IT Security News Daily Summary 2025-07-18

176 posts were published in the last hour

21:32 : My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8
21:32 : AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind
21:32 : Authorities released free decryptor for Phobos and 8base ransomware
21:2 : How to Expose IBM FS Cloud Container App to Public
21:2 : Europe’s General-Purpose AI Rulebook: What’s Covered & Which Tech Giants Signed It
20:34 : Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware
20:34 : Europe’s New AI Rulebook Just Dropped: Here’s What It Means
20:34 : Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices
20:5 : IT Security News Hourly Summary 2025-07-18 21h : 6 posts
20:2 : New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
19:37 : Vulnerable to Bulletproof: Protect TLS via Certificate Posture Management
19:37 : Optimizing Government Websites for Peak Traffic Events
19:37 : Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
19:37 : Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
19:37 : UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
19:37 : China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
19:8 : New Surge of Crypto-Jacking Hits Over 3,500 Websites
19:8 : AI-Driven Threat Hunting: Catching Zero Day Exploits Before They Strike
19:8 : What is biometric authentication?
19:7 : How to create a risk management plan: Template, key steps
19:7 : A surveillance vendor was caught exploiting a new SS7 attack to track people’s phone locations
19:7 : New Wave of Crypto-Hijacking Infects 3,500+ Websites
19:7 : Google Sues the Operators Behind the BadBox 2.0 Botnet
18:32 : Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
18:32 : I changed 12 settings on my Apple TV to instantly improve the performance
18:5 : Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
18:5 : Burn that List: Smarter Use of Allowlists and Denylists in Multi-Tenant Systems
18:5 : The OnePlus 12 was already our favorite Android deal – and now it’s $300 off
18:5 : CISA Adds One Known Exploited Vulnerability to Catalog
17:32 : US Congress Passes Stablecoin Bill
17:32 : PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
17:5 : IT Security News Hourly Summary 2025-07-18 18h : 8 posts
17:3 : Meta execs pay the pain away with $8 billion privacy settlement
17:3 : Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’
17:3 : Asia is a Major Hub For Cybercrime, And AI is Poised to Exacerbate The Problem
17:3 : Microsoft at Black Hat USA 2025: A unified approach to modern cyber defense
16:33 : Securing Tomorrow: An Interview with Trend Micro VP of Product Management Michael Habibi
16:33 : The best MagSafe accessories of 2025 for your new iPhone
16:33 : Is your Ring camera showing strange logins? Here’s what’s going on
16:33 : OpenAI’s ChatGPT Agent Can Create Your Spreadsheets and Presentations
16:33 : How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
16:6 : I ran with Samsung’s Galaxy Watch 8 Classic, and it both humbled and motivated me
16:5 : You can finally move Chrome’s address bar on Android – here’s how
16:5 : How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyber Spies
15:39 : Best travel VPNs 2025: Expert-tested for streaming and bypassing country blocks
15:39 : The Challenges of Operationalizing Threat Intelligence
15:39 : Why Major Companies Are Still Falling to Basic Cybersecurity Failures
15:39 : CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors
15:8 : 2025-07-15: Lumma Stealer infection with SecTop RAT
15:8 : Employee Spotlight: Getting to Know Sandy Venkataraman
15:8 : NordPass vs. Bitwarden: Which password manager is best?
15:7 : Fancy Bear Hackers Attacking Governments, Military Entities With New Sophisticated Tools
14:8 : CISA’s NIMBUS 2000 Initiative: Understanding Key Findings and Strengthening Cloud Identity Security
14:8 : iPadOS 26 is turning my iPad Air into the ultraportable laptop it was meant to be
14:8 : Wacom says its new drawing tablet needs no setup and has a pen that can’t die
14:8 : NVIDIA Issues Advisory After Demo of First Rowhammer Attack on GPUs
14:8 : Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights
14:8 : Threat Actors Weaponizing GitHub Accounts To Host Payloads, Tools and Amadey Malware Plug-Ins
14:8 : Ubiquiti UniFi Devices Vulnerability Allows Attackers to Inject Malicious Commands
14:8 : Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution
14:8 : Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon
14:8 : As companies race to add AI, terms of service changes are going to freak a lot of people out
14:8 : In Other News: Law Firm Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass
14:8 : Google Gemini Exploit Enables Covert Delivery of Phishing Content
14:8 : Hidden Crypto Mining Operation Found in Truck Tied to Village Power Supply
13:35 : Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands
13:35 : Grafana Flaws Allow User Redirection and Code Execution in Dashboards
13:35 : Google Sues BadBox 2.0 Botnet Operators Behind 10 Million+ Infected Devices
13:35 : Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution
13:35 : New QR Code Attacks Through PDFs Bypass Detection and Steal Credentials
13:35 : Practical Steps to Secure the Software Supply Chain End to End
13:35 : Corporate blog: Employee Spotlight: Getting to Know Sandy Venkataraman
13:35 : Salesforce used AI to cut support load by 5% — but the real win was teaching bots to say ‘I’m sorry’
13:35 : I swapped my Apple Watch Ultra for this big-screen Garmin that’s easier to read
13:35 : How to build a cybersecurity team to maximize business impact
13:35 : CISO role in ASM could add runtime security, tokenization
13:35 : Anne Arundel Dermatology data breach impacts 1.9 million people
13:35 : A Leader in the 2025 Gartner Magic Quadrant for EPP — 3 Years Running
13:35 : NailaoLocker Ransomware’s “Cheese”
13:35 : Email Protection Startup StrongestLayer Emerges From Stealth Mode
13:35 : Summer Vacation Alert Surfaces More Than 5 Million Unsecured Wi-Fi Networks
13:35 : Russia Linked to New Malware Targeting Email Accounts for Espionage
12:5 : Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware
12:5 : WAFFLED: New Technique Targets Web Application Firewall Weaknesses
12:5 : Microsoft Uncovers Scattered Spider Tactics, Techniques, and Procedures in Recent Attacks
12:4 : Lenovo Protection Driver Flaw Enables Privilege Escalation and Code Execution
12:4 : Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer
12:4 : Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon
12:4 : Best VPN services 2025: The fastest VPNs with the best networks, ranked
12:4 : How a circuit breaker finder helped me map my home’s wiring (and why that matters)
12:4 : The best free email marketing software of 2025: Expert tested
12:4 : The best Apple Watch of 2025: Here’s the best smartwatch for you
12:4 : The best Sony TVs of 2025: Expert tested and reviewed
12:4 : 5 Features Every AI-Powered SOC Platform Needs in 2025
12:4 : LameHug: first AI-Powered malware linked to Russia’s APT28
12:4 : New Mobile Phone Forensics Tool
12:4 : Top-Rated Shopify Plugin Exposes Hundreds of Stores to Takeovers, Token Leaks
12:4 : Pro-Russian Cybercrime Group NoName057(16) Hit Hard in Global Takedown
12:4 : Lessons Learned from Steelcon’s 10th Anniversary
12:4 : Cyber Attacks Surge 21% Globally in Q2 2025 – Europe Takes the Hardest Hit
12:4 : Cybercriminals Are Using AI to Cloak Malicious Websites
12:4 : Hackers are Using ClickFix Techniques to Deliver NetSupport RAT, Latrodectus and Lumma Stealer Malware
12:4 : New WAFFLED Attack Exploits AWS, Azure, Cloud Armor, Cloudflare, and ModSecurity WAFs
12:4 : Signal App Clone TeleMessage Vulnerability May Leak Passwords; Hackers Exploiting It
12:4 : CISA Releases 3 ICS Advisories Covering Vulnerabilities and Exploits
12:4 : Microsoft Details Scattered Spider TTPs Observed in Recent Attack Chains
12:4 : Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet
12:4 : CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable
12:3 : Fraud: A Growth Industry Powered by Gen-AI
12:3 : 1.4 Million Affected by Data Breach at Virginia Radiology Practice
12:3 : Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication
12:3 : Critical MCP Vulnerabilities are Slipping Through the Cracks
12:3 : Cambodia Arrests More Than 1,000 in Cyberscam Crackdown
12:3 : From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
12:3 : Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
12:3 : Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
12:3 : New “LameHug” Malware Deploys AI-Generated Commands
8:39 : [UPDATE] [hoch] PHP: Mehrere Schwachstellen
8:39 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
8:39 : [UPDATE] [mittel] Python (CPython): Schwachstelle ermöglicht Denial of Service
8:39 : [UPDATE] [mittel] Red Hat Enterprise Linux (python-setuptools): Schwachstelle ermöglicht Codeausführung
8:38 : Russian Vodka Maker Beluga Struck by Ransomware Attack
8:38 : Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
8:37 : Retail Becomes New Target as Healthcare Ransomware Attacks Slow
8:37 : AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet
8:7 : Veeam Phishing via Wav File, (Fri, Jul 18th)
8:7 : 10 Best XDR (Extended Detection & Response) Solutions 2025
8:7 : CISA Publishes 13 ICS Security Advisories on Critical Flaws
8:7 : ‘Daemon Ex Plist’ Vulnerability Grants Root Access on macOS
8:7 : I tested a ‘de-Googled’ tablet without all the bloatware – and it was beyond refreshing
8:6 : This MSI handheld could replace my gaming laptop, and not just for its more portable design
8:6 : I tested a Bluetooth tracker for iOS and Android, and its safety features are top-tier
8:6 : Anne Arundel Dermatology Data Breach Impacts 1.9 Million People
7:35 : Operation Eastwood: NoName057(16) am Ende oder noch im Rennen?
