IT Security News Daily Summary 2025-03-26

210 posts were published in the last hour

22:13 : What VirusTotal Missed — Discover with Unknown Cyber
22:13 : Enhancing cloud security in AI/ML: The little pickle story
21:34 : New ReaderUpdate malware variants target macOS users
21:34 : Signalgate storm intensifies as journalist releases full secret Houthi airstrike chat
21:15 : Security expert Troy Hunt hit by phishing attack
21:15 : Mike Waltz Left His Venmo Friends List Public
21:15 : Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware
21:14 : Broadcom Extends Scope of VMware vDefend Cybersecurity Platform
20:34 : Production Line Cameras Vulnerabilities Let Attackers Stop The Recordings
20:34 : US defense contractor cops to sloppy security, settles after infosec lead blows whistle
20:34 : Vulnerability Summary for the Week of March 17, 2025
20:5 : IT Security News Hourly Summary 2025-03-26 21h : 14 posts
20:3 : Napster Sold And Will Return As Interactive Streaming Service
20:3 : SignalGate Isn’t About Signal
20:3 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
20:3 : A New Tool to Detect Cellular Spying | EFFector 37.3
20:3 : OpenAI Offering $100K Bounties for Critical Vulnerabilities
20:3 : Winter 2024 SOC 1 report is now available with 183 services in scope
19:39 : Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats
19:39 : 2025-03-26: SmartApeSG traffic for fake browser update leads to NetSupport RAT and StealC
19:39 : BSidesLV24 – IATC – Difficult Conversations
19:38 : Effectively implementing resource control policies in a multi-account environment
19:12 : UK Proposes To Allow Satellites To Resolve UK Mobile Not-Spots
19:12 : Benefits and challenges of zero standing privileges
19:12 : SignalGate Isn’t About Signal
19:12 : How to Delete Your 23andMe Data
18:33 : Studie zeigt: So können Bots der menschlichen Interaktion in Online-Communitys schaden
18:33 : Rollenspiel mit gefährlichen Folgen: So einfach erstellen selbst Anfänger Malware mit ChatGPT
18:32 : Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
18:32 : Has GetReal cracked the code on AI deepfakes? $18M and an impressive client list say yes
18:32 : Leaked data exposes a Chinese AI censorship machine
18:32 : CVE-2024-9956: Critical WebAuthentication Vulnerability in Google Chrome on Android
18:32 : Titan Security Keys now available in more countries
18:13 : Security Silos Are Failing: Why CTEM Is Key to Smarter Cyber Defense
18:13 : New npm Malware Attack Infects Popular Ethereum Library with Backdoor
18:13 : 5 best Linux distros for staying anonymous – when a VPN isn’t enough
18:13 : New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
18:13 : SectopRAT as Weaponized Cloudflare Turnstile Challenge Attacks Windows Users
17:40 : Anzeige: Microsoft-365-Sicherheit professionell verwalten
17:39 : Why Healthcare Executives Should Prioritize Security Compliance
17:39 : Waymo Confirms Washington DC Robotaxi Plan For 2026
17:39 : Pakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android Users
17:39 : B1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for Free
17:39 : Hackers Exploit COM Objects for Fileless Malware and Lateral Movement
17:39 : Threat Actors Use “Atlantis AIO” Tool to Automate Credential Stuffing Attacks
17:39 : Files stolen from NSW court system, including restraining orders for violence
17:39 : What is a web application firewall (WAF)? WAF explained
17:39 : Making a case for the cybersecurity data fabric
17:39 : Introducing the Mend.io Value Dashboard: Measure and Showcase Your Security Impact
