IT Security News Daily Summary 2025-09-15

162 posts were published in the last hour

• 21:5 : China-Linked AI Pentest Tool ‘Villager’ Raises Concern After 10K Downloads
• 21:5 : Company that owns Gucci, Balenciaga, other brands confirms hack
• 21:4 : DEF CON 33: Ch0wn35
• 20:14 : Harvard’s new free AI tool could help treat Parkinson’s, Alzheimer’s, and even cancer
• 20:13 : Facebook’s settlement payments are on the way – here’s how much you can expect
• 20:12 : Supporting Rowhammer research to protect the DRAM ecosystem
• 20:11 : Careless engineer stored recovery codes in plaintext, got whole org pwned
• 20:10 : Navigating Amazon GuardDuty protection plans and Extended Threat Detection
• 19:15 : Apple Updates Everything – iOS/macOS 26 Edition, (Mon, Sep 15th)
• 19:14 : How AI and Machine Learning Are Shaping the Fight Against Ransomware
• 19:14 : Amazon hints at new hardware coming on September 30 – here are my predictions
• 19:13 : Finally, a convertible laptop I’d actually use as a tablet (especially with that OLED display)
• 19:13 : How people actually use ChatGPT vs Claude – and what the differences tell us
• 19:13 : Russia Tests Hypersonic Missile at NATO’s Doorstep—and Shares the Video
• 19:12 : Fairmont Federal Credit Union 2023 data breach impacted 187K people
• 19:11 : Pro-Russian Hackers Attacking Key Industries in Major Countries Around The World
• 19:10 : Threat Actors Leverage Several RMM Tools in Phishing Attack to Maintain Remote Access
• 19:9 : Sidewinder APT Hackers Leverage Nepal Protests to Push Mobile and Windows Malware
• 19:9 : Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle
• 19:8 : 689,000 Affected by Insider Breach at FinWise Bank
• 19:6 : Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
• 17:43 : You can update your iPhone to iOS 26 right now (here’s which models support it)
• 17:42 : Downloading iOS 26? Do these 6 things on your iPhone first (and thank me later)
• 17:42 : Crowdstrike and Meta just made evaluating AI security tools easier
• 17:41 : iOS 26 is now live – here’s how to download it (and which iPhones support it)
• 17:41 : Israel announces seizure of $1.5M from crypto wallets tied to Iran
• 17:40 : Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
• 17:40 : Nx “s1ngularity” Supply Chain Attack Exposes Thousands of Secrets
• 17:39 : Great Firewall of China Compromised in Historic 600GB Data Exposure
• 17:38 : Smart Meters: A Growing Target in Data Security
• 16:55 : Attackers Actively Exploiting Critical Vulnerability in Case Theme User Plugin
• 16:53 : North Korea’s Kimsuky Group Uses AI-Generated Military IDs in New Attack
• 16:51 : Garak – LLM Vulnerability Scanner For AI Red-teaming
• 16:46 : Unplugging these 7 household devices saved me $200 a year in electricity
• 16:44 : Android UI finally beats iOS in the looks department – and I’m stunned
• 16:43 : Spotify’s free tier just got a major upgrade – here’s what’s new
• 16:41 : Windows 11 lets you run a network speed test right from the taskbar now – how to try it
• 16:40 : Skip Geo-Blocks, Not Security with This Lifetime $50 DNS & VPN
• 16:39 : Phishing campaign targets Rust developers
• 16:25 : Phishing Campaigns Exploit RMM Tools to Sustain Remote Access
• 16:24 : Sidewinder Hackers Weaponize Nepal Protests to Spread Cross-Platform Malware
• 16:21 : Check Point Named a Leader in the 2025 IDC MarketScape Report for Worldwide Enterprise Hybrid Firewalls.
• 16:20 : Want the Pixel 10 Pro? I recommend buying these 5 phones instead – here’s why
• 16:16 : Burger King Uses DMCA Complaint to Take Down Blog Post Detailing Security Flaws on Drive-Thru Systems
• 16:14 : Microsoft Fixes Windows 11 24H2 Audio Issue that Stops Bluetooth Headsets and Speakers Working
• 16:12 : Securing Linux Systems in the Age of AI: Unified Security Strategies for Modern Enterprises
• 16:11 : Security begins with visibility: How IGA brings hidden access risks to light
• 16:10 : Silent Push Raises $10 Million for Threat Intelligence Platform
• 16:9 : DEF CON 33: DEFCON AIxCC Lacrosse Team
• 16:8 : SEO Poisoning Targets Chinese Users with Fake Software Sites
• 16:8 : HybridPetya Mimics NotPetya, Adds UEFI Compromise
• 16:7 : CISA audit sparks debate about cybersecurity pay incentives
• 14:47 : Cisco Patched Multiple IOS XR Vulnerabilities
• 14:46 : Apple Watch SE 3 vs. Watch SE 2: I compared the two models, and there’s a clear winner
• 14:45 : Sorry, ChatGPT – Gemini is the new top free iPhone app now
• 14:45 : Notorious Cyber Gang Vanishes, Leaves Behind Chilling Trail
• 14:44 : By popular demand: 10 extra exhibit tables open at TechCrunch Disrupt 2025
• 14:44 : BlackNevas Ransomware Encrypts Files and Steals Sensitive Data From Affected Companies
• 14:43 : Terra Security Raises $30 Million for AI Penetration Testing Platform
• 14:40 : Checkmarx Surfaces Lies-in-the-Middle Attack to Compromise AI Tools
• 14:39 : SVG Phishing Campaign Bypasses Antivirus, Targets Colombian Judiciary
• 14:38 : Czechia Warns of Chinese Data Transfers and Espionage Risks to Critical Infrastructure
• 14:38 : SecurityScorecard acquires HyperComply to automate vendor security reviews
• 14:37 : ⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
• 14:37 : 6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
• 14:5 : IT Security News Hourly Summary 2025-09-15 15h : 6 posts
• 13:12 : Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites
• 13:12 : Burger King Uses DMCA to Remove Blog Exposing Drive-Thru System Security Flaws
• 13:11 : iPhone Air vs. iPhone 17 Pro Max: I compared the two flagship models, and here’s the winner
• 13:10 : How to clear the cache on your Windows 11 PC (and why you shouldn’t wait to do it)
• 13:10 : These Halo smart glasses just got a major memory boost, thanks to Liquid AI
• 13:10 : PayPal Links lets you send and receive money much faster now – even crypto
• 13:10 : Snap’s next smart glasses get a major OS overhaul to rival Meta Ray-Bans
• 13:9 : Former FinWise employee may have accessed nearly 700K customer records
• 13:9 : What is a forensic image?
• 13:9 : Microsoft Confirms 900+ XSS Vulnerabilities Found in IT Services, Ranging from Low Impact to Zero-Click
• 13:9 : Top 10 Best Endpoint Protection Solutions For MSPs/MSSPs in 2025
• 13:8 : New SEO Poisoning Attacking Windows Users With Weaponized Software Sites
• 13:8 : New Red Teaming Tool “Red AI Range” Discovers, Analyze, and Mitigate AI Vulnerabilities
• 13:8 : Mustang Panda With SnakeDisk USB Worm and Toneshell Backdoor Seeking to Penetrate Air-Gap Systems
• 13:8 : Preparing for the EU’s DORA amidst Technical Controls Ambiguity
• 13:7 : Nork snoops whip up fake South Korean military ID with help from ChatGPT
• 13:7 : Akamai Identity Cloud Retirement — What’s Next for Your Identity and Access Management?
• 13:6 : AI-Forged Military IDs Used in North Korean Phishing Attack
• 12:5 : Red AI Range: Advanced AI Tool for Identifying and Mitigating Security Flaws
• 12:5 : Pro-Russian Hackers Target Critical Industries Across the Globe
• 12:5 : IBM QRadar SIEM Vulnerability Allows Unauthorized Actions by Attackers
• 12:5 : Ookla launches Wi-Fi Speedtest Certified program to help prove network quality
• 12:5 : Lawsuit About WhatsApp Security
• 12:5 : IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions
• 12:4 : Critical LangChainGo Vulnerability Let Attackers Access Sensitive Files by Injecting Malicious Prompts
• 12:4 : China turns the screws on Nvidia with antitrust probe
• 12:4 : FBI Shares IoCs for Recent Salesforce Intrusion Campaigns
• 12:4 : A Pocket Guide to Strategic Cyber Risk Prioritization
• 12:3 : Proofpoint launches agentic AI to detect risks in communication channels
• 11:9 : Microsoft Fixed 2 Zero-Days Amid 80+ Patches With September 2025 Patch Tuesday
• 11:8 : Signal App Introduces Secure Cloud Backup For Chats
• 11:8 : Hackers using generative AI “ChatGPT” to evade anti-virus defenses
• 11:7 : Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
• 11:6 : Great Firewall of China’s Sensitive Data of Over 500GB+ Leaked Online
