IT Security News Weekly Summary 27

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-07-06
• 20:36 : Stalkerware firm gets scooped by SQL-slinging security snoop
• 20:5 : IT Security News Hourly Summary 2025-07-06 21h : 2 posts
• 18:36 : FBI Raises Alarm as Scattered Spider Threat Group Expands Target Sectors
• 18:36 : Cybercriminals Target AI Enthusiasts with Fake Websites to Spread Malware
• 17:12 : Deepfakes Explained: How They Operate and How to Safeguard Yourself
• 17:12 : Microsoft Defender for Office 365 Will Now Block Email Bombing Attacks
• 17:5 : IT Security News Hourly Summary 2025-07-06 18h : 1 posts
• 15:36 : A few interesting and notable ssh/telnet usernames, (Sun, Jul 6th)
• 15:2 : Scattered Spider Hackers Target Airline Industry Amid FBI and Cybersecurity Warnings
• 14:32 : 7 useful things the Flipper Zero can do that still blows my mind – one year later
• 14:31 : Hunters International ransomware gang shuts down and offers free decryption keys to all victims
• 14:5 : IT Security News Hourly Summary 2025-07-06 15h : 2 posts
• 13:37 : Ingram Micro confirms ransomware behind multi-day outage
• 12:33 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52
• 12:32 : Recognizing the Messages That Signal a Security Breach
• 8:34 : Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome
• 5:36 : Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION
• 23:5 : IT Security News Hourly Summary 2025-07-06 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-07-05
• 22:31 : Task scams: Why you should never pay to get paid
• 22:31 : How to get into cybersecurity | Unlocked 403 cybersecurity podcast (S2E3)
• 20:5 : IT Security News Hourly Summary 2025-07-05 21h : 1 posts
• 18:31 : FBI Warns Airlines and Insurers as Scattered Spider Ransomware Attacks Surge
• 17:34 : North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates
• 17:5 : IT Security News Hourly Summary 2025-07-05 18h : 3 posts
• 17:2 : ByBit Crypto Heist: First Half of 2025 Records All-time High Crypto Theft
• 17:2 : FBI Warns of Scattered Spider Cyberattacks on Airline and Transport Sectors
• 16:4 : Chinese Attackers Target France Infrastructure in Ivanti Zero-Day Exploit Campaign
• 15:34 : Denmark Empowers Public Against Deepfake Threats
• 15:34 : North Korea-Linked Hackers Behind $2.1 Billion in Crypto Theft in Early 2025
• 14:32 : “CitrixBleed 2” Vulnerability PoC Released – Warns of Potential Widespread Exploitation
• 14:5 : IT Security News Hourly Summary 2025-07-05 15h : 1 posts
• 13:39 : New Phishing Attack Impersonates as DWP Attacking Users to Steal Credit Card Data
• 13:39 : Writable File in Lenovo’s Windows Directory Enables a Stealthy AppLocker Bypass
• 13:39 : Instagram Started Using 1-Week Validity TLS Certificates and Changes Them Daily
• 13:39 : Threat Actors Turning Job Offers Into Traps, Over $264 Million Lost in 2024 Alone
• 13:39 : Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
• 13:2 : Massive spike in use of .es domains for phishing abuse
• 11:6 : How Digital Executive Protection Shields Top Leaders from Modern Threats
• 11:6 : Android May Soon Warn You About Fake Cell Towers
• 11:6 : Scattered Spider Upgraded Their Tactics to Abuse Legitimate Tools to Evade Detection and Maintain Persistence
• 11:5 : IT Security News Hourly Summary 2025-07-05 12h : 2 posts
• 9:34 : Researchers Uncover New Technique to Exploit Azure Arc for Hybrid Escalation in Enterprise Environment and Maintain Persistence
• 9:34 : Hackers Exploit Legitimate Inno Setup Installer to Use as a Malware Delivery Vehicle
• 8:5 : IT Security News Hourly Summary 2025-07-05 09h : 2 posts
• 7:34 : Hackers Exploiting Java Debug Wire Protocol Servers in Wild to Deploy Cryptomining Payload
• 6:35 : Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS
• 6:34 : Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
• 5:4 : UK Man Accused in Major International Hacking Case, Faces US Charges
• 4:34 : Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition
• 23:5 : IT Security News Hourly Summary 2025-07-05 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-07-04
