IT Security News Daily Summary 2026-05-25

100 posts were published in the last hour

• 21:37 : Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts
• 21:36 : InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection
• 20:8 : Cybercriminals Use Telegram Channels to Sell Verified Bank and Fintech Mule Accounts
• 19:6 : IT Security News Hourly Summary 2026-05-25 21h : 4 posts
• 18:38 : Ghost CMS flaw abused to push ClickFix attacks on hundreds of sites
• 18:37 : Hackers Abuse Shared CDN Infrastructure to Bypass Domain Reputation Security Controls
• 18:36 : Russian Hacker Used Jailbroken Gemini to Steal Admin Credentials and Drain Crypto Wallets
• 18:36 : Hackers Hide Linux Payload Under SSH-Like Filename During Package Installation
• 17:33 : The Hidden Cost of Overprivileged Tokens: Designing Messaging Platforms That Assume Compromise
• 17:33 : 340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
• 16:34 : FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack
• 16:34 : A 5-Step SOC Guide That Meets RBI Expectations and Strengthens Security Operations
• 16:34 : Iranian APT Uses SEO Poisoning to Deliver Fake SQL Developer Malware Installer
• 16:34 : KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell
• 16:34 : Anthropic adds 28 security and compliance integrations for Claude
• 16:5 : IT Security News Hourly Summary 2026-05-25 18h : 5 posts
• 16:4 : WhatsApp-Based Bengaluru Start-up Aims to Reduce Delayed Payment Woes
• 16:4 : Google Detects AI-Generated Zero-Day Exploit Targeting Web Admin Tool
• 16:4 : Foxconn Cyberattack Exposes Alleged Intel, Apple, Nvidia and Google Project Data
• 16:4 : ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
• 15:34 : Cisco refines its risk-based vulnerability disclosure for the AI era
• 14:32 : Microsoft Access VBA, (Mon, May 25th)
• 14:32 : Kazuar Malware Evolves Into Modular Espionage Ecosystem for Secret Blizzard Operations
• 13:34 : TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)
• 13:34 : Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
• 13:34 : Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
• 13:34 : Authorities seize 800 servers used for cyberattacks and disinformation
• 13:5 : IT Security News Hourly Summary 2026-05-25 15h : 9 posts
• 13:4 : InvisibleFerret Malware Uses .pyd and .so Files to Evade Script Detection
• 12:34 : Oncology Institute Discloses Data Breach
• 12:34 : The Alert Firehose Finally Meets Its Match
• 12:34 : Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
• 12:34 : Telegram Channels Selling Verified Bank Mule Accounts
• 12:34 : 7-Eleven data breach impacts franchisee data
• 12:34 : Cydome, Rakuten Maritime partner on vessel cybersecurity
• 12:34 : Italian Authorities Dismantle CINEMAGOAL Piracy App
• 12:34 : Security Masters Society launched
• 12:4 : APT Group Patches termsrv.dll to Enable Multiple RDP Sessions
• 12:4 : US states step up cyber defenses to protect local communities
• 11:34 : Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime
• 11:34 : Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning
• 11:34 : Italian Authorities Dismantled CINEMAGOAL App that Enables Access to Various Streaming Platforms
• 11:34 : Hackers Actives Scanning SonicWall Firewall Interfaces – 597,000 Sessions Observed
• 11:34 : 266,000 Affected by Data Breach at Radiology Associates of Richmond
• 11:2 : The AI Era Is Creating a Bug Hunting Arms Race
• 11:2 : Laravel-Lang Packages Poisoned for Malware Delivery
• 11:2 : Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
• 11:2 : Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
• 10:34 : Italian Authorities Dismantle CINEMAGOAL App Enabling Unauthorised Access to Streaming Platforms
• 10:34 : Telegram Channels Fuel Sale of Verified Bank Mule Accounts
• 10:34 : WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS
• 10:5 : IT Security News Hourly Summary 2026-05-25 12h : 11 posts
• 10:4 : Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed
• 10:4 : Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks
• 10:4 : WhatsApp Chat Histories Stored Unencrypted on macOS and iOS
• 10:4 : MiniUpdate RAT Uses Azure-Hosted C2 Domains for Targeted Espionage Campaigns
• 10:4 : DocketWise Data Breach Impacts 143,000
• 9:34 : Hackers Exploit Azure RBAC to Steal Key Vault Secrets
• 9:34 : CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
• 9:34 : Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation
• 9:34 : Microsoft Warns Passwords and SMS-Based 2FA Are No Longer Enough Against Modern Cyberattacks
• 9:34 : iOS 26.5 Introduces Private RCS Messaging and Core Feature Improvements
• 9:33 : FBI Warns ‘Kali365’ Phishing Kit Hijacks Microsoft 365 OAuth Tokens
• 9:4 : Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans
• 8:34 : Hackers Exploit Shared CDNs to Evade Domain Reputation Filters
• 8:2 : Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
• 7:34 : Do children spend more time online during summer break?
• 7:34 : Hackers Hide Linux Malware in SSH-Like Package Filename
• 7:34 : FBI director Kash Patel’s brand website taken offline after malware reports
• 7:34 : Hackers Use Browser-Locking CypherLoc Kit to Push Fake Microsoft Support Calls
• 7:34 : GitHub Adds Staged Publishing to npm to Block Automated Supply Chain Attacks
• 7:34 : CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks
• 7:34 : A week in security (May 18 – May 24)
• 7:34 : Anthropic to release Mythos-class models to the public
• 7:34 : Drupal KEV addition, Underminr revives domain fronting, Canadian KimWolf arrest
• 7:5 : Social Platforms Settle School Suit, Averting Trial
• 7:5 : IT Security News Hourly Summary 2026-05-25 09h : 4 posts
• 7:4 : Post Office Names Contractors To Replace Fujitsu, Horizon
• 7:4 : TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
• 6:34 : Iranian APT Uses SEO Poisoning to Spread Fake SQL Developer Malware
• 6:34 : GitHub Strengthens npm Security With Staged Publishing Protection
• 6:4 : Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack
• 6:4 : Kazuar Malware Becomes Modular Spyware for Secret Blizzard Ops
• 6:4 : Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
• 5:32 : Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
• 5:32 : 2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services
• 5:31 : MiniUpdate RAT Abuses Azure C2 for Targeted Espionage
• 5:31 : OpenHack: Open-source AI-powered vulnerability research
• 5:2 : Hackers Use CypherLoc Kit to Push Fake Microsoft Support Scams
• 5:2 : Nginx-poolslip Flaw Exposes Servers to DoS and Code Execution Attacks
• 5:2 : Boards want cyber risk in dollars, not CVE counts
• 4:34 : Wireshark 4.6.6 Released With Fix for Dissector Crash via Malformed Packet Injection
• 4:34 : Pentest Agent Suite – Bug Bounty Framework for Claude Code and 6 AI Coding Tools
• 4:34 : Turns out the C-suite loves shadow AI
• 4:34 : AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage
• 2:34 : Hackers Compromised 34 Packages in npm, PyPI, and Crates in New Supply Chain Attack
• 1:31 : Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches
• 22:5 : IT Security News Hourly Summary 2026-05-25 00h : 2 posts
• 21:58 : IT Security News Weekly Summary 21
• 21:55 : IT Security News Daily Summary 2026-05-24