IT Security News Daily Summary 2025-06-04

194 posts were published in the last hour

• 21:2 : Ukraine’s military intelligence agency stole 4.4GB of highly classified internal data from Tupolev
• 21:2 : Ukraine strikes Russian bomber-maker with hack attack
• 21:2 : Web Application Firewall (WAF) Best Practices For Optimal Security
• 20:32 : YARA-X 1.0.0: The Stable Release and Its Advantages
• 20:32 : Ransomware scum leak patient data after disrupting chemo treatments at Kettering
• 20:5 : Microsoft Launches Free Security Program for European Governments
• 20:5 : IT Security News Hourly Summary 2025-06-04 21h : 7 posts
• 20:5 : From Idea to Outcome: How WWT Is Leading the AI Security Conversation at Scale
• 19:32 : Updated Guidance on Play Ransomware
• 19:32 : Ransomware gang claims responsibility for Kettering Health hack
• 19:2 : Reddit Sues Anthropic, Alleging “Unlawful Business Acts”
• 19:2 : Exclusive: Hackers Leak 86 Million AT&T Records with Decrypted SSNs
• 19:2 : New Crocodilus Malware That Gain Complete Control of Android Device
• 19:2 : Business Email Compromise Attacks: How To Detect Them Early
• 18:32 : Nokia To Lead EU Robotics, Done Project
• 18:32 : Hackers Leak 86 Million AT&T Records with Decrypted SSNs
• 18:5 : Composing The Future Of AI: How Anat Heilper Orchestrates Breakthroughs In Silicon And Software
• 17:33 : 9,000 WordPress Sites Affected by Arbitrary File Upload and Deletion Vulnerabilities in WP User Frontend Pro WordPress Plugin
• 17:32 : Exploiting Clickfix: AMOS macOS Stealer Evades Security to Deploy Malicious Code
• 17:32 : Automation you can trust: Cut backlogs without breaking builds
• 17:32 : News alert: $198K in Grants Awarded to Boost Cybersecurity Workforce in Massachusetts
• 17:32 : Meta’s Secret Spyware: ‘Local Mess’ Hack Tracks You Across the Web
• 17:5 : IT Security News Hourly Summary 2025-06-04 18h : 15 posts
• 17:3 : Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
• 17:2 : OpenAI hits 3M business users and launches workplace tools to take on Microsoft
• 17:2 : Your Asus router may be part of a botnet – here’s how to tell and what to do
• 17:2 : Will Massive Security Glossary From Microsoft, Google, CrowdStrike, Palo Alto Improve Collaboration?
• 17:2 : CrowdStrike’s former CTO on cyber rivalries and how automation can undermine security for early-stage startups
• 17:2 : TCS Investigates Possible Link to M&S Cyberattack
• 16:33 : New Eleven11bot Hacks 86,000 IP Cameras for Large-Scale DDoS Attack
• 16:32 : DCRat Targets Latin American Users to Steal Banking Credentials
• 16:32 : SCATTERED SPIDER Hackers Target IT Support Teams & Bypass Multi-Factor Authentication
• 16:32 : The default TV setting you should turn off ASAP – and why professionals do the same
• 16:32 : Qualcomm patches three exploited security flaws, but you could still be vulnerable
• 16:32 : #Infosec2025 Cloud-Native Technology Prompts New Security Approaches
• 16:3 : Data breach at newspaper giant Lee Enterprises affects 40,000 people
• 16:3 : 16-30 January Cyber Attacks Timeline
• 16:3 : MathWorks Hit by Ransomware Attack Affecting Over 5 Million Clients
• 16:2 : Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
• 15:33 : Meta Signs 20 Year Deal For Nuclear Power To Meet AI Demand
• 15:33 : Lumma Infostealer Developers Persist in Their Malicious Activities
• 15:33 : HashiCorp Terraform leads IBM, Red Hat integration roadmap
• 15:32 : Google to Remove Two Certificate Authorities from Chrome Root Store
• 15:32 : Threat Actors Exploit ‘Prove You Are Human’ Scheme To Deliver Malware
• 15:32 : Windows Authentication Coercion Attacks Pose Significant Threats to Enterprise Networks
• 15:32 : IBM QRadar Vulnerabilities Let Attackers Access Sensitive Configuration Files
• 15:32 : Aembit Named to Rising in Cyber 2025 List of Top Cybersecurity Startups
• 15:32 : Google fixes another actively exploited vulnerability in Chrome, so update now!
