IT Security News Daily Summary 2025-05-19

170 posts were published in the last hour

• 21:31 : 10 SaaS Security Risks Most Organizations Miss | Grip
• 21:6 : Serviceaide Leak Exposes Records of 500,000 Catholic Health Patients
• 20:32 : New Hannibal Stealer Uses Stealth and Obfuscation to Evade Detection
• 20:32 : New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials
• 20:7 : Cache Timing Techniques Used to Bypass Windows 11 KASLR and Reveal Kernel Base
• 20:7 : Chinese APT Hackers Target Organizations Using Korplug Loaders and Malicious USB Drives
• 20:7 : Trump Signs Controversial Law Targeting Nonconsensual Sexual Content
• 20:7 : How HashiCorp Vault and Red Hat OpenShift can work together
• 20:7 : EMEA blog | Dutch | Red Hat OpenShift Comes Out Exceptionally Strong in Data Security Survey Results
• 20:7 : Zero trust workload identity manager now available in tech preview
• 20:7 : Beware! A threat actor could steal the titles of your private (and draft) WordPress posts with this new vulnerability!
• 20:7 : Windows 11 KASLR Bypassed Using Cache Timing Techniques to Obtain The Kernel Base
• 20:5 : IT Security News Hourly Summary 2025-05-19 21h : 4 posts
• 19:32 : DDoSecrets Adds 410GB of TeleMessage Breach Data to Index
• 19:32 : A drug developer is buying 23andMe – what does that mean for your DNA data?
• 19:32 : BreachRx Lands $15 Million as Investors Bet on Breach-Workflow Software
• 19:9 : Microsoft just launched an AI that discovered a new chemical in 200 hours instead of years
• 19:9 : SEC SIM-swapper who Googled ‘signs that the FBI is after you’ put behind bars
• 19:9 : CISA Adds Six Known Exploited Vulnerabilities to Catalog
• 19:8 : Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025
• 18:32 : Hackers Exploit AutoIT Scripts to Deploy Malware Targeting Windows Systems
• 18:32 : Hackers Exploits Windows Via UAC Bypass Technique to Deploy Remcos RAT
• 18:32 : Hackers Leverage AutoIT Code to Deliver Malware Attacking Windows System
• 18:32 : Developing with Docker and Sonatype: Building secure software at scale
• 18:4 : 22,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Motors WordPress Theme
• 18:4 : UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen
• 18:4 : Vulnerability Summary for the Week of May 12, 2025
• 17:33 : Scope 3, Category 8: What Akamai Is Doing for Customer Reporting
• 17:32 : Compliance Insights: How to Stop Lateral Movement and Boost Authorization
• 17:32 : CISA Welcomes Madhu Gottumukkala as the New Deputy Director
• 17:32 : New Report Finds 67% of Organizations Experienced Cyber Attacks in the Last Year
• 17:32 : AI Web Application Firewalls Bypassed Using Prompt Injection Techniques
• 17:32 : Hacker Charged for Hijacking SEC Account to Promote Fake Bitcoin News
• 17:32 : Ivanti EPMM 0-day Vulnerability Actively Exploited in the Wild
• 17:32 : 67% of Organizations Faces Cyber Attack in The Past 12 Months – New Report
• 17:32 : How Los Angeles banned smartphones in schools (Lock and Code S06E10)
• 17:32 : Microsoft extends Zero Trust to secure the agentic workforce
• 17:9 : Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack
• 17:9 : A Silicon Valley VC Says He Got the IDF Starlink Access Within Days of October 7 Attack
• 17:9 : RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer
• 17:5 : IT Security News Hourly Summary 2025-05-19 18h : 10 posts
• 16:32 : Volkswagen Car Hack Exposes Owner’s Personal Data and Service Records
• 16:32 : Investigating Cobalt Strike Beacons Using Shodan: A Researcher’s Guide
• 16:32 : Hacker Arrested for Taking Over SEC Social Media to Spread False Bitcoin News
• 16:32 : Active Exploitation of Ivanti EPMM Zero-Day Vulnerability in the Wild
• 16:32 : Auth0-PHP Vulnerability Enables Unauthorized Access for Attackers
• 16:32 : Cocospy stalkerware apps go offline after data breach
• 16:32 : Printer Company Procolored Served Infected Software for Months
• 16:8 : Microsoft goes all in on Anthropic’s MCP standard for safer AI agent deployments
• 16:7 : BSidesLV24 – GroundFloor – Building Data Driven Access With The Tools You Have
• 16:7 : BSidesLV24 – GroundFloor – Prepare For The Apocalypse – Exposing Shadow And Zombie APIs
• 16:7 : Employee Monitoring Tool Kickidler Targeted in Ransomware Attacks
• 16:7 : Cybercriminals Employ Display Fake Login Pages in Your Browser
• 16:7 : Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
• 16:7 : New Malware on PyPI Poses Threat to Open-Source Developers
• 15:32 : Criminal records exposed in cyber attack on Ministry of Justice
• 15:32 : Google Details Hackers Behind UK Retailers Attack Now Targeting US
• 15:31 : Microsoft Published a Practical Guide for Migrating BitLocker Recovery Key Management From ConfigMgr to Intune
• 15:7 : Skitnet Malware Employs Stealth Techniques to Execute Payload and Maintain Persistence Techniques
• 15:7 : Google Reveals Hackers Targeting US Following UK Retailer Attacks
• 15:7 : Reddit, Webflow, and Superhuman are already customers—now GrowthX has $12M to grow
• 15:7 : Pharma giant Regeneron to buy 23andMe and its customers’ data for $256M
• 15:6 : Update your Chrome to fix serious actively exploited vulnerability
• 15:6 : We’re Answering Your Exposure Management Questions
• 15:6 : RCE Vulnerability Found in RomethemeKit For Elementor Plugin
• 14:32 : Building Resilient Identity Systems: Lessons from Securing Billions of Authentication Requests
• 14:32 : BreachForums Admin to Pay $700,000 in Health Care Data Breach
• 14:32 : Hackers Exploiting Confluence Server to Enable RDP Access & Remote Code Execution
• 14:32 : Hackers Leverage RVTools to Attack Windows Users With Bumblebee Malware
• 14:32 : Social Engineering Tactics – Training Employees to Stay Safe
• 14:32 : Skitnet Malware Leverage Stealth Techniques to Execute Its Payload & Establish Persistence Techniques
• 14:6 : What is a firewall and why do I need one?
• 14:6 : Japan passed a law allowing preemptive offensive cyber actions
• 14:6 : CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide
• 14:5 : ThreatMark offers protection against social engineering attacks and scams
• 14:5 : GDPR Changes Risk Undermining its Principles, Civil Society Groups Warn
• 14:5 : IT Security News Hourly Summary 2025-05-19 15h : 14 posts
• 13:34 : Over 40,000 iOS Apps Found Exploiting Private Entitlements, Zimperium
• 13:34 : Introducing Check Point MCP Servers: Integrate Check Point Cyber Security Capabilities Directly into Your AI Tools
• 13:4 : Open MPIC: The open-source path to secure Multi-Perspective Issuance Corroboration
• 13:4 : 17 Innovation Frameworks Every Business Leader Should Know in 2025
• 12:33 : AI model theft: Risk and mitigation in the digital era
• 12:33 : UK Legal Aid Agency Finds Data Breach Following Cyberattack
• 12:33 : Hackers Resurface with PowerSchool Data, Target Schools Again with New Threats
• 12:33 : How to Check If a Downloaded File Is Safe to Use
• 12:7 : Firefox Tests AI-Powered Perplexity Search Engine Directly in Browser
• 12:7 : Salesforce just unveiled AI ‘digital teammates’ in Slack — and they’re coming for Microsoft Copilot
• 12:7 : Volkswagen Car Hacked – Owner’s Personal Data & Service Details Exposed
• 12:7 : CISA to Discontinue Cybersecurity Alerts & Advisories on Official Webpages
• 12:7 : Understanding APTs – Detection and Response for Enterprises
• 12:7 : Fileless Malware – How to Detect and Prevent Attacks
• 12:7 : Millions at risk after attackers steal UK legal aid data dating back 15 years
• 12:6 : Malicious RVTools installer found on official site, researcher warns
• 11:33 : Intel Blasts ‘Irrational’ EU Fine From 16-Year-Old Case
• 11:33 : EU Moves Toward Settlement On Microsoft Teams Bundling Probe
• 11:32 : Meta Asks Judge To Dismiss FTC Antitrust Case
• 11:32 : Coinbase Hit By $400m Crypto Scam
• 11:32 : US, UAE To Build Massive Abu Dhabi AI Campus
• 11:32 : The NSA’s “Fifty Years of Mathematical Cryptanalysis (1937–1987)”
• 11:32 : ⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More
• 11:32 : Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
• 11:31 : Why CTEM is the Winning Bet for CISOs in 2025
• 11:5 : Coordinated Intelligence: The Next Frontier for Onchain AI Agents
• 11:5 : From Classrooms to Code Red: 3,000+ Cyber Threats Hit U.S. Schools and Universities Weekly
• 11:5 : 480,000 Catholic Health Patients Impacted by Serviceaide Data Leak
• 11:5 : IT Security News Hourly Summary 2025-05-19 12h : 17 posts
• 10:32 : How to Win Followers and Scamfluence People
• 10:32 : For Tech Whistleblowers, There’s Safety in Numbers
• 10:32 : Who Even Is a Criminal Now?
