IT Security News Daily Summary 2025-10-29

182 posts were published in the last hour

22:34 : Hackers Use NFC Relay Malware to Clone Tap-to-Pay Android Transactions
22:34 : Atlas browser’s Omnibox opens up new privacy and security risks
21:34 : Nvidia Market Value Surpasses $5tn On AI Optimism
21:34 : Hacktivists breach Canada’s critical infrastructure, cyber Agency warns
21:4 : When Windows Helpers Turn Hostile: DLL Hijacks Return
20:36 : The Microsoft Azure Outage Shows the Harsh Reality of Cloud Failures
20:6 : This security hole can crash billions of Chromium browsers, and Google hasn’t patched it yet
20:5 : IT Security News Hourly Summary 2025-10-29 21h : 7 posts
19:36 : Attackers Actively Exploiting Critical Vulnerability in WP Freeio Plugin
19:36 : Herodotus: The Android Trojan That Types Like a Human
19:36 : EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure
19:36 : New Gentlemen’s RaaS Advertised on Hacking Forums Targeting Windows, Linux and ESXi Systems
19:36 : Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses
19:36 : Threat Actors Weaponizes Judicial Documents to Deliver PureHVNC RAT
19:36 : Russian Hackers Attacking Government Entity Using Stealthy Living-Off-the-Land Tactics
19:4 : SessionReaper Comes Calling: Magento Exploit Haunts Halloween
19:4 : Survey Surfaces Rise in Email Security Incidents Tied to Ransomware
18:34 : How to write an information security policy, plus templates
18:34 : Pwn2Own Ireland 2025: Major Cybersecurity Revelations & Critical Vulnerabilities
18:34 : Is Russia Cracking Down on Cyber Criminals? Fake Death Scams & Exposed AI Servers | Cybersecurity Today
18:4 : Ubuntu Kernel Flaw Opens the Door to Privilege Escalation
18:4 : Former L3Harris Trenchant boss pleads guilty to selling zero-day exploits to Russian broker
17:34 : Ex-L3Harris Cyber Boss Pleads Guilty to Selling Trade Secrets to Russian Firm
17:34 : Cyber Awareness Month: Why AI Literacy Matters for Cybersecurity
17:34 : New TEE.fail Attack Breaks Trusted Environments to Exfiltrate Secrets from Intel and AMD DDR5 Environments
17:34 : Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide
17:34 : How HPE’s New Security Playbook Is Actually Stopping Threats
17:5 : IT Security News Hourly Summary 2025-10-29 18h : 17 posts
17:4 : ZEST Security launches free AI-based remediation risk assessment for security teams
17:4 : Is Russia Cracking Down on Cyber Criminals? Fake Death Scams & Exposed AI Servers | Cybersecurity Today
16:34 : Hackers Hijack Corporate XWiki Servers for Crypto Mining
16:34 : EY exposes 4TB+ SQL database to open internet for who knows how long
16:14 : Rogue WordPress Plugin Conceals Multi-Tiered Credit Card Skimmers in Fake PNG Files
16:14 : Sweet Security Brings Runtime-CNAPP Power to Windows
16:13 : BlueNoroff Expands Cyberattacks with AI-Driven Campaigns Targeting Executives
16:13 : Cybersecurity Awareness Month 2025: Customer-Centric Innovation from ColorTokens
16:13 : OpenAI’s gpt-oss-safeguard enables developers to build safer AI
16:13 : New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
16:13 : Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
16:13 : Chrome to Make HTTPS Mandatory by Default in 2026
16:13 : Myanmar Scam Center Raided By Army
16:13 : US Refuses To Join UN Cyber Treaty
16:13 : X Warns Users To Re-enroll Keys Soon
16:13 : Android Trojan Herodotus Outsmarts Systems
16:13 : Npm Packages Steal Developer Logins
15:34 : Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
15:34 : Google Unveils Guide for Defenders to Monitor Privileged User Accounts
15:34 : Gunra Ransomware Leveraging Attacking Windows and Linux Systems with Two Encryption Methods
15:34 : Thousands of Exchange Servers in Germany Still Running with Out-of-Support Versions
15:34 : PoC Exploit Released for BIND 9 Vulnerability that Let Attackers Forge DNS Records
15:34 : 10 Malicious npm Packages with Auto-Run Feature on Install Deploys Multi-Stage Credential Harvester
15:34 : Attestation-Based Identity: How It Works and Why It Matters
15:34 : Arctic Wolf Report Reveals IT Leaders’ Overconfidence Despite Rising Phishing and AI Data Risks
15:34 : US Judge Permanently Bans NSO Group from Targeting WhatsApp Users
15:5 : How to Reduce Your TCO with Check Point’s SASE
15:5 : Check Point and NVIDIA Join Forces to Lock Down Enterprise AI Workloads
15:5 : Cross-Border Crypto Payouts in iGaming Security and Compliance
15:5 : Sanctions won’t stop cyberattacks, but they can still “bite”
15:5 : AI risks pack a punch, but governance provides a buffer
14:34 : OpenAI’s Atlas browser leaves the door wide open to prompt injection
14:34 : Commvault introduces Data Rooms to securely connect backup data with AI platforms
14:34 : Fortra DSPM helps organizations protect sensitive data across hybrid cloud
14:5 : Russian Hackers Target Government with Stealthy “Living-Off-the-Land” Tactics
14:5 : Massive 4TB EY Database Backup Found Publicly Accessible on Azure
14:5 : TechCrunch Disrupt 2025: Day 3
14:5 : MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS
14:5 : IT Security News Hourly Summary 2025-10-29 15h : 16 posts
14:5 : Obsidian: SaaS Vendors Must Adopt Security Standards as Threats Grow
14:4 : Rapid7 strengthens security with AI-powered risk and vulnerability insights
14:4 : Sweet Security brings Runtime CNAPP visibility and protection to Windows environments
14:4 : Npm Malware Uses Invisible Dependencies to Infect Dozens of Packages
13:34 : The State of Agentic AI: Disrupting Publishing and Reshaping Ecommerce
13:34 : PureHVNC RAT Distributed via Weaponized Judicial Documents
13:34 : Google Publishes New Guide to Help Defenders Monitor Privileged Accounts
13:34 : StrongestLayer Adds AI Reasoning Engine to Validate Emails
13:34 : Survey Surfaces Greater Appreciation for AI Risks
13:34 : Trellix unveils Helix integration with Hyperautomation to streamline SOC operations
13:5 : How Small Security Teams Can Improve Vulnerability Management
13:5 : Google Wear OS Flaw Lets Any App Send Texts on Behalf of Users
13:5 : New ‘Gentlemen’ RaaS Appears on Hacking Forums, Targeting Windows, Linux and ESXi
13:5 : How to reduce your TCO with Check Point’s SASE
13:5 : Marketing giant Dentsu warns staff after Merkle data raid
13:5 : Users Warned to Check This Setting as Meta Faces Privacy Concerns
13:4 : Acronis Cyber Protect Local brings unified cyber protection to cloud-restricted environments
13:4 : New Zscaler ZDX features strengthen zero trust and streamline performance monitoring
13:4 : PHP Servers and IoT Devices Face Growing Cyber-Attack Risks
12:34 : Hackers Allegedly Leak HSBC USA Customer and Financial Information
12:34 : Cybercriminals Launch Flood of Fake Forex Platforms to Harvest Logins
12:34 : Gmail breach panic? It’s a misunderstanding, not a hack
12:34 : AI Security Firm Polygraf Raises $9.5 Million in Seed Funding
12:34 : How Quantum Computing Will Transform Data Security, AI, and Cloud Systems
12:34 : FCC Tightens the Squeeze on Banned Chinese Telecom Companies
12:34 : Android malware types like a human, sanctions weaken cyber ecosystems, side-channel extracts Intel, AMD secrets
12:5 : New TEE.fail Exploit Steals Secrets from Intel & AMD DDR5 Trusted Environments
12:5 : HSTS Beyond the Basics: Securing AI Infrastructure and Modern Attack Vectors
12:4 : School’s AI system mistakes a bag of chips for a gun
12:4 : Cybersecurity Has a Motivation Problem
12:4 : Sole trader dispatched almost 1M spam texts to hard-up Brits, says watchdog
12:4 : CyberRidge Emerges From Stealth With $26 Million for Photonic Encryption Solution
12:4 : Python Foundation rejects US government grant earmarked for security improvements
11:34 : How High-Tech Finance Companies Turn Innovation Into Influence
11:34 : Signal’s Post-Quantum Cryptographic Implementation
11:34 : Hackers Allegedly Claim Breach Of HSBC USA Customers’ Records Including Financial Details
11:34 : CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks
11:34 : Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack
11:34 : When 183 Million Passwords Leak: How One Breach Fuels a Global Threat Chain
11:34 : Discover Practical AI Tactics for GRC — Join the Free Expert Webinar
11:34 : New Atroposia RAT Surfaces on Dark Web
11:6 : Ad and PR Giant Dentsu Says Hackers Stole Merkle Data
11:6 : XWiki Vulnerability Exploited in Cryptocurrency Mining Operation
11:6 : Open Source “b3” Benchmark to Boost LLM Security for Agents
11:5 : IT Security News Hourly Summary 2025-10-29 12h : 5 posts
10:34 : Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
10:34 : Nvidia Market Value Nears $5tn On AI Optimism
10:34 : Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information
10:34 : Docker Compose Flaw Lets Attackers Overwrite Arbitrary Files
10:34 : Security Training Just Became Your Biggest Security Risk
10:4 : Cybersecurity on a budget: Strategies for an economic downturn
10:4 : EV Maker Lucid Aims For High-Level Autonomous Driving
10:4 : CISA Issues Alert on Active Exploitation of Dassault Systèmes Security Flaws
