IT Security News Daily Summary 2025-08-29

179 posts were published in the last hour

• 21:35 : Friday Squid Blogging: Catching Humboldt Squid
• 21:35 : Researcher who found McDonald’s free-food hack turns her attention to Chinese restaurant robots
• 20:37 : Best Labor Day smartwatch deals 2025: Sales on Apple, Google, and Samsung watches
• 20:36 : Meta will sell you refurbished Ray-Ban smart glasses for $76 off – how to find them
• 20:6 : 8 Malicious NPM Packages Stole Chrome User Data on Windows
• 20:6 : New LinkedIn study reveals the secret that a third of professionals are hiding at work
• 20:5 : How OpenAI is reworking ChatGPT after landmark wrongful death lawsuit
• 20:5 : Best robot mowers of 2025: From Husqvarna to Segway, here are the top performers
• 20:5 : Best MagSafe battery packs 2025: I tested the best options to boost your phone’s battery
• 20:5 : IT Security News Hourly Summary 2025-08-29 21h : 12 posts
• 20:4 : The best Android phones of 2025: Expert tested and reviewed
• 19:33 : WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
• 19:33 : Massive TransUnion breach leaks personal data of 4.4 million customers – what to do now
• 19:32 : Hate voicemail? Pixel’s new feature replaces it with something way better
• 19:32 : BSidesSF 2025: Log In Through The Front Door: Automating Defense Against Credential Leaks
• 19:4 : Best Labor Day TV deals 2025: Save almost 50% on Samsung, LG, and more
• 18:52 : Dexter: Resurrection Finale Leaks Online in Russian Dub
• 18:50 : This Milwaukee 9-tool kit is $200 off for Labor Day – here’s what’s included
• 18:48 : I deciphered Apple’s iPhone 17 event invite – my 3 biggest theories for what’s expected
• 18:47 : Every iPhone model that can be updated to iOS 26 (and which ones don’t support it)
• 18:45 : There’s a secret way to buy Meta Ray-Bans for less than retail (including discontinued styles)
• 18:43 : CISA Adds One Known Exploited Vulnerability to Catalog
• 18:42 : WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
• 18:40 : US and Dutch Police dismantle VerifTools fake ID marketplace
• 18:39 : WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users
• 18:37 : Cutting Through AppSec Noise in the Age of GenAI
• 18:35 : Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
• 17:35 : Get a Milwaukee 9-tool kit for nearly 20% off for Labor Day
• 17:35 : AWS catches Russia’s Cozy Bear clawing at Microsoft credentials
• 17:35 : Why OT Security Demands Context, Not Just Controls
• 17:34 : The Hidden Costs of Fragmented Security Infrastructure
• 17:8 : Fake Facebook Ads Push Brokewell Spyware to Android Users
• 17:8 : How to clear your TV cache (and why it makes such a big difference)
• 17:7 : Citrix Netscaler 0-day RCE Vulnerability Patched – Vulnerable Instances Reduced from 28.2K to 12.4K
• 17:7 : Microsoft and IRONSCALES Crack Down on the Direct Send Exploit
• 17:7 : One unexpected challenge organizations face while implementing SOC 2
• 17:6 : Tonic.ai product updates: August 2025
• 17:5 : Webinar: Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook
• 17:5 : IT Security News Hourly Summary 2025-08-29 18h : 6 posts
• 16:35 : European Organizations Hit by Sophisticated PDF Editor Malware Campaign
• 16:9 : Weaponized PDFs and LNK Files Used in Windows Attacks
• 16:8 : I took this MagSafe battery pack on vacation, but now it’s an everyday carry
• 16:8 : OpenAI and Anthropic evaluated each others’ models – which ones came out on top
• 16:7 : Mitigating Security Risks in Low-Code Development Environments
• 16:7 : AI-Powered Cyber Crime Raises Worldwide Alarm Bells.
• 16:7 : Scientists create scalable quantum node linking light and matter
• 16:7 : New TAOTH Campaign Exploits End-of-Support Software to Distribute Malware and Collect Sensitive Data
• 16:6 : AppSuite PDF Editor Hacked to Execute Arbitrary Commands on The Infected System
• 16:6 : NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems
• 16:5 : NodeBB Vulnerability Let Attackers Inject Boolean-Based Blind and PostgreSQL Error-Based Payloads
• 16:5 : Colt Technology Services Confirms Customer Data Theft After Warlock Ransomware Attack
• 15:19 : What are the differences between OpenAI’s GPT 5 and GPT 4o?
