IT Security News Daily Summary 2025-12-22

129 posts were published in the last hour

• 22:31 : OpenAI says AI browsers may always be vulnerable to prompt injection attacks
• 22:31 : Poisoned WhatsApp API package steals messages and accounts
• 21:31 : Palo Alto’s new Google Cloud deal boosts AI integration, could save on cloud costs
• 21:2 : Fake Websites: Types and How to Avoid Them in 2026
• 21:2 : Phantom APIs: The Security Nightmare Hiding in Your AI-Generated Code
• 21:2 : The Justice Department Released More Epstein Files—but Not the Ones Survivors Want
• 21:2 : Romanian Waters confirms cyberattack, critical water operations unaffected
• 20:31 : How Much RAM Do I Have? A Guide for Macs, Windows and Phones
• 20:5 : IT Security News Hourly Summary 2025-12-22 21h : 3 posts
• 20:2 : The Justice Department Just Released More Epstein Files
• 20:2 : Spy turned startup CEO: ‘The WannaCry of AI will happen’
• 19:31 : Vibe Coding Is Moving Faster Than Security – Market Research Agrees
• 18:32 : 2025 Holiday Bot Attack Trends
• 18:31 : Google Partners With UK to Open Access to Willow Quantum Chip for Researchers
• 18:2 : BlindEagle Hackers Attacking Government Agencies with Powershell Scripts
• 18:2 : 86% Surge in Fake Delivery Websites Hits Shoppers During Holiday Rush
• 17:32 : Ukrainian National Pleads Guilty in Nefilim Ransomware Conspiracy
• 17:32 : 2025 guide to digital forensics tools for enterprises
• 17:32 : Insiders Become Prime Targets for Cybercriminals
• 17:32 : Microsoft Is Finally Killing RC4
• 17:32 : Hacktivists scrape 86M Spotify tracks, claim their aim is to preserve culture
• 17:31 : Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
• 17:5 : IT Security News Hourly Summary 2025-12-22 18h : 7 posts
• 17:2 : NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment
• 17:2 : Conman and wannabe MI6 agent must repay £125k to romance scam victim
• 17:2 : Network Detection and Response Defends Against AI Powered Cyber Attacks
• 17:2 : AI security is fundamentally a cloud infrastructure problem, Palo Alto Networks says
• 16:31 : Frogblight Malware Targets Android Users With Fake Court and Aid Apps
• 16:31 : AI Safety Prompts Abused to Trigger Remote Code Execution
• 16:31 : CISA warns of continued threat activity linked to Brickstorm malware
• 16:2 : 125,000 WatchGuard Firewalls Vulnerable to Remote Attacks
• 16:2 : Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.
• 16:2 : Quantum Readiness Begins Now
• 16:2 : SideWinder APT Hackers Attacking Indian Entities by Masquerading as the Income Tax Department of India
• 16:2 : Nissan Confirms Data Breach Following Unauthorized Access to Red Hat Servers
• 16:2 : Microsoft Brokering File System Vulnerability Let Attackers Escalate Privileges
• 16:2 : PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel’s POSIX CPU Timers Implementation
• 16:2 : Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator
• 15:32 : Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats
• 15:32 : Hackers Hit French Police Systems
• 15:32 : Ombudsman Office Cyber Data Theft
• 15:32 : North Korea Crypto Theft And Fake IT
• 15:32 : Denmark Blames Russia For Attack
• 15:32 : Cyber Briefing: 2025.12.22
• 15:2 : Defect Report in Software Testing: Best Practices for QA and Developers
• 15:2 : ATM Hackers Using ‘Ploutus’ Malware Charged in US
• 14:32 : Phishing Campaign Leverages Trusted Google Cloud Automation Capabilities to Evade Detection
• 14:32 : Price Drop: This Complete Ethical Hacking Bundle is Now $33
• 14:32 : Arcane Werewolf Hacker Group Added Loki 2.1 Malware Toolkit to their Arsenal
• 14:32 : Docker Open Sources Production-Ready Hardened Images for Free
• 14:32 : Sleeping Bouncer Vulnerability Impacts Motherboards from Gigabyte, MSI, ASRock and ASUS
• 14:32 : Best of 2025: Scattered Spider Targets Aflac, Other Insurance Companies
• 14:32 : Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access
• 14:5 : IT Security News Hourly Summary 2025-12-22 15h : 11 posts
• 14:2 : Pornhub tells users to expect sextortion emails after data exposure
• 14:2 : 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware
• 14:2 : Zero Trust AI Security: The Comprehensive Guide to Next-Generation Cybersecurity in 2026
• 14:2 : Threat Detection Software: The Complete Guide to Protecting Your Digital Assets in 2026
• 13:32 : PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel POSIX CPU Timers
• 13:32 : Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
• 13:32 : SideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax Department
• 13:31 : Blind Eagle Hackers Target Government Agencies Using PowerShell Scripts
• 13:31 : Nissan Discloses Data Breach Linked to Compromised Red Hat Infrastructure
• 13:31 : Credit Monitoring Provider Discloses Breach Impacting 5.6 Million Users
• 13:31 : VPN Surge: Americans Bypass Age Verification Laws
• 13:2 : Hackers Abuse Popular Monitoring Tool Nezha as a Stealth Trojan
• 13:2 : Infy Returns: Iran-linked hacking group shows renewed activity
• 13:2 : New Wonderland Android Malware with Bidirectional SMS-Stealing Capabilities Stealing OTPs
• 13:2 : MacSync macOS Malware Distributed via Signed Swift Application
• 12:32 : How an LMS Cloud Model Supports Scalable Learning
• 12:32 : Lies-in-the-Loop Attack Turns AI Safety Dialogs into Remote Code Execution Attack
• 12:32 : Hackers Exploiting .onmicrosoft.com Domains to Launch TOAD Scam Attack
• 12:32 : Around 1,000 systems compromised in ransomware attack on Romanian water agency
• 12:31 : Gambit Cyber Raises $3.4 Million in Seed Funding
• 12:31 : How to Browse the Web More Sustainably With a Green Browser
• 12:31 : ⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
• 12:3 : Insider Threat: Hackers Paying Company Insiders to Bypass Security
• 11:31 : WatchGuard Firebox firewalls under attack (CVE-2025-14733)
• 11:31 : UK: NHS Supplier Confirms Cyber-Attack, Operations Unaffected
• 11:5 : IT Security News Hourly Summary 2025-12-22 12h : 10 posts
• 11:3 : Now Admins Can Block External Users in Microsoft Teams From Defender Portal
• 11:3 : 125,000 IPs WatchGuard Firebox Devices Exposed to Internet Vulnerable to 0-day RCE Attacks
• 11:2 : Hackers Using Phishing Tools to Access M365 Accounts via OAuth Device Code
• 11:2 : Multiple Exim Server Vulnerabilities Let Attackers Seize Control of the Server
• 11:2 : Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US
• 11:2 : 9 MFA Mistakes in Manufacturing IT and Fixes
• 11:2 : 15 Best Passwordless Authentication Solutions in 2026
• 11:2 : 10 Best Multi-Factor Authentication Solutions in 2026
• 11:2 : DIG AI: Uncensored darknet AI assistant at the service of criminals and terrorists
• 10:31 : Nefilim Ransomware Affiliate Pleads Guilty
• 10:2 : Advent Of Configuration Extraction – Part 4: Turning capa Into A Configuration Extractor For TinyShell variant
• 10:2 : University of Sydney discloses a data breach impacting 27,000 people
• 10:2 : WatchGuard Patches Firebox Zero-Day Exploited in the Wild
• 10:2 : 574 arrests, $3 million recovered in Africa-wide cybercrime crackdown
• 10:2 : Docker makes hardened images free open and transparent for everyone
• 9:32 : UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports
• 9:31 : Why Networking Is Your Secret Weapon in Cybersecurity Job Hunting
• 9:31 : Scripted Sparrow Sends Millions of BEC Emails Each Month
• 9:2 : Data Authorities Probe Trade Union Breach
• 9:2 : Threat Actors are Hiring Insiders in Banks, Telecoms, and Tech from $3,000 to $15,000 for Access or Data
• 8:32 : ByteDance AI Models Show Tenfold Growth This Year
• 8:32 : A week in security (December 15 – December 21)
• 8:32 : President’s cyber bill, Iranian APT resurfaces, Kimwold DDoS attack
• 8:5 : IT Security News Hourly Summary 2025-12-22 09h : 3 posts
• 8:2 : Major Japan Cable Maker Unable To Keep Up With AI Demand
• 7:32 : U.S. DOJ Charged 54 in Connection With ATM Hacking Attack by Deploying Ploutus Malware
• 7:32 : DIG AI – Darknet AI Tool Enabling Threat Actors to Launch Sophisticated Attacks
• 7:3 : Browser agents don’t always respect your privacy choices
• 7:3 : Building cyber talent through competition, residency, and real-world immersion
• 6:31 : Anubis: Open-source web AI firewall to protect from scraper bots
• 6:31 : Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
• 6:2 : 2025-12-11: SmartApeSG ClickFix activity using finger command
• 6:2 : 2025-12-17: Mirai activity (Linux traffic)
• 6:2 : 2025-12-22: StealC from files impersonating cracked versions of popular software
• 6:2 : Session tokens give attackers a shortcut around MFA
• 6:2 : Arrests In 0365 Scheme: Cybersecurity Today With David Shipley
• 5:5 : IT Security News Hourly Summary 2025-12-22 06h : 2 posts
• 5:2 : NIST issues guidance on securing smart speakers
• 4:31 : There’s so much stolen data in the world, South Korea will require face scans to buy a SIM
• 2:5 : IT Security News Hourly Summary 2025-12-22 03h : 2 posts
• 2:2 : ISC Stormcast For Monday, December 22nd, 2025 https://isc.sans.edu/podcastdetail/9748, (Mon, Dec 22nd)
• 2:2 : Waymo suspends service after power outage hit San Francisco
• 1:2 : Handwritten Passwords for Touchscreen Devices
• 1:2 : Authentication Platform Comparison: Best Authentication Systems & Tools for Your Business
• 0:31 : Through gritted teeth, Apple and Google allow alternative app stores in Japan
• 23:5 : IT Security News Hourly Summary 2025-12-22 00h : 7 posts
• 23:2 : Google sends Dark Web Report to its dead services graveyard
• 22:58 : IT Security News Weekly Summary 51
• 22:55 : IT Security News Daily Summary 2025-12-21