IT Security News Daily Summary 2025-04-16

210 posts were published in the last hour

21:32 : Signalgate chats vanish from CIA chief phone
21:32 : Free Blue Screens of Death for Windows 11 24H2 users
21:3 : Gegen unnötigen Akkuverbrauch: So können Android-Entwickler ihre Apps jetzt besser überwachen
21:3 : Anthropic vertieft Integration von Claude in Google Workspace
21:2 : Apple Quashes Two Zero-Days With iOS, MacOS Patches
21:2 : Frequently Asked Questions About the MITRE CVE Program Expiration and Renewal
20:32 : Funding Crisis Averted: US Extends CVE Program Support Amid Outcry and Rising Concerns
20:32 : ‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program
20:32 : CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program
20:5 : IT Security News Hourly Summary 2025-04-16 21h : 9 posts
20:3 : CISA Extend Funding to MITRE to Keep CVE Program Running
20:3 : Why the CVE database for tracking security flaws nearly went dark – and what happens next
20:3 : CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise
20:3 : Modernizing Federal Security with Prisma Access
20:3 : Our DNA is at risk of hacking, warn scientists
20:3 : Randall Munroe’s XKCD ‘Anachronym Challenge’
20:3 : BSidesLV24 – Common Ground – 101 Things Your Application is Doing Without Your Knowledge
19:33 : Windows Task Scheduler Vulnerabilities Allow Attackers Gain Admin Account Control
19:33 : 2025-04-04: KongTuke activity
19:33 : 2025-04-13: Twelve days of scans and probes and web traffic hitting my web server
19:32 : Developers Beware: Slopsquatting & Vibe Coding Can Increase Risk of AI-Powered Attacks
19:32 : Interlock Ransomware Employs Multi-Stage Attack Via Legitimate Websites to Deliver Malicious Browser Updates
19:32 : Jira Down – Atlassian Jira Outage Disrupts Dashboard Access for Users Globally
19:32 : Researchers Deanonymized Medusa Ransomware Group’s Onion Site
19:32 : Beware of Online PDF Converters That Tricks Users to Install Password Stealing Malware
19:32 : Identifying the cyber risks that matter
19:3 : Apple Patches Exploited Vulnerability, (Wed, Apr 16th)
19:3 : OpenAI launches o3 and o4-mini, AI models that ‘think with images’ and use tools autonomously
19:3 : CISA Adds One Known Exploited Vulnerability to Catalog
19:3 : Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS
19:3 : New Windows Task Scheduler Vulnerabilities Allows Command Execution as Admin User
18:32 : CVE Program Stays Online as CISA Backs Temporary MITRE Extension
18:32 : Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
18:32 : What is Pretty Good Privacy and how does it work?
18:32 : Nomination Deadline Extended: Technical Advisory Committees
18:3 : Nvidia And Partners To Build $500 Billion Of AI Infrastructure In US
18:3 : Hackers Attacking Investors Via Fraud Networks to Steal Financial Data
18:3 : The Psychology of Social Engineering – What Security Leaders Should Know
18:3 : Securing Digital Identities – Best Practices for CISOs
18:3 : Why Modern CISOs Must Be Business Translators, Not Just Technologists
18:3 : 3 Malware Tactics Used To Evade Detection By Corporate Security: See Examples
17:32 : China’s Rare Earth Export Restrictions Poses Threat To US Defence
17:32 : Beware! Online PDF Converters Tricking Users into Installing Password-Stealing Malware
17:32 : Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials
17:32 : Congress Moves Closer to Risky Internet Takedown Law | EFFector 37.4
17:32 : What’s happening with MITRE and the CVE program uncertainty
17:32 : Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
17:5 : IT Security News Hourly Summary 2025-04-16 18h : 22 posts
17:4 : 6,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin
17:4 : CISA Extends Support a Last Minute to CVE Program, Averting Global Cybersecurity Crisis
17:4 : Researchers Expose Medusa Ransomware Group’s Onion Site
17:3 : Interlock Ransomware Uses Multi-Stage Attack Through Legitimate Websites to Deliver Malicious Browser Updates
17:3 : CVE program gets last-minute funding from CISA – and maybe a new home
17:3 : Vulnerability Summary for the Week of April 7, 2025
16:34 : Anzeige: Künstliche Intelligenz strategisch und sicher im Unternehmen
16:33 : ASML, Others Outline Impact Of Trump’s Tariffs
16:33 : China Names US Operatives For Alleged Cyberattacks
16:33 : Hackers Target Investors Through Fraud Networks to Steal Financial Data
16:33 : How Apple plans to train its AI on your data without sacrificing your privacy
16:33 : 2025 Imperva Bad Bot Report: How AI is Supercharging the Bot Threat
16:33 : MITRE CVE Program Gets Last-Hour Funding Reprieve
16:33 : Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1
16:33 : Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak | P2
16:33 : Oracle Faces Data Leak Claims, Clarifies Cloud Services Remain Safe
16:3 : Evolving Threat of Ransomware: From Extortion to Data Poisoning
16:3 : Google Introduces ‘Auto Restart’ Feature to Boost Android Device Security
16:3 : Can Passwordless Tactics Help Thwart Major Cyber Threats?
16:3 : AI-Powered Bad Bots Account for 51% of Traffic, Surpassing Human Traffic for the First Time
16:3 : Hackers Weaponize Gamma Tool Through Cloudflare Turnstile to Steal Microsoft Credentials
16:3 : NSO lawyer names Mexico, Saudi Arabia, and Uzbekistan as spyware customers behind 2019 WhatsApp hacks
16:3 : Hyver by CYE: Transformative Cyber Exposure Management for Modern Enterprises
16:3 : BSidesLV24 – Breaking Ground – Modern ColdFusion Exploitation and Attack Surface Reduction
15:34 : Webbrowser: Kritische Sicherheitslücke in Chrome abgedichtet
15:33 : BidenCash Market Dumps 1 Million Stolen Credit Cards on Russian Forum
15:33 : Spotify goes down: What we know, plus our favorite alternatives to try
15:33 : CVE Program Almost Unfunded
15:33 : CISA Provides Last-Minute Support to Keep CVE Program Running
15:32 : APT29 Hackers Employs GRAPELOADER in New Attack Against European Diplomats
15:32 : Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems
15:32 : Securing SaaS Applications – Best Practices for CISO Oversight
15:6 : 4chan wurde gehackt: Wer hinter dem Cyberangriff auf das kontroverse Onlineforum steckt
15:6 : Dank Veo 2: So erstellst du mit Googles Gemini-App jetzt KI-Videos
15:6 : Outlook-Bug bringt CPUs ins Schwitzen: Wie ihr den Fehler selbst beheben könnt
15:6 : In welchen Ländern die meisten Datenschutzverstöße gemeldet werden – Statistik der Woche
15:6 : Windows-Update erstellt neuen Ordner auf eurem PC: Warum ihr ihn nicht löschen solltet
15:6 : Google dichtet kritische Sicherheitslücke in Chrome ab
15:3 : The Looming Shadow Over AI: Securing the Future of Large Language Models
15:3 : “I sent you an email from your email account,” sextortion scam claims
15:3 : Law firm ‘didn’t think’ data theft was a breach, says ICO. Now it’s nursing a £60K fine
15:3 : Microsoft: CLFS Zero-Day Flaw Exploited in Ransomware Attacks
15:3 : Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack
14:34 : Nach drohendem CVE-Aus: Schwachstellendatenbank der EU geht an den Start
14:33 : Enhancing Avro With Semantic Metadata Using Logical Types
14:33 : Zero Trust Architecture: Revolutionizing Network Security in the Digital Age
14:33 : U.S. Government Funding For MITRE’s CVE Program Expires
14:33 : Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises
14:33 : CISA at the Last Minute Extends Funding for Crucial MITRE CVE Program
14:32 : MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’
14:32 : Entrust Cryptographic Security Platform provides visibility into cryptographic risk posture
14:5 : IT Security News Hourly Summary 2025-04-16 15h : 23 posts
14:4 : What can organisations learn about cybersecurity from the hacker’s playbook?
14:4 : SquareX to Reveal Critical Data Splicing Attack at BSides SF, Exposing Major DLP Vulnerability
14:4 : Landmark Admin Suffers Major Breach, Exposing Data of 1.6M+ Users
14:4 : Industry Moves for the week of April 14, 2025 – SecurityWeek
14:4 : Pillar Security Banks $9M for AI Security Guardrails
14:4 : Oracle April 2025 Critical Patch Update Addresses 171 CVEs
14:3 : Government Funding for CVE Program Ends, But a New Group Emerges
14:3 : Smokeloader Malware Clients Detained as Police Seize Critical Servers
14:3 : Windows CLFS Zero-Day CVE-2025-29824 Exploited by Ransomware Group Storm-2460
14:3 : Cozy Bear targets EU diplomats with wine-tasting invites (again)
14:3 : China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses
14:3 : BREAKING: CVE Funding Doesn’t Lapse
13:33 : Einbruch im Kölner Dom durch KI-Kamera rechtzeitig gebannt
13:32 : API Security Is Key to Cyber Resilience in Media and Entertainment
13:32 : Q1 2025 Global Cyber Attack Report from Check Point Software: An Almost 50% Surge in Cyber Threats Worldwide, with a Rise of 126% in Ransomware Attacks
13:32 : Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024
13:3 : Microsoft Joins Google and Yahoo in Strengthening Email Sender Requirements
13:3 : Understanding the 2025 HIPAA Security Rule Updates: A Comprehensive Analysis of Healthcare Cybersecurity Enhancements
13:3 : SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions
13:3 : AI Code Package Hallucinations: Opening Doors For Hackers
13:3 : Russians lure European diplomats into malware trap with wine-tasting invite
13:3 : Cyware strengthens threat intelligence management
13:3 : 92% of Mobile Apps Found to Use Insecure Cryptographic Methods
12:34 : Malware-Ranking März: FakeUpdates dominiert in Deutschland
12:34 : Vier neue EU-Regelwerke verändern den rechtlichen Rahmen für vernetzte Produkte grundlegend
12:34 : [NEU] [mittel] ESRI ArcGIS: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
12:33 : Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
12:33 : April Patch Tuesday From Microsoft Fixed Over 130 Vulnerabilities
12:33 : Hertz Confirms Data Breach After Hackers Stole Customer PII
12:33 : LastPass Review: Is it Still Safe and Reliable in 2025?
12:33 : Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps
12:33 : Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial
12:33 : From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
12:33 : Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
12:7 : [UPDATE] [mittel] Red Hat Enterprise Linux (opentelemetry-collector): Schwachstelle ermöglicht Denial of Service
12:7 : [UPDATE] [mittel] Red Hat OpenShift: Schwachstelle ermöglicht Offenlegung von Informationen
12:7 : [UPDATE] [mittel] Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Denial of Service
12:7 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
12:7 : [UPDATE] [mittel] Xen: Mehrere Schwachstellen
12:4 : Eclipse and STMicroelectronics vulnerabilities
12:4 : Firefox Fixes High-Severity Vulnerability Causing Memory Corruption via Race Condition
12:4 : Threat Actors Misuse Node.js To Deliver Malware – Warns Microsoft
12:4 : Hacktivist Turns More Sophisticated Targeting Critical Infrastructure to Deploy Ransomware
12:4 : Threat Intelligence Feeds Flood Analysts With Data, But Context Still Lacking
12:4 : How CISOs Can Create a Culture of Cybersecurity Accountability
12:4 : Automating Threat Intelligence: Tools And Techniques For 2025
12:3 : Hackers Revealed the Exploit Method Used to Hack 4chan Messageboard
12:3 : Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild
12:3 : Funding uncertainty may spell the end of MITRE’s CVE program
11:33 : Updates von Oracle: 378 Security-Patches aber nichts zum Einbruch in die Cloud
11:32 : Critical Vulnerability Found in Apache Roller Blog Server
11:32 : Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures
11:5 : IT Security News Hourly Summary 2025-04-16 12h : 21 posts
11:4 : Messenger-Alternative: Volla Messages mit großen Versprechungen
11:4 : Nur noch 47 Tage: Gültigkeit von TLS-Zertifikaten wird drastisch verkürzt
11:3 : What to Know about Compliance with India’s Emerging Digital Personal Data Protection Act
11:3 : Nvidia Expects $5.5 Billion Hit As US Tightens Export Controls
11:3 : Google Sued In UK For Online Search Domination
11:3 : AI in Cybersecurity: Double-Edged Sword or Game-Changer?
11:3 : Tails 6.14.2 Released with Critical Fixes for Linux Kernel Vulnerabilities
11:3 : Microsoft Warns of Node.js Abuse for Malware Delivery
11:3 : Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense
11:3 : New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
10:33 : Partnerbeitrag: ATHENE – Workshop „Hot Topic „Kryptoagilität“
10:32 : How Top Cybersecurity Leaders Are Enhancing Boardroom Communication in 2025
10:32 : Streamlining detection engineering in security operation centers
10:32 : CVE Foundation Launched To Ensure Long-term Vulnerability Tracking
10:32 : Hackers Abuse Node.js to Deliver Malware – Microsoft Warns
10:32 : Oracle Patches 180 Vulnerabilities With April 2025 CPU
10:5 : [NEU] [mittel] HCL BigFix: Mehrere Schwachstellen
10:5 : [NEU] [mittel] Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
10:5 : [NEU] [mittel] Linux Kernel: Schwachstelle ermöglicht Denial of Service
10:5 : [NEU] [mittel] Autodesk AutoCAD und Civil 3D: Mehrere Schwachstellen ermöglichen Codeausführung
10:3 : Hacktivist Group Becomes More Sophisticated, Targets Critical Infrastructure to Deploy Ransomware
10:3 : Chinese Hackers Unleash New BRICKSTORM Malware to Target Windows and Linux Systems
10:3 : APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats
10:3 : Chinese UNC5174 Actors Added New Open Source Tool & C2 Infrastructure to Their Arsenal
10:3 : Oracle Security Update – Patch for 378 Vulnerabilities Including Remote Exploits
10:3 : Why Phishing Remains the #1 Cyber Threat & How to Stop It
9:34 : Mozilla Thunderbird und Thunderbird ESR: Mehrere Schwachstellen
9:34 : Oracle Java SE: Mehrere Schwachstellen
9:34 : So schützt du dich vor NFC-Kartendiebstahl | Offizieller Blog von Kaspersky
9:34 : CVE-Finanzierung unklar: Datenbank für kritische Sicherheitslücken gefährdet
9:34 : [UPDATE] [hoch] expat: Schwachstelle ermöglicht Codeausführung
9:33 : Cyber Threats Against Energy Sector Surge as Global Tensions Mount
9:33 : Alert: Security Gaps Allow Bots to Exploit UK Driving Test Booking System
9:32 : Chaos Reigns as MITRE Set to Cease CVE and CWE Operations
9:32 : Scalper Bots Fueling DVSA Driving Test Black Market
9:5 : Google Chrome: Mehrere Schwachstellen
9:5 : Mozilla Firefox: Schwachstelle ermöglicht nicht spezifizierten Angriff
9:5 : OpenAI soll an einem sozialen Netzwerk arbeiten – und sich dabei auf einen Aspekt konzentrieren
9:5 : Generative KI-Tools für das US-Militär: Das sind die Geheimdienstarbeiten in einer ersten Testphase
9:5 : Diese 6 Dinge solltet ihr ChatGPT und anderen KI-Chatbots niemals verraten
9:5 : [NEU] [hoch] Google Chrome: Mehrere Schwachstellen
9:5 : [NEU] [hoch] Mozilla Firefox: Schwachstelle ermöglicht nicht spezifizierten Angriff
9:3 : Interlock ransomware evolving under the radar
9:3 : CrazyHunter Campaign Targets Taiwanese Critical Sectors
9:3 : CISA Issues 9 New ICS Advisories Addressing Critical Vulnerabilities
9:3 : CNSS Instruction: Why It’s Critical for National Security and Your Organization
9:3 : APT Rogues’ Gallery: The World’s Most Dangerous Cyber Adversaries
9:3 : IAM vs PAM: What’s the Difference And Why It Matters
9:3 : Internet Giants Agree to Reduce TLS Certificate Lifespan to 47 Days by 2029
9:3 : Chaos Reins as MITRE Set to Cease CVE and CWE Operations
8:34 : Quellcode und Daten geleakt: 4chan nach mutmaßlichem Hackerangriff offline
8:33 : WhatsApp Job Offer Scam Targets Job Seekers in New Phishing Attack
8:33 : 10 Best Email Security Solutions in 2025
8:33 : Government contractor Conduent disclosed a data breach
8:33 : Authorities Dismantled 4 Encrypted Cyber Criminals Communication Platforms
8:33 : Motorious 4chan Forum Hacked and the Internal Data Leaked
8:33 : Why Threat Intelligence is Crucial for Modern Cyber Defense

Post navigation