• 15:16 : TransUnion Data Breach: 4.4 Million US Consumers’ Data Stolen
• 15:13 : Development of System Configuration Management: Handling Exclusive Configurations and Associated Templates
• 15:11 : A third of professionals are embarrassed by their lack of AI skills, says LinkedIn
• 15:8 : How I saved myself $1200 a year in cloud storage – in 5 sobering steps
• 15:7 : Data Privacy Claims on The Rise as Evolving Regulation, Wave of Litigation, And AI Shape Future Risk Landscape
• 14:44 : Get $70 off Meta Ray-Bans and find discontinued styles – here’s how
• 14:41 : TheSqua.re – 107,041 breached accounts
• 14:40 : Threat Actors Leveraging Windows and Linux Vulnerabilities in Real-world Attacks to Gain System Access
• 14:39 : Hackers Leverage Compromised Third-Party SonicWall SSL VPN Credentials to Deploy Sinobi Ransomware
• 14:38 : Cyber Attacks Targeting Education Sector Surges Following Back-to-School Season
• 14:37 : Hackers Weaponize PDF Along With a Malicious LNK File to Compromise Windows Systems
• 14:36 : VerifTools Fake ID Operation Dismantled by Law Enforcement
• 14:35 : In Other News: Iranian Ships Hacked, Verified Android Developers, AI Used in Attacks
• 14:35 : North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
• 14:28 : Data Is the New Diamond: Heists in the Digital Age
• 14:28 : AppSuite PDF Editor Exploit Lets Hackers Run Arbitrary Commands
• 14:27 : VS Code Marketplace Abused by Threat Actors to Deliver Malware via Trusted Extensions
• 14:25 : Employee Spotlight: Getting to Know Julia Rabinovich
• 14:24 : I ran a 100x camera zoom test with the Pixel 10 Pro and Samsung S25 Ultra – and there’s a clear winner
• 14:22 : This smart sensor showed me the hidden reality of electrical fire hazards at home
• 14:20 : Why one of the best robot vacuums for pets is from a brand you’ve never heard of
• 14:18 : 7 Copilot tricks to supercharge your classic Outlook – even if they’re not for me
• 14:16 : I found the easiest way to delete myself from the internet – and it’s fast
• 14:14 : Experts warn of actively exploited FreePBX zero-day
• 14:12 : Enterprise password management outfit Passwordstate patches Emergency Access bug
• 14:10 : Fake Netflix Job Offers Target Facebook Credentials in Real-Time Scam
• 14:9 : Aussie Telecom Breach Raises Alarm Over Customer Data Safety
• 14:7 : Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
• 14:6 : Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
• 13:20 : My top 6 productivity apps for Linux that are lesser known – but shouldn’t be
• 13:19 : Samsung’s latest preorder offer hints at big Galaxy tablet launch at Unpacked next month
• 13:18 : How I completed my ultimate smart home setup with this tablet hub (and why it works)
• 13:18 : 90% of IT pros say they feel isolated at work – here’s how to fix it
• 13:18 : I left my robot vacuum running for 10 days while I was away – here’s what I came home to
• 13:17 : Threat Actors Weaponizing Facebook Ads with Free TradingView Premium App Lures That Delivers Android Malware
• 13:17 : Virustotal’s New Endpoint Provides Functionality Descriptions for Malware Analysts’ Code Requests
• 13:16 : Multiple Hikvision Vulnerabilities Let Attackers Inject Executable Commands
• 13:14 : Google Confirms Potential Compromise of All Salesloft Drift Customer Authentication Tokens
• 13:12 : Reduce Fraud Risk with Effective Identity Verification
• 13:9 : TransUnion Data Breach Impacts 4.4 Million
• 13:7 : Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign
• 12:39 : VirusTotal Launches Endpoint That Explains Code Functionality for Malware Analysts
• 12:38 : Critical Hikvision Vulnerabilities Allow Remote Command Injection
• 12:38 : AI could dull your doctor’s detection skills, study finds
• 12:37 : This month in security with Tony Anscombe – August 2025 edition
• 12:37 : UK government dragged for incomplete security reforms after Afghan leak fallout
• 12:37 : Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks
• 12:37 : US Sanctions Russian National, Chinese Firm Aiding North Korean IT Workers
• 12:36 : Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions
• 12:36 : Generative AI: Boon or Bane? Unveiling Security Risks & Possibilities
• 12:36 : A Comprehensive Look at Twenty AI Assisted Coding Risks and Remedies
• 12:35 : Can Your Security Stack See ChatGPT? Why Network Visibility Matters
• 11:38 : New Research With PoC Explains Security Nightmares On Coding Using LLMs
• 11:38 : 15 Best Identity & Access Management Solutions (IAM) in 2025
• 11:37 : Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware
• 11:36 : Amazon disrupts watering hole campaign by Russia’s APT29
• 11:7 : Popular Nx Packages Compromised by Credential-Stealing Malware
• 11:6 : Baggage Tag Scam
• 11:6 : Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
• 11:6 : State-Sponsored Hackers Behind Majority of Vulnerability Exploits
• 11:5 : IT Security News Hourly Summary 2025-08-29 12h : 2 posts
• 10:40 : How attackers adapt to built-in macOS protection
• 10:39 : FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
• 10:38 : Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
• 10:19 : TransUnion Data Breach Compromises Over 4 Million Customers
• 10:19 : Microsoft Teams Abused in Cyberattack Delivering PowerShell-Based Remote Access Malware
• 10:18 : Simple prompt or agent workflow? How not to overthink AI
• 10:18 : Changing these 10 settings on my OnePlus phone gave it a big performance boost
• 10:18 : Google: Salesloft Drift breach hits all integrations
• 10:17 : TransUnion Hack Exposes 4M+ Customers Personal Information
• 10:16 : New Mac Malware Dubbed ‘JSCoreRunner’ Weaponizing PDF Conversion Site to Deliver Malware
• 10:14 : Nagios XSS Vulnerability Let Remote Attackers to Execute Arbitrary JavaScript
• 10:11 : How Adversary-In-The-Middle (AiTM) Attack Bypasses MFA and EDR?
