IT Security News Daily Summary 2025-12-03

153 posts were published in the last hour

• 22:4 : Best 5 Dark Web Intelligence Platforms
• 22:4 : ‘Exploitation is imminent’ as 39 percent of cloud environs have max-severity React hole
• 21:5 : Lessons from Smart Switching: Rethinking Security and Performance
• 21:5 : ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
• 21:5 : CISA eliminates pay incentives as it changes how it retains top cyber talent
• 20:31 : Shai Hulud 2.0, now with a wiper flavor
• 20:5 : IT Security News Hourly Summary 2025-12-03 21h : 7 posts
• 20:2 : Attempts to Bypass CDNs, (Wed, Dec 3rd)
• 20:2 : ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
• 20:2 : University of Pennsylvania and University of Phoenix disclose data breaches
• 19:32 : India’s New SIM-Binding Rule for WhatsApp, Signal, Telegram and Other Messaging Platforms
• 19:6 : After intense backlash, India pulls mandate to preinstall government app on smartphones
• 19:6 : Fintech firm Marquis alerts dozens of US banks and credit unions of a data breach after ransomware attack
• 19:6 : Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
• 18:32 : Hackers Can Weaponize Claude Skills to Execute MedusaLocker Ransomware Attack
• 18:32 : Longwatch RCE Vulnerability Let Attackers Execute Remote Code With Elevated Privileges
• 18:4 : Fake ChatGPT Atlas Browser Used in ClickFix Attack to Steal Passwords
• 18:4 : The Vault or the Vulnerability? Why Your Password Manager Might Be the New Cyber Risk
• 18:4 : Android expands pilot for in-call scam protection for financial apps
• 18:4 : Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation
• 17:32 : Attackers Actively Exploiting Critical Vulnerability in Sneeit Framework Plugin
• 17:32 : Microsoft Confirms Windows 11 25H2 UI Features Broken also Along With 24H2 Following Update
• 17:32 : Examining the Risk of AI-Assisted MedusaLocker Ransomware Attacks
• 17:32 : CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
• 17:32 : Hackers Exploit Critical Yearn Finance’s yETH Pool Vulnerability to Steal $9 Million in Ethereum
• 17:32 : WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts
• 17:7 : French NGO Reporters Without Borders Targeted by Star Blizzard
• 17:7 : DDoS attack volume rises in Q3 as Aisuru botnet fuels record-setting attacks
• 17:5 : IT Security News Hourly Summary 2025-12-03 18h : 15 posts
• 16:32 : Implementing Zero Trust on Google Cloud
• 16:32 : Hackers Using Calendly-Themed Phishing Attack to Steal Google Workspace Account
• 16:32 : 29.7 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record
• 16:32 : Attackers have a new way to slip past your MFA
• 16:32 : Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud
• 16:32 : UK’s Cyber Service for Telcos Blocks 1 Billion Malicious Site Attempts
• 16:32 : Leading surveillance camera vendor signs CISA’s product-security pledge
• 16:5 : New Joint Guide Advances Secure Integration of Artificial Intelligence in Operational Technology
• 16:5 : Check Point Named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security
• 16:5 : CISA, Australia, and Partners Author Joint Guidance on Securely Integrating Artificial Intelligence in Operational Technology
• 16:5 : Malicious Rust Evm-Units Mimic as EVM Version Silently Executes OS-specific Payloads
• 16:5 : Shai-Hulud 2.0 Malware Attack Compromised 30,000 Repositories and Stolen 500 GitHub Usernames and Tokens
• 16:5 : K7 Antivirus Vulnerability Allows Attackers Gain SYSTEM-level Privileges
• 16:5 : Bitwarden Access Intelligence helps enterprises take action on risky credentials
• 16:5 : Salt Security identifies external misuse and abuse of MCP servers by AI agents
• 15:32 : Architecture Patterns That Enable Cycode alternatives at Scale
• 15:32 : How deepfake scams are fueling a new wave of fraud
• 15:32 : Yearn Finance yETH Pool Hit by $9M Exploit
• 15:3 : Digital Signatures: Traditional Vs. Post-Quantum Cryptographic Mechanisms
• 15:3 : Microsoft Patched Windows LNK Vulnerability Abused by Hackers to Hide Malicious Code
