What Are Non-Human Identities and How Do They Impact Cybersecurity? How can organizations secure their digital amidst a rapidly transforming cybersecurity environment? Where industries increasingly transition to cloud-based solutions, managing Non-Human Identities (NHIs) becomes an essential component of a robust…
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission the right way People are starting to hand more decisions to AI agents, from booking…
Massive Android botnet Kimwolf infects millions, strikes with DDoS
The Kimwolf Android botnet has infected 1.8M+ devices, launching massive DDoS attacks and boosting its C&C domain, says XLab. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8 million devices and issued…
IT Security News Hourly Summary 2025-12-21 09h : 1 posts
1 posts were published in the last hour 8:2 : NIST tried to pull the pin on NTP servers after blackout caused atomic clock drift
NIST tried to pull the pin on NTP servers after blackout caused atomic clock drift
A rare case of deliberately trying to induce an outage A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable backup generators powering some of its Network Time Protocol infrastructure, after a power outage around…
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. “The scale of Prince…
IT Security News Hourly Summary 2025-12-21 06h : 1 posts
1 posts were published in the last hour 5:2 : 100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild
100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild
Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild. The vulnerability, tracked as CVE-2025-20393, currently has…
IT Security News Hourly Summary 2025-12-21 00h : 1 posts
1 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-12-20
IT Security News Daily Summary 2025-12-20
32 posts were published in the last hour 22:2 : ATM Jackpotting ring busted: 54 indicted by DoJ 21:2 : Bangladeshi Operator of Fake ID Marketplaces Charged in International Fraud Case 20:31 : LinkedIn Profile Data Among Billions of Records…
ATM Jackpotting ring busted: 54 indicted by DoJ
The U.S. Department of Justice has indicted 54 individuals over a multi-million-dollar ATM jackpotting fraud scheme. U.S. DoJ indicted 54 people for a nationwide ATM jackpotting scheme that stole millions via malware. The case links the crimes to the cybercrime…
Bangladeshi Operator of Fake ID Marketplaces Charged in International Fraud Case
A 29-year-old Bangladeshi man has been indicted on federal charges for operating online marketplaces that sold fraudulent identity document templates to customers worldwide, U.S. authorities announced. Zahid Hasan of Dhaka, Bangladesh, faces nine federal counts, including six counts of transferring…
LinkedIn Profile Data Among Billions of Records Found in Exposed Online Database
Cybersecurity researchers recently identified a massive online database that was left publicly accessible without any security protections, exposing a vast collection of professional and personal information. The database contained more than 16 terabytes of data, representing over 4.3 billion…
IT Security News Hourly Summary 2025-12-20 21h : 2 posts
2 posts were published in the last hour 19:31 : DevOps and Cybersecurity: Building a New Line of Defense Against Digital Threats 19:31 : NDSS 2025 – Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems
DevOps and Cybersecurity: Building a New Line of Defense Against Digital Threats
Learn how DevOps and DevSecOps strengthen cybersecurity through automation, CI/CD, and secure DevOps development services. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: DevOps and Cybersecurity: Building a New…
NDSS 2025 – Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems
Session 6D: Software Security: Vulnerability Detection Authors, Creators & Presenters: Hengkai Ye (The Pennsylvania State University), Hong Hu (The Pennsylvania State University) PAPER Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems Code injection was a favored technique…
Are We Becoming Children of the MagentAI?
(If you’d prefer, you can skip the intro blathering and just download the full white paper) Back in 1997, a commercial airline captain noticed his fellow pilots had a problem: they’d gotten so used to following the magenta flight path…
FBI Seizes Fake ID Template Domains Operating from Bangladesh
US authorities have charged Zahid Hasan with running TechTreek, a $2.9 million online marketplace selling fake ID templates. The investigation, involving the FBI and Bangladesh police, uncovered a global scheme selling fraudulent passports and social security cards to over 1,400…
Claude Opus 4.5 Now Integrated with GitHub Copilot
GitHub has announced the general availability of Claude Opus 4.5, Anthropic’s advanced AI model, across its Copilot platform. This integration enhances AI capabilities for developers using GitHub’s code assistance tools. The Claude Opus 4.5 model is now accessible to users…
CountLoader and GachiLoader Malware Campaigns Target Cracked Software Users
Cybersecurity analysts have uncovered a new malware campaign that relies on cracked software download platforms to distribute an updated variant of a stealthy and modular loader known as CountLoader. According to researchers from the Cyderes Howler Cell Threat Intelligence…
Clop Ransomware Targets Internet-Facing Gladinet CentreStack Servers in New Data Theft Campaign
The Clop ransomware group, also known as Cl0p, has launched a new extortion campaign aimed at Gladinet CentreStack file servers that are exposed to the internet. Gladinet CentreStack is a file-sharing solution that allows organizations to securely access and…
Microsoft Rolls Out Baseline Security Mode for Office, SharePoint, Exchange, Teams, and Entra
Microsoft has begun deploying Baseline Security Mode across Microsoft 365 tenants, a new dashboard in the M365 Admin Center that centralizes recommended security configurations for Office, SharePoint, Exchange, Teams, and Entra. Announced at Ignite 2025, this opt-in feature helps administrators…
Lugano: Swiss Crypto Hub Where Bitcoin Pays for Everything
The Swiss city of Lugano, located in the Italian-speaking canton of Ticino, has turned itself into the European capital for cryptocurrency through its bold “Plan ₿” scheme, which lets citizens and businesses transact in Bitcoin and Tether for almost everything.…
U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware
The U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in connection with a multi-million dollar ATM jackpotting scheme. The large-scale conspiracy involved deploying malware named Ploutus to hack into automated teller machines (ATMs) across the…