IT Security News Daily Summary 2025-06-23

206 posts were published in the last hour

• 21:32 : China-linked LapDogs Campaign Drops ShortLeash Backdoor with Fake Certs
• 21:32 : Salesforce launches Agentforce 3 with AI agent observability and MCP support
• 21:2 : Google Integrates GenAI to Counter Indirect Prompt Injection Attack Vectors
• 20:37 : UAC-0001 Hackers Target ICS Devices Running Windows-Based Server Systems
• 20:36 : Cybersecurity Innovations in Software Development: How Developers Are Tackling Security Threats
• 20:36 : LinuxFest Northwest: Applying The Hybrid Threat Modeling Method
• 20:5 : Meta Slams US House Order For Staffers To Not Use WhatApp
• 20:5 : APT36 Hackers Target Indian Defense Personnel with Sophisticated Phishing Campaign
• 20:5 : Canada says telcos were breached in China-linked espionage hacks
• 20:5 : IT Security News Hourly Summary 2025-06-23 21h : 8 posts
• 19:34 : Improve Your Security with Attack Insights in Web Security Analytics
• 19:34 : RapperBot Targets DVRs to Hijack Surveillance Cameras and Record Video
• 19:3 : Shadow Vector Malware Uses SVG Images to Deliver AsyncRAT and RemcosRAT Payloads
• 19:3 : 5 Chromecast features to make the most of your TV (including a smart home hack)
• 19:3 : Iran cyberattacks against US biz more likely following air strikes
• 19:3 : 1inch rolls out expanded bug bounties with rewards up to $500K
• 19:3 : CISPE Data Protection Code of Conduct Public Register now certifies 122 AWS services as adherent
• 18:34 : Man Pleads Guilty To $245m Bitcoin Theft
• 18:34 : What is a SYN flood DoS attack?
• 18:34 : Simbian Advances the AI Frontier With Industry’s First Benchmark for Measuring LLM Performance in the SOC
• 18:4 : What It Really Means to “Try Harder”
• 18:4 : Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls
• 18:4 : UAC-0001 Hackers Attacking ICS Devices Running Windows Systems as a Server
• 18:4 : New Echo Chamber Attack Jailbreaks Most AI Models by Weaponizing Indirect References
• 18:4 : McLaren Health Care Data Breach Exposes 743,000 People Personal Information
• 18:3 : Hands-on Cybersecurity Threat Hunting Guide for SOC Analysts and MSSPs
• 18:3 : Anubis Ransomware Becomes More Destructive With New File-Wiping Feature
• 18:3 : Fake Bitdefender Site Distributes Malware: Cybercriminals Exploit Trusted Brands to Steal Sensitive Data
• 17:5 : IT Security News Hourly Summary 2025-06-23 18h : 13 posts
• 17:4 : Chrome schließt sich automatisch: Warum Windows schuld daran ist und wie ihr das Problem lösen könnt
• 17:4 : Polizei-Handys seit Cyberangriff nicht nutzbar
• 17:3 : NASA Shows Photos Of Crashed ispace Lander
• 17:3 : Telegram Purged Chinese Crypto Scam Markets—Then Watched as They Rebuilt
• 17:3 : North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting
• 17:3 : Navigating cyber risks with Microsoft Security Exposure Management eBook
• 16:35 : Scans for Ichano AtHome IP Cameras, (Mon, Jun 23rd)
• 16:35 : A Deep Dive into a Modular Malware Family
• 16:34 : DeepSeek Aided Chinese Military, US Official Alleges
• 16:34 : Speaker Proposal Deadline Approaches for OpenSSL Conference 2025 in Prague
• 16:34 : Why we’re focusing VB Transform on the agentic revolution – and what’s at stake for enterprise AI leaders
• 16:34 : How to turn on Android’s Private DNS mode – and why it’s an absolute must for security
• 16:34 : 5 Chromecast features that maximize your TV’s potential (and a smart home hack)
• 16:34 : 22 free cybersecurity tools you should know about
• 16:34 : AI Deepfake Scams Surge: Over $200 Million Lost in Just Three Months
• 16:34 : Second attack on McLaren Health Care in a year affects 743k people
• 16:34 : Cyberattack Disrupts WestJet Systems as Investigation Begins
• 16:34 : Signs Your Phone Has a Virus and How to Remove It Safely
• 16:34 : Hackers Circumvent AntiVirus Using Google OAuth in New Malware Surge
• 16:34 : DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes
• 16:34 : Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content
• 16:34 : Cyber Fattah Leaks Data from Saudi Games in Alleged Iranian Operation
• 16:0 : Open EarRing: Komfort trifft Technik – aber Vorsicht mit den Touch-Bedienelementen!
• 15:33 : McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
• 15:33 : Steelmaker Nucor Hacked – Attackers Gained Unauthorized Access to IT Systems
• 15:33 : Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Hacker Forums
• 15:33 : Microsoft Defender for Office 365 to Provide Detailed Results for Spam, Phishing or Clean Emails
• 15:33 : Linux Firewall IPFire 2.29 Core Update 195 Released With VPN Protocol Support
• 15:33 : APT36 Hackers Attacking Indian Defense Personnel in Sophisticated Phishing Attack
• 15:33 : Vulnerability Summary for the Week of June 16, 2025
• 15:33 : Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users
• 15:5 : Zero-Trust Architecture in the Era of Quantum Computing: A Proactive Defense Strategy
• 15:5 : SparkKitty Targets iOS and Android Devices via App Store and Google Play Attacks
• 15:5 : US insurance giant Aflac says customers’ personal data stolen during cyberattack
• 15:5 : Microsoft will start removing legacy drivers from Windows Update
• 14:39 : Übernimmt Apple Perplexity? Nicht nur das Apple-Intelligence-Problem wäre damit gelöst
• 14:37 : Mike Lynch’s Bayesian Superyacht Lifted From Ocean Floor
• 14:37 : DDoS Attack on Financial Sector Triggers Multi-Day Service Outages
• 14:37 : Update Kali Linux to the latest software repository key
• 14:37 : McLaren Health Care data breach impacted over 743,000 people
• 14:37 : Quantum dice: Scientists harness true randomness from entangled photons
• 14:37 : China’s Salt Typhoon Hackers Target Canadian Telecom Firms
• 14:6 : North Korean Hackers Weaponize GitHub Infrastructure to Distribute Malware
• 14:6 : The illusion of control: Can we ever fully secure autonomous industrial systems?
• 14:6 : Defeating PumaBot: How Check Point Quantum IoT Protect Nano Agent Shields Surveillance Devices
• 14:6 : Former JBLM Soldier Guilty of Attempting to Share Military Network Details with China
• 14:6 : RapperBot Attacking DVRs to Gain Access Over Surveillance Cameras to Record Video
• 14:6 : New AI Jailbreak Bypasses Guardrails With Ease
• 14:6 : CoinMarketCap, Cointelegraph compromised to serve pop-ups to drain crypto wallets
• 14:5 : Okta Cross App Access secures AI agents in the enterprise
• 14:5 : XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks
• 14:5 : IT Security News Hourly Summary 2025-06-23 15h : 20 posts
• 13:34 : Dirty Talk mit der KI: Diese Modelle lassen sich zu intimen Gesprächen verführen
• 13:34 : Mit sieben Maßnahmen Cyberangriffe wirksam abwehren
• 13:34 : Bundesnachrichtendienst: Onlineshop verkauft Merchandise des BND
• 13:33 : Fake DMV Texts Scam Hit Thousands in Widespread Phishing Campaign
• 13:33 : Critical Teleport Vulnerability Allows Remote Authentication Bypass
• 13:33 : Confucius Hackers Target Government and Military Entities Using WooperStealer Malware
• 13:33 : This Linux distro routes all your traffic through the Tor network – and it’s my new favorite for privacy
• 13:33 : Fortinet Partners with FIRST on New Initiative to Build Global Cyber Capacity
• 13:33 : How to Use Open-Source AI in Defense Tech: Cybersecurity Safeguards for Developers
• 13:33 : Okta Introduces Cross App Access to Secure AI Agents in Enterprise
• 13:4 : Fake DMV Texts Scam Thousands in Widespread Phishing Campaign
• 13:3 : BlueNoroff Hackers Exploit Zoom App to Deploy Infostealer Malware in Targeted Attacks
• 13:3 : Shadow Vector Malware Weaponizes SVG Images to Deploy AsyncRAT and RemcosRAT
• 13:3 : North Korean Hackers Weaponizes Github Infrastructure Used to Deliver Malware
• 13:3 : DDoS Attack Crippling Financial Sectors, Leds to Multi-Day Outages
• 13:3 : Microsoft Family Safety Blocking All the Version of Chrome Browsers
• 13:3 : Microsoft Limits Windows 11 24H2 Restore Points From 90 to 60 Days
• 13:3 : Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks
• 13:3 : US Warns of Heightened Risk of Iranian Cyber-Attacks After Military Strikes
• 12:34 : Tesla Launches Robotaxi Service In Austin
• 12:34 : Linux-Based Firewall IPFire 2.29 Rolls Out Update 194 with Improved VPN Features
• 12:34 : NCSC Issues Alert on ‘UMBRELLA STAND’ Malware Targeting Fortinet FortiGate Firewalls
• 12:34 : American steel giant Nucor confirms data breach in May attack
• 12:34 : How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout
• 12:5 : Fake Minecraft Mods on GitHub Found Stealing Player Data
• 12:5 : Microsoft Enhances Defender for Office 365 with Detailed Spam and Phishing Analysis
• 12:5 : Experts count staggering costs incurred by UK retail amid cyberattack hell
• 12:5 : US Braces for Cyberattacks After Bombing Iranian Nuclear Sites
• 12:5 : 743,000 Impacted by McLaren Health Care Data Breach
• 12:5 : Critical Authentication Bypass Flaw Patched in Teleport
• 11:35 : [NEU] [mittel] FreeRDP: Schwachstelle ermöglicht Denial of Service
• 11:35 : [NEU] [mittel] Linux Kernel: Schwachstelle ermöglicht Manipulation von Daten und Denial of Service
• 11:35 : [UPDATE] [mittel] Oracle Java SE: Mehrere Schwachstellen
• 11:35 : [UPDATE] [mittel] IBM Semeru Runtime: Mehrere Schwachstellen ermöglichen Denial of Service
• 11:34 : Microsoft Reduces Windows 11 24H2 Restore Point Retention from 90 to 60 Days
• 11:34 : Steel Giant Nucor Suffers Cyberattack, IT Systems Breached
• 11:34 : Largest DDoS Attack to Date
• 11:34 : CoinMarketCap Doodle Image Vulnerability Triggered Malicious Code Through an API Call
• 11:34 : Critical Meshtastic Vulnerability Let Attackers to Decrypt Private Messages
• 11:34 : Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)
• 11:34 : ⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
• 11:33 : Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks
• 11:10 : BSI: Menschen schützen sich immer weniger vor Cyberkriminalität
• 11:10 : Öffnen reicht: Winrar-Lücke lässt Angreifer Schadcode ausführen
• 11:9 : Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability
• 11:9 : Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Dark Web Forums
• 11:9 : ⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
• 11:5 : IT Security News Hourly Summary 2025-06-23 12h : 17 posts
• 10:34 : Packprogramm: Winrar-Schwachstelle ermöglicht Ausführung von Schadcode
• 10:33 : The best password manager for families in 2025: Expert tested and reviewed
• 10:33 : Taiwan Is Rushing to Make Its Own Drones Before It’s Too Late
• 10:33 : ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
• 10:33 : Windows Screencast Snipping Tool Allow Users to Export Captures as GIF
• 10:33 : SparkKitty Attacks iOS and Android Devices in Wild Via App Store and Google Play
• 10:33 : US Braces for Cyberattacks After Joining Israel-Iran War
• 10:33 : Closing the Gap Between AI Ambition and Enterprise Reality
• 10:33 : ⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
• 10:4 : [NEU] [hoch] IBM Spectrum Protect: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:4 : [NEU] [niedrig] Red Hat Enterprise Linux (mpfr): Schwachstelle ermöglicht Denial of Service
• 10:4 : [NEU] [mittel] Red Hat Enterprise Linux (yaml-libyam): Schwachstelle ermöglicht Manipulation von Dateien
• 10:3 : Stop Blaming CVSS: The Real Problem in Vulnerability Management is Us
• 10:2 : ⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
• 9:37 : Partnerangebot: Greenbone AG – „Praktische Einführung in Schwachstellenmanagement“
• 9:36 : Windows: Microsoft blockiert Google Chrome mittels Schutzfunktion
• 9:36 : [UPDATE] [hoch] Python: Mehrere Schwachstellen
• 9:36 : [UPDATE] [mittel] Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 9:36 : [UPDATE] [mittel] Apache Commons Beanutils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 9:36 : [UPDATE] [mittel] GStreamer: Mehrere Schwachstellen ermöglichen Denial of Service
• 9:36 : [UPDATE] [mittel] OpenSSL: Schwachstelle ermöglicht Offenlegung von Informationen
• 9:35 : Clean Up in the Cybersecurity Aisle: Cybercriminals and Groceries
• 9:35 : Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes’ Data from Saudi Games
• 9:35 : The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M
• 9:35 : Securing ACH Against Emerging Authentication Bypass Methods
• 9:35 : Cyber Essentials Breaks Quarterly Record for Certifications