• 10:10 : Cybercriminals Harness AI and Automation, Leaving Southeast Asia Exposed
• 10:9 : Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
• 10:9 : Safety-critical industries wary about using AI for cybersecurity
• 10:8 : NetScaler warns hackers are exploiting zero-day vulnerability
• 10:8 : US, allies warn China-linked actors still targeting critical infrastructure
• 10:7 : Federal, state officials investigating ransomware attack targeting Nevada
• 9:6 : DPRK Remote Work Tactics: Leveraging Code-Sharing Platforms
• 9:6 : I replaced my deadbolt with this Apple HomeKey smart lock – and it’s an iPhone user’s dream
• 8:42 : Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa
• 8:41 : Threat Actors Use Facebook Ads to Deliver Android Malware
• 8:40 : Do you really need smart home display hub? I tried one, and it made a big difference
• 8:40 : I’ve tested dozens of Lenovo laptops: Why this IdeaPad is my sleeper pick for most users
• 8:40 : Dutch intelligence warn that China-linked APT Salt Typhoon targeted local critical infrastructure
• 8:39 : Nx Packages With Millions of Weekly Downloads Hacked With Credential Stealer Malware
• 8:39 : Silver Fox APT Hackers Leveraging Vulnerable driver to Attack Windows 10 and 11 Systems by Evading EDR/AV
• 8:38 : Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
• 8:38 : TransUnion Data Breach Impacts 4.5 Million US Customers
• 8:5 : IT Security News Hourly Summary 2025-08-29 09h : 4 posts
• 7:35 : Mac Malware ‘JSCoreRunner’ Abuses Online PDF Tool to Spread
• 7:35 : Halo Security platform updates give teams better control over exposure data
• 7:35 : Malicious nx Packages, AI worker scam, Salt Typhoon attacks Netherlands
• 7:6 : New Mac Malware Dubbed “JSCoreRunner” Weaponizing PDF Conversion Site to Deliver Malware
• 7:5 : Changing these 7 settings on my Samsung phone improved its battery life by hours
• 7:5 : Why the wireless mic I recommend to content creators is made by a drone company
• 6:34 : Silver Fox Hackers Use Driver Vulnerability to Evade Security on Windows Systems
• 6:34 : Hackers Exploit Microsoft Teams, Posing as IT Help Desk for Screen Sharing and Remote Access
• 6:33 : Zipline Phishing, Google Urges Password Resets, and AI-Driven Threats: Cybersecurity Today
• 6:4 : Help Wanted: Dark Web Job Recruitment is Up
• 6:4 : New framework aims to outsmart malware evasion tricks
• 6:3 : TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies
• 5:35 : Organized and Criminal, Ransomware Gangs Run Up Profits
• 5:35 : AI isn’t taking over the world, but here’s what you should worry about
• 5:34 : Finding connection and resilience as a CISO
• 5:4 : Threat Actors Breach High Value Targets like Google in Salesforce Attacks – What Organizations Need to Know
• 5:4 : AI can’t deliver without trusted, well-governed information
• 4:5 : Infosec products of the month: August 2025
• 3:3 : Weaponized ScreenConnect RMM Tool Tricks Users into Downloading Xworm RAT
• 2:5 : IT Security News Hourly Summary 2025-08-29 03h : 1 posts
• 2:3 : ISC Stormcast For Friday, August 29th, 2025 https://isc.sans.edu/podcastdetail/9592, (Fri, Aug 29th)
• 2:2 : RedExt – Browser Extension-Based C2 Framework for Red Team Recon
• 1:33 : News alert: Halo Security’s custom dashboards give security teams control while streamlining workflows
• 0:33 : FBI cyber cop: Salt Typhoon pwned ‘nearly every American’
• 0:4 : BSidesSF 2025: Trust Engineering: Building Security Leadership At Early-Stage Startups
• 23:5 : IT Security News Hourly Summary 2025-08-29 00h : 3 posts
• 22:34 : Securing the AI Before Times
• 22:34 : Use scalable controls to help prevent access from unexpected networks
• 22:15 : Nous Research drops Hermes 4 AI models that outperform ChatGPT without content restrictions
• 22:14 : Best Labor Day laptop deals 2025: Sales on Apple, Dell, Lenovo, and more
• 22:13 : Google launches Pixel Care+ device protection with unlimited claims – is your device eligible?
• 22:12 : OpenAI increases ChatGPT user protections following wrongful death lawsuit
• 22:10 : Samsung offers enticing preorder deal for new Galaxy tablets ahead of September Unpacked
• 22:8 : I took this 360-degree camera around the world – why it’s still the most versatile gear I own
• 22:7 : Anthropic Warns of AI-Powered Cybercrime in New Threat Report
• 22:5 : El 60 % fracasa. ¿También usted?