IT Security News Daily Summary 2026-06-25

170 posts were published in the last hour

• 21:36 : FortiBleed Turns FortiGate Access Into Enterprise Credential Theft
• 21:36 : Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla
• 21:10 : Operation Endgame Disrupts StealC Malware Infrastructure
• 21:10 : Ex-Huntress analyst claims company insider fed info to a ransomware crim. Social media drama ensues
• 20:34 : Curl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet
• 20:7 : Polymarket says hackers stole users’ funds
• 19:5 : Wordfence Intelligence Weekly WordPress Vulnerability Report (June 15, 2026 to June 21, 2026)
• 19:5 : Interpol: Cybercrime Hits 30% of Recorded Crime in Surveyed APAC Countries
• 19:5 : Denmark Ordered to Pay $12M Over Huawei Equipment Removal
• 19:5 : Beware of “Parcel Expert” job offers: They’re parcel mule scams
• 19:5 : IT Security News Hourly Summary 2026-06-25 21h : 5 posts
• 18:34 : Cisco Unified CM SSRF Flaw Is Being Exploited to Drop Webshells
• 18:34 : Russia Used Cellebrite Tool to Hack Activist’s iPhone Despite Contract Cancellation
• 18:6 : Beyond IOCs: AI-enabled threat intelligence
• 18:5 : The New MCP Specification: What Security Teams Must Prepare For
• 18:5 : Sharing SBOMs Securely Without Giving Too Much Away
• 17:35 : Fake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams
• 17:35 : What CISOs should know about AI runtime security
• 17:35 : AI and Liability
• 17:34 : Windows Secure Boot Certificate Expired — Billions of PCs Affected Including Linux Distros
• 17:34 : India Removes Spectrum Barriers to Fast‑Track ADAS and Self‑Driving Tech
• 17:34 : Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms
• 17:11 : New Delhi Data Centre Fire Disrupts Google Cloud Services
• 17:11 : pydicom pynetdicom Library
• 17:11 : H.VIEW HV-500S6 IP Camera
• 17:11 : OHIF Viewers DICOM
• 17:11 : Delta Electronics DTM Soft
• 17:11 : Daktronics Controller Firmware
• 17:11 : Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
• 16:33 : Inside Mistic, the New Stealth Backdoor in Ransomware Intrusions
• 16:5 : Ukrainian hackers breach Russian Glaz/Groza combat system
• 16:5 : CISA Adds Four Known Exploited Vulnerabilities
• 16:5 : Superhuman acquires AI detection startup GPTZero
• 16:5 : DOJ seizes Huione Group infrastructure
• 16:5 : OpenAI Expands Daybreak with GPT-5.5-Cyber
• 16:5 : As cyber risk continues to evolve, the insurance industry tightens its guardrails
• 16:5 : IT Security News Hourly Summary 2026-06-25 18h : 8 posts
• 16:5 : NIST offers security guidance for water utilities using remote-access tools
• 15:34 : Upwind Security Brings AI Visibility to the Endpoint, Unifying Cloud and Device Security
• 15:33 : 25-Year-Old Vulnerability in cURL Used by 30 Billion Devices Finally Patched
• 15:14 : Europol, Microsoft Hit Malware Network Behind 27M Stolen Logins, 140,000 Infected Computers
• 15:14 : The Moment Of Reliance: The Question Safety Governance Cannot Currently Answer
• 15:13 : Anthropic Alleges Alibaba Conducted Massive AI Capability Extraction Campaign Against Claude
• 15:13 : Microsoft, Europol and Industry Partners Disrupt Amadey and StealC Cybercrime Infrastructure
• 15:13 : Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
• 14:34 : Stealthy new backdoor surfaces in attacks on multiple sectors
• 14:34 : Cisco Vulnerability Exploited Months Before Disclosure, Google Warns
• 14:34 : Cyber Briefing: 2026.06.25
• 14:10 : Linode Interfaces and Default Firewall Now Generally Available
• 14:10 : Your AI Cost Model Stops at the Token Price. The Bill Doesn’t.
• 14:10 : Cellebrite said it cut off Russia, but Russia used its tools anyway
• 14:9 : Rust macOS Backdoor Uses Interactive Shell and Telegram File Uploads for Data Theft
• 14:9 : AWS AiTM Phishing Kit Steals Console Credentials and MFA Codes in Real Time
• 14:9 : Shai-Hulud Payload Steals GitHub, npm, Cloud, CI/CD, and SSH Credentials From Developers
• 14:9 : LokiBot Campaign Uses JScript Attachment, .NET Injector, and Process Injection to Steal Credentials
• 14:9 : Mitiga unveils Agentic Runtime Security for cloud, SaaS, identity, and AI protection
• 14:9 : Reco Agent Security helps organizations govern AI agents and reduce exposure
• 14:9 : Checksum API Agent generates and maintains stateful API tests
• 13:34 : The New Face Of Fraud: Why AI Is Making Older Adults The Primary Target
• 13:33 : ControlMonkey connects backup visibility with cloud recovery readiness
• 13:7 : ClickFix: The Attack That Turns Users Into Their Own Attackers
• 13:7 : Prevention Before the Inbox: Reading the Microsoft Defender Benchmark Report in Context
• 13:7 : Runlayer Raises $30 Million in Series A Funding
• 13:7 : Veritone introduces Assess to streamline evidence analysis and compliance reviews
• 13:7 : ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
• 13:7 : Twenty Million US IP Connections Used by Proxy Services
• 13:5 : IT Security News Hourly Summary 2026-06-25 15h : 12 posts
• 12:34 : LokiBot Malware Uses API Hashing and 3DES-Encrypted C2 to Hide Infostealer Activity
• 12:34 : ManageEngine AD360 Integrated Products Hit by Account Takeover Vulnerability
• 12:34 : Gemini 3.5 Flash Released With Computer Use Capabilities that Build Agents
• 12:34 : ManageEngine AD360 Integration Flaw Exposes User Identity and Role Information to Attackers
• 12:34 : NSA Urges Cyberthreat Timeline Has Compressed From Years to Months
• 12:34 : Cal Water Finds No Evidence of OT Activity After Hackers Claimed They Could Disrupt Water Supply
• 12:34 : BlackLine enhances Agentic Financial Operations Platform with CFO-focused AI oversight tools
• 12:33 : runZero 5.0 unifies exposure management to accelerate risk reduction
• 12:9 : Suspected Cyberattack Sends Fake Emergency Alert to Phones Across Brazil
• 12:8 : Update Chrome to patch critical browser security flaws
• 12:8 : Surviving the Mythos Era: Richard Bejtlich on the Case for NDR
• 12:8 : Trust in Automated AI Vulnerability Scanning Collapses to 9%, New Study Finds
• 11:34 : Interesting Paper Exploring Prompt Injection
• 11:34 : GitLab Patches Code Execution, Information Disclosure Vulnerabilities
• 11:34 : Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning
• 11:33 : New CISA Guide Helps Agencies Adopt SASE For Zero Trust
• 11:7 : New Delhi Data Centre Fire Disrupts Cloud Services
• 11:7 : Curl 8.21.0 Released With 18 Security Fixes
• 11:7 : Langflow RCE Flaw Lets Attackers Execute Arbitrary Python Code Without Authentication
• 11:7 : Shai-Hulud Hades Payload Hits 20 Leo/RStreams npm Packages in Fresh Supply Chain Attack
• 11:7 : Gemini 3.5 Flash Now Supports Agentic Computer Use for Enterprise Automation Tasks
• 11:7 : Malicious Chrome Extension Uses Native Messaging Host to Execute PowerShell Commands
• 11:7 : WhatsApp to Warn Users Before Starting Chats With New Phone Numbers
• 11:7 : Fake domain renewal emails trick website owners into paying scammers
• 11:7 : New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
• 11:7 : Major Increase in Ransomware Attacks Targeting Europe, Warns New Report
• 11:6 : macOS Flaw Lets Standard Users Disable EDR and MDM
• 10:35 : British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted
• 10:35 : Cellebrite said it cut off Russia, but Russia used is tools anyway
• 10:35 : Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure
• 10:34 : Exploited Security Vendor Vulnerabilities in 2026
• 10:34 : Hacker gets 18 months for attack that compromised 60,000 betting accounts
• 10:5 : IT Security News Hourly Summary 2026-06-25 12h : 19 posts
• 10:3 : Introduction to COM usage by Windows threats
• 10:3 : Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools
• 10:3 : API Security Demystified: Which Tools Actually Protect Your APIs (And Where the Gaps Are)
• 10:2 : OpenClaw Skill Marketplace Exposes AI Agents to Supply Chain Malware and Financial Fraud
• 10:2 : Elite network says it was hacked after members’ personal data was left exposed
• 10:2 : Flare unveils new CTI capabilities and Okta support
• 10:2 : SpyCloud automates threat investigations with new Research Agent
• 9:34 : Hackers Abuse Cloudflare-Hosted AWS Phishing Domains to Steal Console Logins
• 9:34 : 25-Year-Old Vulnerability Patched in Curl
• 9:34 : Forescout brings PQC visibility to IT, OT, IoT, and IoMT environments
• 9:34 : YesWeHack automates penetration testing with AI-powered agents
• 9:34 : Entrust uses biometrics to verify users during high-risk transactions
• 9:34 : Seemplicity AI Analysts focus remediation on exploitable risks
• 9:33 : New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
• 9:7 : Breaking the MSP Echo Chamber: The Power of Community
• 9:6 : Google Wallet adds TSA Touchless ID for faster airport screening
• 9:6 : Bitdefender RealCheck analyzes videos for deepfakes and fraud
• 9:6 : Stellar Cyber improves threat detection and data onboarding in new updates
• 9:6 : WhatsApp will warn users before they message a potential scammer
• 8:34 : Danish Fibre Provider Wins Pay-Out Over Huawei Removal
• 8:34 : Key Researchers Leave Google For Anthropic, OpenAI
• 8:34 : Qualcomm Signs Up Meta For Upcoming Data Centre CPUs
• 8:34 : Nathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months
• 8:34 : Hackers Use Cisco AnyConnect and Google Update Lures to Drop SharkLoader Malware
• 8:34 : NIST Opens Updated IoT Security Guidance to Public Review
• 8:7 : DPRK-Linked macOS Implant Uses LaunchAgent Persistence and Python Stealer Module
• 8:7 : Google Chrome Update Patches 18 Security Flaws, Including Critical WebGL and Autofill Vulnerabilities
• 8:7 : Chrome 149 Update Resolves 18 Severe Vulnerabilities
• 7:33 : Copilot AI attacks cybercrime tools, hackers exploit Cisco zero-day, China’s 360 vs Mythos
• 7:7 : YouTube Settles With Teenager Over Addictiveness Claims
• 7:7 : Meta Pauses Staff-Tracking Tool After Internal Leak
• 7:7 : Hackers Use Malicious Chrome Extension to Break Out of Browser Sandbox
• 7:6 : Microsoft WinRE Vulnerability Allows Hackers to Bypass UEFI/BIOS Password Enforcement
• 7:6 : UK school’s network left wide open for invasion, student found
• 7:6 : The uptime questions every engineering leader should ask this week
• 7:5 : IT Security News Hourly Summary 2026-06-25 09h : 8 posts
• 6:34 : Alibaba Accused of Illicitly Accessing Claude AI Models Using 25,000 Fraudulent Accounts
• 6:34 : Cisco SD-WAN Zero-Day Exploited Months Before Patching
• 6:33 : LLM security advice looks solid until you check the hard cases
• 6:7 : Met Police To Deploy Drones Across London
• 6:7 : OpenClaw Supply Chain Risk Lets Attackers Abuse AI Agent Authority for Unauthorized Actions
• 6:7 : Cisco Catalyst SD-WAN Manager Zero-Day Exploited to Gain Root Access via Malicious CSV Upload
• 6:7 : Scoring AI hackers when there is no answer key
• 6:6 : Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
• 5:34 : Europol Disrupts Cybercrime-as-a-Service Networks Used for Ransomware and Financial Fraud
• 5:34 : StrikeShark Campaign Uses New SharkLoader Malware to Deploy Cobalt Strike Beacon
• 5:33 : Best practices for AI in open-source work
• 5:9 : Agentic Red-Team Tools Flaws Let Hackers Steal API Keys, Escape Sandboxes, and Compromise Hosts
• 5:9 : Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’
• 5:9 : Ubiquiti UniFi OS Flaw Under Active Exploitation CISA Alerts Users
• 4:33 : Most teams will ship AI-written infrastructure code with little review
• 4:33 : What your next cyber insurance renewal will demand
• 4:5 : IT Security News Hourly Summary 2026-06-25 06h : 2 posts
• 4:4 : Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks
• 3:33 : Cyber Briefing: 2026.06.24
• 3:4 : Anthropic Accuses Alibaba of ‘Illicitly’ Accessing Its Claude AI Models in Largest Known Distillation Attack
• 2:4 : ESET takes part in Operation Endgame to disrupt Amadey and Stealc
• 2:4 : CVE-2025-54068 Laravel Livewire Credential Theft Campaign: 6,000+ Applications Compromised
• 1:5 : IT Security News Hourly Summary 2026-06-25 03h : 1 posts
• 1:4 : What do Ports Hear When Nobody’s Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
• 22:34 : The hits keep on coming for Cisco vulnerabilities
• 22:7 : LastPass Confirms Vendor Breach Exposed Customer Contact, Support Data
• 22:6 : Apple’s £3B iCloud Lawsuit Could Affect 40M UK Users
• 22:6 : Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People
• 22:6 : Fake Document Reader in The Google Play Store with 100K Downloads Deliver Android Malware
• 22:6 : Microsoft Teams Impersonation Campaign Enables Unauthorized Access Through RMM Abuse
• 22:6 : Mistic Backdoor Blends With Microsoft Endpoint Security Tooling to Evade Detection
• 22:6 : Microsoft, Europol lead global takedown of infostealer malware
• 22:5 : IT Security News Hourly Summary 2026-06-25 00h : 4 posts
• 21:55 : IT Security News Daily Summary 2026-06-24