IT Security News Daily Summary 2025-06-02

207 posts were published in the last hour

21:32 : Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
21:5 : Google quietly launches AI Edge Gallery, letting Android phones run AI without the cloud
21:5 : Qualcomm Fixes Three Adreno GPU Flaws Abused in Android Attacks
20:32 : The EU’s “Encryption Roadmap” Makes Everyone Less Safe
20:32 : Ukrainians smuggle drones hidden in cabins on trucks to strike Russian airfields
20:5 : IT Security News Hourly Summary 2025-06-02 21h : 12 posts
20:3 : CFOs Targeted in Sophisticated Phishing Campaign Using Legit NetBird Tool
20:3 : AI Adoption Accelerates Despite Growing Security Concerns: Report
20:3 : FBI Cracks Down on Dark Web Drug Dealers
20:2 : Hackers Use Popular Anime Titles to Lure Gen Z into Malware Traps, Warns Kaspersky
19:32 : How to Keep Your Litecoin Safe: A Practical Guide
19:32 : Threat Actors Leverage ClickFix Technique to Deploy EddieStealer Malware
19:32 : Securing DevOps Pipelines: A Practical Guide to Balancing Speed and Security
19:32 : 245 Days Without Justice: Laila Soueif’s Hunger Strike and the Fight to Free Alaa Abd el-Fattah
19:32 : Survey: Changing Threat Landscape Drives Cybersecurity Spending Shifts
19:3 : Stealth Syscall Technique Allows Hackers to Evade Event Tracing and EDR Detection
19:3 : CISA Adds Five Known Exploited Vulnerabilities to Catalog
19:3 : Admin Rights Are the Problem, Not Which Antivirus You Choose
19:3 : Survey Surfaces Rise on Cyberattacks Fueled by AI
18:32 : Linux Crash Reporting Flaws (CVE-2025-5054, 4598) Expose Password Hashes
18:32 : Enterprise Data Loss Prevention (DLP) Security Policies and Tuning
18:32 : Breaking the Lifecycle of Stolen Credentials Before It Breaks You
18:32 : INE Security Alert: $16.6 Billion in Cyber Losses Underscore Critical Need for Advanced Security Training
18:32 : U.S., Dutch Agencies Shut Down AVCheck Services Used by Threat Groups
18:5 : The DOGE effect on cybersecurity: Efficiency vs. risk
18:5 : Future of Passwords Biometrics and Passwordless Authentication
18:5 : Ransomware Negotiation When and How to Engage Attackers
17:33 : What is a time-based one-time password?
17:33 : What is a next-generation firewall (NGFW)?
17:33 : Southwest has new rule that changes how you charge your phone mid-flight
17:33 : Vanta bug exposed customers’ data to other customers
17:33 : OffensiveCon25 – Hunting For Overlooked Cookies In Windows 11 KTM And Baking Exploits For Them
17:33 : Randall Munroe’s XKCD ‘Archaea’
17:33 : EU Sanctions Actors Involved in Russian Hybrid Warfare
17:33 : Discover how automatic attack disruption protects critical assets while ensuring business continuity
17:33 : Attackers breached ConnectWise, compromised customer ScreenConnect instances
17:6 : Vodafone Promises £1.3bn Investment As Three Merger Concludes
17:6 : The DOGE effect on cyber: What’s happened and what’s next?
17:5 : NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’
17:5 : Vulnerability Summary for the Week of May 26, 2025
17:5 : A deep dive into data protection sessions at AWS re:Inforce 2025
17:5 : IT Security News Hourly Summary 2025-06-02 18h : 16 posts
16:33 : Malware Masquerades as Legitimate, Hidden WordPress Plugin with Remote Code Execution Capabilities
16:33 : What is compliance automation?
