IT Security News Weekly Summary 29

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-07-20
• 21:6 : Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)
• 20:5 : IT Security News Hourly Summary 2025-07-20 21h : 1 posts
• 18:7 : Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More
• 17:39 : Critical Sharepoint 0-Day Vulnerablity Exploited CVE-2025-53770 (ToolShell), (Sun, Jul 20th)
• 17:39 : Singapore warns China-linked group UNC3886 targets its critical infrastructure
• 17:5 : IT Security News Hourly Summary 2025-07-20 18h : 4 posts
• 16:34 : Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)
• 16:34 : EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware
• 16:3 : SquidLoader Malware Campaign Hits Hong Kong Financial Firms
• 15:37 : Online Criminals Steal $500K Crypto Via Malicious AI Browser Extension
• 15:37 : Gigabyte Firmware Vulnerability Enables Stealth UEFI Malware Infection
• 15:37 : Interlock RAT Evolves in New KongTuke Web-Inject Attacks Targeting U.S. Industries
• 14:37 : U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
• 14:37 : SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available
• 14:5 : IT Security News Hourly Summary 2025-07-20 15h : 1 posts
• 14:3 : Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack
• 14:3 : Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers
• 13:37 : Chinese Groups Launder $580M in India Using Fake Apps and Mule Accounts
• 13:37 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54
• 13:37 : ‘FileFix’ Malware Trick Amplifies Interlock Ransomware Threat With Evolved Attack Tactic
• 13:37 : Ransomware Attacks Surge in 2025, With Smaller Businesses and Manufacturers Most Affected
• 12:36 : Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION
• 11:32 : UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies
• 11:5 : IT Security News Hourly Summary 2025-07-20 12h : 2 posts
• 10:36 : Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
• 10:36 : Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
• 9:34 : Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
• 9:7 : This Apple Watch model is my favorite and I use it daily – right now, it’s over 30% off
• 8:32 : Radiology Associates of Richmond data breach impacts 1.4 million people
• 8:5 : Grafana Vulnerabilities Allow User Redirection to Malicious Sites and Code Execution in Dashboards
• 8:5 : Week in review: Google fixes zero-day vulnerability in Chrome, critical SQL injection flaw in FortiWeb
• 8:5 : IT Security News Hourly Summary 2025-07-20 09h : 2 posts
• 7:2 : Apple’s latest iPad hit a new low price at Walmart – and it’s available in every color
• 6:35 : SharePoint 0-Day RCE Vulnerability Actively Exploited in the Wild to Gain Full Server Access
• 2:5 : IT Security News Hourly Summary 2025-07-20 03h : 1 posts
• 1:34 : Customer guidance for SharePoint vulnerability CVE-2025-53770
• 1:4 : New EU AI Act Compliance Guide – Just Weeks Before August Deadline
• 23:5 : IT Security News Hourly Summary 2025-07-20 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-07-19
• 22:2 : Microsoft says it will no longer use engineers in China for Department of Defense work
• 17:34 : Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release
• 17:5 : IT Security News Hourly Summary 2025-07-19 18h : 1 posts
• 16:32 : Linux Distribution Designed for Seamless Anonymous Browsing
• 16:32 : Major Breach at Medical Billing Giant Results in The Data Leak of 5.4 Million Users
• 16:32 : Episource Healthcare Data Breach Exposes Personal Data of 5.4 Million Americans
• 16:32 : Over 2 Million Users Affected: Browser Extensions Turned Into Silent Spying Tools
• 16:2 : At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds
• 15:4 : These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more
