : 5 posts
• 8:2 : Waymo Taxis Halt In Streets During San Francisco Power Outage
• 8:2 : Post-Quantum Secure Federated Learning for decentralized MCP training.
• 8:2 : Top Sectors Under Cyberattack in 2025
• 7:31 : Will hackers release all of Spotify’s most listened music files?
• 7:31 : Radio signals could give attackers a foothold inside air-gapped devices
• 7:2 : Product showcase: RoboForm password manager for iOS
• 6:31 : Executives say cybersecurity has outgrown the IT department
• 6:2 : Non-human identities push identity security into uncharted territory
• 5:31 : 70,000+ MongoDB Servers Exposed After MongoBleed PoC Released
• 5:31 : EmEditor Website Breach Used to Spread Infostealer Malware
• 5:31 : Security teams debate how much to trust AI
• 5:5 : IT Security News Hourly Summary 2025-12-30 06h : 5 posts
• 5:2 : How scalable is Secrets Management for large enterprises
• 5:2 : What measures protect NHIs in high risk environments
• 5:2 : How secure are Agentic AI systems in handling sensitive data
• 5:2 : Can I feel confident in the security of machine identities
• 5:2 : Facebook Tests Paid Access for Sharing Multiple Links
• 4:2 : Korean telco failed at femtocell security, exposed customers to snooping and fraud
• 23:5 : IT Security News Hourly Summary 2025-12-30 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-12-29
• 22:31 : 2025-12-29: ClickFix activity leads to NetSupport RAT
• 22:2 : Romania’s Oltenia Energy Complex suffers major ransomware attack
• 22:2 : The Department of Know: year in review and predictions
• 21:31 : Indian cops cuff ex-Coinbase rep over selling customer info to crims
• 21:2 : Aflac Data Breach Exposes 22M People in Major Cyber Breach
• 21:2 : CISA Adds One Known Exploited Vulnerability to Catalog
• 21:2 : NDSS 2025 – Rondo: Scalable And Reconfiguration-Friendly Randomness Beacon
• 20:32 : New Google-Themed Phishing Wave Hits Over 3,000 Global Organisations
• 20:32 : Top web app security vulnerabilities and how to mitigate them
• 20:32 : Happy 16th Birthday, KrebsOnSecurity.com!
• 20:31 : New Phishing Kit with AI-assisted Development Attacking Microsoft Users to Steal Logins
• 20:31 : Silver Fox Hackers Attacking Indian Entities with Income Tax Phishing Lures
• 20:5 : IT Security News Hourly Summary 2025-12-29 21h : 6 posts
• 20:2 : How to Spot the Most Common Crypto Phishing Scams
• 20:2 : Coupang to Pay $1.1 Billion in Compensation to Users After Data Breach
• 20:2 : OpenAI Hardens ChatGPT Atlas Against Prompt Injection Attacks
• 20:2 : Vulnerability Summary for the Week of December 22, 2025
• 19:31 : Ubisoft Shuts Down Rainbow Six Siege After MongoDB Exploit Hits Players
• 19:31 : Crims disconnect Wired subscribers from their privacy, publish deets online
• 19:2 : Google to Finally Let Users Change Their Gmail Address. Here’s How It Works
• 19:2 : TeamViewer DEX Bugs Enable DoS and Local Network Attacks