IT Security News Weekly Summary 15

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-04-13
• 21:4 : Hacktivism is back – but don’t be fooled, it’s often state-backed goons in masks
• 19:34 : Malicious PyPi Package ‘disgrasya’ Exploits WooCommerce Stores for Card Fraud, Downloaded Over 34,000 Times
• 17:34 : Researchers Unearth a Massive Data Leak Within Apollo Hospitals
• 17:34 : Cybercriminal Group’s Website Taken Over by Unknown Hacker
• 17:5 : IT Security News Hourly Summary 2025-04-13 18h : 4 posts
• 16:32 : BSidesLV24 – Breaking Ground – 14 Years Later, Proving Ground Is Proving Out. A Panel Discussion With PG Alumni And Staff
• 15:39 : Hackers Mimic Google Chrome Install Page on Google Play to Deploy Android Malware
• 15:39 : Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches
• 15:39 : Threat Actors Manipulate Search Results to Direct Users to Malicious Websites
• 15:7 : Threat Research is Broken – Security Teams Need Automation Now
• 14:35 : Perfides LLM-Grooming: So füttert Russland KI-Chatbots mit Fake News – und keiner merkt es
• 14:34 : ChatGPT: OpenAI-Chef enthüllt Verdopplung der Nutzerbasis in nur wenigen Wochen
• 14:5 : IT Security News Hourly Summary 2025-04-13 15h : 4 posts
• 14:2 : RansomHub Ransomware Group Compromised 84 Organization, New Groups Emerging
• 14:2 : HelloKitty Ransomware Resurafced Targeting Windows, Linux, & ESXi Environments
• 14:2 : Dangling DNS Attack Let Hackers Gain Control Over Organization’s Subdomain
• 13:5 : Netzwerkgeräte mit Arista EOS können Verschlüsselung vergessen
• 13:5 : The Invisible Fingerprint in Code
• 13:5 : Europcar GitLab Breach Exposes Sensitive User Data and Configuration Files
• 13:4 : New Sec-Gemini v1 from Google Outperforms Cybersecurity Rivals
• 12:32 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 41
• 12:9 : Root-Lücken in Siemens Sentron 7KT PAC1260 Data Manager bleiben offen
• 11:34 : Critical Patient Data Exposed: 1.6 Million Affected in Widespread Healthcare Cyber Attack
• 11:34 : Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION
• 11:10 : Sicherheitsupdates: Schadcode-Attacken auf KI-Analyseplattform Spotfire möglich
• 11:9 : Radiant Security Unveils Its Groundbreaking Adaptive AI SOC Platform
• 11:5 : IT Security News Hourly Summary 2025-04-13 12h : 4 posts
• 10:32 : Threat Actors Actively Attacking Semiconductor Companies With 0-Day Exploits
• 10:32 : Threat Actors Use Email Bombing Attacks to Bypass Security Tools & Hide Activity
• 9:33 : Schwachstellen bedrohen IBM Installation Manager, Java Runtime & Co.
• 9:32 : Threat Actors Hijack Legitimate Crypto Packages to Inject Malicious Code
• 9:32 : Tycoon 2FA Phishing Kit Employs New Evasion Techniques to Bypass Endpoint Detection Systems
• 9:32 : Hackers Actively Exploiting Router Vulnerabilities to Attack Enterprise Networks
• 8:43 : Elon Musk eher rechts, sein KI-Chatbot Grok eher links – Warum das kein Zufall ist
• 8:43 : ChatGPT als Lebensmitteltester: Warum die KI nicht erkennt, was lecker ist
• 8:43 : Bytedance: Geht es wirklich um Social Media oder ist Tiktok nur ein Mittel zum KI-Zweck?
• 8:42 : China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure
• 8:42 : Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
• 8:5 : IT Security News Hourly Summary 2025-04-13 09h : 2 posts
• 7:42 : Video und KI: Fortschritt im Perimeterschutz
• 7:41 : Understanding Multifactor Authentication (MFA): A Simple Guide
• 7:41 : Chinese eCrime Hacker Group Attacking Users in 120+ Coutries to Steal Banking Credentials
• 7:41 : TROX Stealer Exfiltrate Sensitive Data Including Stored Credit Cards & Browser Credentials
• 7:4 : The Oracle Breach Is Bigger Than You Think—5 Urgent Steps to Take Now
• 6:37 : Why CISOs Are Betting Big on AI, Automation & Zero Trust
• 5:32 : Anzeige: Mit dem Linux-Wissensbundle zur LFCS-Zertifizierung
• 5:32 : STRIDE GPT – AI-powered Tool LLMs To Generate Threat Models
• 2:34 : Samsung Germany Customer Tickets – 216,333 breached accounts
• 2:5 : IT Security News Hourly Summary 2025-04-13 03h : 4 posts
• 2:4 : Homeland Security Email Tells a US Citizen to ‘Immediately’ Self-Deport
• 1:2 : ViperSoftX Malware Attacking Users via Cracked Software
• 1:2 : Shuckworm Group Uses PowerShell Based GammaSteel Malware in Targeted Attacks
• 0:34 : Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248), (Sat, Apr 12th)
• 0:34 : 100,000 WordPress Sites Vulnerable to Rogue Creation Vulnerability
• 23:5 : IT Security News Hourly Summary 2025-04-13 00h : 1 posts
• 23:5 : Exploring Innovative NHIs Lifecycle Management Solutions
• 23:4 : Rest Assured with Top-tier Cloud-Native Security
• 22:55 : IT Security News Daily Summary 2025-04-12
• 20:35 : Vibe-Coding: Das steckt hinter dem neuen Trend, der Programmieren für alle ermöglicht
• 20:5 : IT Security News Hourly Summary 2025-04-12 21h : 2 posts
• 18:35 : GOFFEE Leveraging PowerModul Tool to Attack Government & Energy Organizations
• 18:34 : LLMs can’t stop making up software dependencies and sabotaging everything
• 18:2 : BSidesLV24 – Breaking Ground – From Keyless To Careless: Abusing Misconfigured OIDC Authentication In Cloud Environments
• 17:34 : Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns
• 16:37 : Chinas KI-Startup DeepSeek: Neue Trainingsmethode für präzisere Sprachmodelle
• 16:37 : Seven Years Old Cisco Vulnerability Exposes Cisco Devices to Remote Code Execution Attacks
• 15:3 : The Growing Cost of Non-Compliance and the Need for Security-First Solutions
• 15:3 : Karnataka Sets Up India’s First Cyber Command Centre to Tackle Online Crimes
• 15:3 : Why Personal Identity Should Remain Independent of Social Platforms
• 15:3 : Generative AI Fuels Identity Theft, Aadhaar Card Fraud, and Misinformation in India
• 15:3 : WinRAR Bug Circumvents Windows Mark of Web Security Notifications.