7:35 : „Wir brauchen mehr Vernetzung!“
7:35 : Verkleinere deinen digitalen Fußabdruck: eine Kaspersky-Checkliste | Offizieller Blog von Kaspersky
7:35 : VM-Ausbruch möglich: VMware patcht in Berlin ausgenutzte Sicherheitslücken
7:33 : The Apple Watch Ultra 2 is the premium smartwatch I prefer – here’s why
7:33 : You can save $150 on the OnePlus 13 right now – but hurry, because this deal won’t last long
7:33 : This physical Clicks keyboard is the Pixel 9 upgrade I didn’t know I needed
7:33 : I tested HP’s new EliteBook X G1i, and it’s a featherweight champ in the office
7:33 : Reduce risk in Kubernetes: How to separate admin roles for safer, compliant operations
7:33 : Taiwan semiconductor sector hacked, Salt Typhoon breaches National Guard, Congress ponders Stuxnet
7:6 : [UPDATE] [niedrig] Apache Commons Lang: Schwachstelle ermöglicht Denial of Service
7:6 : [UPDATE] [hoch] Red Hat Enterprise Linux (cloud-init): Schwachstelle ermöglicht Erlangen von Administratorrechten
7:6 : [UPDATE] [hoch] Oracle Java SE: Mehrere Schwachstellen
7:6 : [UPDATE] [mittel] GnuTLS: Mehrere Schwachstellen
7:6 : [UPDATE] [mittel] Internet Systems Consortium BIND: Mehrere Schwachstellen
7:5 : This Android wearable lasts for days, and left my Samsung Galaxy Watch in the dust
7:5 : Settlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and Other Company Leaders
7:5 : Cybersecurity Today: DNS Malware, SonicWall Backdoor, Military Breach, and BigONE Crypto Hack
6:36 : Signal App Clone Vulnerability Actively Exploited for Password Theft
6:36 : Microsoft Entra ID Vulnerability Let Attackers Escalate Privileges to Global Admin Role
6:36 : Why we must go beyond tooling and CVEs to illuminate security blind spots
6:36 : Strata Identity provides identity guardrails and observability for AI agents
6:5 : Microsoft Entra ID Flaw Enables Privilege Escalation to Global Admin
6:5 : BIND 9 Vulnerabilities Enable Cache Poisoning and Service Disruption
6:5 : Making security and development co-owners of DevSecOps
5:5 : Hackers Abuse DNS Blind Spots to Stealthily Deliver Malware
5:5 : AI adoption is booming but secure scaling not so much
4:36 : Buy Now, Pay Later… with your data
4:5 : New infosec products of the week: July 18, 2025
3:35 : Kriminelle stehlen Kryptowährung im Wert von 27 Millionen Dollar von Kryptobörse
2:5 : ISC Stormcast For Friday, July 18th, 2025 https://isc.sans.edu/podcastdetail/9532, (Fri, Jul 18th)
2:5 : Too many open browser tabs? This is still my favorite solution – and has been for years
2:5 : This new browser won’t monetize your every move – how to try it
1:34 : Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
0:3 : Check Point Unveils Quantum Spark 2500 Series, Bringing Enterprise-Level Security and Advanced Connectivity to SMBs
23:38 : Slack: KI soll euch bald Company-Slang erklären können
23:37 : Google sues 25 alleged BadBox 2.0 botnet operators, all of whom are in China
23:37 : From Cloudflare Bypass to Credit Card Theft
23:5 : Scattered Spider Cyber Gang Now Targeting Airlines With Ransomware, Microsoft Warns
22:39 : Cloud Cost Conundrum: Rising Expenses Hinder AI Innovation in Europe
22:39 : New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
22:39 : Google Reveals How a Hacker Exploits SonicWall Hardware Using OVERSTEP Backdoor
22:39 : How to calculate cybersecurity ROI for CEOs and boards

Post navigation