16:33 : MediaTek Vulnerabilities Let Attackers Escalate Privileges Without User Interaction
16:33 : Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection
16:33 : DSPM vs. DLP:Understanding the Key Differences
16:32 : Qualcomm Adreno GPU 0-Day Vulnerabilities Exploited to Attack Android Users
16:32 : Vietnam Blocks Telegram Messaging App
16:32 : Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
16:32 : Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
16:5 : US Sanctions Philippines’ Funnull Technology Over $200M Crypto Scam
16:5 : Qualcomm fixed three zero-days exploited in limited, targeted attacks
16:5 : Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure
16:4 : Announcing a new strategic collaboration to bring clarity to threat actor naming
15:33 : Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands
15:33 : New PyPI Supply Chain Attacks Python & NPM Users on Windows and Linux
15:33 : Haozi’s Plug-and-Play Phishing Attack Stolen Over $280,000 From Users
15:33 : HuluCaptcha – A FakeCaptcha Kit That Trick Users to Run Code via The Windows Run Command
15:33 : Threat Actors Using ClickFix Technique to Deliver EddieStealer Malware
15:33 : Prioritizing Vulnerabilities in a Sea of Alerts
15:33 : Hackers Tricking Employees with Fake IT Calls and Email Floods in New Ransomware Scam
15:33 : Balancing Consumer Autonomy and Accessibility in the Age of Universal Opt-Outs
15:33 : FBI Busts 270 in Operation RapTor to Disrupt Dark Web Drug Trade
15:33 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
15:33 : Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
15:5 : Police took down several popular counter-antivirus (CAV) services, including AvCheck
15:5 : Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently
15:5 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
15:5 : New Linux Vulnerabilities Expose Password Hashes via Core Dumps
14:33 : Cybergang behauptet Datenklau bei Volkswagen
14:32 : IBM DataStage Bug Exposes Database Credentials in Plain Tex
14:32 : Risk maturity model: How it works and how to use one
14:32 : Sysdig Reveals Discovery of Cyberattack Aimed at Tool to Build AI Apps
14:32 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
14:32 : Sophisticated Malware Campaign Targets Windows and Linux Systems
14:5 : IT Security News Hourly Summary 2025-06-02 15h : 2 posts
14:4 : Critical MediaTek Flaws Allow Hackers to Gain Elevated Access with No User Input
14:4 : Rise of Deepfake Attacks Detection and Prevention Tips
14:4 : Hackers Could Use Stealth Syscall Execution to Bypass Event Tracing & EDR Detection
14:3 : Hackers Allegedly Selling Windows Crypter Claims Bypass of All Antiviruses
14:3 : Bluetooth HCI Adaptor Realtek Vulnerability Let Attackers Delete Arbitrary Files
14:3 : CISO Roles Expand Beyond Cybersecurity as Organizations Embrace Strategic Security Leadership
14:3 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
14:3 : Cryptojacking Campaign Targets DevOps Servers Including Nomad
13:33 : Elektronische Schließsysteme: Effizienz durch digitale Lösungen
13:33 : Operation Endgame: Behörden zerschlagen Antivirus-Testseite AVCheck
13:32 : BarracudaONE boosts threat protection and cyber resilience
13:32 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
13:7 : Wie Betrüger echte Microsoft-Business-Benachrichtigungen ausnutzen | Offizieller Blog von Kaspersky
13:6 : Maximize Your Minecraft: Optimal PC Setup and Server Hosting Essentials
13:6 : Iranian Robbinhood Ransomware Operator Pleads Guilty in US City Attacks
13:6 : HuluCaptcha: Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
13:6 : Realtek Bluetooth Driver Flaw Allows Attackers to Delete Any File on Windows Systems
13:6 : New Study Uncovers Vulnerable Code Pattern Exposes GitHub Projects To Path Traversal Attacks
13:6 : Securing APIs Protecting Backbone of Modern Applications
13:6 : 50,000+ Azure AD Users Access Token Exposed From Unauthenticated API Endpoint