• 15:32 : Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns
• 15:32 : #Infosec2025: Cybersecurity Support Networks Too Fragmented for SMBs, Say Experts
• 15:2 : Attackers fake IT support calls to steal Salesforce data
• 14:32 : The Cost of a Call: From Voice Phishing to Data Extortion
• 14:32 : Hello, Operator? A Technical Analysis of Vishing Threats
• 14:32 : Federal Judges Blocks Enforcement Of Florida Social Media Ban For Kids
• 14:32 : Aembit Recognized on the 2025 Rising in Cyber List of Top Cybersecurity Startups
• 14:32 : Malicious ‘Sleeper Agent’ Browser Extensions Infected 1.5 Million Users Globally
• 14:32 : Understanding Gartner Market Guide for Cloud Web Application and API Protection: How CloudGuard WAF Sets a New Standard in Web & API Protection
• 14:32 : Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
• 14:32 : #Infosec2025: Simplicity Should Guide Cybersecurity Purchasing Decisions
• 14:5 : Mistral AI’s new coding assistant takes direct aim at GitHub Copilot
• 14:5 : Android chipmaker Qualcomm fixes three zero-days exploited by hackers
• 14:5 : HPE fixed multiple flaws in its StoreOnce software
• 14:5 : New Firefox Feature Automatically Detects Malicious Extensions by Behavior
• 14:5 : IT Security News Hourly Summary 2025-06-04 15h : 17 posts
• 14:4 : Crims stole 40,000 people’s data from our network, admits publisher Lee Enterprises
• 14:4 : Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers
• 13:32 : Why It?s Time to Retire Traditional VPNs, Part 1
• 13:32 : Longstanding NATO Partnership Strengthens Our Collective Cyber Defenses
• 13:32 : New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials
• 13:32 : Hackers Weaponize Ruby Gems To Exfiltrate Telegram Tokens and Messages
• 13:32 : Going Into the Deep End: Social Engineering and the AI Flood
• 13:32 : Don’t Be a Statistic: Proactive API Security in the Age of AI
• 13:31 : #Infosec2025: Concern Grows Over Agentic AI Security Risks
• 13:5 : $400Million Coinbase Breach Linked to Customer Data Leak from India
• 13:4 : TSA Cautions Passengers Against Plugging Into Public USB Charging Stations
• 13:4 : FBI Warns of Silent Ransom Group Using Phishing and Vishing to Target U.S. Law Firms
• 13:4 : Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
• 13:4 : #Infosec2025: UK Retail Hack Was ‘Subtle, Not Complex,’ Says River Island CISO
• 13:4 : Phishing Campaign Uses Fake Booking.com Emails to Deliver Malware
• 12:35 : Smartphone Shipment Growth Down By Half, Warns Counterpoint
• 12:33 : How to Protect Your Online Presence from Devastating DDoS Attacks
• 12:32 : Windows Authentication Coercion Attacks Present Major Risks to Enterprise Networks
• 12:32 : Cobalt improves pentest transparency, automation, and risk prioritization
• 12:31 : Widespread Campaign Targets Cybercriminals and Gamers
• 12:7 : 35,000 Internet-Connected Solar Power Systems Vulnerable to Cyberattacks
• 12:7 : Roundcube Webmail under fire: critical exploit found after a decade
• 12:7 : Forget Your Tech Stack – Focus on Sales First with Paul Green
• 12:7 : Compyl Raises $12 Million for GRC Platform
• 12:7 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 12:7 : Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
• 12:6 : #Infosec2025: Device Theft Causes More Data Loss Than Ransomware
• 11:32 : APT37 Hackers Fake Academic Forum Invites to Deliver Malicious LNK Files via Dropbox Platform
• 11:32 : Apple’s iOS Activation Vulnerability Allows Injection of Unauthenticated XML Payloads
• 11:32 : North Face Fashion Brand Warns of Credential Stuffing Attack
