IT Security News Daily Summary 2025-06-20

210 posts were published in the last hour

• 21:33 : Cyberattack Disrupts Russian Dairy Supply Chain by Targeting Animal Certification System
• 21:33 : Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider
• 21:32 : Friday Squid Blogging: Gonate Squid Video
• 21:32 : Netflix, Apple, BofA websites hijacked with fake help-desk numbers
• 21:32 : Week in Review: ClickFake deepfake scam, Krispy Kreme breach, NIST ZTA guidance
• 21:4 : Prometei Botnet Targets Linux Servers for Cryptocurrency Mining Operations
• 20:34 : Beware of Weaponized MSI Installer Masquerading as WhatsApp to Deliver XWorm RAT
• 20:34 : Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself
• 20:5 : Mocha Manakin Uses Paste-and-Run Technique to Deceive Users into Downloading Malware
• 20:5 : Anthropic study: Leading AI models show up to 96% blackmail rate against executives
• 20:5 : News brief: LOTL attacks, spoofed sites, malicious repositories
• 20:5 : IT Security News Hourly Summary 2025-06-20 21h : 10 posts
• 19:34 : Threat Actors Manipulate Google Search Results to Display Scammer’s Phone Number Instead of Real Number
• 19:34 : What is perfect forward secrecy (PFS)?
• 19:4 : Insomnia API Client Vulnerability Enables Arbitrary Code Execution via Template Injection
• 18:37 : KI-Sprachmuster: Warum wir langsam alle ein wenig wie ChatGPT klingen
• 18:37 : Threat Actors Exploit Vercel Hosting Platform to Distribute Remote Access Malware
• 18:37 : CVE-2025-49763 – Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin
• 18:36 : US Pig Butchering Victims ‘Will’ Get Refunds — Feds Seize $225M Cryptocurrency
• 18:5 : TxTag Phishing Campaign Exploits .gov Domain to Deceive Employees
• 18:5 : A Token of Appreciation for Sustaining Donors 💞
• 18:5 : Protect Yourself From Meta’s Latest Attack on Privacy
• 18:5 : Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations
• 18:5 : Looks like Aflac is the latest insurance giant snagged in Scattered Spider’s web
• 17:33 : PowerShell Loaders Use In-Memory Execution to Evade Disk-Based Detection
• 17:33 : Your Kubernetes Survival Kit: Master Observability, Security, and Automation
• 17:33 : Prometei Botnet Attacking Linux Servers to Mine Cryptocurrency
• 17:33 : A Token of Appreciation for Sustaining Donors 💞
• 17:33 : Top 7 Ambient Listening AI Tools Revolutionizing Healthcare in 2025
• 17:33 : Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
• 17:7 : New Detection Method Uses Hackers’ Own Jitter Patterns Against Them
• 17:7 : 16 billion passwords leaked from Apple, Google, more: Here are the facts and how to protect yourself
• 17:7 : Iran’s government says it shut down internet to protect against cyberattacks
• 17:7 : A Token of Appreciation for Sustaining Donors 💞
• 17:7 : Cybersecurity Snapshot: Tenable Report Spotlights Cloud Exposures, as Google Catches Pro-Russia Hackers Impersonating Feds
• 17:5 : IT Security News Hourly Summary 2025-06-20 18h : 8 posts
• 16:33 : Norway Plans Temporary Ban On New Crypto Mining Data Centres
• 16:33 : Hackers Use Social Engineering to Target Expert on Russian Operations
• 16:33 : 16 Billion Credentials Leaked, Though Some Critics Question the Data
• 16:33 : Beware of Weaponized MSI Installer Mimic as WhatsApp Delivers Modified XWorm RAT
• 16:33 : A Token of Appreciation for Sustaining Donors 💞
• 16:33 : Fake Resumes Become Weapon of Choice for FIN6 Threat Group
• 16:33 : Smartwatches: New Air-Gapped System Assault Vehicle
• 16:33 : Trend Micro Patches Critical Remote Code Execution and Authentication Bypass Flaws in Apex Central and PolicyServer
• 16:5 : Anzeige: Professionelle Incident Response mit BSI-Zertifizierung
• 16:5 : I found the easiest way to delete myself from the internet (and you shouldn’t wait to use it, too)
• 16:4 : A Token of Appreciation for Sustaining Donors 💞
• 15:36 : A Token of Appreciation for Sustaining Donors 💞
• 15:8 : BBC Warns Perplexity Of Legal Action Over Content Use
• 15:8 : Mocha Manakin Using Paste and Run Technique to Trick Users Into Downloading Malicious Payloads
• 15:8 : Record Breaking 7.3 Tbps DDoS Attack Blasting 37.4 Terabytes in Just 45 Seconds
• 15:8 : A Token of Appreciation for Sustaining Donors 💞
• 15:8 : The Digital Pandemic: Inside 2024’s Most Devastating Cyber Breaches
• 14:36 : Cybersicherheit: Iran soll israelische Sicherheitskameras gehackt haben
• 14:35 : What is risk assessment?
