IT Security News Daily Summary 2025-05-21

180 posts were published in the last hour

• 21:32 : Understanding Multisig Security for Enhanced Protection of Digital Assets
• 21:31 : Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up
• 21:31 : Finding the right balance between ‘vibe coders’ and security
• 21:5 : I thought my favorite browser blocked trackers but this free privacy tool proved me wrong
• 21:5 : CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine
• 21:4 : BSidesLV24 – PasswordsCon – Detecting Credential Abuse
• 20:5 : IT Security News Hourly Summary 2025-05-21 21h : 6 posts
• 19:32 : The Rise of the LMM AI Scrapers: What It Means for Bot Management
• 19:32 : The best VPN services for iPad in 2025: Expert tested and reviewed
• 19:32 : The best VPNs for school in 2025: Expert tested and reviewed
• 19:32 : What It Costs to Hire a Hacker on the Dark Web
• 19:32 : New Scan Reveals 150K Industrial Systems Around the Globe are Exposed to Cyberattacks
• 19:32 : 71 Fake Sites Using Brand Scam to Steal Payment Info Linked to German Retailer
• 19:31 : PupkinStealer Leveraging Web browser Passwords & App Tokens to Exfiltrate Data via Telegram
• 19:31 : FBI, Microsoft, international cops bust Lumma infostealer service
• 19:31 : Russia’s Fancy Bear swipes a paw at logistics, transport orgs’ email servers
• 19:4 : FBI, Microsoft, and international cops bust Lumma infostealer service
• 19:4 : Wyden: AT&T, T-Mobile, and Verizon weren’t notifying senators of surveillance requests
• 19:4 : Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
• 18:31 : Epic Games’ Fortnite Returns To Apple App Store In US, After Court Ruling
• 18:31 : Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation
• 18:31 : Lumma Stealer Malware-as-a-Service operation disrupted
• 18:2 : Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
• 18:2 : Coinbase confirms insiders handed over data of 70K users
• 17:38 : Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees
• 17:38 : Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication
• 17:38 : Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security
• 17:38 : CISA Warns of Russian Hackers Attacking Logistics & IT Companies with Windows Utilities
• 17:38 : PowerDNS Vulnerability Let Attackers Trigger DoS Attack Via Malicious TCP Connection
• 17:38 : Windows 11 Administrator Protection Enhances Security Against Elevated Privileges Attacks
• 17:37 : IBM Warns of One-Third of Cyber Attacks are Highly Sophisticated to Steal Login Credentials
• 17:5 : Sophisticated & Stealthy Formjacking Malware Targets E-Commerce Checkout Pages
• 17:5 : Google Returns To Smart Glasses With Kering Eyewear Partnership
• 17:5 : How to choose a cloud key management service
• 17:5 : Boost VM security: 8 key strategies
• 17:5 : Cloud Data Protection: How DSPM Helps You Discover, Classify and Secure All Your Data Assets
• 17:5 : Email Spoofing Security
• 17:5 : IT Security News Hourly Summary 2025-05-21 18h : 17 posts
• 17:4 : Survey: Too Much Time Being Spent on Managing Cybersecurity Tools
• 17:4 : Report Reveals Serious Security Issues in Common Browser Extensions
• 17:4 : Malicious Chrome Extensions Spoof Password Managers in Novel Polymorphic Attack
• 17:4 : Lostkeys Malware: Russian Group Coldriver Targets Western Officials in Espionage Campaign
• 17:4 : Bangladesh’s Deepfake Challenge: Why New Laws Aren’t Enough
• 17:4 : Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
• 16:32 : 71 Fake Websites Impersonating German Retailer to Steal Payment Information
• 16:32 : PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram
• 16:31 : Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals
• 16:2 : Windows 11 Introduces Enhanced Administrator Protection to Strengthen Security Against Elevated Privilege Attacks
• 16:2 : New Scan Uncovers 150K Industrial Systems Worldwide Vulnerable to Cyberattacks
• 16:2 : Judge allows Delta’s lawsuit against CrowdStrike to proceed with millions in damages on the line
• 16:2 : Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway
• 16:2 : Cybercriminals Mimic Kling AI to Distribute Infostealer Malware
• 15:32 : New Variant of Crypto Confidence Scam, (Wed, May 21st)
• 15:32 : M&S Cyberattack To Cost £300m And Upheaval To Last Into July
• 15:32 : IoT and Cybersecurity: Addressing Data Privacy and Security Challenges
• 15:32 : US student agrees to plead guilty to hack affecting tens of millions of students
• 15:32 : Cortex Cloud — Unified Efficiency, Now with Dual FedRAMP Authority
• 15:32 : Now Live: Threat Detection & Incident Response (TDIR) Summit
• 15:9 : Cellcom Confirms Cyberattack Following Widespread Service Outage
• 15:9 : VanHelsing Ransomware Builder Leaked on Hacking Forums
• 15:9 : 3 Ways MSSPs Can Boost Security Operations With Malware Sandbox
• 15:9 : SideWinder APT Hackers Exploiting Old Office Flaws to Deliver Malware Bypassing Detections
• 15:9 : Google carves out cloudy safe spaces for nations nervous about Uncle Sam’s servers
• 15:9 : Flaw in Google Cloud Functions Sparks Broader Security Concerns
• 14:32 : BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory
• 14:31 : Securing the Future: Best Practices for Privacy and Data Governance in LLMOps
• 14:5 : IT Security News Hourly Summary 2025-05-21 15h : 4 posts
• 14:2 : Employee Spotlight: Getting to Know Jay Dave
• 14:2 : Coinbase data breach impacted 69,461 individuals
• 14:2 : LockBit Internal Data Leak Exposes Payload Creation Patterns & Ransom Demands
• 14:2 : Trump announces $175B for Golden Dome defense shield over America
• 14:2 : Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users
• 14:2 : The OWASP LLM Top 10 and Sonatype: Data and model poisoning
• 13:32 : Legal Aid Agency Confirms Cyberattack, Data Theft
• 13:32 : KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
• 13:32 : Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies
• 13:32 : Russian GRU Targeting Western Logistics Entities and Technology Companies
• 13:32 : Coinbase says its data breach affects at least 69,000 customers
• 13:32 : Data-stealing VS Code extensions removed from official Marketplace
• 13:31 : PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
• 13:7 : PowerDNS Vulnerability Allows Attackers to Trigger DoS Attacks Through Malicious TCP Connections
• 13:7 : Prioritizing Cloud Security Risks: A Developer’s Guide to Tackling Security Debt
• 13:7 : Webroot vs McAfee: Which Antivirus Is Right for You?
• 13:7 : Extracting Credentials from Microsoft Deployment Toolkit Shares – Red Teaming
• 13:7 : Atlassian Warns of Multiple High-Severity Vulnerabilities Hits Data Center Server
• 13:7 : 100+ Malicious Chrome Extensions Attacking Users to Exfiltrate Login Credentials & Execute Remote Code
• 13:7 : Teen Hacker Admits Guilt in Major Cyberattack on PowerSchool
• 13:7 : Anchore SBOM tracks software supply chain issues
• 13:7 : Securing CI/CD workflows with Wazuh
• 13:6 : Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
• 12:32 : How Private Investigators Handle Digital Forensics?
• 12:32 : 19-Year-Old Hacker Admits Guilt in Major Cyberattack on PowerSchool
• 12:32 : IBM Warns: One-Third of Cyber Attacks Use Advanced Tactics to Steal Login Credentials
• 12:32 : VanHelsing Ransomware Builder Exposed on Hacker Forums
• 12:4 : SideWinder APT Hackers Exploits Legacy Office Vulnerabilities to Deploy Malware Undetected
• 12:4 : Falco – Real-Time Threat Detection for Linux and Containers
• 11:32 : Nvidia’s Jensen Huang Hits Out At US Chip Export Controls
• 11:31 : More AIs Are Taking Polls and Surveys
• 11:31 : Kettering Health Suffers System Wide Outage Following Ransomware Attack
• 11:31 : Hackers Could Abuse Google Cloud Platform to Execute Malicious Commands
• 11:31 : How to Detect Phishing Attacks Faster: Tycoon2FA Example
• 11:5 : IT Security News Hourly Summary 2025-05-21 12h : 16 posts
• 11:2 : LockBit Internal Data Leak Reveals Payload Creation Methods and Ransom Demands
• 11:2 : Cellcom Confirms Cybersecurity Breach After Network Failure
• 11:2 : U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog
• 11:2 : US Student to Plead Guilty Over PowerSchool Hack
• 11:2 : US Teen to Plead Guilty in PowerSchool Extortion Campaign
• 10:32 : Over 100 Malicious Chrome Extensions Exploiting Users to Steal Login Credentials and Execute Remote Code
• 10:32 : 3 Teens Almost Got Away With Murder. Then Police Found Their Google Searches
• 10:32 : Dero miner zombies biting through Docker APIs to build a cryptojacking horde
• 10:32 : MSPs in 2025: From “Break-Fix to Business Advisor” with Nigel Moore
• 10:32 : Hackers Created Fake Version of AI Tool to Attack 6 Million Users
• 10:32 : Lexmark Printer Vulnerability Allows Attackers to Execute Arbitrary Code
• 10:32 : Cellcom Service Disruption Caused by Cyberattack
• 10:32 : Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
• 10:31 : Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
• 10:31 : Two-Fifths of Americans Want to Ban Biometric Use
• 10:2 : Mike Lynch’s Superyacht Recovery Restarts After Diver Death
• 10:2 : Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
• 10:2 : A critical flaw in OpenPGP.js lets attackers spoof message signatures
• 10:2 : Up to 25% of Internet-Exposed ICS Are Honeypots: Researchers
• 10:2 : Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit
• 10:2 : Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities
• 10:2 : Google DeepMind Unveils Defense Against Indirect Prompt Injection Attacks
• 10:2 : M&S Braces for £300 Million Cyber-Attack Costs
• 9:32 : Silicon UK AI For Your Business Podcast: The New Threat Landscape of Generative AI
• 9:32 : Scammers Use Fake Kling AI Ads to Spread Malware
• 9:32 : Malicious Hackers Create Fake AI Tool to Exploit Millions of Users
• 9:32 : Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities
• 9:32 : Atlassian Alerts Users to Multiple Critical Vulnerabilities Affecting Data Center Server
• 9:32 : Key Takeaways from the IBM X-Force 2025 Threat Intelligence Index
• 9:31 : M&S warns of £300M dent in profits from cyberattack
• 9:31 : NCSC Helps Firms Securely Dispose of Old IT Assets
• 9:3 : Critical Vulnerability in Lexmark Printers Enables Remote Code Execution
• 9:2 : Kettering Health Experiences System-Wide Outage Due to Ransomware Attack
• 9:2 : New Phishing Attack Uses AES & Malicious npm Packages to Office 365 Login Credentials
• 9:2 : Upgrade to Microsoft Windows 11 Home for Just $15
• 9:2 : Palo Alto GlobalProtect Vulnerability Enables Malicious Code Execution – PoC Released
• 9:2 : UK ‘extremely dependent’ on US for space security
• 9:2 : Ransomware Attack Forces Kettering Health to Cancel Procedures
• 9:2 : Strategic Defense Innovation: Israel and South Korea’s Technological Partnership
• 8:31 : Attaxion Leads the Way as First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)
• 8:5 : IT Security News Hourly Summary 2025-05-21 09h : 11 posts
• 8:4 : Podcast Episode: Love the Internet Before You Hate On It
• 8:4 : Scattered Spider snared financial orgs before targeting shops in Britain, America
• 8:4 : Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
• 7:32 : Critical OpenPGP.js Vulnerability Allows Spoofing
• 7:32 : Attaxion Becomes the First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)
• 7:32 : Strider Spark protects organizations from state-sponsored threats
• 7:32 : Veeam Kasten for Kubernetes v8 unifies VM and container data protection
• 7:31 : DOJ investigates Coinbase attack, Dutch cyber-espionage law passes, VanHelsing ransomeware leaked
• 7:4 : Roblox chat ends in 10-year-old’s abduction
• 7:4 : Critical VMware ESXi & vCenter Flaw Allows Remote Execution of Arbitrary Commands
• 7:4 : Hazy Hawk Targets DNS Vulnerabilities to Hijack Cloud Resources and Spread Malware
• 7:4 : Critical Vulnerability in Palo Alto GlobalProtect Gateway & Portal Enables Remote Code Execution
• 7:4 : Microsoft Emergency Patch, Pwn2Own Berlin 2025 Highlights, and Emerging Cybersecurity Threats
• 6:32 : Google Warns Users About Phishing Scam Targeting 2 Billion Active Accounts
• 6:32 : Catfishing via ChatGPT: A Deep Cybersecurity Concern
• 6:32 : New Microsoft O365 Phishing Attack Uses AES & Malicious npm Packages to Steal Login Credentials
• 6:31 : Multiple Foscam X5 IP Camera Vulnerabilities Let Attackers Execute Arbitrary Code
• 6:5 : The Cybersecurity Gap Is No Longer Talent—It’s Tempo
• 6:5 : SK Telecom revealed that malware breach began in 2022
• 6:4 : What good threat intelligence looks like in practice
• 5:32 : It’s Time to Move Away from the “Phonebook” Approach to Cybersecurity
• 5:5 : IT Security News Hourly Summary 2025-05-21 06h : 1 posts
• 5:4 : AutoPatchBench: Meta’s new way to test AI bug fixing tools
• 4:32 : Nation-state APTs ramp up attacks on Ukraine and the EU
• 4:31 : Third-party cyber risks and what you can do
• 3:31 : New AI Video Tool Scam Delivers Noodlophile Malware to Steal Your Data
• 3:4 : Hazy Hawk Exploits Organizations’ DNS Gaps to Abuse Cloud Resources & Deliver Malware
• 2:8 : ISC Stormcast For Wednesday, May 21st, 2025 https://isc.sans.edu/podcastdetail/9460, (Wed, May 21st)
• 1:32 : ESET APT Activity Report Q4 2024–Q1 2025
• 1:32 : The who, where, and how of APT attacks in Q4 2024–Q1 2025
• 1:32 : ‘Ongoing’ Ivanti hijack bug exploitation reaches clouds
• 1:31 : Keeper Security appoints new CISO
• 23:5 : IT Security News Hourly Summary 2025-05-21 00h : 4 posts
• 22:55 : IT Security News Daily Summary 2025-05-20
• 22:31 : More_Eggs Malware Exploits Job Application Emails to Deliver Malicious Payloads
• 22:31 : Kimsuky APT Group Uses Using Powershell Payloads to Deliver XWorm RAT
• 22:4 : KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS