IT Security News Daily Summary 2025-09-29

143 posts were published in the last hour

• 21:32 : Security Breaches Found in AI-Powered Repair Tool Wondershare RepairIt
• 21:32 : Dynamic DNS Abuse Helps Threat Actors Evade Detection and Persist
• 21:2 : UK grants £1.5B loan to Jaguar Land Rover after cyberattack
• 21:2 : Asahi runs dry as online attackers take down Japanese brewer
• 21:2 : One line of malicious npm code led to massive Postmark email heist
• 20:32 : Apple Patches Single Vulnerability CVE-2025-43400, (Mon, Sep 29th)
• 20:32 : CISA Adds Five Known Exploited Vulnerabilities to Catalog
• 20:32 : CISA Strengthens Commitment to SLTT Governments
• 20:5 : IT Security News Hourly Summary 2025-09-29 21h : 4 posts
• 20:2 : Vulnerability Summary for the Week of September 22, 2025
• 19:32 : Isolate Your Database: VPC for Managed Databases Is Available Now
• 19:32 : 5 Manual Testing Techniques Every Tester Should Know
• 19:32 : Build secure network architectures for generative AI applications using AWS services
• 19:4 : Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400), (Mon, Sep 29th)
• 19:4 : Millions at Risk From Notepad++ DLL Hijacking Vulnerability
• 19:4 : ‘Aggressive’ Akira Ransomware Blitz Clubs SonicWall 2FA to DEATH
• 18:32 : Microsoft Sniffs Out AI-Based Phishing Campaign Using Its AI-Based Tools
• 18:2 : Dutch Teens Arrested Over Alleged Spying for Pro-Russian Hackers
• 17:32 : New Harrods Data Breach Exposes 430,000 Customer Personal Records
• 17:32 : Hackers Trick Users to Download Weaponized Microsoft Teams to Gain Remote Access
• 17:5 : IT Security News Hourly Summary 2025-09-29 18h : 9 posts
• 17:2 : DHS and CISA Announce Cybersecurity Awareness Month 2025
• 17:2 : EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
• 16:3 : Harrods Data Breach: 430,000 Customer Records Stolen Via Third-Party Attack
• 16:2 : Understanding the OWASP AI Maturity Assessment
• 16:2 : Amazon pays $2.5B settlement over deceptive Prime subscriptions
• 16:2 : Akira ransomware: From SonicWall VPN login to encryption in under four hours
• 16:2 : AI-Generated Code Used in Phishing Campaign Blocked by Microsoft
• 16:2 : Dutch Authorities Arrest Teens in Foreign Interference Case
• 16:2 : Jaguar Land Rover to resume some manufacturing within days
• 16:2 : CISA to furlough 65% of staff if government shuts down this week
• 15:33 : Retail Cyberattacks Surge as Service Desks Become Prime Targets
• 15:3 : From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion
• 15:3 : Inside the Mind of a Threat Actor: What CISOs Must Learn Before the Next Breach
• 15:3 : 6 Best Enterprise Antivirus Software Choices
• 15:3 : 8 Best Enterprise Password Managers
• 15:3 : New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing
• 15:3 : JLR Confirms Phased Restart of Operations Following Cyber Attack
• 15:3 : New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
• 15:3 : SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files
• 15:3 : New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others
• 15:3 : Sex offenders, terrorists, drug dealers, exposed in spyware breach
• 15:3 : UK may already be at war with Russia, ex-MI5 head suggests
• 14:34 : New Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and Credentials
• 14:34 : CISA and UK NCSC Release Joint Guidance for Securing OT Systems
• 14:34 : ISHIR: Big Enough to Scale, Small Enough to Care
• 14:34 : Cybersecurity Alert Overload is a CEO’s Problem; Here’s How to Fix It
• 14:34 : CMMC Compliance: What Your Need to Know Ahead of November 10
• 14:34 : African Authorities Arrest 260 Suspects in Romance, Sextortion Scams
• 14:5 : IT Security News Hourly Summary 2025-09-29 15h : 11 posts
• 14:2 : UK government bails out Jaguar Land Rover with £1.5B loan after hack disrupts vehicle production for weeks
• 14:2 : Harrods alerts customers to new data breach linked to third-party provider
• 14:2 : Shai-Hulud Worm Strikes: Self-Replicating Malware Infects Hundreds of NPM Packages
• 14:2 : National Cyber Authorities Launch OT Security Guidance
• 13:32 : Jaguar Land Rover Confirms Gradual Restart of Operations Post-Cyberattack
• 13:32 : New ModStealer Evade Antivirus Detection to Attack macOS Users and Steal Sensitive Data
• 13:32 : Threat Actors Weaponizing Facebook and Google Ads as Financial Platforms to Steal Sensitive Data
• 13:32 : Data Is a Dish Best Served Fresh: “In the Wild” Versus Active Exploitation
• 13:4 : New TamperedChef Malware Exploits Productivity Tools to Access and Exfiltrate Sensitive Data
• 13:4 : NowSecure Privacy helps organizations protect mobile apps from data leaks
• 13:4 : ⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More
• 13:4 : Akira Ransomware Beats SonicWall VPN MFA
• 13:4 : DataCenter Fire Shuts South Korea Sites
• 13:4 : Ransomware Hits Ohio Union County
• 13:4 : Medusa Ransomware Hits Comcast Data
• 13:4 : MacOS XCSSET Variant Hits Firefox
• 12:32 : Acreed Infostealer Gaining Popularity Among Cybercriminals for C2 via Steam Platform
• 12:32 : WhatsApp 0-Click Flaw Abused via Malicious DNG Image File
• 12:32 : The State of AI in the SOC 2025 – Insights from Recent Study
• 12:2 : DarkCloud Infostealer Relaunched to Grab Credentials, Crypto and Contacts