• 14:5 : IT Security News Hourly Summary 2025-04-12 15h : 3 posts
• 13:4 : The Art of Delegation in a Digital Age: Empowering Teams, Not Just Offloading Tasks
• 12:15 : Abgesang von US-Clouds: EU-Tech-Firmen erleben Aufschwung durch US-Handelspolitik
• 12:9 : 0-Click RCE in the SuperNote Nomad E-ink Tablet Lets Hackers Install Rootkit & Gain Full Control
• 11:34 : Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw
• 11:34 : AI can’t stop making up software dependencies and sabotaging everything
• 11:5 : China Secretly (and Weirdly) Admits It Hacked US Infrastructure
• 11:5 : UPI Down – UPI Outage Disrupt Millions of Digital Transactions Across India
• 11:5 : IT Security News Hourly Summary 2025-04-12 12h : 1 posts
• 10:5 : 5 warning signs that your phone’s been hacked – and how to fight back
• 10:5 : Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data
• 9:3 : NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data
• 9:2 : RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals
• 8:34 : Versehentlich vernetzt: Chefredakteur landet in Trumps vertraulichem Militär-Chat
• 8:34 : Android 16: So macht Google App-Installationen blitzschnell
• 8:34 : (g+) Datenschutz vs. KI: Private Prompts schützt vertrauliche Daten beim Prompten
• 8:34 : Vom Handelskrieg zum Cyberkrieg: Das Risiko für chinesische Cyberangriffe steigt
• 8:32 : Dangling DNS Attack Allows Hackers to Take Over Organization’s Subdomain
• 8:32 : Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware
• 8:32 : Threat Actors Manipulate Search Results to Lure Users to Malicious Websites
• 8:5 : RansomHub Ransomware Group Hits 84 Organizations as New Threat Actors Emerge
• 8:5 : HelloKitty Ransomware Returns, Launching Attacks on Windows, Linux, and ESXi Environments
• 8:5 : Sapphire Werewolf Enhances Toolkit With New Amethyst Stealer to Attack Energy Companies
• 8:5 : IT Security News Hourly Summary 2025-04-12 09h : 5 posts
• 7:32 : Cyberresilienz mit Security Operations aus aller Welt
• 7:2 : Insights from a Tech Leader: Interview with TD Bank’s Chief Architect Licenia Rojas
• 6:5 : Hackers Exploiting Domain Controller to Deploy Ransomware Using RDP
• 6:5 : Active Directory Attack Kill Chain Checklist & Tools List- 2025
• 6:5 : Hackers Actively Exploits Patched Fortinet FortiGate Devices to Gain Root Access Using Symbolic Link
• 6:5 : Google Unveils A2A Protocol That Enable AI Agents Collaborate to Automate Workflows
• 5:2 : Ransomware Attack Prevention Checklist – 2025
• 23:34 : Microsoft total recalls Recall totally to Copilot+ PCs
• 23:5 : IT Security News Hourly Summary 2025-04-12 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-04-11
• 22:34 : Laboratory Services Cooperative data breach impacts 1.6 Million People
• 22:7 : Ransomware negotiation: Does it work, and should you try it?
• 22:7 : Is Your Kubernetes Infrastructure Resilient? Test It with a Chaos Day
• 21:4 : Week in Review: Fake ChatGPT passport, Apple appeals UK encryption, Oracle’s obsolete servers
• 20:37 : Stanford-Report: Warum KI immer größeren Einfluss auf unser Leben hat – und wie wir damit umgehen
• 20:37 : Zauberer von Oz: Warum Google 90 Prozent des Filmklassikers mithilfe von KI verändert
• 20:37 : Windows-95-Startsound wird besondere Ehre zuteil
• 20:36 : News alert: INE Security highlights why hands-on labs can help accelerate CMMC 2.0 compliance
• 20:5 : IT Security News Hourly Summary 2025-04-11 21h : 12 posts
• 19:36 : Florida’s New Social Media Bill Says the Quiet Part Out Loud and Demands an Encryption Backdoor
• 19:4 : Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director
• 18:32 : Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing
• 18:32 : Tycoon 2FA Phishing Kit Uses Advanced Evasion Techniques to Bypass Endpoint Detection Systems
• 18:32 : Threat Actors Exploit Legitimate Crypto Packages to Deliver Malicious Code
• 18:32 : Hackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks
• 18:32 : Threat Actors Launch Active Attacks on Semiconductor Firms Using Zero-Day Exploits
• 18:32 : Threat Actors Leverage Email Bombing to Evade Security Tools and Conceal Malicious Activity
• 18:5 : Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
• 18:5 : Beware of Fake mParivahan App Attacking Mobile Users Via WhatsApp to Steal Sensitive Data
• 18:5 : Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle
• 18:5 : Microsoft Moves Forward With Controversial Recall Feature
• 18:5 : Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
• 17:35 : BentoML Vulnerability Allows Remote Code Execution on AI Servers
• 17:35 : APT32 Hackers Weaponizing GitHub to Attack Cybersecurity Professionals & Enterprises
• 17:35 : Overcoming The Skills Shortage in Cybersecurity Through A ‘Trusted’ Approach.
• 17:35 : Can AI Be Your Trusted Partner in Securing Your Extended Business Ecosystem?
• 17:35 : The Role of AI In Cybersecurity: Enhancing Defense And Adapting To Threats
• 17:35 : Securing The AI Frontier: Addressing Emerging Threats In AI-Powered Software Development
• 17:35 : Smart Meter Security: Best Practices and Emerging Regulations
• 17:5 : IT Security News Hourly Summary 2025-04-11 18h : 8 posts
• 17:2 : BSidesLV24 – Breaking Ground – Redis Or Not: Argo CD & GitOps From An Attacker’s Perspective
• 17:2 : Ethical Hacking: The Cyber Shield Organizations Need
• 16:37 : Anzeige: Fortgeschrittenes Penetration Testing mit CPENT Certificate
• 16:36 : How OSCP Holders Can Lead Their Teams to Greater Cybersecurity Resilience
• 16:36 : Meta Launches New Llama 4 AI Models
• 16:36 : Krebs probed, Nissan Leaf hack, Typhoon tariff warning
• 16:7 : Hackers post stolen data on Telegram
• 16:6 : The Pall Mall Pact and why it matters
• 15:32 : Laboratory Services Cooperative Data Breach – 1.6 Million People Impacted
• 15:32 : CISA Releases 10 ICS Advisories Covering Vulnerabilities & Exploits
• 15:32 : The Rise of Cyber Warfare and Its Global Implications
• 15:32 : NVD Revamps Operations as Vulnerability Reporting Surges
• 15:5 : Smart Buses, Smarter Threats | Securing the Future of Connected Transit
• 15:5 : Harmony SaaS Delivers Next-Level SaaS Security for Google Cloud Customers
• 15:5 : What is Active Directory (AD)?
• 15:5 : How GenAI Is Revolutionizing HR Analytics for CHROs and Business Leaders
• 14:37 : BSI warnt Windows-10-Nutzer: Warum ihr schon jetzt auf ein anderes Betriebssystem umsteigen solltet
• 14:37 : ChatGPT erinnert sich an alles: Neues Memory-Feature sorgt für Diskussionen
• 14:37 : Menschen statt KI: Wie ein Gründer Investoren und Kunden mit seiner App getäuscht haben soll
• 14:37 : Messenger schlägt Telefon: Warum 40 Prozent der Deutschen lieber Nachrichten verschicken als anzurufen
• 14:37 : Thunderbird Pro: Wie Mozilla Gmail und Outlook Konkurrenz machen will
• 14:35 : Amazon CEO Says Sellers May Pass Tariff Costs Onto Consumers
• 14:35 : Protect yourself from tax season scams
• 14:35 : Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities
• 14:35 : Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks
• 14:35 : Hackers Breach Morocco’s Social Security Database
• 14:7 : EU und Nato: Europäische Telcos fordern Schutz ihrer Seekabel vom Militär
• 14:5 : Google Cuts Hundreds Of Android, Pixel Staff – Report
• 14:5 : Hands-On Labs: The Key to Accelerating CMMC 2.0 Compliance
• 14:5 : A Security Leader’s Perspective on The Real Business Risks of Secrets Managers Redundancy
• 14:5 : IT Security News Hourly Summary 2025-04-11 15h : 5 posts
• 13:37 : Einigung auf Koalitionsvertrag: Wie geht es weiter?
• 13:37 : Google Workspace: Google gibt US-Behörden enormen Rabatt
• 13:35 : It?s All In the Cards: Preventing Payment Abuse for Retailers
• 13:35 : What Is DNSSEC, and How Does It Work?
• 13:35 : Cloud Migration Strategy: The Step-By-Step Framework and Benefits
• 13:35 : Biometrics vs. passcodes: What lawyers recommend if you’re worried about warrantless phone searches
• 13:35 : Malicious NPM Packages Targeting PayPal Users
• 13:35 : Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors
• 13:6 : Sonicwall: Schwachstellen im Netextender Windows-Client
• 13:5 : Monocam: Regulärer Betrieb der ersten Handyblitzer startet
• 13:5 : Calix Pre-Auth RCE on TCP Port 6998 Allow Arbitrary Code Execution as Root User
• 13:5 : Sensata Technologies Hacked – Ransomware Attack Disrupts Operations
• 13:5 : WordPress Plugin Vulnerability Exposes Sites to Critical File Inclusion Attacks
• 12:38 : Sonicwall Netextender: Sicherheitslecks gefährden Windows-Client
• 12:37 : China Hits Back At Trump, Raises US Tariffs To 125 Percent
• 12:37 : Vulnerability in OttoKit WordPress Plugin Exploited in the Wild
• 12:4 : (g+) Passwortsicherheit: Dicht wie ein Sieb – die Shell
• 12:4 : Strafverfolgung: FBI tarnt sich als Geldwäscher namens “Elon Musk”
• 12:4 : [NEU] [niedrig] QT: Schwachstelle ermöglicht Denial of Service
• 12:3 : Sensata Technologies Breached: Ransomware Attack Key Systems
• 12:3 : CISA Issues 10 ICS Advisories Addressing Critical Vulnerabilities and Exploits
• 12:3 : Privileged access management: Best practices, implementation, and tools
• 12:3 : In Other News: Scattered Spider Still Active, EncryptHub Unmasked, Rydox Extraditions
• 12:3 : KELA Digital Cyber Analysts improves security teams’ efficiency
• 12:3 : Span Cyber Security Arena 2025: Infosec leaders to discuss the future of digital defense
• 12:3 : Initial Access Brokers Shift Tactics, Selling More for Less
• 12:3 : Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today
• 11:31 : Künstliche Intelligenz: OpenAI verkürzt Sicherheitstests von Monaten auf Tage
• 11:5 : Sex-Fantasy Chatbots Are Leaking a Constant Stream of Explicit Messages
• 11:5 : IT Security News Hourly Summary 2025-04-11 12h : 19 posts
• 11:5 : Microsoft Enhances Exchange & SharePoint Server Security With New Windows Antimalware Scan
• 11:5 : SonicWall Patches High-Severity Vulnerability in NetExtender
• 11:4 : Seeing the Big Picture in Phishing Defense: IRONSCALES & CrowdStrike
• 10:39 : [NEU] [mittel] MediaWiki: Mehrere Schwachstellen
• 10:39 : [UPDATE] [mittel] Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Denial of Service
• 10:39 : [UPDATE] [mittel] Red Hat Enterprise Linux (Gatekeeper): Mehrere Schwachstellen ermöglichen Denial of Service
• 10:39 : [UPDATE] [mittel] Golang Go: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:38 : China Admitted to US That It Conducted Volt Typhoon Attacks: Report
• 10:2 : ISC Stormcast For Friday, April 11th, 2025 https://isc.sans.edu/podcastdetail/9404, (Fri, Apr 11th)
• 9:34 : Verkehrssicherheit: Nissan gehackt und Lenkung über das Internet manipuliert
• 9:34 : USA: Pentagon streicht zwei Milliarden US-Dollar für IT-Services
• 9:34 : [UPDATE] [mittel] Mattermost Mobile: Schwachstelle ermöglicht Denial of Service
• 9:33 : [UPDATE] [hoch] Mattermost: Mehrere Schwachstellen