• 21:36 : Friday Squid Blogging: How Squid Skin Distorts Light
• 20:34 : Critical Sudo bugs expose major Linux distros to local Root exploits
• 20:34 : Ransomware Attacks Spike Despite Gang Closure
• 17:7 : Personal AI Agents Could Become Digital Advocates in an AI-Dominated World
• 17:7 : 2.2 Million People Impacted by Ahold Delhaize Data Breach
• 17:7 : Cybercrime Gang Hunters International Shuts Down, Returns Stolen Data as Goodwill
• 17:7 : Cloudflare Thwarts Record-Breaking DDoS Attack as Global Threat Escalates
• 16:41 : Yet More Stalkerware Leaks Secret Data: ‘Catwatchful’ is Latest Nasty App
• 16:40 : The 47-Day SSL Certificate Era: What It Means for Site Owners and IT Teams
• 15:2 : AI and Cybersecurity: A Deep Dive into Enterprise Applications and Digital Sovereignty with Krish Banerjee
• 14:5 : IT Security News Hourly Summary 2025-07-04 15h : 3 posts
• 14:2 : Disrupting the Ransomware Attack Chain with Hybrid Mesh Security (Part 1)
• 13:32 : Google fined $314M for misusing idle Android users’ data
• 13:31 : NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors
• 13:4 : Malicious SEO Plugins on WordPress Can Lead to Site Takeover
• 12:32 : Instagram Now Rotating TLS Certificates Daily with 1-Week Validity
• 12:31 : Apache APISIX Vulnerability Enables Cross-Issuer Access Under Misconfigurations
• 12:5 : SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are
• 12:4 : Ransomware: Hunters International Is Not Shutting Down, It’s Rebranding
• 11:34 : Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence
• 11:34 : Multiple PHP Vulnerabilities Allow SQL Injection & DoS Attacks – Update Now
• 11:34 : Critical HIKVISION applyCT Vulnerability Exposes Devices to Code Execution Attacks
• 11:34 : Validation is an Increasingly Critical Element of Cloud Security
• 11:5 : IT Security News Hourly Summary 2025-07-04 12h : 7 posts
• 11:2 : Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware
• 11:2 : Next.js Vulnerability Allows Attackers to Trigger DoS via Cache Poisoning
• 11:2 : In Other News: Hacker Helps Kill Informants, Crylock Developer Sentenced, Ransomware Negotiator Probed
• 10:32 : Cisco Issues Emergency Fix for Critical Root Credential Flaw in Unified CM
• 10:32 : Critical HIKVISION applyCT Flaw Allows Remote Code Execution
• 10:32 : Researchers Discover New Method to Identify Azure Arc in Enterprise Environments and Maintain Persistence
• 10:32 : Writable File in Lenovo Path Lets Attackers Evade AppLocker Restrictions
• 10:31 : Mastering Real-Time Cloud Data Governance Amid Evolving Threats and Regulations
• 10:31 : WhatsApp Under Fire for AI Update Disrupting Group Communication
• 10:31 : Taiwan Flags Chinese Apps Over Data Security Violations
• 10:5 : Hunters International Ransomware Gang Rebrands as World Leaks
• 10:5 : Hackers Exploit Java Debug Wire Protocol Servers to Deploy Cryptomining Payloads
• 10:5 : Hackers use Fake Cloudflare Verification Screen to Trick Users into Executing Malware
• 10:5 : New “123 | Stealer” Advertised on Underground Hacking Forums for $120 Per Month
• 10:5 : Microsoft Investigating Forms Service Issue Not Accessible for Users
• 10:5 : New Sophisticated Attack ypasses Content Security Policy Using HTML-Injection Technique
• 10:5 : Massive Android Ad Fraud ‘IconAds’ Leverages Google Play to Attack Phone Users
• 10:4 : The Role Culture and Trust Play in Countering Deepfakes
• 10:4 : Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
• 10:4 : Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It
• 9:32 : Massive Android Ad Fraud ‘IconAds’ Uses Google Play to Target and Exploit Users
• 9:8 : Cybercriminals Use Fake Cloudflare Verification Screens to Deceive Users into Running Malware
• 9:8 : EU Launches Plan to Implement Quantum-Secure Infrastructure
• 8:35 : A flaw in Catwatchful spyware exposed logins of +62,000 users
• 8:35 : Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission
• 8:5 : IT Security News Hourly Summary 2025-07-04 09h : 1 posts
• 7:34 : New “123 | Stealer” Malware Rented on Dark Web for $120/Month
• 7:34 : Researchers Defeat Content Security Policy Protections via HTML Injection
• 7:34 : Catwatchful Android Spyware Leaks Credentials of 62,000+ Users
• 7:34 : Multiple PHP Vulnerabilities Enables SQLi and DoS Attacks – Update Now
• 7:34 : Undetectable Android spyware is detectable, Hunters ransomware quits, Salt Typhoon dormant
• 7:4 : NTLM relay attacks are back from the dead
• 6:4 : New hires, new targets: Why attackers love your onboarding process
• 5:37 : A Simple Guide to Launching GenAI Successfully
• 5:36 : Exposed and unaware? Smart buildings need smarter risk controls
• 5:36 : Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
• 5:7 : Azure API Vulnerabilities Leak VPN Keys and Built-In Roles Allow Over-Privileged Access
• 5:7 : New Hpingbot Abusing Pastebin for Payload Delivery and Hping3 Tool to Launch DDoS Attacks
• 4:37 : AI Dilemma: Emerging Tech as Cyber Risk Escalates
• 4:37 : New infosec products of the week: July 4, 2025
• 4:36 : Internet outages are costing companies millions every month
• 3:3 : How government cyber cuts will affect you and your business
• 3:3 : Bridging the Security Knowledge Gap: Introducing AI ExplAIn for Imperva Cloud WAF
• 1:36 : Psychological Contract Breach and the Power of Security Culture – Research Insights
• 23:36 : Why Diverse Cloud Environments Require Flexible Security
• 23:36 : Catwatchful – 61,641 breached accounts
• 23:5 : IT Security News Hourly Summary 2025-07-04 00h : 5 posts
• 22:55 : IT Security News Daily Summary 2025-07-03
• 21:7 : Protecting Your Business Communications: The Critical Role of Secure Email Gateways
• 21:7 : The Person in Charge of Testing Tech for US Spies Has Resigned
• 21:6 : Security Pros Say Hunters International RaaS Operators are ‘Changing Jerseys’
• 21:6 : WordPress Plugin Flaw Exposes 600,000 Sites to File Deletion
• 20:5 : IT Security News Hourly Summary 2025-07-03 21h : 9 posts
• 19:34 : Self-Supervised Learning Techniques
• 19:34 : RegRipper
• 19:34 : China-linked group Houken hit French organizations using zero-days
• 19:4 : How to Check If Your Phone Is Tapped: 11 Signs + Best Practices
• 18:32 : Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say That’s Unconstitutional
• 18:32 : Apache Tomcat and Camel Vulnerabilities Actively Exploited in The Wild
• 18:32 : Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability
• 18:31 : Threat Actors Widely Abuse .COM TLD to Host Credential Phishing Website
• 18:7 : A message from Bruce the mechanical shark
• 18:7 : New Fake Marketplace From China Mimics Top Retail Brands for Fraud
• 18:7 : The OWASP Top 10 for LLM Applications: An Overview of AI Security Risks
• 18:6 : There’s still time to share your story
• 17:37 : Beware of Fake Chinese E-Commerce Sites Imitating Apple, Wrangler, and Exploiting Payment Services like MasterCard and PayPal
• 17:37 : Dust hits $6M ARR helping enterprises build AI agents that actually do stuff instead of just talking
• 17:36 : AI-Generated Phishing Sites Mimic Okta, Microsoft 365 in New Threat Campaign
• 17:36 : Big Tech’s Mixed Response to U.S. Treasury Sanctions
• 17:36 : CBP Wants New Tech to Search for Hidden Data on Seized Phones
• 17:36 : Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach
• 17:36 : California Residents Are Protesting Against Waymo Self-Driving Cars
• 17:36 : Dire Wolf Gang Hits Tech and Manufacturing Sectors, Targets 11 Countries
• 17:36 : North Korean Hackers Target Fintech and Gaming Firms with Fake Zoom Apps
• 17:35 : Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
• 17:5 : IT Security News Hourly Summary 2025-07-03 18h : 6 posts
• 17:4 : New Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS Attacks
• 17:4 : Mitsubishi Electric MELSEC iQ-F Series
• 16:11 : Azure API Vulnerabilities Expose VPN Keys and Grant Over-Privileged Access via Built-In Roles
• 16:11 : Microsoft Windows Firewall complains about Microsoft code
• 16:11 : Google open-sources privacy tech for age verification
• 15:36 : Apache Tomcat and Camel Vulnerabilities Actively Targeted in Cyberattacks