• 14:35 : A Token of Appreciation for Sustaining Donors 💞
• 14:5 : IT Security News Hourly Summary 2025-06-20 15h : 13 posts
• 14:4 : 16 Milliarden Passwörter im Netz gefunden? Was du jetzt wissen musst
• 14:4 : Neues KI-Tool: Was kann der Videogenerator von Midjourney?
• 14:3 : Threat Actors Poisoning Google Search Results to Display The Scammer’s Phone Number Instead of Real Number
• 14:3 : A Token of Appreciation for Sustaining Donors 💞
• 14:3 : In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer
• 13:33 : Assa Abloy lädt zum Online-Seminar für smarte Gebäudetechnik
• 13:32 : Massive DDoS Attack Hits 7.3 Tbps Delivering 37.4 Terabytes in 45 Seconds
• 13:32 : Third-Party Access: The Cyber Risk Manufacturers Can’t Afford to Ignore
• 13:32 : World Economic Forum Meeting on Rethinking Cyber Resilience: A Fortinet Q&A
• 13:32 : Hackers Exploit ComfyUI 700+ AI Image Generation Servers to Deploy Malware
• 13:32 : A Token of Appreciation for Sustaining Donors 💞
• 13:32 : M&S and Co-op Hacks Classified as Single Cyber Event
• 13:5 : The Rising Deepfake Risk for Businesses: A Step-By-Step Defense Strategy Built Around the Basics of Security
• 13:5 : Azure Misconfiguration Lets Attackers Take Over Cloud Infrastructure
• 13:5 : How to turn off ACR on your TV (and what your TV stops tracking when you do)
• 13:5 : A Token of Appreciation for Sustaining Donors 💞
• 13:5 : Record-Breaking 7.3 Tbps DDoS Attack Targets Hosting Provider
• 13:5 : Personal Data of Oxford City Council Officers Exposed
• 12:32 : New Mocha Manakin Malware Deploys NodeInitRAT via Clickfix Attack
• 12:32 : Threat Actors Leverage Hosting Platform Vercel to Deliver Remote Access Malware
• 12:32 : Insomnia API Client Vulnerability Arbitrary Code Execution via Template Injection
• 12:32 : A Token of Appreciation for Sustaining Donors 💞
• 12:32 : Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
• 12:7 : Preisverhandlungen mit KI-Agent: Darauf solltest du beim Einsatz für Finanzgeschäfte achten
• 12:7 : Per Virtualisierung: Gefährliche Android-Malware stiehlt Daten aus Banking-Apps
• 12:5 : Waymo Applies For New York Testing Permit
• 12:5 : AntiDot 3-in-1 Android Botnet Malware Grants Attackers Full Control Over Victim Devices
• 12:5 : A Token of Appreciation for Sustaining Donors 💞
• 12:5 : Godfather Android Trojan Creates Sandbox on Infected Devices
• 12:5 : Microsoft boosts default security of Windows 365 Cloud PCs
• 12:5 : Meta To Introduce Full Passkey Support for Facebook on Mobiles
• 11:33 : [NEU] [hoch] IBM QRadar SIEM: Mehrere Schwachstellen
• 11:32 : Oxford City Council Hit by Cyberattack Exposing Employee Personal Data
• 11:32 : A Token of Appreciation for Sustaining Donors 💞
• 11:32 : Motors Theme Vulnerability Exploited to Hack WordPress Websites
• 11:8 : Cyberangriffe: Nordkoreanische Hacker faken Vorgesetzte in Videokonferenzen
• 11:8 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen
• 11:7 : Resurgence of the Prometei Botnet
• 11:7 : GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps
• 11:7 : Versa Director Flaws Let Attackers Execute Arbitrary Commands
• 11:7 : 184 million passwords for Google, Microsoft, Facebook, and more leaked in massive data breach
• 11:7 : Your Android phone is getting a big security upgrade for free – these Pixel models included
• 11:7 : Linux flaws chain allows Root access across major distributions
• 11:7 : Surveillance in the US
• 11:7 : ClamAV 1.4.3 and 1.0.9 Released With Fix for Vulnerabilities that Enable Remote Code Execution
• 11:7 : New TxTag Phishing Attack Leverages .gov Domain to Trick Employees
• 11:6 : A Token of Appreciation for Sustaining Donors 💞
• 11:6 : Attack on Oxford City Council exposes 21 years of election worker data
• 11:6 : FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks
• 11:6 : Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
• 11:6 : 6 Steps to 24/7 In-House SOC Success
• 11:5 : IT Security News Hourly Summary 2025-06-20 12h : 11 posts
• 10:32 : Ubiquiti UniFi Network Application: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:32 : ClamAV: Mehrere Schwachstellen ermöglichen Denial of Service
• 10:32 : RPS und FPRPC: Microsoft blockt Legacy-Protokolle für Microsoft 365
• 10:32 : [NEU] [niedrig] IBM Security Guardium: Schwachstelle ermöglicht Offenlegung oder Manipulation von Informationen
• 10:32 : [NEU] [mittel] Ubiquiti UniFi Network Application: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:32 : [NEU] [hoch] Cisco Meraki MX: Schwachstelle ermöglicht Denial of Service
• 10:6 : Nach Krypto-Scam: US-Polizei knackt Bitcoin-Automaten mit Trennschleifer
• 10:6 : [NEU] [niedrig] Kubernetes: Schwachstelle ermöglicht umgehen von Sicherheitsmechanismen.
