IT Security News Weekly Summary 39

210 posts were published in the last hour

22:55 : IT Security News Daily Summary 2025-09-28
20:5 : IT Security News Hourly Summary 2025-09-28 21h : 2 posts
18:34 : British Department Store Harrods Warns Customers That Some Personal Details Taken in Data Breach
18:34 : The Future of Cybersecurity Lies in Structure
17:5 : IT Security News Hourly Summary 2025-09-28 18h : 1 posts
17:4 : Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue
16:34 : USENIX 2025: PEPR ’25 – Enterprise-Scale Privacy For AI: How Canva Scaled Customer Control Of Data For AI Training
15:34 : Why CEOs Must Go Beyond Backups and Build Strong Data Recovery Plans
15:4 : Prompt Injection and Model Poisoning: The New Plagues of AI Security
15:4 : How a Travel YouTuber Captured Nepal’s Revolution for the World
14:34 : SetupHijack – Installer and Updater Race Condition Proof of Concept for Local Escalation
14:5 : Wiz chief technologist Ami Luttwak on how AI is transforming cyberattacks
14:5 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64
14:5 : Cybersecurity Newsletter Weekly – Chrome 0-Day, 22.2 Tbps DDOS Attack, Kali Linux Release, Cisco IOS 0-Day and More
14:5 : Retail Security Failures Driven by Service Desk Abuse
14:5 : AT&T Wins Legal Challenge While Verizon Faces Privacy Penalties
14:5 : IT Security News Hourly Summary 2025-09-28 15h : 4 posts
13:4 : AsyncRAT Malware Campaign Found Targeting South American Hotels
13:4 : Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION
12:34 : How to Set Up a Crypto Payment Gateway to Accept Ethereum Quickly and Securely
12:34 : Quantum chips just proved they’re ready for the real world
11:5 : IT Security News Hourly Summary 2025-09-28 12h : 1 posts
9:34 : OmniProx: Multi-Cloud IP Rotation Made Simple
8:32 : Week in review: Cisco ASA zero-day vulnerabilities exploited, Fortra GoAnywhere instances at risk
8:5 : IT Security News Hourly Summary 2025-09-28 09h : 3 posts
6:32 : Proactive Compliance: A New Era in Cloud Security
6:32 : Building Scalable Security with Cloud-native NHIs
6:32 : Securing Your Assets: Strategies That Work Every Time
5:2 : Google Project Zero Details ASLR Bypass on Apple Devices Using NSDictionary Serialization
2:2 : 2025-09-24: Lumma Stealer infection with follow-up malware (possible Ghostsocks/Go Backdoor)
23:5 : IT Security News Hourly Summary 2025-09-28 00h : 2 posts
23:2 : USENIX 2025: PEPR ’25 – UsersFirst: A User-Centric Threat Modeling Framework For Privacy Notice And Choice
22:55 : IT Security News Daily Summary 2025-09-27
22:2 : Ohio’s Union County suffers ransomware attack impacting 45,000 people
20:2 : ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection
18:2 : How Six Simple Habits Can Keep Your Computer Safe From Malware
17:43 : IT Security News Hourly Summary 2025-09-27 19h : 2 posts
17:2 : Mysterious “quantum echo” in superconductors could unlock new tech
15:2 : The Looming Authorization Crisis: Why Traditional IAM Fails Agentic AI
15:2 : Vendor Data Breaches and Their Business Impact
15:2 : Bengaluru Software Engineer Loses Rs 44 Lakh in Fake Stock Trading Scam
15:2 : ShadowLeak: Zero-Click ChatGPT Flaw Exposes Gmail Data to Silent Theft
14:32 : An App Used to Dox Charlie Kirk Critics Doxed Its Own Users Instead
13:32 : Embracing the AI Revolution: How to Incorporate Generative AI into Your SOC 2 Compliance Plan
12:32 : Inside the Nuclear Bunkers, Mines, and Mountains Being Retrofitted as Data Centers
12:32 : Researchers Expose Phishing Threats Distributing CountLoader and PureRAT
12:32 : China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
12:2 : Hackers use Weaponized Microsoft Teams Installer to Compromise Systems With Oyster Malware
11:32 : Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign
11:2 : Hackers Use Fake Invoices to Spread XWorm RAT via Office Files