• 15:3 : Storm-0900 Hackers Leveraging Parking Ticket and Medical Test Themes in Massive Phishing Attack
• 15:3 : How attackers use real IT tools to take over your computer
• 14:32 : Niobium Raises $23 Million for FHE Hardware Acceleration
• 14:32 : JPMorganChase to Invest in AI, Tech to Foster Growth, Innovation, Resiliency
• 14:32 : CISA Warns of Rising Targeted Spyware Campaigns Against Encrypted Messaging Users
• 14:32 : ChatGPT Down Worldwide Users Affected
• 14:32 : Indian Airports Hit By Cyber Attack
• 14:32 : Illuminate Must Delete Student Data
• 14:32 : Australian Jailed For WiFi Attacks
• 14:32 : Lazarus APT Remote Worker Scheme Caught
• 14:5 : IT Security News Hourly Summary 2025-12-03 15h : 9 posts
• 14:5 : Researchers spotted Lazarus’s remote IT workers in action
• 14:4 : Fileless protection explained: Blocking the invisible threat others miss
• 14:4 : Critical King Addons Vulnerability Exploited to Hack WordPress Sites
• 13:32 : MuddyWater Attacks Critical Infrastructure With Custom Malware and Improved Tactics
• 13:32 : CISA Warns of Android 0-Day Vulnerability Exploited in Attacks
• 13:32 : The Digital Trail That Led Scammers to Her Personal and Financial Information
• 13:32 : CISA Warns of Spyware Gangs Targeting Signal and WhatsApp Users
• 13:32 : Massive gambling network doubles as hidden C2 and anonymity infrastructure, researchers say
• 13:32 : UK Ransomware Payment Ban to Come with Exemptions, Security Minster Say
• 13:2 : Longwatch RCE Flaw Allows Attackers to Run Remote Code with Elevated Privileges
• 13:2 : Malicious Rust “evm-units” Impersonator Deploys OS-Specific Payloads
• 13:2 : Shai-Hulud 2.0 Cyberattack Compromises 30,000 Repos and Exposes 500 GitHub Accounts
• 13:2 : Let’s Encrypt Cutting Certificate Lifespan from 90 Days to 45 Days
• 13:2 : New Calendly-Inspired Phishing Attack Aims to Steal Google Workspace Credentials
• 13:2 : Discover the AI Tools Fueling the Next Cybercrime Wave — Watch the Webinar
• 12:32 : After intense backlash, India pulls mandate to pre-install government app on smartphones
• 12:32 : ServiceNow to Acquire Identity Security Firm Veza in Reported $1 Billion Deal
• 12:32 : Arizona Attorney General Sues Chinese Online Retailer Temu Over Data Theft Claims
• 12:32 : Disinformation and Cyber-Threats Among Top Global Exec Concerns
• 12:9 : Fixing a Slow SOC: Top 3 Solutions that Actually Work
• 12:9 : Microsoft Confirms Windows 11 25H2 UI Features Broken Along With 24H2 Following Update
• 12:9 : How to Manage Cloud Provider Risk and SLA Gaps
• 11:32 : Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control
• 11:31 : Beware of the New ‘Executive Award’ Campaign That Uses ClickFix to Deliver Stealerium Malware
• 11:31 : Penn and Phoenix Universities Disclose Data Breach After Oracle Hack
• 11:9 : Waymo Vehicle Drives Through Tense Traffic Stop
• 11:9 : 7 Year Long ShadyPanda Attack Spied on 4.3M Chrome and Edge Users
• 11:9 : Microsoft Silently Mitigated Exploited LNK Vulnerability
• 11:8 : re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities
• 11:8 : Chopping AI Down to Size: Turning Disruptive Technology into a Strategic Advantage
• 11:8 : Pall Mall Process to Define Responsible Commercial Cyber Intrusion
• 11:5 : IT Security News Hourly Summary 2025-12-03 12h : 11 posts
• 10:32 : French NGO Reporters Without Borders targeted by Calisto in recent campaign
• 10:32 : Ireland Starts Probes Into LinkedIn, TikTok
• 10:32 : New “Executive Award” Scam Exploits ClickFix to Deliver Stealerium Malware
• 10:32 : Critical Elementor Plugin Flaw Allows Attackers to Seize WordPress Admin Control
• 10:32 : New Stealth K.G.B RAT Marketed by Threat Actors on Underground Forums
• 10:32 : Authorities Seize Domains Linked to Tai Chang Cryptocurrency Investment Scam
• 10:32 : Threat Actors Using Matanbuchus Downloader to Deliver Ransomware and Maintain Persistence
• 10:32 : Threat Actors Allegedly Promoting Fully Undetectable K.G.B RAT on Hacker Forums
• 10:32 : CISA Warns of Iskra iHUB Vulnerability Allowing Remote Device Reconfiguration
• 10:32 : Angular Platform Vulnerability Allows Malicious Code Execution Via Weaponized SVG Animation Files
• 10:32 : HTB AI Range benchmarks the safety and limits of autonomous security agents
• 10:4 : Nvidia Says $100bn OpenAI Deal Still Not Finalised
• 10:4 : India mandates SIM-linked messaging apps to fight rising fraud
• 10:4 : Exploits and vulnerabilities in Q3 2025
• 10:4 : ’Tis the Season to Be Cyber-Wary: How Thales Protects Against Account Takeover During Peak Shopping Season
• 10:4 : Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems
• 10:4 : Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code
• 9:32 : Samsung Launches Double-Hinged Smartphone
• 9:32 : Let’s Encrypt to Reduce Certificate Validity from 90 Days to 45 Days
• 9:32 : Threat Actors Leveraging Matanbuchus Malicious Downloader to Ransomware and Establish Persistence
• 9:32 : BPFDoor and Symbiote Rootkits Attacking Linux Systems Exploiting eBPF Filters
• 9:7 : Nvidia Buys $2bn Stake In Synopsys
• 9:6 : Chrome 143 Patches High-Severity Vulnerabilities
• 9:6 : BlackFog releases ADX Vision to block data loss from unapproved AI use
• 9:6 : Wasabi Covert Copy strengthens cloud storage security
• 8:32 : British MP Calls For Australia-Style Social Media Ban
• 8:32 : Morphisec enhances Anti-Ransomware Suite to block evasive attacks across key blind spots
• 8:32 : Microsoft Defender outage disrupts threats, Apple resists India’s app order, MuddyWater strikes Israel
• 8:9 : Apple AI Chief Giannandrea To Step Down
• 8:8 : Bank Of England Warns Of AI Risk To Financial Stability
• 8:8 : Datadog introduces Bits AI SRE to automate alert investigation and root cause analysis
• 8:5 : IT Security News Hourly Summary 2025-12-03 09h : 6 posts
• 7:32 : Researchers Catch Lazarus Group’s Recruitment Workflow on Camera via Honeypot
• 7:32 : Multiple Django Vulnerability Expose Applications to SQL Injection and DoS Attacks
• 7:32 : CISA Alerts on Iskra iHUB Authentication Flaw Allowing Remote Device Reconfiguration
• 7:32 : Water Saci Hackers Exploit AI Tools to Target WhatsApp Web Users
• 7:32 : Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks
• 7:31 : Panaseer IQ Suite uses generative AI to explain risk changes and guide remediation
• 7:4 : Here’s your worst nightmare: E-tailer can only resume partial sales 45 days after ransomware attack
• 7:4 : Global law enforcement actions put pressure on cybercrime networks
• 6:32 : Chrome 143 Released With Fix for 13 Vulnerabilities that Enable Arbitrary Code Execution
• 6:32 : Portmaster: Open-source application firewall
• 6:7 : Chrome 143 Update Patches 13 Security Vulnerabilities Allowing Arbitrary Code Execution
• 6:6 : BPFDoor and Symbiote: Advanced eBPF-Based Rootkits Target Linux Systems
• 6:6 : Living off the Land Attacks and Emerging Cyber Threats
• 5:32 : MuddyWater: Snakes by the riverbank
• 5:32 : Threat intelligence programs are broken, here is how to fix them
• 5:32 : CISOs are questioning what a crisis framework should look like
• 5:5 : IT Security News Hourly Summary 2025-12-03 06h : 1 posts
• 5:2 : Google Confirms Data Breach from 200 Companies
• 4:2 : Hackers can Hijack Your DashCams in Seconds and Weaponize them for Future Attacks
• 4:2 : ChatGPT Down – Users Report Outage Worldwide, Conversations Disappeared for Users
• 4:2 : Chrome 143 Released With Fix for 13 Vulnerabilities that Enables Arbitrary Code Execution
• 3:4 : ISC Stormcast For Wednesday, December 3rd, 2025 https://isc.sans.edu/podcastdetail/9722, (Wed, Dec 3rd)
• 3:4 : Indian government reveals GPS spoofing at eight major airports
• 0:32 : The Browser Defense Playbook: Stopping the Attacks That Start on Your Screen
• 0:31 : Russia Wants This Mega Missile to Intimidate the West, but It Keeps Crashing
• 23:6 : Unraveling Water Saci’s New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
• 23:6 : How to use the ZMap network scanner
• 23:5 : IT Security News Hourly Summary 2025-12-03 00h : 3 posts
• 22:55 : IT Security News Daily Summary 2025-12-02