• 15:35 : Citrix Alerts on Authentication Failures After NetScaler Update to Resolve Auth Vulnerability
• 15:35 : Threat Actors Exploit .COM TLD to Host Widespread Credential Phishing Sites
• 15:35 : Amazon Prime Day 2025: Deals Await, But So Do the Cyber Criminals
• 15:35 : CVE-2025-29306 – Unauthenticated Remote Code Execution in FoxCMS v1.2.5 via Unserialize Injection
• 15:35 : Surmodics Hit by Cyberattack, Shuts Down IT Systems Amid Ongoing Investigation
• 15:4 : Ransomware gang Hunters International says it’s shutting down
• 15:3 : Scientists just simulated the “impossible” — fault-tolerant quantum code cracked at last
• 15:3 : AI Tools Like GPT Direct Users to Phishing Sites Instead of Legitimate Ones
• 15:3 : 13-Year-Old Dylan – Youngest Security Researcher Collaborates with Microsoft Security Response Center
• 15:3 : Android Spyware Catwatchful Exposes Credentials of Over 62,000+ Customer Accounts
• 15:3 : Urgent Update: Microsoft Edge Fixes Actively Exploited Chromium Vulnerability
• 15:3 : Microsoft Confirms Error Entry in Windows Firewall With Advanced Security
• 15:3 : Young Consulting finds even more folks affected in breach mess – now over 1 million
• 15:3 : Fake Firefox Extensions Mimic Crypto Wallets to Steal Seed Phrases
• 15:2 : Privilege Escalation Flaw Found in Azure Machine Learning Service
• 14:5 : IT Security News Hourly Summary 2025-07-03 15h : 6 posts
• 14:5 : OpenAI Rolls Out Premium Data Connections for ChatGPT Users
• 14:4 : CVE Program Launches Two New Forums to Enhance CVE Utilization
• 13:37 : Real Performance Improvements 2025
• 13:37 : 13-Year-Old Dylan Joins Forces with Microsoft Security Response Center as the Youngest Security Researcher
• 13:37 : Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd
• 13:36 : RondoDox Unveiled: Breaking Down a New Botnet Threat
• 13:6 : Wordfence Intelligence Weekly WordPress Vulnerability Report (June 23, 2025 to June 29, 2025)
• 13:6 : Pro-Russian Hackers Forge New Alliances for High-Profile Cyberattacks
• 13:6 : Microsoft Edge Fixes Actively Exploited Chromium Flaw — Update Immediately
• 13:6 : Let’s Encrypt Expands to Issue SSL/TLS Certificates for IP Addresses
• 13:5 : Microsoft Acknowledges Error Entry in Windows Firewall With Advanced Security
• 13:5 : New ‘BUBBAS GATE’ Malware Advertised on Telegram Boasts SmartScreen and AV/EDR Bypass
• 13:5 : Drug cartel hacked cameras and phones to spy on FBI and identify witnesses
• 13:5 : Catwatchful “child monitoring” app exposes victims’ data
• 13:5 : Meta calls €200M EU fine over pay-or-consent ad model ‘unlawful’
• 13:5 : You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
• 12:33 : Beware of Chinese Fake e-Commerce Websites Mimic Apple, Wrangler Jeans and Abuses Payment Services Like MasterCard and PayPal
• 12:33 : Pro-Russian Hackers Making New Alliances to Launch High-Profile Attacks
• 12:33 : Microsoft Confirms Laying Off 9,000 Employees, Impacting 4% of its Workforce
• 12:33 : Anthropic’s MCP Server Vulnerability Allowed Attackers to Escape Sandbox and Execute Code
• 12:7 : 12-Year-Old Sudo Vulnerability Exposes Linux Systems to Root Privilege Escalation
• 12:7 : Automation and Vulnerability Exploitation Drive Mass Ransomware Breaches
• 11:36 : Silicon AI for Your Business Podcast: The Transformation Code
• 11:36 : Bumble Chief Accuses Staff Of ‘Freaking Out’ Over Job Cuts
• 11:36 : Intel’s Tan ‘May Shift’ Customers To New Process
• 11:36 : Surveillance Used by a Drug Cartel
• 11:36 : Ransomware crew Hunters International shuts down, hands out keys to victims
• 11:36 : Cisco Warns of Hardcoded Credentials in Enterprise Software
• 11:36 : Undetectable Android Spyware Backfires, Leaks 62,000 User Logins
• 11:35 : Analysis Surfaces Increased Usage of LLMs to Craft BEC Attacks
• 11:35 : Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
• 11:35 : Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
• 11:35 : North Korean Hackers Target Crypto Firms with Novel macOS Malware
• 11:9 : N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates
• 11:9 : Anthropic MCP Server Flaw Allows Sandbox Escape and Code Execution