IT Security News Daily Summary 2025-05-15

210 posts were published in the last hour

21:32 : Endpoint Security Controls: Designing a Secure Endpoint Architecture, Part 1
20:32 : Detection and Mitigation of Lateral Movement in Cloud Networks
20:7 : Breachforums Boss to Pay $700k in Healthcare Breach
20:7 : In Memoriam: John L. Young, Cryptome Co-Founder
20:5 : IT Security News Hourly Summary 2025-05-15 21h : 3 posts
19:8 : CISA Statement on Cyber-Related Alerts and Notifications
19:8 : Coinbase disclosed a data breach after an extortion attempt
18:32 : Hackers Abuse Google Services to Send Malicious Law Enforcement Requests
18:32 : New .NET Multi-stage Loader Attacking Windows Systems to Deploy Malicious Payloads
18:32 : Coinbase Hacked – Massive Data Breach Costs Them $400 Million
18:4 : Xoxo to Prague
18:4 : Coinbase Customer Info Stolen by Bribed Overseas Agents
18:4 : Coinbase Data Breach – Customers Personal Info, Government‑ID & Transaction Data Exposed
18:4 : The Kids Online Safety Act Will Make the Internet Worse for Everyone
18:4 : Closing the Loop: Continuous API Security Testing – FireTail Blog
17:33 : Coinbase Data Breach – Customers Personal Info, Government‑ID & Account Data Exposed
17:33 : EFF to California Lawmakers: There’s a Better Way to Help Young People Online
17:33 : Cyber fiends battering UK retailers now turn to US stores
17:33 : Windows CLFS Zero-Day Flaw Exploited in Play Ransomware Attacks
17:33 : Meta Mirage” Phishing Campaign Poses Global Cybersecurity Threat to Businesses
17:33 : Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
17:8 : visionOS 3: So könnte Apple die Bedienung der Vision Pro verändern
17:6 : CISA Alerts on Five Active Zero-Day Windows Vulnerabilities Being Exploited
17:6 : Inside Turla’s Uroboros Infrastructure and Tactics Revealed
17:6 : How to safely change your name without putting your identity at risk
17:6 : Siemens VersiCharge AC Series EV Chargers
17:6 : Siemens Mendix OIDC SSO
17:6 : Siemens SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems
17:6 : Siemens SCALANCE LPE9403
17:6 : Siemens SIMATIC PCS neo
17:6 : In the New Era of Cybersecurity, Here’s What’s Driving Long-Term Resilience
17:6 : Coinbase extorted for $20M. Support staff bribed. Customers scammed. One hell of a breach disclosure…
17:6 : How the Microsoft Secure Future Initiative brings Zero Trust to life
17:5 : IT Security News Hourly Summary 2025-05-15 18h : 20 posts
16:35 : Anzeige: Penetration Testing lernen und Sicherheitslücken schließen
16:34 : Google Algorithm Slashes Reddit Traffic: What It Means for UGC Platforms
16:34 : CISA Alerts on Active Exploitation of Zero-Day Vulnerability in Multiple Fortinet Products
16:34 : Record-Breaking $27 Billion Black Market ‘Haowang Guarantee’ Deals Conducted Behind Closed Doors
16:34 : Threat Actors Exploit Open Source Packages to Deploy Malware in Supply Chain Attacks
16:34 : Hackers Exploit Google Services to Send Malicious Law Enforcement Requests
16:34 : Intruder vs. Acunetix vs. Attaxion: Comparing Vulnerability Management Solutions
16:34 : CVE-2024-2928: MLflow Local File Inclusion via URI Fragment Manipulation
16:34 : U.S. officials Investigating Rogue Communication Devices in Solar Power Inverters
16:34 : Steel Manufacturer Nucor Shuts Down Production Following Cyber Attacks
16:34 : Threat Actors Weaponizing Open Source Packages to Deliver Malware in Supply Chain Attack
16:34 : Windows Defender Application Control Bypassed Using Operationalizing Browser Exploits
16:34 : CISA Warns of Five Actively Exploited Windows 0-Day Vulnerabilities
16:33 : Proofpoint to acquire Hornetsecurity
16:8 : Malware-Ranking April: FakeUpdates bleibt die dominante Malware in Deutschland
16:8 : Insider Threat fetches $400m loss to Coinbase
16:7 : Socket buys Coana to tell you which security alerts you can ignore
16:7 : Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)
16:7 : Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
15:35 : E-Mail-Sicherheit: Proofpoint kauft Hornetsecurity
15:34 : Fileless Remcos RAT Attack Evades Antivirus Using PowerShell Scripts
15:34 : Hackers Steal Customers Banking Details in Nova Scotia Cyber Attack
15:34 : Patch Tuesday: Microsoft Patches 78 Vulnerabilities, 5 Zero-Day Flaws
15:34 : Microsoft Outlook Down – Millions of Users Affected With This Longest Outage in Microsoft History
15:34 : Chihuahua Stealer Leverages Google Drive Document to Steal Browser Login Credentials
15:33 : New DarkCloud Stealer Uses AutoIt to Evade Detection & Steal Login Credentials
15:33 : TransferLoader Malware Allows Attackers to Execute Arbitrary Commands on Compromised System
15:33 : Xerox Issues April 2025 Security Patch Update for FreeFlow Print Server v2
15:33 : Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data
15:33 : BSidesLV24 – GroundFloor – The Road To Developers’ Hearts
15:6 : Microsoft Outlook Down – Millions of Business & Personal Users Worldwide Impacted
15:5 : Xerox Launches April 2025 Security Patch for FreeFlow Print Server v2
15:5 : New .NET Multi-Stage Loader Targets Windows Systems to Deploy Malicious Payloads
15:5 : Barclays Introduces New Step-by-Step Model to Tackle Modern Fraud
15:5 : One Click Is All It Takes: New Mac Malware Steals Your Data
15:5 : Audio and Video Chat Recording Could Be Part of Nintendo Switch 2
15:5 : iHeartMedia Cyberattack Exposes Sensitive Data Across Multiple Radio Stations
15:5 : Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
15:5 : PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack
14:32 : Wordfence Intelligence Weekly WordPress Vulnerability Report (May 5, 2025 to May 11, 2025)
14:32 : Customer Data Compromised in Dior Cyber Attack
14:32 : Nucor Steel Manufacturer Halts Production After Cyberattack
14:32 : Coinbase suffers data breach, gets extorted (but won’t pay)
14:32 : SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
14:5 : Node.js Vulnerability Enables Attackers to Crash Processes and Disrupt Services
14:5 : Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns
14:5 : Enisa Launched New European Vulnerability Database to Strengthen Cybersecurity
14:5 : Snowflake CISO on the power of ‘shared destiny’ and ‘yes and’
14:5 : GitLab 18 increases developer productivity by integrating AI throughout the platform
14:5 : Dior Confirms Data Breach Affecting Customer Information
14:5 : IT Security News Hourly Summary 2025-05-15 15h : 12 posts
13:35 : Monitoringtool Dell PowerScale InsightIQ über zwei Wege angreifbar
13:35 : Kryptobörse Coinbase: Datenleck nach Cyberangriff
13:34 : Erstelle ein sicheres Passwort, das sich leicht merken lässt | Offizieller Blog von Kaspersky
13:34 : US-Unternehmen Proofpoint: Hornetsecurity aus Hannover für 1 Milliarde Dollar gekauft
13:33 : Locked Out and Held for Ransom: A City’s Battle Against Cybercrime
13:33 : FrigidStealer Malware Hits macOS Users via Fake Safari Browser Updates
13:33 : Windows Defender Application Control Bypassed Through Browser Exploit Techniques
13:33 : Weaponized Google Calendar Invites Deliver Malicious Payload Using a Single Character
13:33 : Russian Hackers Exploit XSS Vulnerabilities to Inject Malicious Code into Email Servers
13:33 : Phishing Campaign Mimics Email Quarantine Notifications: 32,000 Emails Target 6,358 Customers
13:33 : Threat landscape for industrial automation systems in Q1 2025
13:33 : Russian Hackers Exploiting MDaemon 0-Day Vulnerability to Hack Webmail Servers
13:33 : Hackers Disguised Remote Access Malware as Microsoft Edge service
13:33 : Threat Actors Using Weaponized HTML Files to Deliver Horabot Malware
13:33 : Interlock Ransomware Attacking Defense Contractors and Their Supply Chains
13:33 : DHS Cancels $2.4 Billion Leidos Contract, Cites Changes at CISA
13:6 : SAP-Netweaver-Lücke: Ransomware-Gruppen springen auf
13:6 : DoS-Attacken auf Dells Monitoringtool PowerScale InsightIQ vorstellbar
13:5 : DarkCloud Stealer Employs AutoIt to Evade Detection and Steal Login Credentials
13:5 : TransferLoader Malware Enables Attackers to Execute Arbitrary Commands on Infected Systems
13:5 : U.S. Officials Probe Rogue Communication Devices in Solar Power Inverters
13:5 : You.com’s ARI Enterprise crushes OpenAI in head-to-head tests, aims at deep research market
13:5 : Production at Steelmaker Nucor Disrupted by Cyberattack
13:5 : CyberStrong May Product Update
13:5 : Small but Mighty: UX Design Tips for a Lean Team Environment
13:5 : New Linux Vulnerabilities Surge 967% in a Year
12:32 : Securing the Code: Building a Culture of Credential Protection in Dev Teams
12:32 : Interlock Ransomware Targeting Defense Contractors and Supply Chain Networks
12:32 : Chihuahua Stealer Exploits Google Drive Document to Harvest Browser Login Credentials