• 10:32 : We 3D-Printed Luigi Mangione’s Ghost Gun. It Was Entirely Legal
• 10:32 : ModiLoader Malware Attacking Windows Users to Steal Login Credentials
• 10:32 : Firefox 0-day Vulnerabilities Let Attackers Execute Malicious Code
• 10:32 : Windows 11, VMware ESXi & Firefox 0-day Vulnerabilities Exploited – Pwn2Own Day 3
• 10:32 : 200,000 Harbin Clinic Patients Impacted by NRS Data Breach
• 10:32 : Spiking Neural Networks: Brain-Inspired Chips That Could Keep Your Data Safe
• 10:2 : New ModiLoader Malware Campaign Targets Windows PCs, Harvesting User Credentials
• 10:2 : Confluence Servers Under Attack: Hackers Leverage Vulnerability for RDP Access and Remote Code Execution
• 10:2 : Hackers Exploit RVTools to Deploy Bumblebee Malware on Windows Systems
• 10:2 : IT chiefs of UK’s massive health service urge vendors to make public security pledge
• 10:2 : Prison Sentence for Man Involved in SEC X Account Hack
• 9:32 : CISA to Stop Publishing Cybersecurity Alerts and Advisories on Webpages
• 9:32 : Critical Firefox 0-Day Flaws Allow Remote Code Execution
• 9:32 : Health Care Data Breach Costs BreachForums Admin $700,000 Fine
• 9:32 : Malwarebytes vs McAfee: Which Antivirus Is Right for You?
• 9:32 : SEC SIM Swapper Gets 14 Months for X Account Hijack
• 9:7 : Pwn2Own Day 3: Zero-Day Exploits Windows 11, VMware ESXi, and Firefox
• 9:7 : Preparing for the Quantum Future: Insights from the NCSC’s PQC Migration Roadmap
• 9:7 : Dead Man’s Scripts: The Security Risk of Forgotten Scheduled Tasks in Legacy Systems
• 9:7 : Pwn2Own Berlin 2025: total prize money reached $1,078,750
• 9:7 : James Comey is under investigation by Secret Service for a seashell photo showing “8647”
• 9:6 : Hackers Earn Over $1 Million at Pwn2Own Berlin 2025
• 9:6 : Legal Aid Agency Admits Major Breach of Applicant Data
• 8:31 : glibc Vulnerability Exposes Millions of Linux Systems to Code Execution Attacks
• 8:31 : Tracking Accusations May Have Roblox Back in Court
• 8:5 : IT Security News Hourly Summary 2025-05-19 09h : 5 posts
• 8:4 : #Infosec2025: How CISOs Can Stay Ahead of Evolving Cloud Threats
• 7:32 : SafeLine WAF: Best Security Choice for Small Businesses
• 7:32 : EU Stakes Out Digital Sovereignty With Vulnerability Database
• 7:32 : Cyble Titan strengthens endpoint security
• 7:32 : UK retailer update, Microsoft Defender disabler, deepfakes target officials
• 7:5 : Which websites have the most forgetful users?
• 7:5 : A week in security (May 12 – May 18)
• 7:5 : Abusing dMSA with Advanced Active Directory Persistence Techniques
• 6:32 : Exploiting dMSA for Advanced Active Directory Persistence
• 6:32 : GNU C(glibc) Vulnerability Let Attackers Execute Arbitrary Code on Millions of Linux Systems
• 6:7 : RAT Dropped By Two Layers of AutoIT Code, (Mon, May 19th)
• 6:7 : Scam Messages and emails increase exponentially after M & S Cyber Attack
• 6:7 : How to identify hackers sitting in a computer network
• 5:32 : Why EU encryption policy needs technical and civil society input
• 5:32 : AI hallucinations and their risk to cybersecurity operations
• 5:5 : IT Security News Hourly Summary 2025-05-19 06h : 2 posts
• 5:3 : Experts React: Coinbase Discloses Breach, Faces Up to $400 Million in Losses
• 5:3 : Achieving Operational Freedom with Advanced IAM
• 5:3 : Smart Strategies for Comprehensive Data Protection
• 5:2 : Leveraging Powerful Tools for Risk Management
• 5:2 : Securing Cloud Infrastructure to Handle Business Needs
• 5:2 : Hanko: Open-source authentication and user management
• 4:32 : Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel
• 4:8 : Windows Remote Desktop Gateway UAF Vulnerability Allows Remote Code Execution
• 3:39 : Mitigating Insider Threats and Zombie Accounts Amid Workforce and Contract Changes
• 3:39 : Eeek! p0wned Alabama hit by unspecified ‘cybersecurity event’
• 3:4 : Trend Joins NVIDIA to Secure AI Infrastructure with NVIDIA
• 2:5 : IT Security News Hourly Summary 2025-05-19 03h : 2 posts
• 2:2 : ISC Stormcast For Monday, May 19th, 2025 https://isc.sans.edu/podcastdetail/9456, (Mon, May 19th)
• 1:4 : Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
• 1:4 : China launches an AI cloud into orbit -12 sats for now, 2,800 in coming years
• 23:5 : IT Security News Hourly Summary 2025-05-19 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 20
• 22:55 : IT Security News Daily Summary 2025-05-18
• 22:4 : Crypto elite increasingly worried about their personal safety