10:4 : UK government on the lookout for bargain-priced CTO
10:4 : Chrome to Turn HTTPS on by Default for Public Sites
10:4 : 10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
10:4 : BSI Warns of Looming AI Governance Crisis
9:35 : GlobalFoundries Invests $1.3bn Into Dresden Expansion
9:35 : 10 NPM Packages That Automatically Run on Install and Steal Credentials
9:35 : U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog
9:35 : Magento Input Validation Vulnerability Exploited In Wild To Hijack Session And Execute Malicious Codes
9:35 : Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions
9:35 : New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network
9:35 : Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User
9:35 : Apache Tomcat Path Traversal Vulnerability (CVE-2025-55752) Notice
9:35 : Socure enhances RiskOS AI Suite with AI agents to transform identity, compliance, and risk decisioning
9:4 : Nvidia Buys Nokia Stake In Data Centre Boost
9:4 : Arctera InfoScale gains AI capabilities to identify and contain ransomware attacks
9:4 : Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
8:34 : OpenAI Completes For-Profit Restructure
8:34 : Amazon Cuts 14,000 Corporate Jobs
8:34 : Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
8:34 : Herodotus Android malware mimics human typing to evade detection
8:34 : 9 in 10 Exchange servers in Germany still running out-of-support software
8:34 : CISA Warns of Exploited DELMIA Factory Software Vulnerabilities
8:34 : Privado.ai introduces AI agents to automate privacy assessments and real-time data mapping
8:34 : Palo Alto Networks launches Prisma AIRS 2.0 to deliver end-to-end security across the AI lifecycle
8:5 : IT Security News Hourly Summary 2025-10-29 09h : 5 posts
8:4 : XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
8:4 : Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files
8:4 : Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests
8:4 : New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs
8:4 : Trulioo expands identity platform to strengthen fraud prevention and streamline compliance
7:4 : What is the commonality between NASCAR and Formula 1’s FIA? Both were hacked earlier this year.
7:4 : Gunra Ransomware Targets Windows and Linux with Dual Encryption
7:4 : AI agents can leak company data through simple web searches
6:34 : Product showcase: Syteca – The human-centric insider threat management platform
6:34 : Early reporting helps credit unions stop fraudulent transfers faster
6:4 : Mozilla Enforces Transparency Rules for Data Collection in New Firefox Extensions
6:4 : Continuous PCI DSS Compliance with File Integrity Monitoring
6:4 : New Android Malware Herodotus Mimic Human Behaviour to Bypass Biometrics Detection
6:4 : Scammers target international students by threatening their visa status
5:34 : Ethical Prompt Injection: Fighting Shadow AI with Its Own Weapon
5:34 : New Atroposia RAT Uses Hidden Remote Desktop, Vulnerability Scanning and Advanced Persistence
5:34 : Microsoft Issues Alert on ASP.NET Flaw Allowing HTTP Request Smuggling Attacks
5:33 : Proximity: Open-source MCP security scanner
5:5 : IT Security News Hourly Summary 2025-10-29 06h : 2 posts
5:4 : How to collect memory-only filesystems on Linux systems, (Wed, Oct 29th)
5:4 : CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware
4:4 : LG Uplus is latest South Korean telco to confirm cybersecurity incident
4:4 : Australian police building AI to translate emoji used by ‘crimefluencers’
3:4 : AI Security: NVIDIA BlueField Now with Vision One™
2:5 : IT Security News Hourly Summary 2025-10-29 03h : 3 posts
2:4 : ISC Stormcast For Wednesday, October 29th, 2025 https://isc.sans.edu/podcastdetail/9676, (Wed, Oct 29th)
2:4 : Pentest Copilot – AI-based Ethical Hacking Tool to Streamline Penetration Testing
1:33 : Tata Motors confirms it fixed security flaws, which exposed company and customer data
1:4 : Aisuru Botnet Shifts from DDoS to Residential Proxies
0:4 : AI Edge Is All You Need
0:4 : Enabling AI Everywhere with Akamai Inference Cloud
23:34 : CVE-2025-62725: From “docker compose ps” to System Compromise
23:5 : IT Security News Hourly Summary 2025-10-29 00h : 5 posts
23:4 : Bots, Bread and the Battle for the Web
23:4 : Everest Leaks AT&T Records, Demands $1M for Dublin Airport Passenger Data
23:4 : Threat Actors Advertising Anivia Stealer Malware on Dark Web bypassing UAC Controls
22:55 : IT Security News Daily Summary 2025-10-28

Share this:

Related

Post navigation