• 12:2 : Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
• 11:32 : How to Use a Password Manager to Share Your Logins After You Die (2025)
• 11:32 : SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account
• 11:32 : WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File
• 11:32 : UK minister suggests government could ditch ‘dangerous’ Elon Musk’s X
• 11:32 : How Users Can Identify Spying on Their Wi-Fi Network
• 11:32 : SpamGPT: AI-Powered Phishing Tool Puts Cybersecurity at Risk
• 11:5 : IT Security News Hourly Summary 2025-09-29 12h : 4 posts
• 11:2 : Akira Ransomware bypasses MFA on SonicWall VPNs
• 11:2 : Harrods blames its supplier after crims steal 430k customers’ data in fresh attack
• 11:2 : Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention
• 10:32 : SafeHill Emerges from Stealth With $2.6 Million Pre-Seed Funding
• 10:32 : Two-Thirds of Organizations Have Unfilled Cybersecurity Positions
• 10:7 : New Olymp Loader Malware-as-a-Service Promises Defender Bypass with Auto Certificate Signing
• 10:6 : Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say
• 10:6 : Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild
• 10:6 : Jaguar Land Rover gets £1.5B government jump-start after cyber breakdown
• 10:6 : Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues
• 10:6 : Dutch Teens Arrested for Allegedly Helping Russian Hackers
• 10:6 : First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package
• 10:6 : Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
• 9:32 : Critical Security Flaw in MyCourts: What Tennis Clubs Need to Know
• 9:32 : Digital ID, same place, different time: In this timeline, the result might surprise us
• 9:32 : The Security Maginot Line: Fighting Tomorrow’s Cyber Attacks With Yesterday’s Tech
• 9:32 : SonicWall SSL VPN Attacks Escalate, Bypassing MFA
• 9:2 : Agentic AI and the Looming Board-Level Security Crisis
• 9:2 : Harrods Reveals Supply Chain Breach Impacting Online Customers
• 8:32 : Cybercriminals Exploit Facebook and Google Ads as Tools for Stealing Sensitive Data
• 8:32 : Formbricks Signature Verification Flaw Lets Attackers Reset User Passwords
• 8:32 : Hackers Weaponizing SVG Files to Deliver PureMiner Malware and Steal Sensitive Information
• 8:32 : Windows Heap Exploitation Vulnerability With Record’s Size Field Leads to Arbitrary R/W
• 8:32 : Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization
• 8:32 : Submarine cable security is all at sea, and UK govt ‘too timid’ to act, says report
• 8:5 : IT Security News Hourly Summary 2025-09-29 09h : 6 posts
• 8:2 : Criminals Publish Child Data After Nursery Hack
• 8:2 : Meta To Offer Ad-Free Facebook, Instagram In UK
• 8:2 : Silicon UK In Focus Podcast: The Future of FinTech
• 8:2 : Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks
• 7:32 : New ModStealer Evades Antivirus, Targets macOS Users to Steal Sensitive Data
• 7:32 : SUSE Rancher Flaws Allow Attackers to Lock Out Admin Accounts
• 7:32 : A week in security (September 22 – September 28)
• 7:32 : When AI is trained for treachery, it becomes the perfect agent
• 7:32 : Dutch espionage arrest, DOD risk management framework, Oyster malvertising
• 7:2 : Who are the Scattered Lapsus$ Hunters and are they going away?
• 7:2 : Two Dutch Teenagers Arrested for Wi-Fi Sniffing Activities
• 7:2 : Threat Actors Leveraging Dynamic DNS Providers to Use for Malicious Purposes
• 6:32 : SVG Files Abused to Deploy PureMiner Malware and Exfiltrate Data
• 6:32 : SMS Pools and what the US Secret Service Really Found Around New York
• 6:32 : How attackers poison AI tools and defenses
• 6:3 : ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution
• 6:3 : Threat Actors Exploiting Dynamic DNS Providers for Malicious Activity
• 6:3 : Dutch teens arrested for spying on behalf of pro-Russian hackers
• 6:3 : DataCenter Fire Takes 600+ South Korean Government Websites Offline
• 6:2 : Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code
• 6:2 : Firezone: Open-source platform to securely manage remote access
• 5:32 : Notepad++ DLL Hijack Flaw Lets Attackers Run Malicious Code
• 5:32 : Lockbit Is Back
• 5:5 : IT Security News Hourly Summary 2025-09-29 06h : 2 posts
• 5:2 : Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass
• 5:2 : Cybersecurity leaders underreport cyber incidents to executives
• 5:2 : The CISO’s guide to stronger board communication
• 4:32 : Feel Secure: Advanced Techniques in Secrets Vaulting
• 4:32 : Adapting Your Security Strategy for Hybrid Cloud Environments
• 4:32 : Continuous Improvement in Secrets Management
• 4:2 : Top 10 fastest growing ICT jobs
• 3:32 : Trump demands Microsoft fire its head of global affairs
• 2:32 : ISC Stormcast For Monday, September 29th, 2025 https://isc.sans.edu/podcastdetail/9632, (Mon, Sep 29th)
• 1:32 : Dutch teen duo arrested over alleged ‘Wi-Fi sniffing’ for Russia
• 0:2 : Medusa Ransomware Claims Comcast Data Breach, Demands $1.2M
• 23:32 : Datacenter fire takes 647 South Korean government services offline
• 23:5 : IT Security News Hourly Summary 2025-09-29 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 39
• 22:55 : IT Security News Daily Summary 2025-09-28