IT Security News Weekly Summary 48

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-11-30
• 22:31 : Over 2,000 Fake Shopping Sites Spotted Before Cyber Monday
• 17:8 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 73
• 16:3 : Security Affairs newsletter Round 552 by Pierluigi Paganini – INTERNATIONAL EDITION
• 14:31 : WhatsApp Enumeration Flaw Exposes Data of 3.5 Billion Users in Massive Scraping Incident
• 11:32 : UK Loses £11 Billion to Scams and NordVPN Responds with Call Protection
• 11:32 : Salesforce Probes Gainsight Breach Exposing Customer Data
• 10:4 : CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
• 9:32 : Scientists just teleported information using light
• 9:2 : Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach
• 8:5 : IT Security News Hourly Summary 2025-11-30 09h : 1 posts
• 7:31 : Massive Data Breach Hits Italy’s FS Italiane After Cyberattack on IT Provider Almaviva
• 2:5 : IT Security News Hourly Summary 2025-11-30 03h : 1 posts
• 2:4 : Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware
• 23:5 : IT Security News Hourly Summary 2025-11-30 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-11-29
• 21:4 : Intel in LNK Files
• 18:4 : Growing Concern as Authorities Assess Cyber Incident at Real Estate Finance Firm
• 17:5 : IT Security News Hourly Summary 2025-11-29 18h : 1 posts
• 16:31 : Big Tech’s New Rule: AI Age Checks Are Rolling Out Everywhere
• 16:2 : Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover
• 16:2 : Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks
• 16:2 : Tomiris Hacker Group Unveils New Tools and Techniques for Global Attacks
• 15:31 : This month in security with Tony Anscombe – November 2025 edition
• 14:31 : HashJack Attack Uses URL ‘#’ to Control AI Browser Behavior
• 14:31 : Google’s High-Stakes AI Strategy: Chips, Investment, and Concerns of a Tech Bubble
• 14:31 : Australia Bans Under-16s from Social Media Starting December
• 14:5 : IT Security News Hourly Summary 2025-11-29 15h : 1 posts
• 14:2 : CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks
• 12:31 : The WIRED Guide to Digital Opsec for Teens
• 5:5 : IT Security News Hourly Summary 2025-11-29 06h : 3 posts
• 5:2 : Virtual Machines on Nutanix AHV now in Akira’s Crosshairs; Enterprises must Close Gaps
• 4:32 : Beware of Weaponized Google Meet Page uses ClickFix Technique to Deliver Malicious Payload
• 4:31 : New Albiriox Malware Attacking Android Users to Take Complete Control of their Device
• 3:2 : Beware of Weaponized Google Meet page that uses ClickFix to Deliver Malicious Payload
• 23:5 : IT Security News Hourly Summary 2025-11-29 00h : 2 posts
• 23:2 : Attackers stole member data from French Soccer Federation
• 22:55 : IT Security News Daily Summary 2025-11-28
• 21:2 : Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach
• 19:2 : CISA Adds One Known Exploited Vulnerability to Catalog
• 19:2 : Cybersecurity Coalition to Government: Shutdown is Over, Get to Work
• 18:2 : Do Modern iGaming Platforms Offer Better Cyber Protections Than Traditional Apps?
• 17:32 : French Football Federation Reports Data Breach – Hackers Access Club Software Admin Controls
• 17:5 : IT Security News Hourly Summary 2025-11-28 18h : 4 posts
• 17:2 : What parents should know to protect their children from doxxing
• 17:2 : North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
• 17:2 : Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
• 16:31 : PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle
• 16:3 : New GreyNoise IP Checker Helps Users Identify Botnet Activity
• 16:3 : ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool
• 16:3 : Gainsight Verifies Token Breach Linked to Salesforce Advisory, Issues New IOCs
• 16:3 : Poland Arrests Suspected Russian Hacker Targeting Local Organizations’ Networks
• 16:3 : Cybercriminals Register 18,000 Holiday-Themed Domains to Launch Seasonal Scams
• 16:3 : Black Friday Deal 2025: Reviewing The Ultimate SOC Analyst Bundle
• 16:3 : GrapheneOS bails on OVHcloud over France’s privacy stance
• 16:3 : Brit telco Brsk confirms breach as bidding begins for 230K+ customer records
• 16:3 : Aisuru Botnet Launches 15.72 Tbps DDoS Attack on Microsoft Azure Network
• 16:3 : Meta Cleared of Monopoly Charges in FTC Antitrust Case
• 15:32 : Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
• 15:3 : Prompt Injection Through Poetry
• 15:3 : French Soccer Federation Hit by Cyberattack, Member Data Stolen
• 15:3 : Bloody Wolf Widens Java RAT Campaign
• 15:3 : Qilin Ransomware Hits Korean MSP
• 15:2 : Asahi Breach Hits Two Million Users
• 15:2 : Mazda Reports No Impact From Oracle Hack
• 15:2 : Russia Arrests Young Cybersecurity Leader
• 14:5 : IT Security News Hourly Summary 2025-11-28 15h : 4 posts
• 14:2 : TryHackMe races to add women to Christmas cyber challenge roster after backlash
• 14:2 : Three Black Friday Scams to Watch Out For This Year
• 13:33 : Five Nonprofit & Charity APIs That Make Due Diligence Way Less Painful for Developers
• 13:33 : Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’
• 13:2 : How CVSS v4.0 works: characterizing and scoring vulnerabilities
• 12:32 : Running Istio in Production: Five Hard-Won Lessons From Cloud-Native Teams
• 12:32 : OBR drags in cyber bigwig after Budget leak blunder
• 12:2 : Why Organizations Are Turning to RPAM
• 11:32 : ITDR Best Practices: How to Detect, Prevent, and Contain Critical Identity Threats
• 11:32 : UK digital ID plan gets a price tag at last – £1.8B
• 11:5 : IT Security News Hourly Summary 2025-11-28 12h : 5 posts
• 11:2 : Thousands of sensitive secrets published on JSONFormatter and CodeBeautify
• 10:32 : Poems Can Trick AI Into Helping You Make a Nuclear Weapon
• 10:32 : Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals
• 10:31 : In Other News: HashJack AI Browser Attack, Charming Kitten Leak, Hacker Unmasked
• 10:31 : French Football Federation Suffers Data Breach
• 9:32 : Phantom Stores: Retail Impersonation Spreads Ahead of Black Friday Powered by Video Ads and Modular…
• 9:32 : EU Lawmakers Agree Digital Fraud Rules
• 9:32 : Asahi Confirms Cyberattack Exposed Data of 1.5M Customers
• 9:32 : Poland Arrested Suspected Russian Citizen Hacking for Local Organizations Computer Networks
• 9:32 : Comcast to Pay a $1.5 Million Fine to Settle an FCC Investigation Linked to Vendor Data Breach
• 9:32 : Google CEO Flags Irrational Trends in AI Funding Surge
• 9:32 : MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
• 9:2 : Nvidia Refutes Criticism In Memo To Analysts
• 9:2 : Microsoft Teams Guest Access Leaves Users Exposed to Attacks
• 9:2 : New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption
• 8:32 : Chinese Tech Giants ‘Train AI Models Abroad’ Using Nvidia Chips
• 8:32 : Microsoft blocks Entra, AI scammer legislation, ASUS patches AiCloud
• 8:5 : IT Security News Hourly Summary 2025-11-28 09h : 3 posts
• 8:2 : France Dismisses Search Case Against Microsoft
• 8:2 : London Councils’ IT Systems Impacted by CyberAttack, Including Phone Lines
• 8:2 : Microsoft to Block External Scripts  in Entra ID Logins to Enhance Protections
• 7:2 : Tomiris wreaks Havoc: New tools and techniques of the APT group
• 7:2 : New observational auditing framework takes aim at machine learning privacy leaks
• 7:2 : Social data puts user passwords at risk in unexpected ways
• 6:31 : Black Friday Deal 2026: Reviewing The Ultimate SOC Analyst Bundle
• 6:31 : Scattered Lapsus$ Hunters Registered 40+ Domains Mimicking Zendesk Environments
• 6:31 : Shai Hulud 2.0 Compromises 1,200+ Organizations, Exposing Critical Runtime Secrets
• 6:31 : Why password management defines PCI DSS success
• 6:2 : Black Friday Scammers Are Impersonating Major Brands to Steal Your Money
• 6:2 : KawaiiGPT: A Free WormGPT Clone Using DeepSeek, Gemini, and Kimi-K2 Models
• 6:2 : London Councils Hit by Cyberattack, Disrupts IT and Telephone Lines
• 6:2 : Microsoft Blocks External Scripts in Entra ID Logins to Boost Security
• 6:2 : Get Your Cyber Security Career in 2026: Reviewing The Ultimate SOC Analyst Bundle
• 6:2 : Espionage and Intelligence – What Cybersecurity Professionals Can Learn
• 5:31 : Fragmented tooling slows vulnerability management
• 5:5 : IT Security News Hourly Summary 2025-11-28 06h : 1 posts
• 5:2 : Infosec products of the month: November 2025
• 1:2 : Korean web giant Naver acquired crypto exchange Upbit, which reported a $30m heist a day later
• 23:31 : Vulnerable Codes in Legacy Python Packages Enables Attacks on Python Package Index Via Domain Compromise
• 23:5 : IT Security News Hourly Summary 2025-11-28 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-11-27
• 21:2 : Asahi says crooks stole data of approximately 2M customers and employees
• 20:31 : Over 390 Abandoned iCalendar Sync Domains Could Expose ~4 Million Devices to Security Risks
• 19:2 : Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
• 18:2 : What your firewall sees that your EDR doesn’t
• 18:2 : Why Long-Term AI Conversations Are Quietly Becoming a Major Corporate Security Weakness
• 17:31 : Report Names Teen in Scattered LAPSUS$ Hunters, Group Denies
• 17:5 : IT Security News Hourly Summary 2025-11-27 18h : 3 posts
• 17:2 : Shai Hulud v2 Exploits GitHub Actions Workflows as Attack Vector to Steal Secrets
• 17:2 : Zendesk users targeted as Scattered Lapsus$ Hunters spin up fake support sites
• 17:2 : FCC Warns of Hackers Hijacking Radio Equipment For False Alerts
• 16:4 : OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel
• 16:4 : OpenAI cuts off Mixpanel after analytics leak exposes API users
• 16:4 : Asahi Data Breach Impacts 2 Million Individuals
• 16:4 : Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update
• 16:4 : Bloody Wolf Threat Actor Expands Activity Across Central Asia
• 15:32 : NVIDIA DGX Spark Vulnerabilities Let Attackers Execute Malicious Code and DoS Attacks
• 15:32 : Dead Man’s Switch – Widespread npm Supply Chain Attack Driving Malware Attacks
• 15:31 : Qilin RaaS Exposed 1 Million Files and 2 TB of Data Linked to Korean MSP Breach
• 15:31 : Millions at risk after nationwide CodeRED alert system outage and data breach
• 15:31 : Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0
• 15:31 : One Identity Safeguard Named a Visionary in the 2025 Gartner Magic Quadrant for PAM
• 15:3 : Lapsus$ Hunters Register 40+ Domains Impersonating Zendesk Environments
• 15:3 : “Dead Man’s Switch” Triggers Massive npm Supply Chain Malware Attack
• 15:3 : Handala Hacker Group Targets Israeli High-Tech and Aerospace Professionals
• 15:2 : Apache SkyWalking Flaw Allows Attackers to Launch XSS Attacks
• 15:2 : OpenAI Reveals Mixpanel Data Breach Exposing User Details
• 15:2 : Crypto Exchange Upbit Suffers Security Breach After $10B Deal
• 15:2 : When Buyers Discount MSPs With One Big Customer
• 15:2 : Waymo Robotaxi Films Deadly San Francisco Shooting
• 15:2 : Russian-Linked Surveillance Tech Firm Protei Hacked, Website Defaced and Data Published
• 15:2 : Detego DFIR Platform centralizes evidence, workflows, and real-time case insights
• 15:2 : Openai User Data Exposed In Mixpanel Hack
• 15:2 : Amazon Uses AI Agents For Bug Hunting
• 15:2 : Hackers Use Blender Assets To Spread StealC
• 15:2 : AI Security Firm Vijil Raises 17 Million
• 15:2 : Toddycat Tools Steal Outlook And M365 Data
• 14:33 : UK Budget 2025: Reactions From Tech Leaders
• 14:33 : Cyberattack on Multiple London Councils Exposes Fragility of Shared Public-Sector Systems
• 14:32 : Hackers Actively Exploiting IoT Vulnerabilities to Deploy New ShadowV2 Malware
• 14:32 : Gitlab Patches Multiple Vulnerabilities that Enable Authentication Bypass and DoS Attacks
• 14:32 : North Korean Hackers Exploiting npm, GitHub, and Vercel to Deliver OtterCookie Malware
• 14:32 : KawaiiGPT – Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models
• 14:32 : FCC sounds alarm after emergency tones turned into potty-mouthed radio takeover
• 14:32 : Asahi Confirms 1.5 Million Customers Affected in Major Cyber-Attack
• 14:5 : IT Security News Hourly Summary 2025-11-27 15h : 5 posts
• 14:2 : Cronos Kicks Off $42K Global Hackathon Focused on AI-Powered On-Chain Payments
• 14:2 : Cyberattack Disrupts Services Across London Councils
• 14:2 : Holiday shoppers targeted as Amazon and FBI warn of surge in account takeover attacks
• 13:31 : Asahi admits ransomware gang may have spilled almost 2M people’s data
• 13:31 : Digital Deception Drives a Sophisticated Era of Cybercrime
• 12:31 : OpenAI API User Data Exposed in Mixpanel Breach, ChatGPT Unaffected
• 12:31 : Scottish council still rebuilding systems two years after ransomware attack
• 12:31 : OpenAI User Data Exposed in Mixpanel Hack
• 12:2 : 3 Best VPN for iPhone (2025), Tested and Reviewed
• 12:2 : Threat Actors Leverage Fake Update Lures to Deliver SocGholish Malware
• 12:2 : ByteToBreach Cybercriminal Selling Sensitive Global Data from Airlines, Banks, and Governments
• 12:2 : Angular HTTP Client Vulnerability Exposes XSRF Token to an Attacker-Controlled Domain
• 12:2 : Malicious Chrome Extension Silently Steal and Injects Hidden SOL Fees Into Solana Swaps
• 11:32 : Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems
• 11:32 : You’re Not Technical? That Excuse Just Expired!
• 11:32 : OpenAI Warns of Mixpanel Data Breach Impacting API Users
• 11:5 : IT Security News Hourly Summary 2025-11-27 12h : 5 posts
• 11:2 : Stock Exchanges Warn SEC Over Tokenisation
• 11:2 : Is your phone number safe? The story of how WhatsApp nearly leaked it
• 11:2 : ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories
• 11:2 : Fraud Fears But No Breach Spike Expected This Festive Season
• 10:31 : China Said To Bar ByteDance From Using Nvidia
• 10:2 : S&P Downgrades Tether Stablecoin To Lowest Level
• 10:2 : Hackers Actively Attacking Telecommunications & Media Industry to Deploy Malicious Payloads
• 10:2 : OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed
• 9:32 : European Parliament Calls For Child Social Media Restrictions
• 9:32 : Scattered Lapsus$ Hunters Take Aim At Zendesk Users
• 9:2 : France Takes Action Against AliExpress, Joom
• 9:2 : New ASUS firmware patches critical AiCloud vulnerability
• 9:2 : Hackers Exploiting Fake Battlefield 6 Popularity to Deploy Stealers and C2 Agents
• 9:2 : Key provisions of the UK Cyber Resilience Bill Revealed
• 8:32 : Uber, WeRide Go Fully Autonomous In Abu Dhabi
• 8:31 : AWS outage botnet smacks 28 countries, LLMs help malware authors evade detection, Anthropic pressed over Claude espionage
• 8:5 : IT Security News Hourly Summary 2025-11-27 09h : 5 posts
• 8:2 : Multiple London Councils Disrupted By Cyber-Attacks
• 8:2 : Clover raises $36 million to scale product security through AI-native design
• 7:32 : OpenAI Security Incident With Third Party Data Analytics Mixpanel
• 7:31 : China Software Developer Network – 6,414,990 breached accounts
• 7:31 : Gainsight Expands Impacted Customer List Following Salesforce Security Alert
• 7:2 : New Malware-as-a-Service Olymp Loader Advertised on Hacker Forums with It’s Anti-analysis and Detection Features
• 7:2 : Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
• 7:2 : Threat Actors Allegedly Listed iOS 26 Full‑Chain 0‑Day Exploit on Dark Web
• 6:32 : Belonging at Akamai: My Journey of Inclusion, Growth, and Connection
• 6:32 : Full Circle: How Akamai’s Evolution Set the Stage for the AI Inference Era
• 6:31 : Hottest cybersecurity open-source tools of the month: November 2025
• 6:2 : Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack