IT Security News Daily Summary 2025-04-03

210 posts were published in the last hour

21:13 : Look, no patches! Why Chainguard OS might be the most secure Linux ever
21:13 : Platformization Maximizes Security Efficacy & IT Operations Efficiency
21:13 : How to Protect Your Spring Sale from Bots
20:39 : Dieses Tool erstellt Apps per KI – und ist trotzdem mehr Tiktok als ein Entwicklerwerkzeug
20:38 : Whatsapp: 4 neue Funktionen, die ihr unbedingt kennen müsst
20:37 : EU Pumps €1.3 Billion into Cybersecurity, AI, and Digital Skills to Fortify Europe’s Tech Future
20:37 : Ted Schlein’s Ballistic Ventures is raising $100M for a new fund
20:37 : OpenAI just made its first cybersecurity investment
20:37 : China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
20:37 : Popular VPNs are routing traffic via Chinese companies, including one with link to military
20:37 : Securing OT Environments with Zero Trust: A Joint Approach by ColorTokens and Claroty
20:37 : Protecting Users: Prevent and Stop Cyberthreats Before They Start With Kaseya 365 User
20:5 : IT Security News Hourly Summary 2025-04-03 21h : 9 posts
19:32 : Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
19:13 : Hacker Claims Twilio’s SendGrid Data Breach, Selling 848,000 Records
18:32 : Amazon Joins Bidders To Acquire TikTok In US
18:32 : Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
18:7 : One mighty fine-looking report
18:7 : New Phishing Campaign Attacking Investors to Steal Login Credentials
18:7 : Oracle Acknowledges Data Breach and Starts Informing Affected Clients
18:7 : Hackers Leveraging Fast Flux Technique to Evade Detection & Hide Malicious Servers
18:7 : StreamElements Confirms Data Exposure via Former Third-Party Provider
18:7 : Threat actors leverage tax season to deploy tax-themed phishing campaigns
18:7 : Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
17:32 : 50,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Uncanny Automator WordPress Plugin
17:32 : Judge Rejects Government’s Attempt to Dismiss EFF Lawsuit Against OPM, DOGE, and Musk
17:32 : Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
17:9 : Elon Musk Dismisses Reports Of Imminent Departure From DOGE
17:9 : Android quietly installed a feature that scans your photos for ‘sensitive content’ – how to remove it
17:5 : IT Security News Hourly Summary 2025-04-03 18h : 15 posts
16:39 : Operation HollowQuill Uses Malicious PDFs to Target Academic and Government Networks
16:39 : Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access
16:39 : Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems
16:39 : UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
16:39 : New Phishing Campaign Targets Investors to Steal Login Credentials
16:39 : This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one.
16:39 : EFF Joins Amicus Brief Supporting Perkins Coie Law Firm Against Unconstitutional Executive Order
16:13 : Anzeige: Weg von AWS & Co. – mit Stackit Cloud
16:12 : Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
16:12 : How to detect and remove malware from an Android device
16:12 : Hunters International Overlaps Hive Ransomware Attacking Windows, Linux, and ESXi Systems
16:11 : DarkCloud Stealer Attacking Organizations with Weaponized .TAR Archive to Steal Passwords
16:11 : QR codes sent in attachments are the new favorite for phishers
16:11 : Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
16:11 : China’s FamousSparrow APT Hits United States Via SparrowDoor Malware
16:11 : Major Online Platform for Child Exploitation Dismantled
15:35 : Wordfence Intelligence Weekly WordPress Vulnerability Report (March 24, 2025 to March 30, 2025)
15:35 : EvilCorp join with RansomHub to launch global cyber attacks
15:35 : Mark Zuckerberg Lobbies Trump To Avoid Antitrust Trial – Report
15:35 : This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one
15:35 : Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests
15:35 : New Web Skimming Attack Uses Legacy Stripe API to Validate Stolen Card Details
15:35 : Russian Seashell Blizzard Attacking Organizations With Custom-Developed Hacking Tools
15:35 : Qilin Operators Mimic ScreenConnect Login Page to Deliver Ransomware & Gain Admin Access
15:10 : Bitcoin Slides To $81,000 In Trump Tariff Shock
15:9 : Understanding ldd: The Linux Dynamic Dependency Explorer
15:9 : HellCat Ransomware: What You Need To Know
15:9 : When disaster strikes, proper preparation prevents poor performance
15:9 : Payment Fraud Detection and Prevention: Here’s All To Know
15:9 : App Stores OK’ed VPNs Run by China PLA
15:9 : CrushFTP Vulnerability Exploited Following Disclosure Issues
14:36 : Entwickler wehrt sich gegen Scraper: So stoppt sein Tool KI-Datenjäger
14:36 : O’Reilly-Bücher als Trainingsdaten für GPT-4o? Erneute Vorwürfe gegen OpenAI
14:36 : Thunderbird Pro und Thundermail: Mozillas Angriff auf Gmail und Outlook
14:36 : Weniger Transparenz bei Deepmind: Experten warnen vor Innovationsbremse
14:35 : Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
14:35 : Amazon’s First Project Kuiper Satellites Slated For 9 April Launch
14:35 : Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance
14:35 : IAM compliance: Know the system controls at your disposal
14:35 : Time for demystifying “failure is the key to success”
14:35 : Operation HollowQuill Weaponizing PDF Documents to Infiltrate Academic & Government Networks
14:35 : AI-based Gray Bots Targeting Web Application, with Request of 17,000+ Per Hour
14:35 : SonicWall Firewall Vulnerability Exploited to Gain Unauthorized Network Access
14:35 : EvilCorp & RansomHub Working Together to Attack Organizations Worldwide
14:34 : Cisco AnyConnect VPN Server Vulnerability Let Attacker Trigger DoS Condition
14:34 : Orion Brings Fully Homomorphic Encryption to Deep Learning for AI Privacy
14:17 : Softwareentwicklung: Jenkins-Plug-ins speichern API-Schlüssel im Klartext
14:16 : AutonomyAI Emerges from Stealth with $4M Pre-Seed Funding to Transform Front-End Development with Autonomous AI Agents
14:16 : Location, name, and photos of random kids shown to parents in child tracker mix up
14:16 : Hackers Leveraging DeepSeek & Remote Desktop Apps to Deliver TookPS Malware
14:16 : Hackers Actively Scanning for Juniper’s Smart Router With Default Password
14:16 : Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control
14:16 : Calyx Institute: A Case Study in Grassroots Innovation
14:16 : Cequence Marks Another Milestone with AWS Security Competency Achievement
14:16 : Bitsight Identity Intelligence provides visibility into compromised accounts
14:5 : IT Security News Hourly Summary 2025-04-03 15h : 26 posts
13:37 : AI Penetration Testing: How to Secure LLM Systems
13:37 : Hunters International Ransomware Gang Rebranding, Shifting Focus
13:37 : Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
13:37 : Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
13:16 : Open 2025 für die Trends in der Sicherheit
13:16 : So schützt du Android-, Windows- und Linux-Geräte vor dem Tracking über das „Wo ist?“-Netzwerk | Offizieller Blog von Kaspersky
13:14 : SonicWall Firewall Vulnerability Enables Unauthorized Access
13:14 : DarkCloud Stealer Uses Weaponized .TAR Archives to Target Organizations and Steal Passwords
13:14 : New Trinda Malware Targets Android Devices by Replacing Phone Numbers During Calls
13:14 : Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
13:14 : Celebrate World Cloud Security Day with our new Zero Trust and Hybrid Cloud Security eBook
13:14 : 8 Best Enterprise Password Managers
13:14 : Why is someone mass-scanning Juniper and Palo Alto Networks products?
13:14 : Google Makes Sending Encrypted Emails Easier for Gmail Users
13:14 : Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware
12:44 : Windows 11: Hotpatching ist angekommen
12:44 : Einsatz unzulässig: Datenschützerin rügt Polizei für Whatsapp-Nutzung
12:43 : Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon
12:43 : CISA and Partners Issue Fast Flux Cybersecurity Advisory
12:43 : Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
12:43 : New Web Skimming Attack Exploits Legacy Stripe API to Validate Stolen Card Data
12:42 : AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hours
12:42 : EvilCorp and RansomHub Collaborate to Launch Worldwide Attacks on Organizations
12:42 : Russian Seashell Blizzard Targets Organizations Using Custom-Built Hacking Tools
12:42 : A bizarre iOS 18.4 bug is surprising iPhone users with random app installs
12:42 : EDR Implementation: Essential Features, Considerations, And Best Practices
12:42 : EDR vs NGAV: Which Works Better for Your Organization?
12:42 : NDR vs EDR: A Comparison Between the Two Cybersecurity Solutions
12:42 : Threat Actors Allegedly Selling SnowDog RAT Malware With Control Panel on Hacker Forums
12:42 : New Malware Attacking Magic Enthusiasts to Steal Login Credentials
12:42 : Multiple Jenkins Plugins Vulnerability Let Attackers Access Sensitive Information
12:42 : Google’s Quick Share for Windows Vulnerability Let Attackers Remote Code
12:42 : SmokeLoader Malware Using Weaponized 7z Archive to Distribute Infostealers
12:42 : AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar
12:5 : Multiple Jenkins Plugin Vulnerabilities Expose Sensitive Information to Attackers
12:5 : Google’s Quick Share for Windows Vulnerability Allows Remote Code Execution
12:5 : Top Cybersecurity Considerations When Moving Commercial Premises
12:5 : Japan Passes Active Cyber Defense Bill
12:5 : NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat
12:5 : Fast Flux: A National Security Threat
12:5 : Cybersecurity M&A Roundup: 23 Deals Announced in March 2025
11:39 : Belohnung für gefundene Sicherheitslücken in Fediverse-Software ausgelobt
11:39 : Trojan.Arcanum – ein neuer Trojaner, der auf Tarot-Experten, Esoteriker und Magier abzielt | Offizieller Blog von Kaspersky
11:39 : Dienstlicher Austausch: Datenschützerin rügt Polizei für Whatsapp-Nutzung
11:39 : [NEU] [mittel] Cisco EPNM und Prime Infrastructure: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
11:39 : [NEU] [mittel] Red Hat OpenShift: Schwachstelle ermöglicht Offenlegung von Informationen
11:38 : Trump’s Tariffs: Implications For Tech Sector
11:37 : AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
11:37 : Web 3.0 Requires Data Integrity
11:37 : Hackers Exploit Default Voicemail Passwords to Hijack Telegram Accounts
11:37 : EU: These are scary times – let’s backdoor encryption!
11:37 : Phishers are increasingly impersonating electronic toll collection companies
11:37 : AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock
11:7 : AMD Ryzen: Schwachstellen in AI-Software bedrohen Sicherheit
11:7 : [NEU] [mittel] IBM TXSeries for Multiplatforms: Mehrere Schwachstellen
11:7 : [NEU] [UNGEPATCHT] [niedrig] PyTorch: Schwachstelle ermöglicht Denial of Service
11:7 : [UPDATE] [hoch] Google Chrome: Mehrere Schwachstellen
11:7 : [UPDATE] [hoch] Mozilla Firefox und Thunderbird: Mehrere Schwachstellen
11:7 : [UPDATE] [mittel] Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung
11:5 : IT Security News Hourly Summary 2025-04-03 12h : 18 posts
11:4 : T-Mobile’s $25,000 data breach payouts begin this month – how to check your eligibility
11:4 : 39 Million Secrets Leaked on GitHub in 2024
10:35 : AMD Ryzen: Sicherheitslücken in AI-Software
10:35 : [NEU] [mittel] Drupal: Mehrere Schwachstellen
10:35 : [NEU] [hoch] SugarCRM Sugar Enterprise: Mehrere Schwachstellen
10:35 : [NEU] [mittel] Django: Schwachstelle ermöglicht Denial of Service
10:35 : [NEU] [mittel] Red Hat build of Quarkus: Schwachstelle ermöglicht Denial of Service
10:32 : Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability
10:32 : Sensitive Data Breached in Highline Schools Ransomware Incident
10:8 : Ob Trump, Musk oder AfD: Wieso Populisten unsere Regeln egal sind – und wie wir damit umgehen sollten
10:8 : Monday: OpenAI rollt sarkastisches ChatGPT aus – wir haben es getestet
10:8 : „Unsere GPUs schmelzen“: OpenAI kämpft mit dem Erfolg seiner ChatGPT-Bildgenerierung
10:8 : Schwachstellen gefährden PCs mit Trend Micro Apex Central, Deep Security Agent
10:8 : Millionenverlust: Kryptodieb fällt auf Phishing rein und verliert seine Beute
10:8 : [NEU] [hoch] Jenkins Plugins: Mehrere Schwachstellen
10:5 : 1,500+ PostgreSQL Servers Compromised With Fileless Malware Attack
10:5 : Verizon Call Filter App Vulnerability Let Attackers Access Call History Logs
10:5 : 39M Secret API Keys & Credentials Leaked from GitHub – New Tools to Revamp Security
10:5 : GoResolver – A New Tool to Analyze Golang Malware & Extract Obfuscated Functions
10:5 : Authorities Taken Down Child Abuse Platform “Kidflix” With 2M+ Users
10:5 : Heterogeneous stacks, ransomware, and ITaaS: A DR nightmare
10:5 : Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks
9:35 : win.rar WinRAR: Schwachstelle ermöglicht Codeausführung
9:35 : [NEU] [hoch] Dell PowerProtect Data Domain: Schwachstelle ermöglicht Privilegieneskalation
9:35 : [NEU] [mittel] win.rar WinRAR: Schwachstelle ermöglicht Codeausführung
9:32 : Hackers Selling SnowDog RAT Malware With Remote Control Capabilities Online
9:32 : Want AI to work for your business? Then privacy needs to come first
9:32 : Google Released Second Fix for Quick Share Flaws After Patch Bypass
9:32 : Over Half of Attacks on Electricity and Water Firms Are Destructive
9:9 : [UPDATE] [mittel] docker: Schwachstelle ermöglicht Offenlegung von Informationen
9:9 : [UPDATE] [mittel] expat: Mehrere Schwachstellen ermöglichen Denial of Service
9:9 : [UPDATE] [hoch] docker: Mehrere Schwachstellen
9:9 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
9:9 : [UPDATE] [hoch] Red Hat Integration Camel for Spring Boot: Mehrere Schwachstellen
9:7 : Authorities Shut Down Kidflix Child Abuse Platform in Major Takedown
9:7 : 10 Best Open-Source Blue Team Tools – 2025
9:7 : Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent
9:7 : Nearly 600 Phishing Domains Emerge Following Bybit Heist
8:40 : Wie sich Bill Gates die Internet-Ära im Jahr 1993 vorgestellt hat
8:40 : Apache Tomcat: Angriffe auf kritische Sicherheitslücke laufen
8:37 : Sophisticated QR Code Phishing Attack Targeting Microsoft 365 Users to Steal Logins
8:37 : WinRAR “Mark of the Web” Bypass Vulnerability Let Attackers Arbitrary Code
8:37 : Corgea BLAST uncovers hidden vulnerabilities in code
8:37 : 1touch.io helps organizations safeguard sensitive data
8:14 : Vorsicht vor verseuchten PDFs
8:14 : Unitree Go1: Sicherheitslücken im Roboterhund ermöglichen Übernahme
8:14 : Hersteller warnt: Gefährliche Cisco-Backdoor wird aktiv ausgenutzt
8:14 : [UPDATE] [kritisch] CrushFTP: Schwachstelle ermöglicht das Umgehen der Authentisierung
8:12 : Massive GitHub Leak: 39M API Keys & Credentials Exposed – How to Strengthen Security
8:12 : The big VPN choice: System-wide or just in the browser? How to decide
8:12 : Defense in Depth is Broken – It’s Time to Rethink Cybersecurity
8:12 : Bluefin simplifies network tokenization access and management for merchants
8:11 : Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
8:5 : IT Security News Hourly Summary 2025-04-03 09h : 3 posts
7:35 : Sicherheitslücken in Roboterhund Unitree Go1 ermöglichen Übernahme
7:34 : Prince Ransomware – An Open Source Ransomware Builder That Automatically Build Ransomware Freely Available in GitHub
7:34 : Cisco Smart Licensing Utility Vulnerabilities Let Attackers Gain Admin Access
7:34 : DeepSeek Revives China’s Tech Industry, Challenging Western Giants
7:34 : CyberQP launches Zero Trust Helpdesk Security Platform
7:34 : North Korean IT workers move into Europe, Stripe API skimming unveils theft techniques, Verizon API flaw exposes call history
7:12 : Die Leitstelle der Zukunft – Technologien und Anforderungen
7:12 : USA: Sicherheitsberater Waltz kommuniziert über 20 Signal-Gruppen
7:11 : GoResolver: A Powerful New Tool for Analyzing Golang Malware
7:11 : The Evolution of Smishing: 3 Ways to Detect and Prevent Attacks

Post navigation