IT Security News Daily Summary 2025-05-08

210 posts were published in the last hour

21:32 : A timeline of South Korean telco giant SKT’s data breach
21:32 : Palo Alto Networks: Champion in Two Canalys Global Leadership Matrices
21:32 : North Korean’s OtterCookie Malware Upgraded With New Features for Windows, Linux & macOS
21:2 : Chinese Hackers Flood Japan with 580 Million Phishing Emails Using ‘CoGUI’ Kit
20:32 : The Rise of Ransomware – Strategies to Protect Your Systems
20:32 : New Spam Campaign Abuses Remote Monitoring Tools to Attack Organizations
20:5 : IT Security News Hourly Summary 2025-05-08 21h : 14 posts
20:4 : PowerSchool Paid Ransom, Now Hackers Target Teachers for More
19:32 : Alibaba’s ‘ZeroSearch’ lets AI learn to google itself — slashing training costs by 88 percent
19:32 : Dev Proxy v0.27: New API Modeling and AI Features Released
19:32 : Model Context Protocol Adoption and C# SDK Integration in Java
19:32 : LockBit Ransomware Hacked: Database and Victim Chats Leaked
19:32 : AWS expands Spain’s ENS High certification across 174 services
19:7 : The LockBit ransomware site was breached, database dump was leaked online
19:7 : SMBs Know They’re At Risk, but Most Aren’t Embracing AI
19:7 : “They’re Just People—But Dangerous Ones”: Trellix’s John Fokker Unpacks the Blurred Battlefield of Cybercrime at RSA 2025
19:7 : Chinese Hackers Exploit IPv6 Network Features to Hack Software Updates
19:7 : Harmful WordPress Plugin Posing as Security Tool Grants Hackers Full Access
18:34 : The IT help desk kindly requests you read this newsletter
18:34 : Tesla Fails In Attempt To Trademark ‘Robotaxi’ – Report
18:34 : Check Point Wins “Best Threat Prevention Vendor of the Year” at GISEC 2025
18:34 : PowerSchool paid a hacker’s ransom, but now schools say they are being extorted
18:34 : CVE-2025-23211: Tandoor Recipes Jinja2 SSTI to Remote Code Execution
18:33 : Smart home devices used to monitor domestic workers raise safety concerns
18:33 : 1-15 January 2025 Cyber Attacks Timeline
18:33 : Using AI to stop tech support scams in Chrome
18:33 : Separating Fact from Fiction: Here’s How AI Is Transforming Cybercrime
18:33 : New Attack Exploiting X/Twitter Advertising Display URL Feature to Trick Users
18:33 : The FCC Must Reject Efforts to Lock Up Public Airwaves
18:33 : Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds
18:33 : Leading Through Uncertainty: AI, Risk, and Real Talk from RSAC’s Women in Cyber
18:33 : A Q&A with Head of Security Solutions at Abraxas
17:8 : Warum Spotify jetzt eine Schlummertaste für Songs bekommt – und wer die nutzen kann
17:8 : Neuralink-Patient enthüllt: So kommuniziert er mit dem Implantat und der KI Grok von Elon Musks Firmen
17:8 : Google Partners Elementl Power To Develop Nuclear Projects
17:7 : Seamless AI Communication: Microsoft Azure Adopts Google’s A2A Protocol
17:7 : Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks
17:7 : IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers
17:7 : Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers
17:7 : The Invisible Storm: Why Cloud Malware Is Your Business’s New Weather Emergency
17:7 : 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
17:7 : AWS renews its AAA Pinakes rating for the Spanish financial sector
17:5 : IT Security News Hourly Summary 2025-05-08 18h : 11 posts
16:33 : LockBit’s Dark Web Domains Hacked, Internal Data and Wallets Leaked
16:33 : Radware Cloud Web App Firewall Flaw Allows Attackers to Bypass Security Filters
16:33 : Mitsubishi Electric CC-Link IE TSN
16:33 : Horner Automation Cscape
16:33 : Hitachi Energy RTU500 Series
16:33 : Pixmeo OsiriX MD
16:32 : Tired of Google sponsored ads? So are we! That’s why we’re introducing the option to block them on iOS
16:32 : Push-Bombing: The Silent Threat Undermining Multi-Factor Authentication
16:32 : FBI Shares Details of 42,000 LabHost Phishing Domains
16:11 : Anzeige: Digitale Souveränität durch Stackit Cloud
16:10 : Ransomware news headlines trending on Google
16:10 : ESET Reveals How to Spot Fake Calls Demanding Payment for ‘Missed Jury Duty’
16:10 : InterSECt — The Fast Lane to a Secure Future Starts Here
16:10 : New DOGE Big Balls Ransomware Using Open-Source Tools & Custom Scripts to Infect Victim Machines
16:10 : 470 Ransomware Attacking in 2025, Qilin Remains Dominant Followed by Silent & Crypto24
16:9 : Indirect prompt injection attacks target common LLM data sources
16:9 : Approaches Users Can Implement to Safeguard Wireless Connections
16:9 : Pakistan-Based Hackers Launch Cyber Attack on Indian Defence Websites, Claim Access to Sensitive Data
16:9 : The many variants of the ClickFix social engineering tactic
15:33 : White House To Redraft Biden’s AI Chip Export Rule
15:33 : Fake Crypto Exchange Ads on Facebook Spread Malware
15:33 : What are the top 10 spyware threats?
15:32 : PDF Malware: How Educational Institutions Can Prevent Infection Spreading
15:32 : Separating Fact from Fiction: Here’s How AI is Transforming Cybercrime
15:32 : Multilayered Email Attack: How a PDF Invoice and Geo-Fencing Led to RAT Malware
15:32 : Qilin Ransomware Ranked Highest in April 2025 with Over 45 Data Leak Disclosures
15:32 : SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root
15:7 : CISO Global Shifts to SaaS Cybersecurity Platform
15:7 : Valarian Bags $20M Seed Capital for ‘Isolation-First’ Infrastructure Tech
15:7 : Russian Group Launches LOSTKEYS Malware in Attacks
14:32 : Wordfence Intelligence Weekly WordPress Vulnerability Report (April 28, 2025 to May 4, 2025)
14:32 : Apple Appeals For Pause In Epic Game Ruling
14:32 : New Spam Campaign Leverages Remote Monitoring Tools to Exploit Organizations
14:32 : Researchers Turn the Tables: Scamming the Scammers in Telegram’s PigButchering Scheme
14:32 : From Managing Vulnerabilities to Managing Exposure: The Critical Shift You Can’t Ignore
14:32 : The Myth of Multiscanning: More Isn’t Always Better
14:6 : Ransomware-as-a-Service (RaaS) Emerges as a Leading Framework for Cyberattacks
14:6 : DOGE Big Balls Ransomware Leverages Open-Source Tools and Custom Scripts for Multi-Stage Attacks
14:6 : Guess Which Browser Tops the List for Data Collection!
14:6 : New Attack Exploits X/Twitter Ad URL Feature to Deceive Users
14:5 : Cisco fixed a critical flaw in its IOS XE Wireless Controller
14:5 : Radware Cloud Web App Firewall Vulnerability Let Attackers Bypass Filters
14:5 : Ubiquiti UniFi Protect Camera Vulnerability Allows Remote Code Execution
14:5 : IXON VPN Client Vulnerability Let Attackers Escalate Privileges
14:5 : Europol Announces More DDoS Service Takedowns, Arrests
14:5 : Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware
14:5 : IT Security News Hourly Summary 2025-05-08 15h : 16 posts
13:36 : VdS-Sicherheitsfachtagung 2025 in Köln
13:36 : Mitel SIP-Phones lassen sich beliebige Befehle unterjubeln
13:35 : No Internet Access? SSH to the Rescue!, (Thu, May 8th)
13:35 : AI-Driven Fake Vulnerability Reports Flooding Bug Bounty Platforms
13:34 : Russian COLDRIVER Hackers Deploy LOSTKEYS Malware to Steal Sensitive Information
13:34 : Iranian Hackers Posing as Model Agency to Target Victims
13:34 : Employee Spotlight: Getting to Know Tom De Laet
13:34 : How Google’s AI combats new scam tactics – and how you can stay one step ahead
13:34 : Which Browser is The Worst for Data Collection – Hope You Guessed It!
13:34 : Ransomware-as-a-Service (RaaS) Evolved as a Predominant Framework for Ransomware Attacks
13:34 : Researchers Details macOS Remote Code Execution Vulnerability – CVE-2024-44236
13:34 : Microsoft Bookings Vulnerability Let Attackers Alter the Meeting Details
13:34 : Passwords in the age of AI: We need to find alternatives
13:34 : Abuse takes its “toll” on .top: But who is paying the price?
13:5 : Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads
13:5 : Microsoft Bookings Vulnerability Allows Unauthorized Changes to Meeting Details
13:5 : Practical IT & Cybersecurity Training for Just $29.99
13:4 : Possible Zero-Day Patched in SonicWall SMA Appliances
12:32 : Nmap 7.96 Released with Enhanced Scanning Capabilities and Updated Libraries
12:32 : Outpost24 expands EASM platform with modules for social media and data leakage
12:32 : Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)
12:32 : LockBit Ransomware Hacked, Insider Secrets Exposed
12:14 : [NEU] [hoch] F5 BIG-IP: Mehrere Schwachstellen
12:12 : Silicon UK In Focus Podcast: Enterprise Cybersecurity in 2025 – Managing Complexity at Scale
12:12 : Wikipedia Launches Challenge Over UK’s ‘Frankenstein’ Online Safety Act
12:12 : Cisco IOS XE Vulnerability Allows Attackers to Gain Elevated Privileges
12:12 : Business Owners: Here’s Why a VPN Isn’t Optional Anymore
12:12 : VC firm Insight Partners confirms personal data stolen during January hack
12:12 : Google Finds Data Theft Malware Used by Russian APT in Select Cases
12:11 : MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware
12:11 : Security Tools Alone Don’t Protect You — Control Effectiveness Does
12:11 : Just 5% of Enterprises Have Deployed Quantum-Safe Encryption
11:34 : Razzia in Deutschland: Mutmaßliche Darknet-Drogenhändler verhaftet
11:34 : Interrupt: Starker Flipper-Zero-Konkurrent kommt mit Linux und Tastatur
11:32 : Iranian Hackers Impersonate as Model Agency to Attack Victims
11:32 : Nmap 7.96 Released With New Scanning Features & Upgraded Libraries
11:32 : OneDrive New Feature Allows Default Sync of Personal & Corporate Accounts
11:32 : WhatsApp hack: Meta wins payout over NSO Group spyware
11:32 : UK Cyber Essentials Certification Numbers Falling Short
11:6 : Little Language Lessons im Test: So schlägt sich Googles KI-Alternative zu Duolingo
11:6 : Skype-Kunden wollen ihr Restguthaben zurück, doch Microsoft reagiert nicht: Was Betroffene tun können
11:6 : Google Maps kann jetzt Screenshots auslesen: Wie dir das bei der Reiseplanung helfen soll
11:6 : Statt teurer GPUs: Dieses Startup trainiert seine KI mit billigen Gaming-Grafikkarten
11:6 : Erstmals hat eine KI-Version eines Getöteten vor Gericht gesprochen
11:6 : [NEU] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
11:6 : [NEU] [niedrig] Cisco IOS und Cisco IOS XE: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
11:6 : [NEU] [mittel] Cisco IOS XE Software Web-Based Management Interface: Mehrere Schwachstellen
11:6 : [NEU] [mittel] Drupal Erweiterungen: Mehrere Schwachstellen
11:6 : [NEU] [hoch] Cisco IOS XE Software: Mehrere Schwachstellen
11:5 : IT Security News Hourly Summary 2025-05-08 12h : 15 posts
11:4 : Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet
10:34 : Razzia in Deutschland: BKA verhaftet mutmaßliche Darknet-Drogenhändler
10:34 : [NEU] [mittel] Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers: Schwachstelle ermöglicht Denial of Service
10:34 : [NEU] [hoch] Cisco Industrial Ethernet Switches IOS/IOx Management Software: Mehrere Schwachstellen
10:32 : Tesla Sales Plunge Continues In Europe, Despite EV Sales Increase
10:32 : Beware of phone scams demanding money for ‘missed jury duty’
10:32 : How Escape Enabled Deeper Business Logic Testing for Arkose Labs
10:32 : UK Launches New Cybersecurity Assessment Initiatives to Drive Secure by Design
10:6 : [UPDATE] [hoch] libxml2: Schwachstelle ermöglicht remote Code Execution
10:6 : [UPDATE] [hoch] FreeType: Schwachstelle ermöglicht Codeausführung
10:5 : [NEU] [mittel] Cisco IOS-Software für Cisco Catalyst Switches: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen
10:5 : Spam campaign targeting Brazil abuses Remote Monitoring and Management tools
10:5 : How To Secure Digital Wallets from Phishing Attacks
10:5 : Cisco Patches 35 Vulnerabilities Across Several Products
10:4 : Confusion Reigns as Threat Actors Exploit Samsung MagicInfo Flaw
9:32 : Detecting Vulnerable Commvault Environments Within Azure Using KQL Query
9:32 : Dozens of SysAid Instances Vulnerable to Remote Hacking
9:13 : Cyberwar: Übung für mehr Resilienz bei NATO-Manöver Locked Shields
9:13 : Lockbit attackiert: Prominente Cybergang steht plötzlich vor entstellter Website
9:13 : [NEU] [hoch] Mitel SIP Phone: Mehrere Schwachstellen
9:13 : [NEU] [hoch] Cisco ASA, FTD, IOS und IOS XE Software (IKEv2): Schwachstelle ermöglicht Denial of Service
9:13 : [NEU] [mittel] Cisco IOS, IOS XE, NX-OS and WLC AireOS Software (SISF): Schwachstelle ermöglicht Denial of Service
9:13 : [NEU] [mittel] Cisco IOS XE Software for WLC Wireless IPv6 Clients: Schwachstelle ermöglicht Denial of Service
9:11 : Cisco IOS, XE, and XR Vulnerability Allows Remote Device Reboots
9:11 : U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog
9:11 : Protect Yourself From Cyber’s Costliest Threat: Social Engineering
9:11 : #Infosec2025: Combating Deepfake Threats at the Age of AI Agents
8:36 : LockBit-Leck: Nutzer- und Zahlungsdaten der Ransomware veröffentlicht
8:36 : Sicherheitsupdates: Root- und DoS-Attacken auf Cisco-Produkte möglich
8:36 : [UPDATE] [niedrig] ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service
8:36 : [UPDATE] [hoch] Mozilla Firefox, Firefox ESR, Thunderbird and Thunderbird ESR: Mehrere Schwachstellen
8:36 : [UPDATE] [hoch] Red Hat Enterprise Linux (libsoup): Mehrere Schwachstellen
8:36 : [UPDATE] [mittel] Red Hat Enterprise Linux (mod_auth_openidc): Schwachstelle ermöglicht Denial of Service
8:35 : [UPDATE] [hoch] Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff
8:33 : OpenCTI: Free Cyber Threat Intelligence Platform for Security Experts
8:33 : Multiple SonicWall SMA 100 Vulnerabilities Let Attackers Compromise Systems
8:33 : Apache ActiveMQ Vulnerability Let Attackers Trigger DoS Condition
8:33 : The Most Pressing Security Threat to Business is Hidden in Plain Sight
8:33 : Cisco’s new chip wants to scale quantum computing faster
8:12 : Ubiquity UniFi Protect: Kritisches Leck ermöglicht Codeschmuggel
8:12 : Ransomware: Unbekannte Angreifer leaken LockBit-Datenbank – dank PHP-Exploit?
8:11 : [NEU] [mittel] Syslog-ng: Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen
8:11 : [NEU] [mittel] Cisco Catalyst SD-WAN Manager: Mehrere Schwachstellen
8:9 : Polish authorities arrested 4 people behind DDoS-for-hire platforms
8:9 : Masimo Manufacturing Facilities Hit by Cyberattack
8:9 : ServiceNow unveils AI agents to accelerate enterprise self-defense
8:9 : Hacker Finds New Technique to Bypass SentinelOne EDR Solution
8:5 : IT Security News Hourly Summary 2025-05-08 09h : 12 posts
7:33 : Ubiquity UniFi Protect: Einschleusen von Schadcode möglich
7:33 : Admins verhaftet: Polizei nimmt mehrere DDoS-Dienste vom Netz
7:32 : AI Polluting Bug Bounty Platforms with Fake Vulnerability Reports
7:32 : ProcessUnity Evidence Evaluator flags discrepancies in a third-party’s controls
7:32 : Europol shuts down DDoS-for-hire services, CrowdStrike lays off 500 workers, GOV.UK embraces passkeys
7:6 : Q-Day wird zur realen Bedrohung
7:6 : Feuerwehr-Anlaufstation für Kuscheltier-Museum
7:6 : [UPDATE] [mittel] xpdf: Mehrere Schwachstellen ermöglichen Denial of Service
7:6 : [UPDATE] [hoch] X.Org X11: Mehrere Schwachstellen
7:6 : [UPDATE] [mittel] SSH Protokoll: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
7:5 : OnRPG – 1,047,640 breached accounts
7:5 : Sudo-rs make me a sandwich, hold the buffer overflows
7:5 : It’s a Mad, Mad World for DDoS; BGP Continues to Confound Security Teams
7:4 : Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
6:33 : Überwachungsgesamtrechnung: 3.228 Befugnisse reichen der Politik noch nicht aus
6:32 : Do the Math: Prime Number Breakthrough Could Upend Encryption
6:32 : How agentic AI and non-human identities are transforming cybersecurity
6:6 : Passkeys to replace Passwords in UK government sector for better cybersecurity
6:6 : LockBit Ransomware Group Breached: Internal Chats and Data Leaked Online
6:5 : CoGUI Phish Kit Impersonate Well-Known Companies to Attack Users & Steal Credentials
6:5 : Russian COLDRIVER Hackers Using LOSTKEYS Malware To Steal Sensitive Data
6:5 : Even the best safeguards can’t stop LLMs from being fooled

Post navigation