IT Security News Daily Summary 2025-09-04

194 posts were published in the last hour

• 21:33 : Cyber Trust Mark certification and how IoT devices qualify
• 21:4 : Free ChatGPT users just got a powerful Project upgrade to better organize their chats
• 21:4 : Samsung unveils 8TB Samsung 9100 Pro SSD – and the heatsink will cost you extra!
• 21:4 : China-aligned crew poisons Windows servers to manipulate Google results
• 21:3 : BSidesSF 2025: The Power Of Persuasion: Better Security Through… Manipulation?
• 21:3 : How Financial Services Can Use Agentic Identity to Stop Fraud and Streamline Loan Approvals
• 21:3 : RetailThe AI Shopping Concierge — How Retailers Can Safely Orchestrate Identity Across Agentic Workflows
• 21:2 : Airline Disruption Recovery — How Agentic Identity Keeps Travel on Track
• 20:33 : Model Namespace Reuse Flaw Hijacks AI Models on Google and Microsoft Platforms
• 20:33 : MS-BASIC 1.1 introduced programming to a generation – now you can download it for free
• 20:32 : Google’s new Androidify app turns you into an adorable green robot – try it for free
• 20:5 : Roborock’s new weed-killing robot mowers will save your back (and time)
• 20:5 : IT Security News Hourly Summary 2025-09-04 21h : 12 posts
• 20:4 : US Congressman’s Brother Lands No-Bid Contract to Train DHS Snipers
• 20:4 : $10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure
• 20:4 : Sandboxed to Compromised: New Research Exposes Credential Exfiltration Paths in AWS Code Interpreters
• 19:34 : An MDR Analysis of the AMOS Stealer Campaign Targeting macOS via ‘Cracked’ Apps
• 19:33 : The fastest growing AI chatbot lately? It’s not ChatGPT or Gemini
• 19:33 : Is this the most promising Chromebook yet? This Acer has specs that almost rival my MacBook
• 19:33 : Google’s new Androidify app turns you into an adorable Android bot – try it for free
• 19:33 : 5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
• 19:33 : Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
• 19:32 : Chess.com Data Breach – Hackers Breached External System and Gained Internal Access
• 19:32 : Innovator Spotlight: SwissBit
• 19:3 : Philips Hue Bridge Pro just made it easy to add motion sensing to your old smart lights
• 19:3 : Got AI skills? You can earn 43% more in your next job – and not just for tech work
• 19:3 : Seriously, Acer’s new 16-inch featherweight laptop makes the MacBook Air seem heavy
• 19:3 : Finally, a smartwatch for fishing enthusiasts – my verdict after taking it on the river
• 19:3 : Innovator Spotlight: 360 Privacy
• 18:32 : Use free ChatGPT? You just got a powerful projects upgrade once exclusive to paid users
• 18:32 : Copilot, Gemini, and ChatGPT use surge, but one AI tool is outshining the rest
• 18:32 : New Phishing Tactic Targets PayPal’s 434M Users
• 18:32 : CISA Adds Three Known Exploited Vulnerabilities to Catalog
• 18:32 : GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
• 18:32 : Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries
• 18:5 : From summer camp to grind season
• 18:4 : CI/CD in the Age of Supply Chain Attacks: How to Secure Every Commit
• 18:4 : The most impressive piece of tech hardware I’ve tested in 2025
• 18:4 : Anker’s coin-size AI recorder can transcribe and summarize your meetings – in one click
• 18:4 : Innovator Spotlight: Harness
• 18:4 : The Developer’s Hippocratic Oath in the Age of AI
• 17:33 : Iran-Nexus Hackers Impersonate Omani MFA to Target Governments Entities
• 17:33 : This Amazon Lens upgrade lets you scan a product IRL and find it online in one click
• 17:33 : Perplexity’s $200 AI browser is free for students now – with more discounts to keep using it
• 17:32 : Bridgestone Confirms Cyberattack Impacts Manufacturing Facilities
• 17:32 : Tycoon Phishing Kit Employs New Technique to Hide Malicious Links
• 17:32 : BSidesSF 2025: BSidesSF 2025 – Light In The Labyrinth: Breach Path Analysis For Anyone