11:2 : New Botnet Loader-as-a-Service Exploiting Routers and IoT Devices to Deploy Mirai Payloads
11:2 : Malware Operators Collaborate With Covert North Korean IT Workers to Attack Corporate Organizations
11:2 : Apache Airflow Vulnerability Exposes Sensitive Details to Read-Only Users
10:2 : Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins
9:32 : Complete Guide to Understanding Risk-Based Authentication
9:2 : LummaStealer Technical Details Uncovered Using ML-Based Detection Approach
9:2 : Researchers Uncovered Connections Between LAPSUS$, Scattered Spider, and ShinyHunters Hacker Groups
9:2 : Alibaba unveils $53B global AI plan – but it will need GPUs to back it up
7:32 : 17-year-old Hacker Responsible for Vegas Casinos Hack has Been Released
6:2 : The Complex Landscape of AI and Cybersecurity
5:2 : Are Your Secrets Management Practices Up to Par?
5:2 : Staying Ahead of Cyber Threats with Proactive NHIs
4:2 : Researcher Finds Entra ID Weakness That Could Have Granted Global Admin Access
0:32 : USENIX 2025: Using Privacy Infrastructure To Kickstart AI Governance: NIST AI Risk Management Case Studies
23:32 : Week in Review: Jaguar Land Rover attack, indirect prompt injections, card farms in NYC
22:32 : New tool: convert-ts-bash-history.py, (Fri, Sep 26th)
21:32 : Friday Squid Blogging: Jigging for Squid
21:32 : Cyber threat-sharing law set to shut down, along with US government
21:2 : Threat Insights: Active Exploitation of Cisco ASA Zero Days
20:32 : CISA Orders Urgent Patching of Cisco Firewall Zero-Day Vulnerabilities
20:32 : Follow the Money Blueprint For MSP Success (With Dave Sobel)
20:2 : Executive Order Brings US TikTok $14B Deal One Step Closer to Finalizing
20:2 : What to know about 5G security threats in the enterprise
20:2 : Heritage Foundation Uses Bogus Stat to Push a Trans Terrorism Classification
20:2 : Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks
19:33 : Federated Learning: Training Models Without Sharing Raw Data
19:3 : Securing the Journey: Cybersecurity Challenges in the Tourism Industry
19:3 : China is Fueling Surveillance Technology Adoption in Latin America—Who is in Charge of Data Privacy?
18:33 : LLM-Based LAMEHUG Malware Dynamically Generate Commands for Reconnaissance and Data Theft
18:2 : Top 10 Best AI Penetration Testing Companies in 2025
18:2 : News brief: AI cybersecurity worries mount
17:32 : Bridging the Gap Between Security Teams and Tools
17:32 : Why Identity and Access Still Represent the Weakest Link
17:32 : Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam
17:3 : Digital doppelgängers: How sophisticated impersonation scams target content creators and audiences
17:3 : Hackers threaten parents: Get nursery to pay ransom or we leak your child’s data
17:2 : Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
17:2 : This Time, I Had Something Special to Offer
17:2 : Why SecOps Needs Simplicity in an Era of Expanding Attack Surfaces
17:2 : Smart Home Devices Raise Questions on Data Privacy
17:2 : Building Trust Through Secure Financial Dealings
16:32 : JLR Says Some Systems Back Online After Breach
16:32 : Google Ads Used to Spread Trojan Disguised as TradingView Premium
16:32 : TruSources to show off its on-device identity-checking tech at TechCrunch Disrupt 2025
16:32 : How to develop an AWS Security Hub POC
16:32 : RTX confirms hack of passenger boarding software involved ransomware
16:2 : CNAPP is the Solution to Multi-cloud Flexibility
16:2 : Apple’s Feedback to EU Commission: Repeal Digital Markets Act
16:2 : Thousands of Indian bank transfer records found spilling online after security lapse
15:32 : Basic Security Setup for Startups
15:32 : Keeper Security Integration with Google SecOps Expands Visibility into Privileged Access
15:32 : Salesforce facing multiple lawsuits after Salesloft breach
15:32 : Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects
15:32 : In Other News: LockBit 5.0, Department of War Cybersecurity Framework, OnePlus Vulnerability
15:32 : Chinese Cyberspies Hit US Defense Firms
15:32 : Indian Bank Transfer Records Exposed
15:32 : Hidden WordPress Backdoors Create Admins
15:32 : Google Warns of BRICKSTORM Malware
15:32 : Fake PyPI Login Site Steals Credentials
15:32 : Jaguar Land Rover begins phased restoration of services following cyberattack
15:3 : From Defense to Offense: Why Ambitious CISOs Are Becoming Founders
15:3 : Phishing Campaign Targets PyPI Maintainers with Fake Login Site
15:3 : Hackers exploit Fortra GoAnywhere flaw before public alert
15:3 : GitLab High-Severity Vulnerabilities Let Attackers Crash Instances
15:3 : Postal Thief Arrested in Oregon
15:3 : ‘An attacker’s playground:’ Crims exploit GoAnywhere perfect-10 bug
15:2 : Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)
14:32 : LockBit’s new variant is ‘most dangerous yet,’ hitting Windows, Linux and VMware ESXi
14:32 : Vietnamese Hackers Exploit Fake Copyright Notices to Spread ‘Lone None’ Stealer
14:32 : Interpol Says 260 Suspects in Online Romance Scams Have Been Arrested in Africa
14:2 : Vietnamese Hackers Exploit Fake Copyright Notices to Spread “Lone None” Stealer
14:2 : Google and Flo to pay $56 million after misusing users’ health data
14:2 : OpenAI Patches ChatGPT Gmail Flaw Exploited by Hackers in Deep Research Attacks
13:32 : Malicious MCP Server Discovered Stealing Sensitive Emails Using AI Agents
13:32 : How to Defend Against Credential Attacks with a Hybrid Mesh Architecture
13:32 : SVG Phishing hits Ukraine with Amatera Stealer, PureMiner
13:32 : First-Ever Malicious MCP Server Found in the Wild Steals Emails via AI Agents
13:32 : New Variant of The XCSSET Malware Attacking macOS App Developers
13:32 : Fortra GoAnywhere Vulnerability Exploited as 0-Day Before Patch
13:32 : New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
13:32 : Singapore Threatens Meta With Fines Over Facebook Impersonation Scams
13:3 : Customer Authentication Challenges That Impact Your Organization’s Security Posture
13:2 : Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data
13:2 : Neon App pays users to record their phone calls, sells data for AI training
13:2 : Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales
13:2 : Teens Arrested Over Scattered Spider’s $115M Hacking Spree
12:32 : Volvo North America confirms staff data stolen following ransomware attack on IT supplier
12:32 : North Korea’s Fake Recruiters Feed Stolen Data to IT Workers
12:32 : Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in Gaza
12:32 : Salesforce Faces Lawsuits Over Compromises of Third-Party Apps: Report
12:32 : Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions
12:3 : Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
12:3 : UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
12:3 : Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise
12:3 : Chinese State-Sponsored Hackers Attacking Telecommunications Infrastructure to Harvest Sensitive Data
12:3 : CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild
11:33 : Digital Threat Modeling Under Authoritarianism
11:33 : No Patches for Vulnerabilities Allowing Cognex Industrial Camera Hacking
11:33 : Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
11:3 : Archer Health Data Leak Exposes 23GB of Medical Records
11:3 : New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms
11:3 : ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls
10:32 : New Malicious Rust Crates Impersonating fast_log to Steal Solana and Ethereum Wallet Keys
10:32 : Hackers Breach Active Directory to Exfiltrate NTDS.dit Leads to Full Domain and Credential Compromise
10:32 : UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
10:32 : New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions
10:3 : Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner
10:3 : Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters
10:3 : Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’
10:3 : UK to roll out mandatory digital ID for right to work by 2029
10:2 : New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module
10:2 : Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure
10:2 : Interpol Cracks Down on Large-Scale African Scamming Networks
9:32 : Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise
9:32 : JLR Begins Phased Restart of Operations After Cyber-Attack
9:3 : Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild
9:3 : Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
9:3 : Critical Cisco Vulnerability Let Remote Attackers Execute Arbitrary Code on Firewalls and Routers
9:3 : Brits warned as illegal robo-callers with offshored call centers fined half a million
9:2 : Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day
8:32 : Hackers Exploit Cisco ASA 0-Day to Deploy RayInitiator and LINE VIPER Malware
8:32 : The quantum internet just went live on Verizon’s network
8:32 : The New Perimeter is Your Supply Chain
8:32 : New LockBit Ransomware Variant Emerges as Most Dangerous Yet
8:3 : JLR Says Some Systems Back Online After Attack
8:3 : LAMEHUG: An LLM-Driven Malware for Dynamic Reconnaissance and Data Exfiltration
8:3 : Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
8:3 : Cisco ASA 0-Day RCE Vulnerability Actively Exploited in the Wild
8:3 : Hackers Exploiting Cisco ASA Zero-Day to Deploy RayInitiator and LINE VIPER Malware
8:3 : 8×8 Omni Shield blocks SMS fraud threats
8:3 : Trackforce upgrades TrackTik with AI-powered incident reporting capabilities
7:33 : Why Logging Out of Facebook Could Save You From Scams and Stop Meta’s Relentless Tracking
7:33 : Amazon Pays $2.5bn To Settle Allegations Of Prime ‘Duping’
7:32 : Critical Cisco Flaw Lets Remote Attackers Execute Code on Firewalls and Routers
7:32 : Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks
7:32 : 10 Common Network Vulnerabilities That Could Put Your Business At Risk
7:32 : Windows 10 extension, teenage Vegas hacker released, Boyd Gaming hacked
7:3 : OpenAI, Oracle, SoftBank To Invest $400bn In Five AI Data Centres
7:2 : Canada Finds TikTok Child Protections Inadequate
7:2 : Cyber-Attack Costs Co-op £206m In Lost Revenues
7:2 : New XCSSET Malware Variant Targets macOS App Developers
7:2 : AI Shadow Leak Avoids Detection
6:34 : Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses
6:34 : RedNovember Hackers Attacking Government and Technology Organizations to Deploy Backdoor
6:34 : How to Enable MFA Before RDP and SSH Sessions
6:34 : Inside the economy built on stolen credentials
6:3 : Ransomware groups are multiplying, raising the stakes for defenders
6:3 : Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
5:32 : LockBit 5.0 Ransomware Targets Windows, Linux, and VMware ESXi Systems
5:32 : Salesforce AI Agent Vulnerability Lets Attackers Steal Sensitive Data
5:32 : Delinea releases free open-source MCP server to secure AI agents
5:2 : New Phishing Attack Targeting PyPI Maintainers to Steal Login Credentials
5:2 : How agentic AI is changing the SOC
4:32 : ISC Stormcast For Friday, September 26th, 2025 https://isc.sans.edu/podcastdetail/9630, (Fri, Sep 26th)
4:32 : Hackers Exploiting WordPress Websites With Silent Malware to Gain Admin Access
4:32 : Threat Actors Using Copyright Takedown Claims to Deploy Malware
4:32 : Infosec products of the month: September 2025
4:2 : CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities
3:3 : Thousands of Indian bank transfer records found online
22:2 : How to Manage Shadow AI Risk Without Killing Innovation

Share this:

Related

Post navigation