IT Security News Daily Summary 2025-06-13

135 posts were published in the last hour

• 21:36 : News brief: Gartner Security and Risk Management Summit recap
• 21:2 : ‘No Kings’ Protests, Citizen-Run ICE Trackers Trigger Intelligence Warnings
• 21:2 : LinuxFest Northwest: Chaos Testing Of A Postgres Cluster On Kubernetes
• 21:2 : Week in Review: Google and Cloudflare outages, Copilot Zero-Click, Cloudflare’s Claude flair
• 20:5 : IT Security News Hourly Summary 2025-06-13 21h : 3 posts
• 20:4 : What a smart contract audit is, and how to conduct one
• 20:4 : How to write a risk appetite statement: Template, examples
• 19:2 : CISO’s guide to building a strong cyber-resilience strategy
• 18:34 : Do you trust Xi with your ‘private’ browsing data? Apple, Google stores still offer China-based VPNs, report says
• 18:34 : How to create post-quantum signatures using AWS KMS and ML-DSA
• 18:5 : Understanding the Fundamentals of Cryptography
• 18:4 : Paraguay Suffered Data Breach: 7.4 Million Citizen Records Leaked on Dark Web
• 17:38 : Meta AI is a ‘Privacy Disaster’ — OK Boomer
• 17:37 : AI security strategies from Amazon and the CIA: Insights from AWS Summit Washington, DC
• 17:8 : The cloud broke Thursday and it’ll happen again – how to protect your business before then
• 17:8 : China and Taiwan Accuse Each Other for Cyberattacks Against Critical Infrastructure
• 17:8 : US Seizes $7.7 Million From Crypto Linked to North Korea’s IT Worker Scam
• 17:5 : IT Security News Hourly Summary 2025-06-13 18h : 8 posts
• 16:38 : Mitigating prompt injection attacks with a layered defense strategy
• 16:37 : How identity management is shifting into the agent era
• 16:37 : Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks
• 16:37 : FBI Issues Alert as BADBOX 2.0 Malware Infects Over 1 Million Devices, Hijacking Home Networks Worldwide
• 16:9 : Meta Sues Developer of CrushAI ‘Nudify’ App
• 16:8 : First Known Zero-Click AI Exploit: Microsoft 365 Copilot’s ‘EchoLeak’ Flaw
• 16:8 : INTERPOL-Led Effort Dismantles Infostealer Malware Network in 26 Countries Across Asia-Pacific Region
• 16:8 : CBP’s Predator Drone Flights Over LA Are a Dangerous Escalation
• 16:8 : Kali Linux 2025.2 Released: Smartwatch Wi-Fi Injection, Android Radio, and Hacking Tools
• 16:8 : Your Meta AI chats might be public, and it’s not a bug
• 16:8 : Predator Spyware Activity Resurfaces in Mozambique Using Novel Techniques
• 16:8 : Massive Data Leak Exposes Billions of Records in Suspected Chinese Surveillance Database
• 15:37 : Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added
• 15:36 : What Can Schools Expect When Choosing Heimdal?
• 15:36 : Securing the Connected Factory Floor
• 15:36 : Apple fixes zero-click exploit underpinning Paragon spyware attacks
• 15:36 : Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names
• 15:36 : AWS CIRT announces the launch of the Threat Technique Catalog for AWS
• 15:8 : First Known ‘Zero-Click’ AI Exploit: Microsoft 365 Copilot’s EchoLeak Flaw
• 15:8 : Envilder – Secure AWS SSM CLI for Environment Variable Management
• 14:35 : Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
• 14:6 : Google Resolves Global Cloud Outage
• 14:6 : Discover Check Point’s AI-powered, cloud-delivered security solutions at AWS re:Inforce 2025
• 14:6 : Here’s What Marines and the National Guard Can (and Can’t) Do at LA Protests
• 14:6 : Microsoft 365 Authentication Issues Disrupt User Access Across Multiple Regions
• 14:5 : Predator Mobile Spyware Remains Consistent with New Design Changes to Evade Detection
• 14:5 : Wanted: Junior cybersecurity staff with 10 years’ experience and a PhD
• 14:5 : In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost
• 14:5 : IT Security News Hourly Summary 2025-06-13 15h : 7 posts
• 13:34 : API Security Under Federal Scrutiny: A Wake-Up Call for CIOs
• 13:34 : Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header
• 13:34 : NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures
• 13:34 : Paragon Spyware Used to Spy on European Journalists
• 13:34 : Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale
• 13:2 : Red team AI now to build safer, smarter models tomorrow
• 13:2 : New GitHub Device Code Phishing Attacks Targeting Developers to Steal Tokens
• 13:2 : Acer Control Center Vulnerability Let Attackers Execute Malicious Code as a Privileged User
• 13:2 : New SmartAttack Steals Sensitive Data From Air-Gapped Systems via Smartwatches
• 12:37 : TeamFiltration Abused in Entra ID Account Takeover Campaign
• 12:37 : iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
• 12:5 : Meta Invests $14.3bn In AI Firm Scale, Poaches CEO
• 12:4 : Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access
• 12:4 : The New AI Attack Surface — How Cortex Cloud Secures MCP
• 12:4 : Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday
• 11:36 : Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User
• 11:35 : Amazon Cloud Cam Flaw Allows Attackers to Intercept and Modify Network Traffic
• 11:35 : Heimdal for Schools: Why IT Teams Are Making the Switch
• 11:35 : Beyond Cyber Essentials: How to Go Beyond Compliance and Achieve Comprehensive Security
• 11:35 : Cyber Attacks on Schools: How Educational Institutions Are Tackling Cyber Threats
• 11:35 : When Schools Choose Heimdal: What to Expect
• 11:35 : Microsoft Defender Spoofing Vulnerability Allows Privilege Escalation and AD Access
• 11:35 : PoC Exploit Released for Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
• 11:35 : New TokenBreak Attack Bypasses AI Model’s with Just a Single Character Change
• 11:35 : HashiCorp Nomad Vulnerability Allows Privilege Escalation via ACL Policy Lookup Exploit
• 11:34 : CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
• 11:34 : Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
• 11:34 : European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
• 11:6 : Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens
• 11:5 : Apple confirmed that Messages app flaw was actively exploited in the wild
• 11:5 : January 2025 Cyber Attacks Statistics
• 11:5 : SimpleHelp Vulnerability Exploited Against Utility Billing Software Users
• 11:5 : Microsoft Data Loss Prevention (DLP): Tips to Protect Your Business Following the Latest Outage
• 11:5 : IT Security News Hourly Summary 2025-06-13 12h : 5 posts
• 10:33 : Serverless Tokens in the Cloud: Exploitation and Detections
• 10:33 : Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
• 10:33 : Graphite Spyware Uses iOS Zero-Click Flaw to Target Journalists
• 10:33 : Unpatched IT Tool Opens Door – Hackers Breach Billing Software Firm via SimpleHelp RMM
• 10:33 : HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation
• 10:33 : Paragon Spyware used to Spy on European Journalists
• 10:33 : Fog Ransomware Attack Employs Unusual Tools
• 10:32 : SAML vs. OAuth 2.0: Mastering the Key Differences
• 10:32 : Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
• 10:4 : Google “strongly encourages” its users to stop using passwords
• 9:32 : JSFireTruck Obfuscation Helps Cybercriminals Hijack Trusted Sites with Malicious JavaScript
• 9:32 : Fog Ransomware Actors Exploits Pentesting Tools to Exfiltrate Data and Deploy Ransomware
• 9:31 : Ransomware Actors Exploit Unpatched SimpleHelp RMM to Compromise Billing Software Provider
• 9:31 : Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
• 8:32 : PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability
• 8:32 : Slapped wrists for Financial Conduct Authority staff who emailed work data home
• 8:32 : Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption
• 8:32 : Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking
• 8:32 : Qilin Ransomware Actors Take Advantage of Newly Discovered Fortinet Bugs
• 8:5 : Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected
• 8:5 : Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer
• 8:5 : Ualabee – 472,296 breached accounts
• 8:5 : StackHawk Sensitive Data Identification provides visibility into high-risk APIs
• 8:5 : Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
• 8:5 : IT Security News Hourly Summary 2025-06-13 09h : 7 posts
• 7:34 : WebDAV Remote Code Execution 0-Day Actively Exploited — PoC Released
• 7:34 : TokenBreak Exploit Tricks AI Models Using Minimal Input Changes
• 7:34 : Graphite Spyware Exploits Apple iOS Zero-Click Vulnerability to Attack Journalists
• 7:34 : PoC Exploit Released for Critical WebDAV 0-Day RCE Vulnerability Exploited by APT Hackers
• 7:34 : ZeroRISC Raises $10 Million for Open Source Silicon Security Solutions
• 7:34 : Microsoft Entra attack, Thursday’s Cloud outages, Mark Green retires
• 7:2 : Does working from home come with cybersecurity challenges?
• 7:2 : Threat Actors Compromise 270+ Legitimate Websites With Malicious JavaScript Using JSFireTruck Obfuscation
• 6:37 : NSFOCUS Earns ISO 27701:2019 Privacy Information Management System Certification
• 6:37 : AI Security Threats: Echo Leak, MCP Vulnerabilities, Meta’s Privacy Scandal, and the ‘Peep Show’
• 6:8 : Smartwatches Potential Air-Gap Attack Vectors in “SmartAttack” Research
• 6:8 : What CISOs need to know about agentic AI
• 6:8 : Unpacking the security complexity of no-code development platforms
• 5:36 : Security flaws in government apps go unpatched for years
• 5:6 : Industry Veterans and New Talent Recognised at European Cybersecurity Blogger Awards 2025
• 5:6 : Keeper Security Named Overall Leader on GigaOm Radar Report for Enterprise Password Management
• 5:6 : 7 Steps to Developing a Cybersecurity Strategy
• 5:6 : 19 ways to build zero trust: NIST offers practical implementation guide
• 4:6 : New infosec products of the week: June 13, 2025
• 3:4 : Google Cloud and Cloudflare Suffers Massive Widespread Outages
• 2:9 : ISC Stormcast For Friday, June 13th, 2025 https://isc.sans.edu/podcastdetail/9492, (Fri, Jun 13th)
• 2:5 : IT Security News Hourly Summary 2025-06-13 03h : 2 posts
• 0:34 : [Guest Diary] Anatomy of a Linux SSH Honeypot Attack: Detailed Analysis of Captured Malware, (Fri, Jun 13th)
• 0:5 : Ransomware scum disrupted utility services with SimpleHelp attacks
• 23:34 : Assured Compliance Through Effective NHI Management
• 23:34 : Freedom to Choose Your NHI Security Approach
• 23:5 : IT Security News Hourly Summary 2025-06-13 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-06-12
• 22:34 : Inside a Dark Adtech Empire Fed by Fake CAPTCHAs