IT Security News Daily Summary 2025-11-20

162 posts were published in the last hour

• 22:33 : Four Indicted In Alleged Conspiracy To Smuggle Supercomputers and Nvidia Chips to China
• 22:33 : Russian Hacking Suspect Wanted by the FBI Arrested on Thai Resort Island
• 22:2 : Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal
• 22:2 : Budget Samsung phones shipped with unremovable spyware, say researchers
• 22:2 : Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it
• 22:2 : Security Advisory: Salesforce Gainsight Incident
• 22:2 : Salesforce investigating campaign targeting customer environments connected to Gainsight app
• 21:38 : Amazon Warns: Nation-State Hackers Tying Cyber Attacks to Real-World Strikes
• 21:2 : Emerging Ransomware Variants Exploit Amazon S3 Misconfigurations
• 21:2 : CISA Alerts Users to Active Attacks on Chrome 0-Day Vulnerability
• 21:2 : Sturnus Malware Hijacks Signal and WhatsApp, Taking Full Device Control
• 21:2 : Samourai Wallet Founders Jailed for $237M Crypto Laundering
• 21:2 : Tsundere Botnet Targets Windows, Linux & macOS via Node.js Packages
• 21:2 : F5-CrowdStrike network security partnership: Is EDR enough?
• 21:2 : CrowdStrike Finds Bias Triggers That Weaken DeepSeek-R1 Code Safety
• 21:2 : Salesforce investigates new incident echoing Salesloft Drift compromise
• 20:34 : Another Salesforce-linked data breach has ShinyHunters’ fingerprints all over it
• 20:33 : NDSS 2025 – Hitchhiking Vaccine: Enhancing Botnet Remediation With Remote Code Deployment Reuse
• 20:5 : IT Security News Hourly Summary 2025-11-20 21h : 5 posts
• 20:2 : Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops
• 20:2 : Transfer data across AWS partitions with IAM Roles Anywhere
• 19:34 : Mozilla Says It’s Finally Done With Two-Faced Onerep
• 19:34 : Salesforce says some of its customers’ data was accessed after Gainsight breach
• 19:34 : LLM-generated malware is improving, but don’t expect autonomous attacks tomorrow
• 19:4 : It’s not personal, it’s just business
• 18:11 : Everest Ransomware Says It Breached Brazilian Energy Giant Petrobras
• 18:11 : WhatsApp Flaw Enables Massive Scraping of 3.5 Billion User Accounts
• 18:11 : Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing
• 18:11 : Techstrong Group and DigiCert Unveil the “Quantum Security 25” to Spotlight Leaders Shaping the Future of Quantum Security
• 18:11 : Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
• 18:11 : ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
• 17:34 : Emerson Appleton UPSMON-PRO
• 17:34 : ICAM365 CCTV Camera Multiple Models
• 17:34 : Opto 22 GRV-EPIC and groov RIO
• 17:34 : NDSS 2025 – Detecting And Interpreting Inconsistencies In App Behaviors
• 17:34 : How to update CRLs without public access using AWS Private CA
• 17:5 : IT Security News Hourly Summary 2025-11-20 18h : 17 posts
• 17:4 : Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)
• 17:4 : Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
• 17:4 : What the Flock is happening with license plate readers?
• 17:4 : Fired techie admits sabotaging ex-employer, causing $862K in damage
• 17:4 : FCC eliminates cybersecurity requirements for telecom companies
• 16:34 : Wordfence Intelligence Weekly WordPress Vulnerability Report (November 10, 2025 to November 16, 2025)
• 16:34 : Bot Management for the Agentic Era
• 16:34 : What Is Bloatware? + How to Remove It
• 16:9 : TP-Link accuses rival Netgear of ‘smear campaign’ over alleged China ties
• 16:9 : New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls
• 16:9 : Samourai Wallet Cryptocurrency Mixing Founders Jailed for Laundering Over $237 Million
• 16:9 : Sturnus Banking Malware Steals Communications from Signal and WhatsApp, Gaining Full Control of The Device
• 16:8 : Tsundere Botnet Abusing Popular Node.js and Cryptocurrency Packages to Attack Windows, Linux, and macOS Users
• 16:8 : New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages
• 16:8 : Security gap in Perplexity’s Comet browser exposed users to system-level attacks
• 16:8 : UNC2891 Money Mule Network Reveals Full Scope of ATM Fraud Operation
• 16:8 : Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation
• 15:34 : Light has been hiding a magnetic secret for nearly 200 years
• 15:34 : Trust Beyond Containers: Identity and Agent Security Lessons from KubeCon 2025
• 15:4 : Beyond the Watering Hole: APT24’s Pivot to Multi-Vector Attacks
• 15:4 : PlushDaemon compromises network devices for adversary-in-the-middle attacks
• 15:4 : APIContext Introduces MCP Server Performance Monitoring to Ensure Fast and Reliable AI Workflows
• 15:4 : Education boards left gates wide open for PowerSchool mega-breach, say watchdogs
• 15:4 : Oligo delivers runtime-native security for models and agents
• 15:4 : CISA Issues New Guidance on Bulletproof Hosting Threat
• 14:32 : The Black Friday Cyber Crime Economy: Surge in Fraudulent Domains and eCommerce Scams
• 14:32 : Gmail can read your emails and attachments to train its AI, unless you opt out
• 14:32 : Holiday scams 2025: These common shopping habits make you the easiest target
• 14:32 : Doppel Raises $70 Million at $600 Million Valuation
• 14:32 : New runC Vulnerabilities Expose Docker and Kubernetes Environments to Potential Host Breakouts
• 14:32 : Supply Chain Breaches Impact Almost All Firms Globally, BlueVoyant Reveals
• 14:32 : WhatsApp Flaw Exposed User Numbers
• 14:32 : Ransomware Hits LG Battery Subsidiary
• 14:32 : Europe Scales Back Privacy And AI Laws
• 14:32 : US UK Australia Sanction Russian Host
• 14:31 : Philippine Mayor Sentenced For Spying
• 14:5 : IT Security News Hourly Summary 2025-11-20 15h : 8 posts
• 14:2 : New Eternidade Stealer Uses WhatsApp to Steal Banking Data
• 14:2 : GenAI Makes it Easier for Cybercriminals to Successfully Lure Victims into Scams
• 14:2 : New Malware Via WhatsApp Exfiltrate Contacts to Attack Server and Deploys Malware
• 14:2 : Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide
• 14:2 : TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access
• 14:2 : Gmail is reading your emails and attachments to train its AI, unless you turn it off
• 13:36 : Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’
• 13:36 : ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
• 13:4 : US and Allies Sanction Russian Bulletproof Hosting Service Providers
• 13:4 : MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
• 12:34 : Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices
• 12:34 : Scam USPS and E-Z Pass Texts and Websites
• 12:34 : Critical N-able N-central Vulnerabilities Allow attacker to interact with legacy APIs and read sensitive files
• 12:34 : Threat Actors Pioneering a New Operational Model That Combines Digital and Physical Threats
• 12:34 : Threat Actors Allegedly Selling Microsoft Office 0-Day RCE Vulnerability on Hacking Forums
• 12:34 : Screen Sharing on WhatsApp Turns Costly with Major Financial Loss
• 12:33 : LG Energy Solution Hit by Akira Ransomware, Data Breach Confirmed
• 12:2 : Inside the dark web job market
• 12:2 : Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood
• 12:2 : Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts
• 12:2 : SSL Certificate And SiteLock Security: Which One Do You Need?
• 12:2 : New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
• 12:2 : CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat
• 11:34 : Mozilla Firefox 145 Rolls Out With Advanced Fingerprint Protection
• 11:34 : Researchers Disclosed Analysis of Rhadamanthys Loader’s Anti-Sandboxing and Anti-AV Emulation Features
• 11:33 : Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication
• 11:6 : Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks
• 11:6 : Recent 7-Zip Vulnerability Exploited in Attacks
• 11:5 : IT Security News Hourly Summary 2025-11-20 12h : 3 posts
• 10:34 : With the Rise of AI, Cisco Sounds an Urgent Alarm About the Risks of Aging Tech
• 10:34 : NSA Issues Guidance for ISPs and Network Defenders to Combat Malicious Activity
• 10:33 : Gartner: 40% of Firms to Be Hit By Shadow AI Security Incidents
• 10:2 : Blockchain and Node.js abused by Tsundere: an emerging botnet
• 10:2 : Bedrock Data expands platform with AI governance and natural-language policy enforcement
• 10:2 : UK, US and Australia Sanction Russian Bulletproof Hoster Media Land
• 9:34 : pi GPT Tool Turns Your Raspberry Pi into A ChatGPT Powered AI-managed device
• 9:34 : CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks
• 9:34 : Ollama Vulnerabilities Let Attackers Execute Arbitrary Code by Parsing of Malicious Model Files
• 9:34 : ID-Pal upgrades ID-Detect, delivering protection against deepfakes and synthetic IDs
• 9:4 : Chinese APT Group Exploits DLL Sideloading to Breach Government and Media Targets
• 9:4 : Hackers Launch 2.3 Million Attacks on Palo Alto GlobalProtect VPN Portals
• 9:4 : The Rise of Hybrid Threat Actors: Digital Meets Physical
• 9:4 : The Rise of AI-Enhanced Cyber Scams: How GenAI Empowers Criminals
• 9:4 : Critical Twonky Server Flaws Let Hackers Bypass Login Protection
• 9:4 : AI vs. AI: Why Deepfake Detection Alone Won’t Protect Your Enterprise
• 9:4 : Minimus debuts Image Creator for building secure, hardened container images
• 8:32 : Beckett Collectibles – 541,132 breached accounts
• 8:32 : Mobile App Platforms: Don’t Let Database Security Come Back to Bite You
• 8:31 : The Akira Playbook: How Ransomware Groups Are Weaponizing MFA Fatigue
• 8:31 : Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
• 8:31 : Cloudflare blames database, Crypto heist takedown, WhatsApp flaw exposed billions
• 8:5 : IT Security News Hourly Summary 2025-11-20 09h : 4 posts
• 7:34 : Nanoscale trick makes “dark excitons” glow 300,000 times stronger
• 7:34 : Quantum computers just simulated physics too complex for supercomputers
• 7:34 : SolarWinds Patches Three Critical Serv-U Vulnerabilities
• 7:34 : SaaS Black Friday deals For Developer 2025
• 7:4 : Trend & AWS Partner on Cloud IPS: One-Click Protection
• 7:4 : Is your password manager truly GDPR compliant?
• 6:31 : When the Internet Fails Again, Will You Survive a DDoS Attack?
• 6:31 : A CMO’s Perspective: Why This Moment Matters in the AI Era
• 6:31 : JWTs for AI Agents: Authenticating Non-Human Identities
• 6:31 : SaaS tools Black Friday deals For Developer 2025
• 6:4 : 3.5 Billion WhatsApp Users “Largest Data Leak” Flaw – Here is Full List
• 6:4 : Cline AI Coding Agent Vulnerabilities Enables Prompt Injection, Code Execution, and Data Leakage
• 6:4 : Hackers Can Exploit Default ServiceNow AI Assistants Configurations to Launch Prompt Injection Attacks
• 6:4 : China-Nexus APT Group Leverages DLL Sideloading Technique to Attack Government and Media Sectors
• 6:4 : BlueCodeAgent helps developers secure AI-generated code
• 6:4 : Google Play Store’s privacy practices still confuse Android users
• 6:4 : TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign
• 5:34 : From Reactive to Ready: A Practical Security Maturity Playbook for Lean Teams
• 5:34 : When IT fails, OT pays the price
• 5:34 : The confidence trap holding security back
• 5:8 : Hackers Attacking Palo Alto Networks’ GlobalProtect VPN Portals with 2.3 Million Attacks
• 5:5 : IT Security News Hourly Summary 2025-11-20 06h : 1 posts
• 4:38 : Palo Alto CEO tips nation-states to weaponize quantum computing by 2029
• 4:4 : Vultr – 187,872 breached accounts
• 4:4 : Eurofiber – 10,003 breached accounts
• 2:36 : Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal
• 2:8 : ISC Stormcast For Thursday, November 20th, 2025 https://isc.sans.edu/podcastdetail/9708, (Thu, Nov 20th)
• 2:5 : IT Security News Hourly Summary 2025-11-20 03h : 1 posts
• 1:33 : US, UK, Australia sanction Lockbit gang’s hosting provider
• 23:34 : Fortinet ‘fesses up to second 0-day within a week
• 23:34 : Palo Alto Networks to Acquire AI Observability Platform Chronosphere for $3.35 Billion
• 23:6 : Palo Alto Networks to Acquire AI-Era Observability Platform Chronosphere for $3.35 Billion
• 23:6 : AWS designated as a critical third-party provider under EU’s DORA regulation
• 23:6 : Simplified developer access to AWS with ‘aws login’
• 23:5 : IT Security News Hourly Summary 2025-11-20 00h : 4 posts
• 22:55 : IT Security News Daily Summary 2025-11-19