17:5 : Next.js Middleware Flaw Lets Attackers Bypass Authorization
17:5 : New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access
17:5 : YouTube Creators Under Attack via Brand Collaborators Requests Using Clickflix Technique
17:5 : Top 3 Cyber Attacks In March 2025
17:5 : IT Security News Hourly Summary 2025-03-26 18h : 15 posts
17:5 : AI Technology is Helping Criminal Groups Grow Stronger in Europe, Europol Warns
16:39 : Third-Party Data Breaches: The Hidden Threat Lurking in Vendor Networks
16:39 : Has GetReal cracked the code on AI deepfakes? $18M and an impressive client list says yes
16:39 : Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
16:39 : SecurityScorecard Observes Surge in Third-Party Breaches
16:38 : Effectively implementing resource controls policies in a multi-account environment
16:7 : Inaba Denki Sangyo CHOCO TEI WATCHER mini
16:7 : 3 in 4 Enterprise Users Upload Data to GenAI Including Passwords and Keys
16:7 : New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload
16:7 : How AI is Fueling ATOs & Fake Account Creation—And Why Bot Detection Needs to Evolve
16:7 : BSidesLV24 – IATC – Hungry, Hungry Hackers
16:7 : Western Alliance Bank Data Breach Exposes Nearly 22,000 Customers’ Personal Information
16:7 : Roman Encryption Employed In Nearly 9K Phishing Attacks
16:7 : FBI Warns Against Free Online File Converters as Potential Cybersecurity Threats
15:40 : Verratene Kriegspläne: Elon Musk soll bei Aufklärung der Chataffäre helfen
15:39 : The Importance of Secure Data Management Tools in Higher Education (+ 6 Best-Value Tools for Universities)
15:39 : TikTok to take help of Microsoft or Google to banish data security concerns
15:39 : Tesla Europe Sales Plummet, As Owners Return EVs At Record Levels
15:39 : US Adds 50 Chinese Firms To AI, Chip Blacklist
15:39 : Groq and PlayAI just made voice AI sound way more human — here’s how
15:39 : Credible nerd says stop using atop, doesn’t say why, everyone panics
15:39 : BlackLock Ransomware Targeted by Cybersecurity Firm
15:39 : AMTSO Releases Sandbox Evaluation Framework
15:39 : Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool
15:10 : #53 – Online für die Ewigkeit? Warum der digitale Nachlass so wichtig ist
15:10 : RedCurl-Ransomware attackiert Hypervisoren
15:10 : Sicherheitsupdate: Ghostscript über mehrere Sicherheitslücken attackierbar
15:9 : Generative AI In Business: Managing Risks in The Race for Innovation
15:9 : Don’t Respond to Ransomware Attackers With AI, Experts Say
15:9 : Industry Moves for the week of March 24, 2025 – SecurityWeek
15:9 : Island Banks $250M Series E for Enterprise Browser
15:9 : GitHub Action Security Breach Raises Concerns Over Supply Chain Risks
15:9 : Oscilar AI Agent improves risk analysis and fraud prevention
15:9 : China-linked FamousSparrow APT group resurfaces with enhanced capabilities
14:38 : Sicherheitspatch: Angreifer können an neun Lücken in Ghostscript ansetzen
14:38 : Production Line Camera Flaws Allow Hackers to Disable Recordings
14:38 : Windows 11 24H2 Update Breaks Connection to the Veeam Backup Server
14:38 : North Korean Kimsuky Hackers New Tactics & Malicious Scripts in Latest Attacks
14:38 : Your Smart TV May Bring Down the Entire Network
14:38 : Operation ForumTroll – APT Hackers Exploit Google Chrome Zero-Day To Bypass Sandbox Protections
14:37 : CrushFTP HTTPS Port Vulnerability Leads to Unauthorized Access
14:37 : DeRISK Quantified Vulnerability Management evaluates cyber risks using business-level metrics
14:37 : If you think you’re immune to phishing attempts, you’re wrong!
14:37 : Threat Actors Abuse Trust in Cloud Collaboration Platforms
14:13 : So viel investieren Deutsche in Cybersicherheit
14:12 : YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic
14:12 : 6 Best Password Managers (2025), Tested and Reviewed
14:12 : Clevo Devices Boot Guard Private Key Exposed Via Firmware Update Packages
14:12 : 200 Unique Domains Used by Raspberry Robin Unveiled
14:12 : Cloudflare Attributes Recent Service Outage to Password Rotation Error
14:12 : Critical NetApp SnapCenter Server Vulnerability Let Attackers Become an Admin User
14:12 : CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL
14:12 : Hackers Use Atlantis AIO Tool to Automate Account Takeover Attacks
14:12 : Whitepaper: Voice of Security 2025
14:12 : RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
14:11 : EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
14:5 : IT Security News Hourly Summary 2025-03-26 15h : 25 posts
13:38 : USA: Doge-Mitglied half früher Cyberkriminellen mit Tech-Support
13:38 : Verschlüsselung: Quantensatellit für Übertragung zwischen Kontinenten genutzt
13:37 : Emissions Transparency: Moving Toward a More Rigorous Verification
13:37 : Windows MMC Framework Zero-Day Exploited to Execute Malicious Code
13:37 : Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists
13:37 : Malware found on npm infecting local package with reverse shell
13:37 : Concentric AI’s UBDA feature identifies unusual user activity
13:37 : Malicious npm Packages Deliver Sophisticated Reverse Shells
13:12 : Moodle: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
13:12 : Google Chrome: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
13:12 : Vom Weltraum in die Tiefsee bei der BVSW Wintertagung 2025
13:12 : Welcher Browser bietet derzeit den besten Datenschutz? – Alternativen zu Chrome, Edge und Firefox | Offizieller Blog von Kaspersky
13:12 : [NEU] [mittel] IBM WebSphere Application Server Liberty: Schwachstelle ermöglicht Denial of Service
13:11 : [NEU] [mittel] Icinga: Mehrere Schwachstellen
13:11 : [NEU] [mittel] Moodle: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
13:11 : [NEU] [kritisch] Google Chrome: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
13:10 : Rethinking SAP Security Without Maintenance Contracts
13:10 : CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access
13:10 : Transforming Security Management with AI Agents and Assistants
13:10 : New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest
13:10 : AI Agents and API Security: The Hidden Risks Lurking in Your Business Logic
13:10 : The UK’s National Cyber Security Centre Presents Timeline and Roadmap for PQC Migration
13:10 : Blumira introduces Microsoft 365 threat response feature
13:10 : Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience
13:10 : Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks
12:37 : ChatGPT generiert jetzt Bilder mit GPT-4o: Welche Verbesserungen es im Vergleich zu Dall-E gibt
12:37 : Leak soll neues iOS 19 zeigen: Warum dieses Design-Mockup unwahrscheinlich ist
12:37 : Meta AI: Müsst ihr die KI zwangsläufig nutzen oder lässt sie sich deaktivieren?
12:37 : Whatsapp kämpft mit Backup-Problemen: Diesen Workaround gibt es
12:37 : Cloudsysteme gefährdet: VMware-Lücke begünstigt VM-Ausbruch ohne Admin-Zugriff
12:36 : Cloudflare Attributes Service Outage to Faulty Password Rotation
12:36 : Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server
12:36 : Vulnerabilities Allow Remote Hacking of Inaba Plant Monitoring Cameras
12:10 : [NEU] [mittel] Hitachi Energy RTU500: Mehrere Schwachstellen ermöglichen Denial of Service
12:9 : Signal App In Spotlight Amid Secret Chat Controversy Of US Officials
12:9 : New Chrome Installer Breaks With Error “This App can’t Run on your PC” on Windows 10 & 11
12:9 : DrayTek Routers Vulnerability Exploited in the Wild – Possibly Links to Reboot Loop
12:9 : macOS Users Warned of New Versions of ReaderUpdate Malware
11:37 : NGINX Controller for Kubernetes: Kubernetes-Cluster kompromittierbar
11:36 : DeepSeek users targeted with fake sponsored Google ads that deliver malware
11:36 : Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware
11:36 : AI Data Poisoning
11:36 : ETSI Publishes New Quantum-Safe Encryption Standards
11:11 : [NEU] [mittel] IBM SPSS Statistics: Schwachstelle ermöglicht Offenlegung von Informationen
11:11 : [UPDATE] [mittel] Varnish HTTP Cache: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
11:10 : Crypto Heist Suspect “Wiz” Arrested After $243 Million Theft
11:10 : New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit
11:10 : APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections
11:10 : The default TV setting you should turn off ASAP – and why you shouldn’t wait to do it
11:10 : How to Build a Mature Vulnerability Management Program
11:10 : Implementing Privileged Access Workstations: A Step-by-Step Guide
11:10 : NCSC taps influencers to make 2FA go viral
11:10 : Critical Next.js Vulnerability in Hacker Crosshairs
11:10 : Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
11:9 : How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More
11:5 : IT Security News Hourly Summary 2025-03-26 12h : 16 posts
10:35 : Permadeath: Bestimmte Tote in World of Warcraft werden wiedererweckt
10:35 : New Chrome Installer Fails on Windows 10 & 11 With “This app can’t run on your PC” Error
10:34 : Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack
10:34 : AI vs. Cybercriminals: Who Wins the Race in Next-Gen Threat Detection?
10:34 : ENISA Probes Space Threat Landscape in New Report
10:14 : Have I Been Pwned: Projektbetreiber Troy Hunt gepwned
10:14 : Auch in Deutschland: Tausende Kubernetes-Cluster lassen sich aus der Ferne kapern
10:14 : [UPDATE] [mittel] Trend Micro Apex One: Mehrere Schwachstellen ermöglichen Privilegieneskalation
10:14 : [NEU] [mittel] Gitea: Mehrere Schwachstellen
10:13 : [NEU] [mittel] VMware Tools: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
10:13 : [NEU] [mittel] RabbitMQ: Schwachstelle ermöglicht Cross-Site Scripting
10:12 : Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors
10:12 : Critical NetApp SnapCenter Server Vulnerability Allows Attackers to Gain Admin Access
10:12 : North Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent Attacks
10:12 : New IOCONTROL Malware Attacking Critical Infrastructure to Gain Remote Access and Control
10:12 : FBI Issues new alert over phishing SMS scam targeting highway toll customers
9:36 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Codeausführung
9:36 : [UPDATE] [mittel] libxml2: Mehrere Schwachstellen ermöglichen Denial of Service
9:36 : [UPDATE] [mittel] Python: Mehrere Schwachstellen ermöglichen Denial of Service
9:35 : Clevo Devices Vulnerable as Boot Guard Private Key Leaks via Firmware Updates
9:35 : Chainguard VMs reduces risk and engineering complexity
9:35 : Sumsub launches Reusable Digital Identity product suite
9:35 : Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
9:35 : UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats
9:9 : “Passwort” Folge 28: Smartphonedurchsuchung wider Willen
9:9 : Themse: Abgesoffenes iPad wird Beweisstück gegen Verbrecherring
9:8 : BrowserStack Private Devices helps organizations comply with stringent security requirements
8:36 : Bedrohungsmanagement in Behörden und Stärkung der Resilienz
8:36 : Dringend patchen: Gefährliche Zero-Day-Lücke in Chrome für Spionage ausgenutzt
8:35 : Safeguarding Data for the Quantum Era
8:35 : DrayTek Router Vulnerability Exploited in the Wild – Linked to Reboot Loop Issue
8:35 : Google fixed the first actively exploited Chrome zero-day since the start of the year
8:35 : New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials – Unofficial Patch
8:35 : CISA Warns of Four Vulnerabilities, and Exploits Surrounding ICS
8:35 : Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code
8:34 : Cyberhaven enhances Linea AI platform to improve data security
8:5 : IT Security News Hourly Summary 2025-03-26 09h : 7 posts
8:4 : Quantum-Proofing Enterprise Security: The Clock is Ticking
7:36 : VMware Tools ermöglichen Rechteausweitung in VMs
7:36 : Koalitionsverhandlungen: Die Überwachungswünsche von Schwarz-Rot
7:35 : Authentication bypass CVE-2025-22230 impacts VMware Windows Tools
7:35 : EncryptHub exploit, Copilot agents, PETs in government
7:5 : Koalitionsverhandlungen: Die Überwachungswunschliste von Schwarz-Rot

Post navigation