13:6 : Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
13:6 : vBulletin Vulnerability Exploited in the Wild
13:6 : How Artificial Intelligence Phishing Detection Is Reshaping K–12 Email Protection
13:6 : DoControl helps organizations enforce zero trust security strategies
13:6 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
13:6 : #Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’
12:32 : US community bank says thieves drained customer data through third party hole
12:32 : ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
12:4 : Sparkassen: Betrüger springen auf S-pushTAN-Probleme auf
12:3 : Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
11:34 : ASW wird VSW: Strümpfel löst Borgschulze ab
11:34 : Fake-Anrufe bei US-Politikern: Smartphone von Trumps Stabschefin gehackt
11:33 : Hackers Weaponize Free SSH Client PuTTY to Deliver Malware on Windows
11:33 : New PyPI Supply Chain Attacks Target Python and NPM Users on Windows and Linux
11:33 : Haozi’s Plug-and-Play Phishing Attack Steals Over $280,000 From Users
11:33 : Australia Requires Ransomware Victims to Declare Payments
11:32 : Role of Threat Intelligence in Proactive Defense Strategies
11:32 : Chrome to Distrust Chunghwa Telecom and Netlock Certificates
11:32 : The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
11:5 : IT Security News Hourly Summary 2025-06-02 12h : 13 posts
11:3 : CISO Roles Take on Strategic Security Leadership Roles Beyond Cybersecurity as Organizations
11:3 : Alleged Conti, TrickBot Gang Leader Unmasked
10:33 : [NEU] [mittel] Perl: Schwachstelle ermöglicht Codeausführung und Offenlegung von Informationen
10:33 : [NEU] [hoch] Samsung Exynos: Mehrere Schwachstellen
10:33 : [NEU] [hoch] Roundcube: Schwachstelle ermöglicht Codeausführung
10:32 : Meta To Work With Anduril On US Military Tech
10:32 : Anthropic ‘Reaches $3bn’ AI Revenue Rate, Spurred By Business
10:32 : Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint
10:32 : OneDrive flaw can give websites and apps full access to your files, even if you pick just one
10:6 : Regierungsdaten in den Socken: FBI erwischt Spionagefahnder bei der Spionage
10:5 : ISC Stormcast For Monday, June 2nd, 2025 https://isc.sans.edu/podcastdetail/9474, (Mon, Jun 2nd)
10:5 : Backdoors in Python and NPM Packages Target Windows and Linux
10:5 : Critical Denodo Scheduler Flaw Allows Remote Code Execution by Attackers
10:5 : AI-Driven Threat Intelligence Staying Ahead of Attackers
10:5 : Critical Roundcube Vulnerability Let Attackers Execute Remote Code
10:5 : Threat Actors Actively Exploiting Critical vBulletin Vulnerability in the Wild
10:5 : Denodo Scheduler Vulnerability Let Attackers Execute Remote Code
10:5 : Technical Details Published for Critical Cisco IOS XE Vulnerability
9:34 : Anonymisierendes Linux: Mini-Softwareupdates in Tails 6.16
9:34 : Cyberbro: Praktischer Helfer für Indicators of Compromise
9:34 : [NEU] [UNGEPATCHT] [mittel] NetApp ActiveIQ Unified Manager: Schwachstelle ermöglicht Denial of Service
9:34 : [NEU] [mittel] systemd-coredump: Schwachstelle ermöglicht Offenlegung von Informationen
9:34 : [UPDATE] [mittel] Oracle Java SE: Mehrere Schwachstellen
9:34 : [UPDATE] [hoch] Mozilla Firefox / Thunderbird: Mehrere Schwachstellen
9:34 : [NEU] [UNGEPATCHT] [mittel] Golang Go: Mehrere Schwachstellen
9:32 : Second New York Crypto Torture Suspect Arrested
9:32 : Upgrade To DeepSeek’s R1 AI Model ‘Matches’ OpenAI
9:32 : Nvidia Plans New AI Chip For China, Rules Out Hopper
9:32 : Google, DOJ Clash Over AI In Closing Arguments
9:32 : The Evolution of Phishing Attacks: Why Traditional Detection Methods Are Failing
9:32 : Is Continuous Deployment Too Risky? Security Concerns and Mitigations
9:4 : Anonymisierendes Linux: Tails 6.16 mit Mini-Softwareupdates
9:3 : Active Exploits Detected Targeting Critical vBulletin Vulnerability
9:3 : TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
9:3 : US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles
9:3 : Counter Antivirus Service AVCheck Shut Down by Law Enforcement
9:3 : Dutch Police Lead Shut Down of Counter AV Service AVCheck
8:33 : Jetzt patchen! Attacken auf Webforen auf vBulletin-Basis
8:32 : New Study Reveals Vulnerable Code Pattern Putting GitHub Projects at Risk of Path Traversal Attacks
8:32 : Critical Roundcube Flaw Allows Remote Code Execution by Attackers
8:32 : Securing Remote Work Zero Trust for Distributed Workforces
8:32 : CISA Warns of Consilium Fire Panel Vulnerabilities Allowing Remote Takeover
8:32 : CISOs Guide to Regulatory Compliance in Global Landscapes
8:32 : In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked
8:8 : Deutscher Rüstungskonzern: Cybergang leakt interne Daten von Rheinmetall
8:8 : [NEU] [mittel] IBM InfoSphere Information Server: Schwachstelle ermöglicht Offenlegung von Informationen
8:7 : Severe Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System Takeover
8:7 : Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188
8:6 : A cyberattack hit hospitals operated by Covenant Health
8:5 : IT Security News Hourly Summary 2025-06-02 09h : 2 posts
7:34 : Gesundheitswesen: Sicherheitsstandards im Wandel
7:32 : Victoria’s Secret, Adidas Hit By Cyber-Attacks
7:32 : MITRE Releases Roadmap for Transition to Post-Quantum Cryptography
7:32 : A week in security (May 26 – June 1)
7:32 : Cisco IOS XE exploit, Senators’ CSRB request, Australia ransomware law
7:32 : Cybersecurity Incidents: Eddie Steeler Malware, ConnectWise Breach, and Nova Scotia Power Data Theft
7:7 : [UPDATE] [mittel] Apache Tomcat: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
7:7 : [UPDATE] [niedrig] Vercel Next.js: Schwachstelle ermöglicht Offenlegung von Informationen
7:5 : New Linux Security Bugs Could Expose Password Hashes Across Millions of Devices
7:5 : Exclusive! Entire Conti Ransomware Gang Including Key Leaders With Photo & Infrastructure Exposed
7:5 : Blockchain for Cybersecurity Real-World Applications and Limits
7:5 : Conducting Risk Assessments That Drive Business Value
7:5 : Product showcase: Smarter pentest reporting and exposure management with PlexTrac
7:5 : Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
7:5 : Share your user story
6:32 : [UPDATE] [hoch] Cisco IOS XE Wireless Controller: Mehrere Schwachstellen
6:5 : CISO 3.0: Leading AI governance and security in the boardroom
5:32 : Anzeige: IT-Grundschutz praxisnah umsetzen und zertifizieren lassen
5:32 : Simple SSH Backdoor, (Mon, Jun 2nd)
5:5 : IT Security News Hourly Summary 2025-06-02 06h : 2 posts
5:3 : Evolution of DDoS Attacks Mitigation Strategies for 2025
5:3 : Security awareness training isn’t stopping breaches. Can AI help?
5:3 : Review: Metasploit, 2nd Edition
4:32 : 48% of security pros are falling behind compliance requirements
4:5 : Human Firewall Training Employees as First Line of Defense
4:5 : Critical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwide
4:5 : Breaking Down Silos Aligning IT and Security Teams
4:4 : Finding Stability in Cloud-Native Security Solutions
2:2 : Penetration Testing in the AI Era Tools and Techniques
1:32 : Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data
23:32 : Identity and Access Management Trends Shaping 2025
23:32 : Building a Cyber Incident Response Plan That Works
23:5 : IT Security News Hourly Summary 2025-06-02 00h : 4 posts
23:3 : Keine Lust auf Meta AI? Diese 7 Messenger sind die besten Whatsapp-Alternativen
23:2 : Flowable’s Smart Automation Tools Are Reshaping How Enterprises Operate in 2025
23:2 : What does Facebook know about me? (Lock and Code S06E11)
22:58 : IT Security News Weekly Summary 22
22:55 : IT Security News Daily Summary 2025-06-01
22:31 : Cloud Misconfigurations The Silent Threat to Data Security
22:6 : Future-proofing your enterprise: the role of crypto-agile PKI in long-term security

Post navigation