• 9:3 : [NEU] [mittel] F5 BIG-IP: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 9:3 : [NEU] [mittel] IBM InfoSphere Information Server: Mehrere Schwachstellen
• 9:2 : Microsoft Family Safety Now Blocking All Versions of Google Chrome
• 9:2 : BlueNoroff Hackers Weaponize Zoom App to Attack System Using Infostealer Malware
• 9:2 : Steelmaker Nucor Says Hackers Stole Data in Recent Attack
• 9:2 : Chinese “LapDogs” ORB Network Targets US and Asia
• 8:40 : Partnerangebot: Campus Schwarzwald – „PKI in der Automatisierungstechnik“
• 8:40 : Android: Darum solltest du Links nicht direkt aus den Benachrichtigungen öffnen
• 8:40 : 57 verdächtige Chrome-Erweiterungen mit Millionen von Installationen | Offizieller Blog von Kaspersky
• 8:40 : [UPDATE] [hoch] Verschiedene Linux Distributionen: Mehrere Schwachstellen ermöglichen Privilegieneskalation
• 8:39 : Former JBLM Soldier Admits Attempting to Leak U.S. Military Network Details to China
• 8:39 : Stealthy backdoor found hiding in SOHO devices running Linux
• 8:6 : IBM QRadar SIEM: Autoupdate-Dateien mit Schadcode verseuchbar
• 8:5 : 184 million passwords leaked across Facebook, Google, more: What to know about this data breach
• 8:5 : IT Security News Hourly Summary 2025-06-23 09h : 5 posts
• 8:5 : SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play
• 7:34 : Wege zur Cloud-Souveränität für Europa
• 7:34 : [UPDATE] [hoch] Red Hat Enterprise Linux (Quarkus): Mehrere Schwachstellen
• 7:34 : [UPDATE] [mittel] Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung
• 7:34 : [UPDATE] [mittel] IBM WebSphere Application Server Liberty: Schwachstelle ermöglicht Denial of Service
• 7:34 : [UPDATE] [mittel] IBM DB2: Mehrere Schwachstellen ermöglichen Denial of Service
• 7:33 : [UPDATE] [hoch] Microsoft Windows Server: Mehrere Schwachstellen ermöglichen Privilegieneskalation
• 7:32 : A week in security (June 15 – June 21)
• 7:32 : WormGPT Variants Powered by Grok and Mixtral Have Emerged
• 7:32 : CMS retailer report, Aflac investigates activity, Russian dairy cyberattack
• 7:32 : Cybersecurity Today: Chinese Hackers Target Canadian Telco, U.S. on Alert for Iranian Cyber Retaliation, and Sitecore XB Critical Vulnerability
• 7:8 : WinRAR: Windows-Version kann beliebigen untergeschobenen Code ausführen
• 7:7 : Was there a recent dental data breach?
• 7:7 : Windows Snipping Tool Now Lets Users Export Captures as GIFs
• 7:7 : NCSC Warns of ‘UMBRELLA STAND’ Malware Attacking Fortinet FortiGate Firewalls
• 7:7 : Amazon EKS Vulnerabilities Expose Sensitive AWS Credentials and Escalate Privileges
• 6:33 : Partnerangebot: NIS2UmsuCG – Alles wichtige zum kommenden Cybersicherheitsgesetz sowie Umsetzungsmöglichkeiten
• 6:6 : 5 Dinge, die du diese Woche wissen musst: Wenn der Messenger Werbung zeigt
• 6:5 : Critical Meshtastic Flaw Allows Attackers to Decrypt Private Messages
• 6:5 : Amazon EKS Flaws Expose AWS Credentials and Enable Privilege Escalation
• 6:5 : How CISOs can justify security investments in financial terms
• 5:39 : CoinMarketCap Doodle Image Vulnerability Lets Attackers Run Malicious Code via API Call
• 5:39 : Quantum risk is already changing cybersecurity
• 5:39 : Review: Redefining Hacking
• 4:34 : Medical device cyberattacks push hospitals into crisis mode
• 4:34 : 71% of new hires click on phishing emails within 3 months
• 4:7 : Threat Casting a Nation State Attack on Critical Infrastructure Scenario at CognectCon2025
• 2:34 : Feel Reassured with Advanced Secrets Scanning Technologies
• 2:7 : 
ADS & Python Tools, (Sat, Jun 21st)
• 2:7 : ISC Stormcast For Monday, June 23rd, 2025 https://isc.sans.edu/podcastdetail/9500, (Mon, Jun 23rd)
• 1:9 : Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China
• 23:5 : IT Security News Hourly Summary 2025-06-23 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 25
• 22:55 : IT Security News Daily Summary 2025-06-22
• 22:34 : Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims
• 22:2 : What Satellite Images Reveal About the US Bombing of Iran’s Nuclear Sites