IT Security News Daily Summary 2025-10-13

126 posts were published in the last hour

• 21:2 : How to Manage and Minimize Your CMMC Certification Cost Effectively
• 20:5 : IT Security News Hourly Summary 2025-10-13 21h : 2 posts
• 19:32 : Critical Oracle EBS Flaw Could Expose Sensitive Data
• 19:32 : Customer payment data stolen in Unity Technologies’s SpeedTree website compromise
• 19:2 : SonicWall Breach Sparks Surge in SSLVPN Attacks
• 18:32 : JPMorgan to Invest up to $10 Billion in US Companies with Crucial Ties to National Security
• 18:2 : North Korean Hackers Attacking Developers with 338 Malicious npm Packages
• 18:2 : Hackers Leveraging Microsoft Edge Internet Explorer Mode to Gain Access to Users’ Devices
• 17:32 : ShinyHunters Leak Alleged Data from Qantas, Vietnam Airlines and Other Major Firms
• 17:32 : This 250-year-old equation just got a quantum makeover
• 17:32 : Building a lasting security culture at Microsoft
• 17:5 : IT Security News Hourly Summary 2025-10-13 18h : 13 posts
• 17:2 : Heads Up: Scans for ESAFENET CDG V5 , (Mon, Oct 13th)
• 17:2 : Rewiring Democracy is Coming Soon
• 17:2 : Hidden Cost of MFT Vulnerabilities: Why CVE-2025-10035 Demands a New Security Playbook
• 17:2 : CyberSmart Become a National Ambassador of the NCRCG
• 16:32 : Scattered Lapsus$ Hunters rage-quit the internet (again), promise to return next year
• 16:3 : AI Infrastructure: Compute, Storage, Observability, Security, and More
• 16:3 : Scattered Lapsus$ Hunters Claim to Have Stolen More Than 1 Billion Salesforce Records
• 16:3 : Linux Kernel 6.18-rc1 Released With Extensive Updates Following a Steady Merge Window
• 16:3 : PoC Exploit Unveiled for Lenovo Code Execution Vulnerability Enabling Privilege Escalation
• 16:3 : New WhatsApp Worm Attacks Users with Banking Malware to Users Login Credentials
• 16:2 : SREday SF 2025: Human Centered SRE In An AI World
• 16:2 : Hackers Target ScreenConnect Features For Network Intrusions
• 15:32 : OpenAI’s Guardrails Can Be Bypassed by Simple Prompt Injection Attack
• 15:32 : AI vs AI: The Future of Cybersecurity Is Machine vs. Machine. Is the human factor still relevant?
• 15:32 : Fighting the Cyber Forever War: Born Defense Blends Investment Strategy with Just War Principles
• 15:32 : Paying Ransom Does Not Guarantee Data Restoration: Report
• 15:32 : Spanish Police Dismantle AI-Powered Phishing Network and Arrest Developer “GoogleXcoder”
• 15:32 : Red Hat Data Breach Deepens as Extortion Attempts Surface
• 15:2 : AI-Driven Developer Tools: Transforming the Future of Software Development
• 15:2 : Your Alerts Are Increasing Your Cybersecurity Risk
• 15:2 : Spain Arrests Alleged Leader of GXC Team Cybercrime Network
• 14:32 : Microsoft revamps Internet Explorer Mode in Edge after August attacks
• 14:32 : SimonMed Imaging discloses a data breach impacting over 1.2 million people
• 14:32 : Microsoft Intune MDM and Entra ID Leveraged to Elevate your Trust in Device Identity
• 14:32 : Malicious Code on Unity Website Skims Information From Hundreds of Customers
• 14:32 : Lattice MachXO5-NX TDQ prepare organizations for quantum-era security threats
• 14:5 : IT Security News Hourly Summary 2025-10-13 15h : 5 posts
• 14:3 : Bridging the AI gap: governing emerging technologies in an evolving digital landscape
• 14:3 : Russian Cybercrime Marketplace Shifting from RDP Access to Malware Stealer Log Exploits
• 14:2 : Write Once, Enforce Everywhere: Reusing Rego Policies Across Build and Runtime
• 14:2 : Microsoft ‘illegally’ tracked students via 365 Education, says data watchdog
• 14:2 : Oracle Warns of New EBS Vulnerability That Allows Remote Access
• 14:2 : ⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
• 14:2 : New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
• 13:32 : Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
• 13:32 : Why you keep getting job scam texts
• 13:32 : AI Governance: Building a Responsible Foundation for Innovation
• 13:32 : Threat Actors Weaponize Discord Webhooks for Command and Control with npm, PyPI, and Ruby Packages
• 13:32 : New RMPocalypse Attack Let Hackers Break AMD SEV-SNP To Exfiltrate Confidential Data
• 13:32 : Astaroth Banking Malware Leveraging GitHub to Host Malware Configurations
• 13:32 : SonicWall SSL VPN Accounts in Attacker Crosshairs
• 13:32 : Sensitive Information of NSW Flood Victims Mistakenly Entered into ChatGPT
• 13:32 : Clop Ransomware Exploits Oracle Zero-Day in Major Extortion Campaign
• 13:32 : Qilin Ransomware Hits Beer Giant Asahi
• 13:32 : Harvard Probes Breach Tied To Oracle Flaw
• 13:32 : Rust Malware ChaosBot Exploits Discord
• 13:32 : Fake Inflation Refund Text Scam Hits NY
• 13:32 : Malicious Npm Packages Used In Phishing
• 13:2 : Is Hacking Back Ever a Good Strategy?