12:32 : Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal
12:32 : “Endemic” Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity
12:6 : [NEU] [mittel] TIBCO ActiveMatrix BusinessWorks: Schwachstelle ermöglicht SQL Injection
12:6 : [UPDATE] [hoch] Microsoft Windows und Microsoft Windows Server: Mehrere Schwachstellen
12:6 : [NEU] [hoch] WebKit: Mehrere Schwachstellen
12:5 : Why Cloud Phone Systems are The Future of Business Communication
12:5 : Coinbase says customers’ personal information stolen in data breach
12:5 : Enisa Launches European Vulnerability Database to Enhance Digital Security
12:5 : TA406 Hackers Attacking to Attack Government Entities to Steal Login Credentials
12:5 : Pen Testing for Compliance Only? It’s Time to Change Your Approach
11:34 : Nach 9 Monaten: Microsoft fixt endlich kaputt gepatchtes Dual-Boot
11:34 : [UPDATE] [mittel] Intel Prozessoren: Mehrere Schwachstellen
11:33 : [NEU] [mittel] PaloAlto Networks PAN-OS: Mehrere Schwachstellen
11:33 : [NEU] [mittel] Drupal: Mehrere Schwachstellen
11:33 : [NEU] [mittel] Hitachi Ops Center: Mehrere Schwachstellen
11:33 : [NEU] [mittel] Red Hat Satellite: Schwachstelle ermöglicht Denial of Service
11:32 : US ‘Nears Deal’ With UAE On Advanced AI Chips
11:32 : Waymo Recalls Vehicles After Minor Collisions
11:32 : Chinese Hackers Hit Drone Sector in Supply Chain Attacks
11:32 : Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
11:32 : PentestPad streamlines security testing workflows
11:5 : Mozilla Thunderbird: Mehrere Schwachstellen
11:5 : Chatbots übertreiben gern bei Zusammenfassungen – und werden noch ungenauer, wenn ihr es ihnen sagt
11:5 : OpenAIs neuer Safety Hub: Echte Transparenz oder reine Fassade?
11:5 : IT-Sicherheit unzureichend? Jede zweite IKT-Firma gegen Cyberangriffe versichert
11:5 : Google will gestohlene Android-Smartphones unverkäuflich machen
11:5 : [NEU] [hoch] Mozilla Thunderbird: Mehrere Schwachstellen
11:5 : IT Security News Hourly Summary 2025-05-15 12h : 10 posts
11:4 : AI-Generated Law
11:4 : Researchers Unveiled a New Mechanism to Track Compartmentalized Threats
11:4 : Node.js Vulnerability Allows Attackers to Crash the Process & Halt Services
11:3 : Xanthorox – New BlackHat AI Tool Used to Launch Phishing & Malware Attacks
11:3 : Threat Actors Exploit AI & LLM Tools to Begun Using Them as Offensive Tools
11:3 : Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws
11:3 : Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
11:3 : Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
11:3 : 5 BCDR Essentials for Effective Ransomware Defense
10:33 : Spionageverdacht: Russischer Kadett tötet sein Date wegen eines Hörgerätes
10:33 : [NEU] [niedrig] Vercel Next.js: Schwachstelle ermöglicht Offenlegung von Informationen
10:32 : Police Shut Down Fake Trading Platform That Scammed Hundreds
10:31 : Using a Mythic agent to optimize penetration testing
10:8 : Google Chrome: Mehrere Schwachstellen
10:8 : USA: Bösartige Kommunikationsgeräte in chinesischen Solar-Wechselrichtern
10:8 : Golem Karrierewelt: Heute Live-Webinar: Microsoft Sentinel – SIEM in der Cloud
10:7 : [NEU] [mittel] IBM Semeru Runtime: Mehrere Schwachstellen ermöglichen Denial of Service
10:7 : [NEU] [niedrig] PaloAlto Networks Prisma Cloud Compute Edition: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
10:7 : [NEU] [hoch] Google Chrome: Mehrere Schwachstellen
10:7 : [NEU] [mittel] Red Hat Enterprise Linux (Yggdrasil): Schwachstelle ermöglicht Privilegieneskalation
10:7 : [NEU] [mittel] Red Hat OpenShift: Schwachstelle ermöglicht Offenlegung von Informationen
10:6 : EU ‘Likely To Accept’ Microsoft Offer On Office, Teams
10:6 : M&S Hackers ‘Targeting US Retailers’
10:6 : U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog
10:6 : New HTTPBot Botnet Expanding Aggressively to Attack Windows Machines
10:6 : Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems
10:6 : macOS Security Guide – Safeguarding Against Adware and Malware
10:6 : Canadian Electric Utility Lists Customer Information Stolen by Hackers
10:6 : Russia-linked hackers target webmail servers in Ukraine-related espionage operation
10:6 : Fraud Losses Hit $11m Per Company as Customer Abuse Soars
10:5 : Call for Papers Deadline Approaching – Don’t Miss Your Shot to Speak at the OpenSSL Conference 2025!
9:31 : [UPDATE] [mittel] git: Schwachstelle ermöglicht Darstellen falscher Informationen
9:31 : [UPDATE] [mittel] Golang Go: Mehrere Schwachstellen
9:31 : [UPDATE] [hoch] libxml2: Schwachstelle ermöglicht remote Code Execution
9:31 : [NEU] [mittel] SonicWall SMA: Schwachstelle ermöglicht Manipulation
9:31 : [NEU] [mittel] Node.js: Mehrere Schwachstellen
9:6 : [UPDATE] [hoch] Microsoft Developer Tools: Mehrere Schwachstellen
9:5 : Compliance Fatigue Is Real—And It’s Putting Cybersecurity at Risk
9:5 : Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc
9:5 : Keeping People Safe Online – Fundamental Rights Protective Alternatives to Age Checks
9:5 : Australian Human Rights Commission Discloses Data Breach
8:34 : Kinderpornografie: Polizei beschlagnahmt bei Razzia 350 TByte an Datenmaterial
8:33 : Paris Woman Targeted In Latest Crypto Kidnap Attempt
8:33 : Co-op Hopes For Weekend Improvements After Cyber-Attack
8:33 : Sit, Fetch, Steal – Chihuahua Stealer: A new Breed of Infostealer
8:33 : Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’
8:32 : LegoGPT: AI Transforms Text Prompts into Stable LEGO Structures
8:32 : Neon Serverless Postgres: Azure Native Integration Now Available
8:32 : China Launches First Satellites for AI Computing Constellation
8:32 : Google DeepMind’s AlphaEvolve: AI That Writes Code and Saves Costs
8:32 : LiongardIQ unifies asset inventory, network monitoring and AI insights
8:5 : Patchday: Lücken in Intel-Software und -Treibern gestopft
8:5 : Bis zu 180.000 Datensätze: Hacker klauen Daten von Kunden der Berliner Verkehrsbetriebe
8:5 : IT Security News Hourly Summary 2025-05-15 09h : 7 posts
8:3 : Critical BitLocker Flaw Exploited in Minutes: Bitpixie Vulnerability Proof of Concept Unveiled
8:3 : BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released
8:3 : Healthcare Cyber Attacks – 276 Million Patient Records were Compromised In 2024
8:3 : Anthropic’s Claude Now Features Web Search Capabilities via API
8:3 : Google Cloud Expands AI/ML Innovations and Partnerships in 2025
8:3 : 89 Million Steam Accounts Compromised: Change Your Password Now
8:3 : Top 10 Programming Trends and Languages to Watch in 2025
8:3 : #Infosec2025: Ransomware Enters ‘Post-Trust Ecosystem,’ NCA Cyber Expert Says
7:33 : Chrome-Sicherheitslücke mit Exploit in freier Wildbahn
7:33 : Google warnt: Gefährliche Chrome-Lücke wird aktiv ausgenutzt
7:32 : US Revokes Biden-Era AI Export Rule
7:32 : Attack on steel producer, EUVD online, CISA advisory overhaul
7:6 : Berlin Professional School: Neues Zertifikatsprogramm für Unternehmenssicherheit
7:5 : Here’s what we know about the DragonForce ransomware that hit Marks & Spencer

Post navigation