• 10:6 : [NEU] [niedrig] Grafana: Schwachstelle ermöglicht Denial of Service
• 10:6 : [UPDATE] [mittel] Apache Tomcat: Mehrere Schwachstellen
• 10:6 : [UPDATE] [mittel] Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service
• 10:6 : [UPDATE] [hoch] Roundcube: Schwachstelle ermöglicht Codeausführung
• 10:5 : Microsoft Introduces Enhanced Security Defaults for Windows 365 Cloud PCs
• 10:5 : Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay
• 10:5 : A Token of Appreciation for Sustaining Donors 💞
• 9:35 : Dover Fueling Solutions Flaw Lets Attackers Control Fueling Operations
• 9:35 : 200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
• 9:35 : PowerShell Loaders With In-Memory Execution Techniques To Evade Disk-Based Detection
• 9:35 : Hackers Exploit Atlassian’s Model Context Protocol by Submitting a Malicious Support Ticket
• 9:35 : Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack
• 9:35 : A Token of Appreciation for Sustaining Donors 💞
• 9:35 : Cloudflare Tunnels Abused in New Malware Campaign
• 9:35 : DuckDuckGo’s Scam Blocker now blocks more types of scams
• 9:35 : UK Gov Cybersecurity Jobs Average Salary is Under £45,000, Study Finds
• 9:1 : Alte Apps und Drittanbieter blockiert: Massive Folgen der Microsoft-365-Security
• 9:1 : [UPDATE] [mittel] GnuTLS: Mehrere Schwachstellen ermöglichen Denial of Service
• 8:36 : Werbung in Whatsapp: Warum Datenschutzbedenken für EU-Nutzer gute Nachrichten sind
• 8:36 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
• 8:36 : [UPDATE] [mittel] Apache ActiveMQ: Schwachstelle ermöglicht Denial of Service
• 8:36 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
• 8:36 : [UPDATE] [niedrig] Linux Kernel: Mehrere Schwachstellen
• 8:36 : [UPDATE] [mittel] Intel Prozessoren: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
• 8:35 : A ransomware attack pushed the German napkin firm Fasana into insolvency
• 8:34 : A Token of Appreciation for Sustaining Donors 💞
• 8:34 : What’s OpenID Connect (OIDC) and Why Should You Care?
• 8:34 : Is Your CISO Ready to Flee?
• 8:34 : 67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
• 8:9 : WordPress: Angriffe auf Sicherheitslücke in Theme “Motors”
• 8:9 : Kommerzielles SIEM vs. Open-Source-SIEM: Vor- und Nachteile | Offizieller Blog von Kaspersky
• 8:9 : Von 122.000 IP-Adressen: Cloudflare blockt Rekord-DDoS-Angriff ab
• 8:9 : [UPDATE] [mittel] PAM: Schwachstelle ermöglicht Privilegieneskalation
• 8:9 : [UPDATE] [hoch] Red Hat Enterprise Linux (freeIPA): Schwachstelle ermöglicht Privilegieneskalation
• 8:9 : [UPDATE] [mittel] X.Org X11 und Xwayland: Mehrere Schwachstellen
• 8:9 : [UPDATE] [hoch] Moodle: Mehrere Schwachstellen
• 8:8 : Apache SeaTunnel Flaw Lets Unauthorized Users Launch Deserialization Attacks
• 8:8 : IBM QRadar SIEM Bug Lets Attackers Run Arbitrary Commands
• 8:8 : 16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
• 8:7 : AntiDot – 3-in-1 Android Malware Let Attackers Full Control of Compromised Devices
• 8:7 : Massive 16 Billion Passwords From Apple, Facebook, Google and More Leaked From 320 Million Computers
• 8:7 : A Token of Appreciation for Sustaining Donors 💞
• 8:7 : 161,000 People Impacted by Krispy Kreme Data Breach
• 8:7 : Amazon Linux 2023 achieves FIPS 140-3 validation
• 8:7 : Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
• 8:5 : IT Security News Hourly Summary 2025-06-20 09h : 9 posts
• 7:33 : Cybersicherheit in der Industrie: neues Forschungsprojekt
• 7:33 : 16 Milliarden Zugangsdaten: Kein neuer Leak, viele alte Daten
• 7:32 : A Token of Appreciation for Sustaining Donors 💞
• 7:32 : Cisco, Atlassian fixes, Ryuk member arrested, Viasat Typhoon attack
• 7:7 : What can I do with a VPN?
• 7:7 : IBM QRadar SIEM Vulnerabilities Allows Attackers to Execute Arbitrary Commands
• 7:7 : A Token of Appreciation for Sustaining Donors 💞
• 7:7 : Hackers Access Legacy Systems in Oxford City Council Cyberattack
• 6:33 : CyberRisikoCheck: Zahl der qualifizierten Dienstleister jetzt vierstellig
• 6:32 : A Token of Appreciation for Sustaining Donors 💞
• 6:32 : Is Cold Email Still Effective in 2025? Best Practices for Outreach and Security
• 6:32 : Strategies to secure long-life IoT devices
• 6:32 : Exposing Cybersecurity Threats: Breaches, Vulnerabilities, and Evolving Malware
• 6:6 : Tesla Wall Connector Hacked Through Charging Port in Just 18 Minutes
• 6:6 : Alert: Billions of Logins Exposed in Massive Data Leak – Change Your Password Now
• 6:6 : GodFather Android Malware Leverages On-Device Virtualization Technique to Hijack Legitimate Banking Apps
• 6:6 : A Token of Appreciation for Sustaining Donors 💞
• 5:34 : Google Chrome und Microsoft Edge: Mehrere Schwachstellen
• 5:34 : [UPDATE] [hoch] Google Chrome und Microsoft Edge: Mehrere Schwachstellen
• 5:33 : Malicious Support Tickets Let Hackers Exploit Atlassian’s Model Context Protocol
• 5:33 : A Token of Appreciation for Sustaining Donors 💞
• 5:33 : Zoomcar Data Breach Exposes Personal Information of 8.4 Million Users
• 5:33 : CISOs flag gaps in GenAI strategy, skills, and infrastructure
• 5:5 : IT Security News Hourly Summary 2025-06-20 06h : 3 posts
• 5:3 : A Token of Appreciation for Sustaining Donors 💞
• 5:3 : AI Index 2025: What’s changing and why it matters
• 5:3 : Who’s guarding the AI? Even security teams are bypassing oversight
• 4:32 : A Token of Appreciation for Sustaining Donors 💞
• 4:32 : New infosec products of the week: June 20, 2025
• 4:4 : A Token of Appreciation for Sustaining Donors 💞
• 3:34 : Tesla Wall Connector Charger Hacked Through Charging Port in 18-Minute Attack
• 3:34 : A Token of Appreciation for Sustaining Donors 💞
• 3:2 : A Token of Appreciation for Sustaining Donors 💞
• 2:34 : A Token of Appreciation for Sustaining Donors 💞
• 2:34 : The Identity Gaps in Agentic AI: 9 Problems We Must Solve to Secure the Future
• 2:34 : A New Identity Playbook for AI Agents: Securing the Agentic User Flow
• 2:5 : IT Security News Hourly Summary 2025-06-20 03h : 3 posts
• 2:4 : ISC Stormcast For Friday, June 20th, 2025 https://isc.sans.edu/podcastdetail/9498, (Fri, Jun 20th)
• 2:4 : A Token of Appreciation for Sustaining Donors 💞
• 1:39 : A Token of Appreciation for Sustaining Donors 💞
• 1:9 : A Token of Appreciation for Sustaining Donors 💞
• 0:36 : A Token of Appreciation for Sustaining Donors 💞
• 0:36 : Understanding EchoLeak: What This Vulnerability Teaches Us About Application Security | Impart Security
• 0:6 : A Token of Appreciation for Sustaining Donors 💞
• 23:34 : A Token of Appreciation for Sustaining Donors 💞
• 23:5 : Psychologe im KI-Labor: Was passiert, wenn man ChatGPT mit Unsinn füttert?
• 23:5 : IT Security News Hourly Summary 2025-06-20 00h : 3 posts