• 11:4 : Jaguar Land Rover supply chain workers must get Covid-style support, says union
• 11:3 : Google Launched Behind-the-Scenes Campaign Against California Privacy Legislation; It Passed Anyway
• 10:4 : Wireless Network Security: WEP, WPA, WPA2 & WPA3 Explained
• 10:4 : New Yurei Ransomware With PowerShell Commands Encrypts Files With ChaCha20 Algorithm
• 10:4 : DarkCloud Stealer Attacking Financial Companies With Weaponized RAR Attachments
• 10:4 : West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach
• 10:3 : Implementing Single Sign-on Solutions
• 10:3 : Hacker Deceives 18,000 Script Kiddies with Fake Malware Builder
• 10:3 : Panama and Vietnam Governments Suffer Cyber Attacks, Data Leaked
• 9:42 : Microsoft Avoids Fine As EU Accepts Teams Unbundling Deal
• 9:41 : Wikipedia Operator Will Not Appeal Online Safety Act Defeat
• 9:41 : FBI Releases IOCs on Cyber Threats Exploiting Salesforce for Data Theft
• 9:41 : LangChainGo Vulnerability Allows Malicious Prompt Injection to Access Sensitive Data
• 9:41 : BlackNevas Ransomware Encrypts Files, Exfiltrates Corporate Data
• 9:41 : ENISA Will Operate the EU Cybersecurity Reserve. What This Means for Managed Security Service Providers
• 9:40 : CISA at Risk After OIG Accuses it of Wasting Federal Funds
• 8:36 : Top 10 Best Ransomware Protection Solutions in 2025
• 8:35 : Samsung Patches Zero-Day Exploited Against Android Users
• 8:35 : Phishing Campaigns Drop RMM Tools for Remote Access
• 8:9 : AppSuite-PDF, PDF Editor Operators Exploited 26 Code-Signing Certificates to Fake Legitimacy
• 8:9 : Top 10 Best Ransomware Protection Companies in 2025
• 8:8 : UK Lords take aim at Ofcom’s ‘child-protection’ upgrades to Online Safety Act
• 8:7 : AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
• 7:41 : OpenAI, Microsoft Reach Preliminary Deal Over For-Profit Shift
• 7:40 : FTC Probes Amazon, Google Over Ad Practices
• 7:40 : Microsoft Warns Windows 11 23H2 Support Ending in 60 Days
• 7:39 : A week in security (September 8 – September 14)
• 7:39 : An Overview of Passwordless Authentication
• 7:38 : ShinyHunters hits Vietnam, Petya-NotPetya copycat appears, CISA wants CVE
• 7:15 : DarkCloud Stealer Targets Financial Firms via Weaponized RAR Files
• 7:13 : FlowiseAI Password Reset Token Vulnerability Allows Account Takeover
• 7:12 : New Research Reveals One-Third of Cloud Assets Harbor Easily Exploitable Vulnerabilities
• 6:39 : Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication
• 6:38 : Most enterprise AI use is invisible to security teams
• 6:38 : HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
• 6:38 : NPM Attack Leave Hackers Empty Handed: Cybersecurity Today with David Shipley
• 6:4 : Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption
• 6:4 : Over 500GB of Sensitive Great Firewall of China Data Leaked Online
• 6:3 : INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance
• 6:3 : UK ICO finds students behind majority of school data breaches
• 6:3 : Arkime: Open-source network analysis and packet capture system
• 5:34 : Top 10 Best Web Application Firewall (WAF) Solutions In 2025
• 5:34 : FlowiseAI Password Reset Token Vulnerability Enables Account Takeover
• 5:5 : Linux CUPS Flaw Allows Remote Denial of Service and Authentication Bypass
• 5:5 : VoidProxy PhaaS Targets Microsoft 365 and Google Accounts in New Campaign
• 5:5 : What could a secure 6G network look like?
• 5:5 : IT Security News Hourly Summary 2025-09-15 06h : 1 posts
• 4:34 : Why neglected assets are the hidden threat attackers love to find
• 4:4 : Static feeds leave intelligence teams reacting to irrelevant or late data
• 2:36 : ISC Stormcast For Monday, September 15th, 2025 https://isc.sans.edu/podcastdetail/9612, (Mon, Sep 15th)
• 2:36 : Cyber-scam camp operators shift operations to vulnerable countries as sanctions strike
• 2:5 : IT Security News Hourly Summary 2025-09-15 03h : 1 posts
• 1:36 : pyLDAPGui – How It was Born
• 1:35 : Relax With Advanced Non-Human Identity Protections
• 1:34 : Achieve Independence in NHI and Secrets Management
• 1:5 : Beyond Buzzwords: The Real Impact of AI on Identity Security
• 1:4 : Beyond the Firewall: Protecting Your Marketing Department from Cyber Threats and Safeguarding Digital Assets
• 0:2 : 15 ransomware gangs ‘go dark’ to enjoy ‘golden parachutes’
• 23:5 : IT Security News Hourly Summary 2025-09-15 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 37
• 22:55 : IT Security News Daily Summary 2025-09-14
• 22:35 : Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks