IT Security News Daily Summary 2025-05-02

145 posts were published in the last hour

• 21:31 : Tsunami Malware Surge: Blending Miners and Credential Stealers in Active Attacks
• 21:31 : NVIDIA Riva AI Speech Flaw Let Hackers Gain Unauthorized Access to Abuse GPU Resources & API keys
• 21:31 : RSAC Conference 2025
• 21:2 : The Double-Edged Sword of AI in Cybersecurity: Threats, Defenses & the Dark Web Insights Report 2025
• 21:2 : Microsoft Switches to Passkeys By Default, Pledges to Eliminate Passwords
• 21:2 : Ireland’s DPC fined TikTok €530M for sending EU user data to China
• 21:2 : How to Configure Email Security With DMARC, SPF, And DKIM
• 21:2 : Week in Review: Cybersecurity CEO busted, Cloudflare’s DDoS increase, FBI’s help request
• 20:31 : Hackers Exploit Critical NodeJS Vulnerabilities to Hijack Jenkins Agents for RCE
• 20:31 : Hackers Exploit New Eye Pyramid Offensive Tool With Python to Launch Cyber Attacks
• 20:5 : IT Security News Hourly Summary 2025-05-02 21h : 3 posts
• 20:2 : New MCP-Based Attack Techniques and Their Application in Building Advanced Security Tools
• 20:2 : Mike Waltz Has Somehow Gotten Even Worse at Using Signal
• 19:32 : Why CISOs Are Adopting DevSecOps for Secure Software Development
• 19:32 : Nebulous Mantis hackers have Deployed the RomCom RAT globally, Targeting organizations.
• 19:31 : Cyberattack Targets Iconic UK Retailer Harrods
• 19:31 : BSidesLV24 – Proving Ground – You Can Be Neurodivergent And Succeed In InfoSec
• 19:3 : DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
• 19:3 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
• 19:3 : Privacy for Agentic AI
• 18:2 : Police Seize Dark Web Shop Pygmalion, Access User Data from 7K Orders
• 18:2 : Dating app Raw exposed users’ location data and personal information
• 17:32 : The CISO’s Guide to Securing AI and Machine Learning Systems
• 17:32 : AI‑Powered Security Transformation with Tactical Approach to Integration
• 17:32 : Threat Actors Attacking Critical National Infrastructure With New Malware and Infrastructure
• 17:32 : Threat Actors Bypass MFA Using AiTM Attack via Reverse Proxies
• 17:32 : New MintsLoader Drops GhostWeaver via Phishing & ClickFix Attack
• 17:31 : New Report Reveals Hackers Now Aim for Money, Not Chaos
• 17:31 : Think That Job Offer on LinkedIn Is Real? Not Without This Badge
• 17:5 : IT Security News Hourly Summary 2025-05-02 18h : 4 posts
• 16:32 : Irish Regulator Fines TikTok €530m For GDPR Violation
• 16:32 : Microsoft To Host Elon Musk’s Grok AI Chatbot – Report
• 16:32 : UK Luxury Retailer Harrods Hit by Cyber Attack After M&S, Co-op
• 16:31 : On world password day, Microsoft says fewer passwords, more passkeys
• 16:31 : Disney Slack attack wasn’t Russian protesters, just a Cali dude with malware
• 16:2 : Enhancing EHR Security: Best Practices for Protecting Patient Data
• 16:2 : Hacker Calls Pahalgam Incident “Inside Job” on Rajasthan Education Department Website
• 15:32 : Generative AI makes fraud fluent – from phishing lures to fake lovers
• 15:31 : The Cloud Illusion: Why Your Database Security Might Be at Risk
• 15:2 : TikTok faces fine of €530 million for sending user data to China
• 15:2 : Optimize Deployment Pipelines for Speed, Security and Seamless Automation
• 15:2 : Treasury Moves to Ban Huione Group for Laundering $4 Billion
• 15:2 : Rhysida Ransomware Group Leaks 1.3M Files Stolen from Oregon DEQ After Failed Extortion Attempt
• 14:32 : New Subscription-Based Scams Attacking Users to Steal Credit Card Data
• 14:32 : New StealC V2 Expands to Include Microsoft Software Installer Packages and PowerShell Scripts
• 14:32 : New Report Warns of Ransomware Actors Building Organizational Structure For Complex Attacks
• 14:5 : IT Security News Hourly Summary 2025-05-02 15h : 8 posts
• 14:2 : Bolster Your Regulatory Compliance with Layered Security Measures
• 14:2 : Keeper Security renews Atlassian Williams Racing F1 partnership
• 14:2 : CISA Confirms Exploitation of SonicWall Vulnerabilities
• 13:32 : Microsoft sets all new accounts passwordless by default
• 13:32 : Three Brits charged over ‘active shooter threats’ swattings in US, Canada
• 13:31 : Large-Scale Data Breach at Frederick Health Exposes Patient Records
• 13:31 : Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
• 13:3 : Microsoft Exchange Online Flagging Gmail Emails as Spam – Fixes Issued
• 13:2 : Hackers Weaponizing Go Modules to Deliver Disk-Wiping Malware Leads to Data Loss
• 13:2 : ANY.RUN Unveils Q1 2025 Malware Trends Report, Highlighting Evolving Cyber Threats
• 13:2 : Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures
• 13:2 : TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
• 13:2 : White House Warns China of Cyber Retaliation Over Infrastructure Hacks
• 12:32 : Apple Warns Trump’s Tariffs Will Raise Costs By $900m
• 12:31 : In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down
• 12:2 : macOS Sandbox Escape Vulnerability Allows Keychain Deletion and Replacement
• 12:2 : Unmasking AI in Cybersecurity – From Dark-Web Tactics to Next-Gen Defenses
• 12:2 : State-Sponsored Hacktivism Attacks on The Rise, Rewrites Cyber Threat Landscape
• 11:31 : NCSC Guidance on “Advanced Cryptography”
• 11:31 : New Microsoft accounts will be “passwordless by default”
• 11:5 : IT Security News Hourly Summary 2025-05-02 12h : 8 posts
• 11:3 : 200+ Fake Retail Sites Used in New Wave of Subscription Scams
• 11:3 : MIWIC25: Marine Ruhamanya, Cybersecurity Senior Manager
• 11:3 : 15 Billion User Gain Passwordless Access to Microsoft Account Using Passkeys
• 11:2 : 15 PostgreSQL Monitoring Tools – 2025
• 11:2 : UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks
• 11:2 : Use AI-Driven Reconnaissance to Identify Cyber Threats
• 11:2 : How to Automate CVE and Vulnerability Advisory Response with Tines
• 10:32 : 7 Malicious PyPI Packages Abuse Gmail’s SMTP Protocol to Execute Malicious Commands
• 10:32 : Windows RDP Bug Allows Login With Expired Passwords – Microsoft Confirms No Fix
• 10:31 : Hackers Using New Eye Pyramid Tool to Leverage Python & Deploy Malware
• 10:31 : British govt agents step in as Harrods becomes third mega retailer under cyberattack
• 10:31 : Nova Scotia Power Says Hackers Stole Customer Information
• 10:3 : Luxury department store Harrods suffered a cyberattack
• 10:2 : RSA Conference 2025 Announcement Summary (Day 3)
• 10:2 : MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks
• 10:2 : Third of Online Users Hit by Account Hacks Due to Weak Passwords
• 9:32 : Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists
• 9:32 : Is your Roku TV spying on you? Likely, but here’s how you can take back control
• 9:31 : Microsoft Accounts Go Passwordless by Default
• 9:31 : Harrods Latest UK Retailer to Fall Victim to Cyber-Attack in Recent Days
• 9:2 : Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands
• 9:2 : U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog
• 8:37 : The Top 7 Enterprise VPN Solutions
• 8:37 : New Attack Techniques Using MCP & How It Will be Used to Build Security Tools
• 8:37 : NVIDIA TensorRT-LLM High-Severity Vulnerability Let Attackers Remote Code
• 8:36 : Ukrainian Nefilim Ransomware Affiliate Extradited to US
• 8:5 : IT Security News Hourly Summary 2025-05-02 09h : 10 posts
• 8:3 : CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits
• 8:3 : CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild
• 8:2 : LummaStealer’s FakeCAPTCHA Steals Browser Credentials Via Weaponized Microsoft Word Files
• 8:2 : Nebulous Mantis Hackers Actively Deploying RomCom RAT to Attack Organizations Worldwide
• 8:2 : Opsera improves GitHub security management
• 8:2 : Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support
• 8:2 : UK’s Co-op cyberattack, LabHost domains released, NSO WhatsApp damages
• 7:2 : NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code
• 7:2 : Windows Security in 2025: Battling Sophisticated Threats with Advanced Defenses
• 7:2 : AiTM Phishing Kits Bypassing MFA By Intercepting Credentials & Tokens
• 7:2 : Harrods Store Hit by Cyber Attack Following Marks & Spencer and Co-op
• 7:2 : Trellix Unveils New Phishing Simulator to Proactively Identify & Mitigate Phishing Attacks
• 7:2 : CISA Warns of Apache HTTP Server Escape Vulnerability Exploited in the Wild
• 6:33 : India Takes Bold Steps to Protect Citizens from Cyber Fraud: The Introduction of New Domain Names for Banks
• 6:33 : AI and automation shift the cybersecurity balance toward attackers
• 6:33 : Anviz unveils biometric access control solution
• 6:33 : Cybersecurity News Roundup: Book Deals, Retail Attacks, Apple Spyware Alerts, and More
• 6:2 : CISA Issues Alert on Actively Exploited Apache HTTP Server Escape Vulnerability
• 6:2 : Phone theft is turning into a serious cybersecurity risk
• 5:31 : Disney Hacker Admits Guilt After Stealing 1.1TB of Internal Data
• 5:31 : People know password reuse is risky but keep doing it anyway
• 5:2 : Zero Trust Implementation – A CISO’s Essential Resource Guide
• 5:2 : The CISO’s Role in Securing IoT in a Connected World
• 5:2 : How CISOs Can Leverage Threat Intelligence to Stay Proactive
• 5:2 : Building a Resilient Cyber Defense – CISO Strategies Unveiled
• 5:2 : How CISOs Can Successfully Lead Security Transformation in Hybrid Work Environments
• 4:32 : Infosec products of the month: April 2025
• 4:32 : Half of red flags in third-party deals never reach compliance teams
• 3:2 : TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks
• 3:2 : The CISO’s Playbook for Managing Third-Party Vendor Risks
• 3:2 : Packet Analysis Optimization Advanced Protocols For Cybersecurity Analysts
• 3:2 : Detecting And Investigating Webshells In Compromised CMS Environments
• 3:2 : Mastering GDPR, CCPA, and More – CISO Compliance Guide
• 3:2 : How CISOs Can Build Trust with Stakeholders in a Data-Driven Era
• 2:5 : IT Security News Hourly Summary 2025-05-02 03h : 2 posts
• 2:3 : ISC Stormcast For Friday, May 2nd, 2025 https://isc.sans.edu/podcastdetail/9434, (Fri, May 2nd)
• 2:3 : PsyOps of Phishing: A Wolf in Shepherd’s Clothing
• 1:31 : Tonic.ai product updates: May 2025
• 1:2 : Best travel VPNs 2025: The top travel VPNs for avoiding geo-blocks and censorship
• 1:2 : xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs
• 0:2 : Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations
• 23:5 : IT Security News Hourly Summary 2025-05-02 00h : 4 posts
• 23:2 : Washington’s Right to Repair Bill Heads to the Governor
• 23:2 : Dems look to close the barn door after top DOGE dog has bolted
• 23:2 : Application-Layer Visibility and Security | Contrast ADR vs Traditional Tools | Contrast Security
• 22:55 : IT Security News Daily Summary 2025-05-01
• 22:31 : AI Agents Are Here. So Are the Threats.
• 22:2 : npm Malware Targets Crypto Wallets, MongoDB; Code Points to Turkey
• 22:2 : Strengthening Cybersecurity Governance – CISO Best Practices
• 22:2 : BSidesLV24 – Ground Truth – AI In The Human Loop: GenAI In Security Service Delivery