• 17:5 : IT Security News Hourly Summary 2025-09-04 18h : 11 posts
• 17:3 : Honeywell OneWireless Wireless Device Manager (WDM)
• 17:3 : CISA Releases Five Industrial Control Systems Advisories
• 16:33 : Wordfence Intelligence Weekly WordPress Vulnerability Report (August 25, 2025 to August 31, 2025)
• 16:33 : Predators for Hire: A Global Overview of Commercial Surveillance Vendors
• 16:33 : LinkedIn is cracking down on fake recruiters and executive impersonators – here’s how
• 16:33 : Learn about confidential clusters
• 16:32 : Security beyond the model: Introducing AI system cards
• 16:32 : Generative AI in Social Engineering & Phishing in 2025
• 16:32 : Experts Advise Homeowners on Effective Wi-Fi Protection
• 16:32 : Salesloft Integration Breach Exposes Salesforce Customer Data
• 16:3 : Samsung’s Fold 7 finally made me a believer in foldable phones – 3 reasons why
• 16:3 : North Korean Hackers Exploit Threat Intel Platforms For Phishing
• 16:3 : GhostRedirector Emerges as New China-Aligned Threat Actor
• 16:3 : Researchers warn of zero-day vulnerability in SiteCore products
• 15:33 : Bridgestone Confirms Cyberattack Impacts Manufacturing Facilities Across North America
• 15:33 : This PowerToys update just ended Windows hotkey conflicts for good – and more
• 15:33 : 3 money-saving tricks I use every time I shop online – and you should too
• 15:33 : How Anthropic’s enterprise dominance fueled its monster $183B valuation
• 15:33 : Apple’s iPhone 17 event is less than a week away. Here’s how to watch (and what to expect)
• 15:33 : NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data
• 15:32 : Apple Seeks Researchers for 2026 iPhone Security Program
• 14:37 : My favorite Linux distro just got even better with Linux Mint 22.2 ‘Zara’ – what’s new
• 14:36 : Cybercriminals ‘Grok’ Their Way Past X’s Defenses to Spread Malware
• 14:35 : Why the Principle of Least Privilege Is Critical for Non-Human Identities
• 14:34 : CISOs fear material losses amid rising cyberattacks
• 14:34 : Google Messages Adds QR Code Verification to Prevent Impersonation Scams
• 14:33 : Spotify Launches In-App Messaging for Private Music, Podcast, and Audiobook Sharing
• 14:24 : ISC Stormcast For Thursday, September 4th, 2025 https://isc.sans.edu/podcastdetail/9598, (Thu, Sep 4th)
• 14:23 : NoisyBear Exploits ZIP Files for PowerShell Loaders and Data Exfiltration
• 14:23 : This new Spotify feature almost made me ditch Apple Music – but iOS 26 changed my mind
• 14:21 : LinkedIn’s new tools just made it tougher to pad your resume
• 14:20 : Adobe Premiere’s new iPhone app lets you edit videos on the go – and it’s totally free
• 14:15 : Ecovacs’ new robot vacuum never runs out of power – and that’s not even the best part
• 14:12 : 7 features the iPhone 17 needs – and yes, it starts with AI
• 14:11 : Roblox introduces age checks to use communication features
• 14:10 : NYU Scientists Develop, ESET Detects First AI-Powered Ransomware
• 14:10 : CyberFlex: Flexible Pen testing as a Service with EASM
• 14:9 : Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
• 13:44 : New Malware Uses Windows Character Map for Cryptomining
• 13:43 : GhostRedirector Hackers Target Windows Servers Using Malicious IIS Module
• 13:41 : Resilient by Design: Network Security for the Next Disruption
• 13:40 : I tried the Samsung Galaxy S25 FE, and it got big upgrades in several ways
• 13:39 : Adobe Premiere finally launches a mobile app – and it’s free
• 13:37 : Give your PC a fresh start: New free tools to boost your PC’s speed, security, and peace of mind
• 13:37 : AI Supply Chain Attack Method Demonstrated Against Google, Microsoft Products
• 13:36 : How the newest ISAC aims to help food and agriculture firms thwart cyberattacks
• 13:9 : Safeguarding the Code That Drives Modern Vehicles
• 13:8 : Uncovering a Colombian Malware Campaign with AI Code Analysis
• 13:6 : LinkedIn expands company verification, mandates workplace checks for certain roles
• 12:41 : Sendmarc appoints Rob Bowker as North American Region Lead
• 12:40 : PayPal and Venmo users get free year of Perplexity Pro and Comet AI browser
• 12:39 : Hackers Leverage X’s Grok AI To Amplify Malicious Links Via Promoted Posts
• 12:39 : Enterprises sticking with Windows 10 could shell out billions for continued support
• 12:38 : US Offers $10 Million for Three Russian Energy Firm Hackers
• 12:36 : CMS Provider Sitecore Patches Exploited Critical Zero Day
• 12:9 : Scattered Lapsus$ Hunters Demand Google Fire Security Experts or Face Data Leak
• 12:8 : Prisma SASE 4.0: Powering the AI-Ready Enterprise
• 12:7 : Sola Security Raises $35M to Bring No-Code App Building to Cybersecurity Teams
• 12:5 : Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)
• 12:4 : Scattered Spider-Linked Group Claims JLR Cyber-Attack
• 11:45 : CISA Adds TP-Link Wi-Fi and WhatsApp Spyware Flaws to KEV List
• 11:44 : Microsoft Confirms UAC Bug Disrupts App Installation on Windows 10 & 11
• 11:42 : Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access
• 11:41 : Visa’s AI-enhanced payment options will be coming to more apps soon, thanks to new MCP support
• 11:40 : Build Practical Cyber Defense Skills with This 5-Course Bundle
• 11:40 : Severe Hikvision HikCentral product flaws: What You Need to Know
• 11:39 : Generative AI as a Cybercrime Assistant
• 11:39 : Discover the Power of Usenet for Global Access and Privacy
• 11:39 : TP-Link warns of botnet infecting routers and targeting Microsoft 365 accounts
• 11:39 : US, Allies Push for SBOMs to Bolster Cybersecurity
• 11:38 : Reflecting on Wallarm’s Journey: Growth, Resilience, and What Comes Next
• 11:38 : CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited
• 11:37 : Google Fined $379 Million by French Regulator for Cookie Consent Violations
• 11:35 : Simple Steps for Attack Surface Reduction
• 11:33 : Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
• 11:5 : IT Security News Hourly Summary 2025-09-04 12h : 2 posts
• 10:44 : Django Critical Vulnerability Let attackers Execute Malicious SQL Code on Web Servers
• 10:42 : Threat Actors Using Stealerium Malware to Attack Educational Organizations
• 10:41 : Microsoft Confirms UAC Bug Breaks App Install On Windows 11 And 10 Versions
• 10:40 : Google Services Down For Most Of The Users In US, Turkey And Eastern Europe
• 10:39 : Popular Android VPN apps found to have security flaws and China links
• 10:39 : Why Compliance-First Cybersecurity Programs Fail (And What Actually Works)
• 10:16 : Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
• 10:15 : Finally, the official Instagram app for iPad has arrived – here’s what’s new
• 10:14 : Linux Mint 22.2 delivers fresh features and polish for everyday Linux users – and longtime fans
• 10:12 : Samsung just launched new flagship Galaxy tablets – and quietly removed this model
• 10:11 : Ready to ditch Windows 10? I debunked 7 Linux myths so you can switch with confidence
• 10:10 : My favorite cordless screwdriver of all time can handle any task for me (and it’s on sale)
• 10:9 : Is a Recent Windows Update Responsible for SSD Failures? Microsoft Has an Answer
• 10:8 : Sainsbury’s eyes up shoplifters with live facial recognition
• 10:7 : Hackers Exploit Sitecore Zero-Day for Malware Delivery
• 10:6 : Wytec Expects Significant Financial Loss Following Website Hack
• 10:5 : New threat group uses custom tools to hijack search results
• 10:5 : Healthcare Sector Takes 58 Days to Resolve Serious Vulnerabilities
• 10:4 : Threat Actors Abuse Hexstrike-AI Tool to Accelerate Exploitation
• 8:36 : Chinese APT Groups Exploit Router Flaws to Breach Enterprises
• 8:35 : Django Web Vulnerability Allows Attackers to Execute SQL Injection
• 8:34 : US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits
• 8:33 : Incogni vs. DeleteMe: I compared the two best data removal services, and there’s a clear winner
• 8:5 : My 5 simple tricks to extend iPhone battery life when traveling (including older models)
• 8:5 : Save $50 on the OnePlus Pad 3 and get a free stylus pen – here’s the deal
• 8:5 : IT Security News Hourly Summary 2025-09-04 09h : 3 posts
• 8:4 : My favorite E Ink tablet just got an ultraportable successor – with upgrades in several ways
• 8:4 : U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog
• 8:3 : Two Exploited Vulnerabilities Patched in Android
• 7:36 : Extensive IPTV Network Spanning 1,000+ Domains and 10,000+ IP Addresses
• 7:35 : I found a $170 mobile gimbal that rivals my DJI – and it’s easy to set up
• 7:35 : XWorm Malware With New Infection Chain Evade Detection Exploiting User and System Trust
• 7:34 : Threat Actors Attack PayPal Users in New Account Profile Set up Scam
• 7:34 : Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments
• 7:33 : Massive IPTV Hosted Across More Than 1,000 Domains and Over 10,000 IP Addresses
• 7:33 : Fintech foils bank heist, NotDoor backdoor, Salesloft-Drift impact continues drifting
• 7:15 : Google Keeps Chrome Browser Under Search Monopoly Ruling
• 7:14 : TLS Certificate Mis-Issuance Exposes 1.1.1.1 DNS Service to Exploitation
• 7:14 : New Scam Targets PayPal Users During Account Profile Setup
• 7:13 : Hackers Exploit X’s Grok AI to Push Malicious Links Through Ads
• 7:13 : Google Alerts to Active Exploitation of Sitecore Zero-Day Flaw
• 7:12 : Report: 70% of iPhone users considering an upgrade to iPhone 17 – and it’s not AI related
• 7:11 : Apache DolphinScheduler Default Permissions Vulnerability Fixed – Update Now
• 7:11 : New Dire Wolf Ransomware Attack Windows Systems, Deletes Event Logs and Backup-Related Data
• 7:9 : 1,100 Ollama AI Servers Exposed to Internet With 20% of Them are Vulnerable
• 7:9 : Mis-issued TLS Certificates for 1.1.1.1 DNS Service Enable Attackers to Decrypt Traffic
• 7:7 : New Namespace Reuse Vulnerability Allows Remote Code Execution in Microsoft Azure AI, Google Vertex AI, and Hugging Face
• 7:5 : France fines Google, SHEIN, for undercooked Cookie policies that led to crummy privacy
• 6:37 : H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6507)
• 6:34 : Cloudflare Fends Off A Record Breaking 11.5 Tbps DDoS Attack
• 5:34 : XWorm Malware Adopts New Infection Chain to Bypass Security Detection
• 5:33 : New ‘NotDoor’ Malware Targets Outlook Users for Data Theft and System Compromise
• 5:33 : Cutting through CVE noise with real-world threat signals
• 5:32 : Cato Networks acquires Aim Security to bring AI protection into SASE Cloud
• 5:3 : Attackers are turning Salesforce trust into their biggest weapon
• 4:33 : DDoS attacks serve as instruments of political influence and disruption
• 2:37 : This handy Apple Intelligence feature saves me over $200 a year
• 2:36 : How to decide between Linux and MacOS – if you’re ready to ditch Windows
• 2:3 : US puts $10M bounty on three Russians accused of attacking critical infrastructure
• 2:3 : Tidal Cyber Raises $10 Million for CTI and Adversary Behavior Platform
• 1:37 : Congressional panel throws cyber threat intel-sharing, funding a lifeline
• 1:6 : OnePlus will give you a $300 smartwatch for free right now – here’s how to qualify
• 23:8 : Are Your NHIs Fully Protected from Cyber Threats?
• 23:6 : Ensuring Compliance and feeling reassured in the Cloud
• 23:5 : IT Security News Hourly Summary 2025-09-04 00h : 7 posts
• 22:35 : ‘Unprecedented Growth’ by Anthropic: This AI Startup is Now Valued at $183B
• 22:35 : Innovator Spotlight: Whalebone
• 22:34 : Android drops mega patch bomb – 120 fixes, two already exploited
• 22:6 : Jaguar Land Rover Cyberattack Disrupts Production and Sales Operations
• 22:6 : Update your Android! Google patches 111 vulnerabilities, 2 are critical