• 11:32 : State-Sponsored Groups Actively Targeting Manufacturing Sector & OT systems
• 11:32 : Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift
• 11:31 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 11:31 : Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)
• 11:3 : New Malware Attack Uses Malicious Chrome & Edge Extensions to Steal Sensitive Data
• 11:3 : The Race to Build Trump’s ‘Golden Dome’ Missile Defense System Is On
• 11:3 : The Ramifications of Ukraine’s Drone Attack
• 11:2 : Microsoft Defender for Endpoint Contained 120,000 & Saved 180,000 Devices From Cyberattack
• 11:2 : Russian Hacker Black Owl Attacking Critical Industries To Steal Financial Details
• 11:2 : Wireshark Certified Analyst: Official Wireshark Certification Released for Security Professionals
• 11:2 : Webinar Today: Redefining Vulnerability Management With Exposure Validation
• 11:2 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 10:32 : Wireshark Certified Analyst – Wireshark Released Official Certification for Security Professionals
• 10:32 : IBM QRadar Vulnerabilities Expose Sensitive Configuration Files to Attackers
• 10:32 : You’re Not Ready for Quantum Cracks
• 10:32 : You’re Not Ready
• 10:32 : A GPS Blackout Would Shut Down the World
• 10:32 : The US Grid Attack Looming on the Horizon
• 10:32 : The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare
• 10:32 : Victoria’s Secret Says It Will Postpone Earnings Report After Recent Security Breach
• 10:31 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 10:2 : New Crocodilus Malware Grants Full Control Over Android Devices
• 10:2 : U.S. CISA adds Multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities catalog
• 10:2 : Thousands Hit by The North Face Credential Stuffing Attack
• 10:2 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 9:33 : Phishing e-mail that hides malicious link from Outlook users, (Wed, Jun 4th)
• 9:33 : What 17,845 GitHub Repos Taught Us About Malicious MCP Servers
• 9:33 : Pornhub Exits France Over Age Verification Law
• 9:33 : StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025
• 9:32 : Threat Actors Abuse ‘Prove You Are Human’ System to Distribute Malware
• 9:32 : Threat Actor Bribes Overseas Support Agents to Steal Coinbase Customer Data
• 9:32 : The Future of Cybersecurity Standards for Global Federal Energy Systems
• 9:32 : CISA Releases ICS Advisories Covering Vulnerabilities & Exploits
• 9:32 : DollyWay World Domination Attack Hacked 20,000+ Sites & Redirects Users to Malicious Sites
• 9:32 : Threat Actors Bribed Overseas Support Agents to Steal Coinbase Customer Data
• 9:32 : Russian Dark Web Markets Most Popular Tools Fuels Credential Theft Attacks
• 9:32 : Cryptography Essentials – Securing Data with Modern Encryption Standards
• 9:32 : UK CyberEM Command to spearhead new era of armed conflict
• 9:31 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 9:2 : Podcast Episode: Why Three is Tor’s Magic Number
• 9:2 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 8:32 : Hackers Exploit Ruby Gems to Steal Telegram Tokens and Messages
• 8:32 : Microsoft Defender for Endpoint Prevents Cyberattack,Secures 180,000 Devices
• 8:32 : 35,000 Solar Power Systems Exposed to Internet
• 8:32 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 8:31 : Salt Illuminate strengthens API security
• 8:31 : #Infosec2025: Startups Focus on Visibility and Governance, not AI
• 8:9 : Cartier disclosed a data breach following a cyber attack
• 8:9 : TXOne Networks unveils intelligent vulnerability mitigation capability
• 8:9 : Ukraine war spurred infosec vet Mikko Hyppönen to pivot to drones
• 8:9 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 8:9 : Varonis Identity Protection unifies identity and data security
• 8:9 : Zscaler empowers businesses to extend zero trust everywhere
• 8:9 : #Infosec2025: Majority of Compromises Caused by Stolen Credentials, No MFA
• 8:5 : IT Security News Hourly Summary 2025-06-04 09h : 7 posts
• 7:32 : Custom Active Directory Extensions Create Stealthy Backdoors for Corporate Attacks
• 7:32 : Custom Active Directory Client-Side Extensions Enable Stealthy Corporate Backdoors
• 7:32 : ThreatBook Selected In The First-ever Gartner® Magic Quadrant™ For Network Detection And Response (NDR)
• 7:32 : Governments Losing Efforts To Gain Backdoor Access To Secure Communications – New Report
• 7:32 : How to Conduct a Red Team Exercise – Step-by-Step Guide
• 7:32 : Stay Ahead of Identity Threats with Grip ITDR 2.0 | Grip
• 7:32 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 7:32 : Meta, Yandex take heat on browsing identifiers, Acreed malware makes gains, HPE warns of critical auth bypass
• 7:7 : Which are easier to hack – eSIM or physical SIM?
• 7:7 : ThreatBook Selected In The First-ever Gartner® Magic Quadrant™ For Network Detection And Response (NDR)
• 7:7 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 6:32 : DollyWay World Domination Attack Compromises 20,000+ Sites
• 6:32 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 6:31 : How to manage your cyber risk in a modern attack surface
• 6:31 : Emergency Patches, Ransomware Exposes, and Rising QR Code Scams
• 6:9 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 6:9 : The hidden risks of LLM autonomy
• 6:9 : HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
• 5:31 : ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR)
• 5:7 : This $35 Training Pack May Help You Land a Cybersecurity Job
• 5:7 : New Research Reveals Strengths and Gaps in Cloud-Based LLM Guardrails
• 5:7 : Understanding MITRE ATT&CK Framework – Practical Applications for Defenders
• 5:6 : Trustifi Raises $25 Million for AI-Powered Email Security
• 5:6 : Rethinking governance in a decentralized identity world
• 5:6 : Agentic AI and the risks of unpredictable autonomy
• 5:5 : IT Security News Hourly Summary 2025-06-04 06h : 2 posts
• 4:33 : CISOs need better tools to turn risk into action
• 4:6 : ‘Deliberate attack’ deletes shopping app’s AWS and GitHub resources
• 3:46 : Securing Cloud Infrastructure – AWS, Azure, and GCP Best Practices
• 3:46 : Threat Actors Exploiting DevOps Web Servers Misconfigurations To Deploy Malware
• 2:6 : ISC Stormcast For Wednesday, June 4th, 2025 https://isc.sans.edu/podcastdetail/9478, (Wed, Jun 4th)
• 2:6 : The 6 identity problems blocking AI agent adoption in hybrid environments
• 2:5 : IT Security News Hourly Summary 2025-06-04 03h : 3 posts
• 0:32 : Choosing the Right Strategy for Secrets Sprawl
• 0:32 : Is Your Investment in IAM Justified?
• 0:32 : Adapting to the Changing Landscape of NHIs Safety
• 0:2 : Mastering Intrusion Detection Systems – A Technical Guide
• 23:31 : Meta pauses mobile port tracking tech on Android after researchers cry foul
• 23:5 : IT Security News Hourly Summary 2025-06-04 00h : 7 posts
• 22:32 : Discover First, Defend Fully: The Essential First Step on Your API Security Journey
• 22:32 : You say Cozy Bear, I say Midnight Blizzard, Voodoo Bear, APT29 …
• 22:2 : How to Implement Zero Trust Architecture in Enterprise Networks
• 22:2 : Deep Dive into Endpoint Security – Tools and Best Practices for 2025
• 22:2 : Upgrading Splunk Universal Forwarders from the Deployment Server
• 22:2 : Retail Under Siege