• 13:2 : Pro-Russian Hacktivist Targets OT/ICS Systems to Harvest Credentials
• 12:32 : Axis Communications Vulnerability Exposes Azure Storage Credentials
• 12:32 : China probes Qualcomm’s Autotalks deal amid rising US trade tensions
• 12:32 : SimonMed Imaging Data Breach Impacts 1.2 Million
• 12:3 : EDR-Freeze: Technical Mechanics and Forensic Artifacts Exposed
• 12:3 : Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
• 12:2 : NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms
• 11:32 : Invoicely Database Leak Exposes 180,000 Sensitive Records
• 11:32 : Hackers Exploit Microsoft Edge’s Internet Explorer Mode to Compromise User Devices
• 11:32 : Astaroth Trojan abuses GitHub to host configs and evade takedowns
• 11:32 : AI and the Future of American Politics
• 11:32 : New Stealit Malware Attacking Windows Systems Abuses Node.js Extensions
• 11:32 : Happy DOM Vulnerability Exposes 2.7 Million Users To Remote Code Execution Attacks
• 11:32 : EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed
• 11:32 : Dutch government puts Nexperia on a short leash over chip security fears
• 11:32 : Ofcom fines 4chan £20K and counting for pretending UK’s Online Safety Act doesn’t exist
• 11:5 : IT Security News Hourly Summary 2025-10-13 12h : 4 posts
• 11:2 : Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data
• 11:2 : Free Open-Source Software for Modern Identity and Access Management
• 11:2 : Text Detection and Extraction From Images Using OCR in Python
• 11:2 : Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
• 11:2 : Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
• 10:32 : North Korean Hackers Target Developers with 338 Malicious Software Packages
• 10:2 : Spanish Authorities Dismantle ‘GXC Team’ Crime-as-a-Service Operation
• 9:32 : Google, Mandiant expose malware and zero-day behind Oracle EBS extortion
• 9:32 : Is America Behind the Ball When It Comes to AI Regulation?
• 9:32 : Apple Bug Bounty Payouts Can Now Top $5m
• 9:2 : Happy DOM Flaw Allows Remote Code Execution Affecting 2.7 Million Users
• 9:2 : Microsoft Finally Resolves Persistent Windows 11 ‘Update and Shut Down’ Glitch
• 9:2 : Extortion Group Leaks Millions of Records From Salesforce Hacks
• 9:2 : The SharePoint Blind Spot: How Legacy IGA Failed to Stop Volt Typhoon
• 9:2 : Security Misconfigurations: The Future Disaster That’s Staring You in the Face
• 9:2 : FBI and French Police Shutter BreachForums Domain Again
• 8:32 : EU Opens Probe Into Online Platforms Over Child Protections
• 8:32 : Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord
• 8:5 : IT Security News Hourly Summary 2025-10-13 09h : 4 posts
• 8:2 : Professors Accuse Apple Of AI Copyright Infringement
• 8:2 : A week in security (October 6 – October 12)
• 8:2 : Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
• 7:32 : China Rare Earth Restrictions Target Advanced Chips
• 7:32 : WhatsApp Worm Targets Users with Banking Malware, Steals Login Information
• 7:32 : Velociraptor pushes LockBit, Spain dismantles crime group, SonicWall SSL VPN breach
• 7:2 : Google May Be Forced To Make Search Changes In UK
• 7:2 : Hackers Claim Massive Salesforce Breach: 1 Billion Records Stolen
• 7:2 : Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder
• 6:32 : Building a healthcare cybersecurity strategy that works
• 6:2 : Astaroth Banking Malware Exploits GitHub for Hosting Configuration Files
• 6:2 : Oracle E-Business Suite Flaw Enables Remote Code Execution and Data Theft
• 6:2 : SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups
• 6:2 : AI-generated images have a problem of credibility, not creativity
• 6:2 : New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
• 5:32 : The five-minute guide to OT cyber resilience
• 5:5 : IT Security News Hourly Summary 2025-10-13 06h : 2 posts
• 5:2 : Attackers Exploit Defender for Endpoint Cloud API to Bypass Authentication and Disrupt Incident Response
• 5:2 : SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups
• 5:2 : RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks
• 5:2 : Discord confirms third-party support breach; some users’ ID photos, support messages and limited payment details were accessed
• 5:2 : When hackers hit, patient safety takes the fall
• 4:2 : Attackers don’t linger, they strike and move on
• 3:32 : Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication
• 2:2 : Our APWG eCrimes Paper on Tech Support Scam Facebook Groups
• 23:5 : IT Security News Hourly Summary 2025-10-13 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 41
• 22:55 : IT Security News Daily Summary 2025-10-12
• 22:32 : ISC Stormcast For Monday, October 13th, 2025 https://isc.sans.edu/podcastdetail/9652, (Sun, Oct 12th)