IT Security News Daily Summary 2025-06-09

173 posts were published in the last hour

• 21:4 : The best free VPNs of 2025: Secure, safe, and tested solutions
• 21:4 : Trump Signs Executive Order Overhauling US Cybersecurity Policies
• 21:3 : Can Online Casino Accounts Be Hacked?
• 21:3 : New DuplexSpy RAT Let Attackers Gain Complete Control of Windows Machine
• 21:3 : New Blitz Malware Attacking Windows Servers to Deploy Monero Miner
• 21:3 : Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit
• 21:3 : Criminalizing Masks at Protests is Wrong
• 21:2 : Been scammed online? Here’s what to do
• 21:2 : How and where to report an online scam
• 20:34 : Developers Beware! 16 React Native Packages With Million of Download Compromised Overnight
• 20:6 : Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems
• 20:5 : Fix Active Directory account lockouts with PowerShell
• 20:5 : HostBreach Offers Free Cyber Snapshot For CMMC Compliance Requirements
• 20:5 : OffensiveCon25 – Parser Differentials: When Interpretation Becomes a Vulnerability
• 20:5 : IT Security News Hourly Summary 2025-06-09 21h : 9 posts
• 20:4 : BadBox 2.0 Botnet Infects Million-Plus Devices, FBI Says
• 19:3 : Online Developer Tools a Backdoor to Security Threat
• 19:3 : DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam
• 19:3 : Security in the Age of AI with Anand Oswal
• 19:2 : The State of Identity Security with Morey Haber
• 18:36 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
• 18:36 : Paragon says it canceled contracts with Italy over government’s refusal to investigate spyware attack on journalist
• 18:36 : Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’
• 18:5 : How to Use SIEM Tools for Real-Time Threat Monitoring
• 18:5 : Malicious npm Packages as Utilities Let Attackers Destroy Production Systems
• 18:4 : Top 5 Best Cybersecurity Companies Leading The Industry Right Now in 2025
• 18:4 : Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign
• 18:4 : US Embassy Cautions Visa Applicants After Bengaluru Man Falls Prey to Scam
• 17:34 : Critical Wazuh Server RCE Vulnerability Exploited to Deploy Mirai Variants
• 17:34 : United Natural Foods Suffers Cyberattack – System Operations Halted
• 17:34 : Let them eat junk food: Major organic supplier to Whole Foods, Walmart, hit by cyberattack
• 17:33 : Mysterious Entity ExposedGang Exposes Cyber Criminals
• 17:5 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 17:5 : IT Security News Hourly Summary 2025-06-09 18h : 23 posts
• 17:4 : Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS
• 17:4 : Limited Canva Creator Data Exposed Via AI Chatbot Database
• 17:4 : New Report Reveals Chinese Hackers Attempted to Breach SentinelOne Servers
• 17:4 : Russian Market Sells Millions of Stolen Credentials
• 17:4 : Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
• 16:5 : OctoSQL & Vulnerability Data, (Sun, Jun 8th)
• 16:5 : 33,000 WordPress Sites Affected by Privilege Escalation Vulnerability in RealHomes WordPress Theme
• 16:5 : Two Botnets, One Flaw: Mirai Spreads Through Wazuh Vulnerability
• 16:5 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 16:5 : Bitter Malware Employs Custom-Built Tools to Evade Detection in Advanced Attacks
• 16:4 : Security in the Age of AI with Anand Oswal at RSAC Conference 2025
• 16:4 : Data Breach at Cartier Highlights Growing Cyber Risks in Luxury Sector
• 16:4 : New Wiper Malware Targets Ukrainian Infrastructure
• 16:4 : PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites
• 16:4 : Building secure foundations: A guide to network and infrastructure security at AWS re:Inforce 2025
• 15:32 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 15:32 : Skitnet Malware Actively Adopted by Ransomware Gangs to Enhance Operational Efficiency
• 15:32 : Organised Crime Gang Steals £47 Million from UK Tax Office in Phishing Scam
• 15:32 : Major US grocery distributor warns of disruption after cyberattack
• 15:32 : OpenAI Banned ChatGPT Accounts Used by Russian, Iranian, and Chinese Hackers
• 15:32 : Meta Found a New Way to Track Android Users Covertly via Facebook & Instagram
• 15:31 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 15:31 : Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
• 15:6 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 15:6 : U.S. Targets $7.7M in Crypto Tied to North Korean IT Worker Scam
• 15:6 : Meta Bypassed Privacy Protections to Track Android Users
• 15:5 : Google Warns of Surge in Cyberattacks Targeting US Users to Steal Login Credentials
• 15:5 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
• 15:5 : GhostVendors – Hackers Registered 4000+ Domains Mimic popular Major Brands
• 15:5 : Triple Combo – Kimsuky Hackers Attack Facebook, Email, and Telegram Users
• 15:5 : PocketPal AI Brings Offline AI Chatbot Experience to Smartphones With Full Data Privacy
• 15:5 : Vulnerability Summary for the Week of June 2, 2025
• 15:5 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 14:34 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 14:34 : Hackers Deploy FormBook Malware via Weaponized Excel Files to Target Windows Systems
• 14:34 : OpenAI Shuts Down ChatGPT Accounts Linked to Russian, Iranian & Chinese Cyber
• 14:34 : New Blitz Malware Targets Windows Servers to Deploy Monero Miner
• 14:34 : APT41 Hackers Leverage Google Calendar for Malware C2 in Attacks on Government Entities
• 14:33 : A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account
• 14:33 : Google fixes bug that could reveal users’ private phone numbers
• 14:33 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
• 14:33 : Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems
• 14:33 : React Native Aria Packages Backdoored in Supply Chain Attack
• 14:33 : Mirai Botnets Exploiting Wazuh Security Platform Vulnerability
• 14:33 : Guardz Banks $56M Series B for All-in-One SMB Security
• 14:32 : Trump EO Takes Aim at Biden, Obama Provisions for Identity, Sanctions, AI
• 14:32 : Contrast Northstar pairs runtime data and contextual analysis with AI-powered auto-remediation
• 14:32 : EU launches EU-based, privacy-focused DNS resolution service
• 14:32 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 14:5 : IT Security News Hourly Summary 2025-06-09 15h : 19 posts
• 14:2 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 13:35 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 13:35 : Over 1,000 Employees Departed CISA Since Trump Administration Began
• 13:35 : May 2025 Malware Spotlight: SafePay Surges to the Forefront of Cyber Threats
• 13:34 : Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware
• 13:34 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
• 13:34 : iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals
• 13:34 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 13:3 : Kettering Health Confirms Interlock Ransomware Breach and Data Theft
• 13:3 : Seraphic Security UnveilsBrowserTotal™ – Free AI-PoweredBrowser Security Assessment For Enterprises
• 13:2 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 13:2 : No Lollygagging: Cisco IOS XE Flaw With 10.0 Rating Should be Patched Now
• 13:2 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 12:34 : Serverless IAM: Implementing IAM in Serverless Architectures with Lessons from the Security Trenches
• 12:34 : Apple, Google, and Microsoft offer free password managers – but should you use them?
• 12:34 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 12:34 : Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
• 12:34 : Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise
• 12:34 : ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
• 12:7 : OpenAI bans ChatGPT accounts linked to Russian, Chinese cyber ops
• 12:7 : Windows 11 24H2 Disrupts Self-Delete Technique Used for Malware Evasion
• 12:7 : Forensic Analysis in Cybersecurity – Tools and Techniques for Incident Response
• 12:7 : Jenkins Gatling Plugin Vulnerability Let Attackers Bypass Content-Security-Policy Protection
• 12:7 : iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals
• 12:6 : Contrast Security Combines Graph and AI Technologies to Secure Applications
• 12:6 : RSA Extends Reach of Passwordless Management Platform
• 12:6 : Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
• 11:31 : Multiple QNAP Flaws Allow Remote Attackers to Hijack User Accounts
• 11:5 : New PathWiper Malware Strikes Ukraine’s Critical Infrastructure
• 11:5 : New DuplexSpy RAT Gives Attackers Full Control Over Windows Machines
• 11:5 : New Way to Track Covertly Android Users
• 11:5 : Arkana Ransomware Group Allegedly Claims Breach of Ticketmaster Databases
• 11:5 : Critical SOQL Injection 0-Day Vulnerability in Salesforce Affects Millions Worldwide
• 11:5 : IT Security News Hourly Summary 2025-06-09 12h : 9 posts
• 11:4 : Blocking stolen phones from the cloud can be done, should be done, won’t be done
• 11:4 : US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers
• 11:4 : Trump Administration Revises Cybersecurity Rules, Replaces Biden and Obama Orders
• 10:37 : Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere
• 10:36 : Apple AI Launch In China ‘Delayed Over US Tensions’
• 10:36 : Tesla’s Head Of Optimus Exits Company
• 10:36 : Jenkins Gatling Plugin Flaw Allows CSP Bypass, Exposing Systems to Attack
• 10:36 : Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
• 10:3 : Tesla Robotaxi Launch In Austin Expected This Month
• 10:3 : US-UAE AI Data Centre Deal ‘Far From Finalised’
• 10:3 : Beware for Developers: 16 React Native Packages with Millions of Downloads Compromised Overnight
• 10:3 : Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
• 10:3 : Sleep with one eye open: how Librarian Ghouls steal data by night
• 10:2 : Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison
• 9:36 : US Tries to Claw Back $7m Taken by North Korean IT Workers
• 9:5 : Australian Naval Operations Accidentally Jam New Zealand’s Internet and Radio
• 9:5 : New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721
• 9:4 : FBI Warns Smart Home Users of Badbox 2.0 Botnet Threat
• 8:37 : DeepSeek Hires Interns As It Expands Medical Capabilities
• 8:37 : Stablecoin Company Circle Internet Surges After IPO
• 8:37 : X Displays Blue Check Disclaimer To Avoid EU Fine
• 8:37 : Critical Salesforce Vulnerability Exposes Global Users to SOQL Injection Attacks
• 8:37 : HelloTDS Malware Spread via FakeCaptcha Infrastructure Infects Millions of Devices
• 8:36 : Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
• 8:36 : Why MSSPs Must Prioritize Cyber Risk Quantification in 2025
• 8:5 : Are technologists a threat to doing business securely?
• 8:5 : BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns
• 8:5 : New Malware Attack Via “I’m not a Robot Check” to Trick Users into Running Malware
• 8:5 : OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups
• 8:5 : IT Security News Hourly Summary 2025-06-09 09h : 3 posts
• 7:39 : Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux
• 7:39 : A week in security (June 1 – June 7)
• 7:38 : Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies
• 7:38 : Do You Really Need a REAL ID to Fly in the US? Breaking Down the Myths
• 7:38 : Cyber executive order, Neuberger’s infrastructure warning, Mirai botnet warning
• 6:32 : Kimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and Telegram
• 6:32 : Balancing cybersecurity and client experience for high-net-worth clients
• 6:31 : Cybersecurity Today: Massive Smart TV Botnets and Major US Cyber Policy Overhaul
• 6:5 : CISOs, are you ready for cyber threats in biotech?
• 5:5 : IT Security News Hourly Summary 2025-06-09 06h : 5 posts
• 5:4 : fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
• 4:36 : Employees repeatedly fall for vendor email compromise attacks
• 4:36 : Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques
• 3:39 : PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution
• 3:8 : China’s asteroid-and-comet hunter probe unfurls a ‘solar wing’
• 3:8 : Proactive Measures for NHI Threat Detection
• 3:8 : Stay Reassured with Enhanced NHI Safety
• 3:8 : Confidence in Handling NHIs Effectively
• 2:4 : ISC Stormcast For Monday, June 9th, 2025 https://isc.sans.edu/podcastdetail/9484, (Mon, Jun 9th)
• 2:4 : OffensiveCon25 – Skin In The Game: Survival Of GPU IOMMU Irregular Damage
• 23:5 : IT Security News Hourly Summary 2025-06-09 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 23
• 22:55 : IT Security News Daily Summary 2025-06-08
• 22:31 : US infrastructure could crumble under cyberattack, ex-NSA advisor warns
• 22:4 : Hackers Using Fake IT Support Calls to Breach Corporate Systems, Google