• 14:5 : IT Security News Hourly Summary 2025-07-19 15h : 5 posts
• 12:36 : New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users
• 12:36 : Chinese Threat Actors Using 2,800 Malicious Domains to Deliver Windows-Specific Malware
• 12:36 : Snake Keylogger Evades Windows Defender and Scheduled Tasks to Harvest Login Credentials
• 12:5 : The best Samsung TVs of 2025: Expert tested for streaming, gaming, and more
• 12:5 : For privacy and security, think twice before granting AI access to your personal data
• 11:7 : China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year
• 11:5 : IT Security News Hourly Summary 2025-07-19 12h : 1 posts
• 10:32 : New QR Code Attack Via PDFs Evades Detection Systems and Harvest Credentials
• 10:32 : New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers
• 9:5 : I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way
• 8:32 : I found a compact power station with solar charging, and it’s a new off-grid essential
• 8:32 : Apple’s latest AirPods models are still at their lowest price ever – get them while the deal lasts
• 8:7 : This $269 Chromebook couldn’t be more portable – here’s why it’s my pick for students
• 8:7 : This TCL mini LED TV hits above its price point (and it’s $900 off)
• 8:7 : I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it
• 8:7 : Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days
• 8:7 : Exploring the Dark Side of AI: Risks, Consciousness, and Responsibility
• 8:5 : IT Security News Hourly Summary 2025-07-19 09h : 4 posts
• 7:3 : This HP EliteBook I tested is one of the most versatile work laptops of 2025 – and it’s on sale
• 7:3 : I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought
• 7:3 : This split keyboard offers deep customization – if you’re willing to go all in
• 6:36 : Lumma Infostealer Steal All Data Stored in Browsers and Selling Them in Underground Markets as Logs
• 4:5 : CISA Warns of Fortinet FortiWeb SQL Injection Vulnerability Exploited in Attacks
• 2:5 : IT Security News Hourly Summary 2025-07-19 03h : 1 posts
• 1:4 : Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting
• 23:5 : IT Security News Hourly Summary 2025-07-19 00h : 5 posts
• 22:55 : IT Security News Daily Summary 2025-07-18
• 22:32 : How OpenAI’s red team made ChatGPT agent into an AI fortress
• 22:4 : Week in Review: Pentagon’s Chinese Engineers, Gemini’s email phish, 20-year-old railroad flaw persists
• 21:32 : My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8
• 21:32 : AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind
• 21:32 : Authorities released free decryptor for Phobos and 8base ransomware
• 21:2 : How to Expose IBM FS Cloud Container App to Public
• 21:2 : Europe’s General-Purpose AI Rulebook: What’s Covered & Which Tech Giants Signed It
• 20:34 : Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware
• 20:34 : Europe’s New AI Rulebook Just Dropped: Here’s What It Means
• 20:34 : Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices
• 20:5 : IT Security News Hourly Summary 2025-07-18 21h : 6 posts
• 20:2 : New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
• 19:37 : Vulnerable to Bulletproof: Protect TLS via Certificate Posture Management
• 19:37 : Optimizing Government Websites for Peak Traffic Events
• 19:37 : Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
• 19:37 : Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
• 19:37 : UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
• 19:37 : China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
• 19:8 : New Surge of Crypto-Jacking Hits Over 3,500 Websites
• 19:8 : AI-Driven Threat Hunting: Catching Zero Day Exploits Before They Strike
• 19:8 : What is biometric authentication?
