IT Security News Daily Summary 2025-05-13

210 posts were published in the last hour

21:33 : Microsoft Windows 11 Insider Preview Build 26200.5600 Released
21:33 : Intel’s data-leaking Spectre defenses scared off yet again
21:5 : Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
21:5 : CISA Statement on Cyber-Related Alerts and Notifications
21:5 : CISA Adds TeleMessage Vulnerability to KEV List Following Breach
21:5 : How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
21:5 : Qatar’s $400M jet for Trump is a gold-plated security nightmare
20:32 : How can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2)
20:32 : May 2025 Patch Tuesday Analysis
20:32 : Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit
20:32 : Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
20:32 : Windows Ancillary for WinSock 0-Day Vulnerability Let Attackers Escalate Privileges
20:32 : Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges
20:32 : Microsoft Rolls Out Windows 11 Cumulative Updates KB5058411 and KB5058405 With May Patch Tuesday
20:7 : The best VPN services for iPhone in 2025: Expert tested and reviewed
20:7 : Adobe Patches Big Batch of Critical-Severity Software Flaws
20:7 : Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
20:5 : IT Security News Hourly Summary 2025-05-13 21h : 18 posts
19:32 : AI power rankings upended: OpenAI, Google rise as Anthropic falls, Poe report finds
19:32 : Microsoft to Lay Off About 3% of Its Workforce
19:32 : BSidesLV24 – GroundFloor – Pipeline Pandemonium: How To Hijack The Cloud And Make It Rain Insecurity
19:32 : AI lifecycle risk management: ISO/IEC 42001:2023 for AI governance
19:3 : Microsoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-Day
19:3 : Google’s Advanced Protection for Vulnerable Users Comes to Android
19:3 : Marks and Spencer confirms data breach after April cyber attack
19:3 : Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
18:33 : Zoom Fixes High-Risk Flaw in Latest Update
18:33 : Critical Ivanti ITSM Vulnerability Let Remote Attacker Gain Administrative Access
18:33 : FortiVoice 0-day Vulnerability Exploited in the Wild to Execute Arbitrary Code
18:33 : Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation
18:33 : Microsoft Patch Tuesday May 2025: 72 Vulnerabilities Fixed, Including 5 Actively Exploited Zero-Day
18:33 : Windows Common Log File System 0-Day Vulnerability Actively Exploited in the Wild
18:33 : Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday
18:33 : Network Security Policy Management (NSPM) in 2025
18:7 : Microsoft Patch Tuesday: May 2025, (Tue, May 13th)
18:7 : Marks & Spencer Warns Customers Over Data Theft
18:7 : Ivanti Released Security Updates to Fix for the Mutiple RCE Vulnerabilities – Patch Now
18:7 : In the New Era of Cybersecurity, Here’s What’s Driving Long-Term Resilience
18:7 : Commvault fixes critical Command Center issue after flaw finder alert
18:7 : How to safely change your name without putting your identity at risk
17:33 : Googles Android Show: Mehr Sicherheit und Privatsphäre
17:32 : Fortinet FortiVoice Zero-day Vulnerability Actively Exploited in The Wild
17:32 : How can an enterprise mobile VPN fit into a mobility plan?
17:32 : Google Is Using On-Device AI to Spot Scam Texts and Investment Fraud
17:32 : Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
17:6 : Smishing und Co.: Wie Cyberkriminelle eure SMS in eine Falle verwandeln
17:6 : Warum du Ben & Jerry’s nicht in Sprachnachrichten am iPhone erwähnen solltest
17:6 : Nvidia auf der Computex: Was Jensen Huang über die KI der Zukunft enthüllen könnte
17:6 : Sonos stattet seine Soundbar mit KI aus: Wie sich dadurch euer Filmerlebnis verbessern soll
17:5 : Researchers Introduce Mythic Framework Agent to Enhance Pentesting Tool Performance
17:5 : Ransomware Attacks Surge by 123% Amid Evolving Tactics and Strategies
17:5 : No, Microsoft has not changed Windows 10 or Microsoft 365 support deadlines (again)
17:5 : Your Android phone is getting a huge security upgrade for free – what’s new
17:5 : Google announces new security features for Android for protection against scam and theft
17:5 : IT Security News Hourly Summary 2025-05-13 18h : 4 posts
16:35 : PrepHero-Linked Database Exposed Data of 3M Students and Coaches
16:35 : Hackers Weaponize KeePass Password Manager to Spread Malware and Steal Passwords
16:35 : Swan Vector APT Targets Organizations with Malicious LNK and DLL Implants
16:35 : Hitachi Energy Service Suite
16:35 : Hitachi Energy MACH GWS Products
16:34 : Hitachi Energy Relion 670/650/SAM600-IO Series
16:34 : ABB Automation Builder
16:34 : In The New Era of Cybersecurity, Here’s What’s Driving Long-Term Resilience
16:34 : Ivanti Releases Critical Security Update for EPMM After Limited Exploits Discovered
16:34 : FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device
16:34 : Cyber War Escalates Between Indian and Pakistani Hacktivists After Pahalgam Attack
16:34 : Linux Servers Under Attack: Hidden Malware Found in Fake Go Packages
16:34 : Worldcoin in Crisis: Indonesia & Kenya Take Action on the Biometric Crypto Project
16:34 : NordVPN Introduces £5,000 ID Theft Recovery Coverage for UK Users on Ultimate Plan
16:6 : 50,000 WordPress Sites Affected by PHP Object Injection Vulnerability in Uncanny Automator WordPress Plugin
16:6 : Government email alert system GovDelivery used to send scam messages
16:6 : Swan Vector APT Hackers Attacking Organizations With Malicious LNK & DLL Implants
16:5 : 5 Ways Threat Intelligence Helps Against Phishing Attacks
16:5 : Marks & Spencer Confirmed Customer Data Theft in Recent Cyber Attack
16:5 : Researchers Proposed Mythic Framework Agent to Boost Pentesting Tool Performances
16:5 : Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
16:5 : China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
16:5 : Turkey-Aligned Hackers Targeted Iraq-Based Kurds with Zero-Day Exploit
16:5 : Mapping AWS security services to MITRE frameworks for threat detection and mitigation
15:32 : Now ransomware starts infecting Central Processing Units aka CPUs
15:32 : iClicker Website Hacked with Fake CAPTCHA in ClickFix Attack
15:32 : RSAC Conference 2025
15:32 : DPRK-Backed TA406 Targets Ukraine With Malware Campaigns
15:4 : Cybercrime Syndicate Escalates Global Threat Levels
14:33 : An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado
14:33 : Zoom Workplace Apps Vulnerabilities Let Attackers Escalate Privileges
14:33 : Apache Superset Vulnerability Let Attackers Takeover Resource Ownership
14:33 : Hackers Weaponize KeePass Password Manager to Deliver Malware & Steal Passwords
14:33 : VMware Aria XSS Vulnerability Let Attackers Steal Access Token of Logged in User
14:33 : Scattered Spider Attacking UK Retail Organizations in Supply Chain Attack
14:33 : Top 5 Cybersecurity Automation Tools Transforming Risk Management
14:33 : Apple Device Users Can File Claims in $95 Million Siri Spying Settlement
14:33 : AI Can Now Shop for You: Visa’s Smart Payment Platform
14:33 : CISA Shifts Alert Distribution Strategy to Email, Social Media
14:8 : Erstelle ein sicheres Passwort, das sich leicht merken lässt | Offizieller Blog von Kaspersky
14:7 : Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack
14:7 : With the Right Tools, You Can Prevent This Healthcare Scam from Hurting Employees
14:7 : ‘We still have embeds in CISA’: CTO of Brit cyber agency talks post-Trump relationship with US counterpart
14:7 : Lenovo intoduces ThinkShield Solutions to secure organizations with limited IT resources
14:7 : Tufin TOS Discovery automates device discovery and onboarding
14:5 : IT Security News Hourly Summary 2025-05-13 15h : 7 posts
13:34 : Supportende für Windows 10: BSI warnt vor Sicherheitsrisiken
13:33 : A DDoS Attack Just Breached Your Defenses ? Now What?
13:33 : PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)
13:32 : Zoom Workplace Apps Flaws Allow Hackers to Gain Elevated Access
13:32 : 5 Subtle Indicators Your Development Environment Is Under Siege
13:32 : Sharing Intelligence Beyond CTI Teams, Across Wider Functions and Departments
13:32 : Product showcase: Go beyond VPNs and Tor with NymVPN
13:32 : DefectDojo boosts unified vulnerability management
13:6 : SAP-Patchday: Kritische Netweaver-Lücke und viele mehr gestopft
13:5 : Scattered Spider Launches Supply Chain Attacks on UK Retail Organizations
13:5 : F5 BIG-IP Vulnerability Allows Remote Command Execution
13:5 : Four Hackers Caught Exploiting Old Routers as Proxy Servers
13:5 : Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies
13:5 : Advancing Cybersecurity in Australia
13:5 : AI Agents: Transformative or Turbulent?
13:5 : SAP Patches Another Critical NetWeaver Vulnerability
12:33 : Perfekt implementierte Sicherungen ausgehebelt: Spectre-Angriffe sind zurück
12:33 : Marks & Spencer confirms customers’ personal data was stolen in hack
12:33 : Top 5 Takeaways from RSAC 2025: INE Security Alert
12:32 : Researchers Uncovered North Korean Nationals Remote IT Worker Fraud Scheme
12:32 : SAP May 2025 Patch Tuesday – Patch for Actively Exploited 0-Day & 15 Vulnerabilities
12:32 : North Korean Hackers Leveraging Academic Forum Invitation & Dropbox to Deliver Malware
12:32 : Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023
12:3 : CISA-Umbau: Warnungen vor bekannten Exploits verschwinden aus der Übersicht
12:3 : [NEU] [hoch] Dell PowerScale InsightIQ: Mehrere Schwachstellen
12:3 : [NEU] [mittel] Red Hat Enterprise Linux: Mehrere Schwachstellen
12:2 : Hackers Abuse PyInstaller to Deploy Stealthy macOS Infostealer
11:35 : [UPDATE] [niedrig] Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
11:34 : [UPDATE] [niedrig] NGINX: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
11:34 : [UPDATE] [mittel] libtasn1: Schwachstelle ermöglicht Denial of Service
11:34 : [UPDATE] [mittel] Vaultwarden: Schwachstelle ermöglicht Denial of Service oder Offenlegung von Informationen
11:34 : [UPDATE] [hoch] OpenSSH: Mehrere Schwachstellen
11:33 : Court Rules Against NSO Group
11:33 : Marks & Spencer Says Data Stolen in Ransomware Attack
11:32 : CISO Survey Surfaces Shift in Application Security Responsibilities
11:32 : North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress
11:32 : Deepfake Defense in the Age of AI
11:6 : iOS 18.5 ist da: Diese Funktionen stecken im iPhone-Update
11:6 : Microsoft weicht das Support-Aus von Windows 10 auf: Diese Apps bekommen noch drei weitere Jahre Updates
11:6 : Künstliche Intelligenz: Ist ein Leben ohne KI noch möglich?
11:6 : OpenAIs neues KI-Modell testet andere Chatbots auf ihr medizinisches Wissen: So schneiden sie ab
11:6 : macOS 16: Mit diesem Detail will Apple den Datenschutz verbessern
11:6 : Nutzer verärgert: VPN-Anbieter kündigt unerwartet alle Lifetime-Zugänge
11:6 : [UPDATE] [mittel] OpenJPEG: Mehrere Schwachstellen ermöglichen Denial of Service
11:6 : [UPDATE] [hoch] Rsync: Mehrere Schwachstellen
11:6 : [UPDATE] [mittel] Intel Firmware: Mehrere Schwachstellen
11:5 : PupkinStealer Targets Windows Users to Steal Browser Login Credentials
11:5 : IT Security News Hourly Summary 2025-05-13 12h : 19 posts
11:5 : APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq
11:5 : Marks & Spencer admits cybercrooks made off with customer info
11:4 : Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying
10:34 : Apple Safari: Mehrere Schwachstellen
10:34 : [NEU] [mittel] Apache Superset: Schwachstelle ermöglicht Umgehung von Sicherheitsvorkehrungen
10:34 : [NEU] [hoch] Zoom Video Communications Workplace und Rooms: Mehrere Schwachstellen
10:33 : [NEU] [hoch] Apple Safari: Mehrere Schwachstellen
10:33 : Huawei, UBTech Team Up On Humanoid Robots
10:32 : Repeated Firmware Key-Management Failures Undermine Intel Boot Guard and UEFI Secure Boot
10:32 : Using a Mythic agent to optimize penetration testing
10:32 : Exploring CNAPP Options for Cloud Security in 2025
10:32 : Suspected DoppelPaymer Ransomware Group Member Arrested
10:32 : INE Security Alert: Top 5 Takeaways from RSAC 2025
10:12 : Apple macOS: Mehrere Schwachstellen
10:11 : [NEU] [mittel] Varnish HTTP Cache: Schwachstelle ermöglicht Manipulation von Dateien
10:11 : [NEU] [mittel] Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
10:11 : [NEU] [hoch] Apple macOS: Mehrere Schwachstellen
10:10 : Redefining IABs: Impacts of compartmentalization on threat tracking and modeling
10:10 : Defining a new methodology for modeling and tracking compartmentalized threats
10:10 : Asus One-Click Flaw Exposes Users to Remote Code Execution Attacks
10:10 : CISA Flags Hidden Functionality Flaw in TeleMessage TM SGNL on KEV List
10:10 : As US vuln-tracking falters, EU enters with its own security bug database
10:10 : How Compliance Training Software Protects Your Business from Risk
10:10 : Orca Snaps Up Opus in Cloud Security Automation Push
10:10 : M&S Confirms Customer Data Stolen in Cyber-Attack
10:10 : European Vulnerability Database Launches Amid US CVE Chaos
9:35 : Apple iOS und iPadOS: Mehrere Schwachstellen
9:35 : [NEU] [hoch] SAP Patchday Mai 2025: Mehrere Schwachstellen
9:34 : [NEU] [hoch] Apple iOS und iPadOS: Mehrere Schwachstellen
9:34 : [NEU] [hoch] VMware Cloud Foundation: Schwachstelle ermöglicht Cross-Site Scripting
9:32 : EU Queries SES, Intelsat Customers Over $3.1bn Merger
9:32 : Regulator Probes Tesla Safety Ahead Of Robotaxi Launch
9:32 : Report Reveals BEC Cryptocurrency Scams Rose by 344%
9:32 : PoC Exploit Released for macOS CVE-2025-31258 Vulnerability Bypassing Sandbox Security
9:32 : F5 BIG-IP Command Injection Vulnerability Let Attackers Execute Arbitrary System Commands
9:32 : Recurring Supply‑Chain Lapses Expose UEFI Firmware to Pre‑OS Threats
9:10 : Intel Prozessoren: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
9:10 : LegoGPT: KI-Chatbot erstellt aus einfachen Prompts fertige Bauanleitungen
9:10 : Driverhub: Asus-Tool lässt Webseiten Malware als Admin ausführen
9:9 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
9:7 : I wanted a privacy screen protector – until I put one on my Galaxy S25 Ultra
9:7 : Sit, Fetch, Steal – Chihuahua Stealer: A new Breed of Infostealer
9:7 : CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor
9:7 : Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated
9:7 : UK Considers New Enterprise IoT Security Law
8:33 : Sicherheitsfixes: Apple behebt zahllose Lücken – inklusive erste im C1
8:33 : WordPress-Plug-in TheGem: Sicherheitsleck gefährdet 82.000 Webseiten
8:33 : Sicherheitsupdates: Angreifer können IBM App Connect und Storage Scale lahmlegen
8:33 : Driverhub: Asus-Treiberverwaltung lässt Hacker Malware einschleusen
8:32 : Apple ‘Mulls’ iPhone Price Rises – Without Citing Tariffs
8:32 : AI Start-Up Perplexity ‘Raising $500m’ On $14bn Valuation
8:5 : IT Security News Hourly Summary 2025-05-13 09h : 12 posts
8:3 : Cobalt Strike 4.11.1 Released With SSL Checkbox Fix
8:3 : Attackers Leverage Unpatched Output Messenger 0‑Day to Deliver Malicious Payloads
8:2 : Researchers Uncover Remote IT Job Fraud Scheme Involving North Korean Nationals
8:2 : Cobalt Strike 4.11.1 Released With Fix For ‘Enable SSL’ Checkbox
8:2 : Türkiye-linked spy crew exploited a messaging app zero-day to snoop on Kurdish army in Iraq
7:33 : Digitale US-Abhängigkeit: Wie wird Deutschland unabhängig?
7:33 : [UPDATE] [mittel] Ghostscript: Mehrere Schwachstellen
7:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
7:33 : [UPDATE] [mittel] GNU Emacs und Red Hat Enterprise Linux: Schwachstelle ermöglicht Codeausführung

Post navigation