• 19:7 : How to create a risk management plan: Template, key steps
• 19:7 : A surveillance vendor was caught exploiting a new SS7 attack to track people’s phone locations
• 19:7 : New Wave of Crypto-Hijacking Infects 3,500+ Websites
• 19:7 : Google Sues the Operators Behind the BadBox 2.0 Botnet
• 18:32 : Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
• 18:32 : I changed 12 settings on my Apple TV to instantly improve the performance
• 18:5 : Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
• 18:5 : Burn that List: Smarter Use of Allowlists and Denylists in Multi-Tenant Systems
• 18:5 : The OnePlus 12 was already our favorite Android deal – and now it’s $300 off
• 18:5 : CISA Adds One Known Exploited Vulnerability to Catalog
• 17:32 : US Congress Passes Stablecoin Bill
• 17:32 : PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
• 17:5 : IT Security News Hourly Summary 2025-07-18 18h : 8 posts
• 17:3 : Meta execs pay the pain away with $8 billion privacy settlement
• 17:3 : Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’
• 17:3 : Asia is a Major Hub For Cybercrime, And AI is Poised to Exacerbate The Problem
• 17:3 : Microsoft at Black Hat USA 2025: A unified approach to modern cyber defense
• 16:33 : Securing Tomorrow: An Interview with Trend Micro VP of Product Management Michael Habibi
• 16:33 : The best MagSafe accessories of 2025 for your new iPhone
• 16:33 : Is your Ring camera showing strange logins? Here’s what’s going on
• 16:33 : OpenAI’s ChatGPT Agent Can Create Your Spreadsheets and Presentations
• 16:33 : How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
• 16:6 : I ran with Samsung’s Galaxy Watch 8 Classic, and it both humbled and motivated me
• 16:5 : You can finally move Chrome’s address bar on Android – here’s how
• 16:5 : How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyber Spies
• 15:39 : Best travel VPNs 2025: Expert-tested for streaming and bypassing country blocks
• 15:39 : The Challenges of Operationalizing Threat Intelligence
• 15:39 : Why Major Companies Are Still Falling to Basic Cybersecurity Failures
• 15:39 : CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors
• 15:8 : 2025-07-15: Lumma Stealer infection with SecTop RAT
• 15:8 : Employee Spotlight: Getting to Know Sandy Venkataraman
• 15:8 : NordPass vs. Bitwarden: Which password manager is best?
• 15:7 : Fancy Bear Hackers Attacking Governments, Military Entities With New Sophisticated Tools
• 14:8 : CISA’s NIMBUS 2000 Initiative: Understanding Key Findings and Strengthening Cloud Identity Security
• 14:8 : iPadOS 26 is turning my iPad Air into the ultraportable laptop it was meant to be
• 14:8 : Wacom says its new drawing tablet needs no setup and has a pen that can’t die
• 14:8 : NVIDIA Issues Advisory After Demo of First Rowhammer Attack on GPUs
• 14:8 : Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights
• 14:8 : Threat Actors Weaponizing GitHub Accounts To Host Payloads, Tools and Amadey Malware Plug-Ins
• 14:8 : Ubiquiti UniFi Devices Vulnerability Allows Attackers to Inject Malicious Commands
• 14:8 : Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution
• 14:8 : Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon
• 14:8 : As companies race to add AI, terms of service changes are going to freak a lot of people out
• 14:8 : In Other News: Law Firm Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass
• 14:8 : Google Gemini Exploit Enables Covert Delivery of Phishing Content
• 14:8 : Hidden Crypto Mining Operation Found in Truck Tied to Village Power Supply
• 13:35 : Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands
• 13:35 : Grafana Flaws Allow User Redirection and Code Execution in Dashboards
• 13:35 : Google Sues BadBox 2.0 Botnet Operators Behind 10 Million+ Infected Devices
• 13:35 : Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution
• 13:35 : New QR Code Attacks Through PDFs Bypass Detection and Steal Credentials
• 13:35 : Practical Steps to Secure the Software Supply Chain End to End
• 13:35 : Corporate blog: Employee Spotlight: Getting to Know Sandy Venkataraman
• 13:35 : Salesforce used AI to cut support load by 5% — but the real win was teaching bots to say ‘I’m sorry’
• 13:35 : I swapped my Apple Watch Ultra for this big-screen Garmin that’s easier to read
• 13:35 : How to build a cybersecurity team to maximize business impact
• 13:35 : CISO role in ASM could add runtime security, tokenization
• 13:35 : Anne Arundel Dermatology data breach impacts 1.9 million people
• 13:35 : A Leader in the 2025 Gartner Magic Quadrant for EPP — 3 Years Running
• 13:35 : NailaoLocker Ransomware’s “Cheese”
• 13:35 : Email Protection Startup StrongestLayer Emerges From Stealth Mode
• 13:35 : Summer Vacation Alert Surfaces More Than 5 Million Unsecured Wi-Fi Networks
• 13:35 : Russia Linked to New Malware Targeting Email Accounts for Espionage
• 12:5 : Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware
• 12:5 : WAFFLED: New Technique Targets Web Application Firewall Weaknesses
• 12:5 : Microsoft Uncovers Scattered Spider Tactics, Techniques, and Procedures in Recent Attacks
• 12:4 : Lenovo Protection Driver Flaw Enables Privilege Escalation and Code Execution
• 12:4 : Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer
• 12:4 : Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon
• 12:4 : Best VPN services 2025: The fastest VPNs with the best networks, ranked
• 12:4 : How a circuit breaker finder helped me map my home’s wiring (and why that matters)
• 12:4 : The best free email marketing software of 2025: Expert tested
• 12:4 : The best Apple Watch of 2025: Here’s the best smartwatch for you
• 12:4 : The best Sony TVs of 2025: Expert tested and reviewed
• 12:4 : 5 Features Every AI-Powered SOC Platform Needs in 2025
• 12:4 : LameHug: first AI-Powered malware linked to Russia’s APT28
• 12:4 : New Mobile Phone Forensics Tool
• 12:4 : Top-Rated Shopify Plugin Exposes Hundreds of Stores to Takeovers, Token Leaks
• 12:4 : Pro-Russian Cybercrime Group NoName057(16) Hit Hard in Global Takedown
• 12:4 : Lessons Learned from Steelcon’s 10th Anniversary
• 12:4 : Cyber Attacks Surge 21% Globally in Q2 2025 – Europe Takes the Hardest Hit
• 12:4 : Cybercriminals Are Using AI to Cloak Malicious Websites
• 12:4 : Hackers are Using ClickFix Techniques to Deliver NetSupport RAT, Latrodectus and Lumma Stealer Malware
• 12:4 : New WAFFLED Attack Exploits AWS, Azure, Cloud Armor, Cloudflare, and ModSecurity WAFs
• 12:4 : Signal App Clone TeleMessage Vulnerability May Leak Passwords; Hackers Exploiting It
• 12:4 : CISA Releases 3 ICS Advisories Covering Vulnerabilities and Exploits
• 12:4 : Microsoft Details Scattered Spider TTPs Observed in Recent Attack Chains
• 12:4 : Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet
• 12:4 : CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable
• 12:3 : Fraud: A Growth Industry Powered by Gen-AI
• 12:3 : 1.4 Million Affected by Data Breach at Virginia Radiology Practice
• 12:3 : Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication
• 12:3 : Critical MCP Vulnerabilities are Slipping Through the Cracks
• 12:3 : Cambodia Arrests More Than 1,000 in Cyberscam Crackdown
• 12:3 : From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
• 12:3 : Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
• 12:3 : Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
• 12:3 : New “LameHug” Malware Deploys AI-Generated Commands
• 8:39 : [UPDATE] [hoch] PHP: Mehrere Schwachstellen
• 8:39 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
• 8:39 : [UPDATE] [mittel] Python (CPython): Schwachstelle ermöglicht Denial of Service
• 8:39 : [UPDATE] [mittel] Red Hat Enterprise Linux (python-setuptools): Schwachstelle ermöglicht Codeausführung
• 8:38 : Russian Vodka Maker Beluga Struck by Ransomware Attack
• 8:38 : Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
• 8:37 : Retail Becomes New Target as Healthcare Ransomware Attacks Slow
• 8:37 : AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet
• 8:7 : Veeam Phishing via Wav File, (Fri, Jul 18th)
• 8:7 : 10 Best XDR (Extended Detection & Response) Solutions 2025
• 8:7 : CISA Publishes 13 ICS Security Advisories on Critical Flaws
• 8:7 : ‘Daemon Ex Plist’ Vulnerability Grants Root Access on macOS
• 8:7 : I tested a ‘de-Googled’ tablet without all the bloatware – and it was beyond refreshing
• 8:6 : This MSI handheld could replace my gaming laptop, and not just for its more portable design