IT Security News Daily Summary 2025-05-06

210 posts were published in the last hour

21:31 : NSO Group must pay more than $167 million in damages to WhatsApp for spyware campaign
21:7 : Computacenter IT guy let girlfriend into Deutsche Bank server rooms, says fired whistleblower
21:7 : The Rise of AI-Powered Bots in Payment Fraud & How FinTechs Can Protect Themselves
20:32 : The Signal Clone Mike Waltz Was Caught Using Has Direct Access to User Chats
20:32 : Ransomware Attacks Against Food & Agriculture Industry Doubled – 84 Attacks in 3 Months
20:32 : Hackers Can Bypass Microsoft, Nvidia, & Meta AI Filters With a Simple Emoji
20:5 : Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years
20:5 : BSidesLV24 – Proving Ground – A Quick Story Of Security Pitfalls With Exec Commands In Software Integrations
20:5 : IT Security News Hourly Summary 2025-05-06 21h : 5 posts
19:32 : Unlocking the Potential of Apache Iceberg: A Comprehensive Analysis
19:32 : T-Mobile’s data breach settlement payments finally rolling out this month – after April delay
19:32 : No Postal Service Data Sharing to Deport Immigrants
19:32 : Pentagon declares war on ‘outdated’ software buying, opens fire on open source
19:7 : Amazon Zoox Robotaxi Software Recall After Crash
19:7 : ClickFix Scam: How to Protect Your Business Against This Evolving Threat
19:7 : Diving Into the Talent Pool – Threat Actors Target Job Seekers with Complex Recruitment Scams
19:7 : Helm Charts Flaw Could Let Hackers Access Kubernetes Clusters, Microsoft Finds
19:7 : Samsung MagicINFO flaw exploited days after PoC exploit publication
19:7 : Hackers Launching Cyber Attacks Targeting Multiple Schools & Universities in New Mexico
18:32 : T-Mobile’s data breach settlement payments were delayed, but they’re rolling out soon
18:32 : Pentagon declares war on ‘outdated’ software buying
18:32 : OCC Cyber Breach: Undetected for 8 Months, Exposing Sensitive Data
18:32 : BSidesLV24 – Proving Ground – GEN-Z Critique On SOC 2
18:32 : Daniel Stori’s Turnoff.US: ‘mastering regexp’
17:32 : Elon Musk To Continue OpenAI Lawsuit – Lawyer
17:32 : AI Now Writes Up to 30% of Microsoft’s Code, Says CEO Satya Nadella
17:32 : JPMorgan Security Head Warns Tech Firms to Focus on Safer Software
17:32 : Introducing the AWS Zero Trust Accelerator for Government
17:10 : Diese kleine Änderung bei Gemini kann euch eine Menge Zeit sparen
17:9 : Whatsapp: Diese 4 neuen Funktionen müsst ihr unbedingt kennen
17:9 : Schon 1993: Bill Gates prophezeite die digitale Ära – und lag goldrichtig
17:9 : OpenAIs ChatGPT erschreckt Nutzer mit dämonischer Stimme: Wie es dazu kommen kann
17:9 : Berliner Forscher zeigen Deepfakes, die den Herzschlag imitieren können
17:7 : Here Comes Mirai: IoT Devices RSVP to Active Exploitation
17:7 : Two Hacks, One Empire: The Cyber Assaults Disney Didn’t See Coming
17:7 : ServiceNow expands AI governance, emphasizes ROI
17:7 : Microsoft 365 Hit By Major Outage Impacting Teams, OneDrive, & SharePoint
17:7 : Initial Access Brokers Plays a Vital Role Modern Ransomware Attacks
17:5 : IT Security News Hourly Summary 2025-05-06 18h : 22 posts
16:32 : MIWIC25: Stephanie Itimi, Director of Information Protection and Compliance, Age UK, Founder & Chair, Seidea CIC
16:6 : Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation
16:6 : NCSC issues alert against more ransomware attacks on retailers
16:5 : The distinction between Data Privacy and Data Security
16:5 : Deliveroo Agrees To $2.9 Billion Acquisition By Doordash
16:5 : Hybrid Cloud vs Multi-Cloud: Choosing the Right Strategy for AI Scalability and Security
16:5 : CISA Releases Three Industrial Control Systems Advisories
16:5 : Milesight UG65-868M-EA
16:5 : Optigo Networks ONS NC600
16:5 : BrightSign Players
16:5 : Applying the OODA Loop to Solve the Shadow AI Problem
16:5 : Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
16:5 : Texas School District Notifies Over 47,000 People of Major Data Breach
15:36 : Co-Op Admits Member Data Compromised In Cyberattack
15:36 : UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion
15:36 : Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX
15:36 : BFDOOR Malware Targets Organizations to Establish Long-Term Persistence
15:36 : 2,800+ Hacked Websites Attacking MacOS Users With AMOS Stealer Malware
15:36 : Popular Instagram Blogger’s Account Hacked to Trick Users & Steal Banking Credentials
15:35 : M365 Copilot Chat & Office Apps Gets SafeLinks Protection at Time-of-Click of URL
15:35 : Microsoft Warns Default Helm Charts May Expose Kubernetes Apps to Data Leaks
15:35 : Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks
15:35 : Beware the Bundle: Companies Are Banking on Becoming Your Police Department’s Favorite “Public Safety Technology” Vendor
15:35 : What is DLP & Why It’s Not Enough to Stop Data Breaches Alone
15:35 : Why Your Security Team is Wasting 70% of Their Time on Phantom Threats And How to Fix It
15:35 : Infostealer Malware Soars 500% as 1.7 Billion Passwords Leak on Dark Web
15:35 : WhatsApp Balances AI Innovation with User Privacy Concerns
15:35 : Pune-Based Biopharma Company Hit by Ransomware Attack, Hackers Demand $80,000
15:35 : Do Not Charge Your Phone at Public Stations, Experts Warn
15:35 : Iran Claims it Thwarted Sophisticated Cyberattack on its Infrastructure
15:6 : Over 2,800 Hacked Websites Targeting MacOS Users with AMOS Stealer Malware
15:6 : DragonForce Ransomware: Redefining Hybrid Extortion in 2025
15:6 : How will enterprises handle changes in Exchange Server SE?
15:6 : Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
15:5 : Smishing Triad Upgrades Tools and Tactics for Global Attacks
14:34 : “Bits & Böses”: Staffel 2 des Tech-Crime-Podcasts startet
14:33 : App Used by Trump Adviser Suspends Services After Hack Taking ’15-20 Minutes’
14:33 : 1-15 January 2025 Cyber Attacks Timeline
14:33 : “Your privacy is a promise we don’t break”: Dating app Raw exposes sensitive user data
14:7 : Ransomware: Angreifer haben Oettinger-Brauerei erfolgreich attackiert
14:6 : AI vs. the Human Mind: The New Ransomware Playbook
14:6 : Microsoft Alerts That Default Helm Charts May Expose Kubernetes Apps to Data Leaks
14:6 : Hackers Bypass AI Filters from Microsoft, Nvidia, and Meta Using a Simple Emoji
14:6 : U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog
14:6 : Microsoft Reminds of Windows 10 To Reach End of Support – No More Security Updates
14:6 : Android Security Update – Critical Patch Released for Actively Exploited Vulnerability
14:6 : Hackers Using Fake Chrome Error Pages to Attack Windows Users With Malicious Scripts
14:6 : DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers
14:6 : 5 Critical MSSP Tasks Streamlined By Threat Intelligence
14:6 : Android fixes 47 vulnerabilities, including one zero-day. Update as soon as you can!
14:5 : New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims
14:5 : IT Security News Hourly Summary 2025-05-06 15h : 17 posts
13:34 : Persönliche Schutzausrüstung: Gefahr bei Modifizierungen
13:34 : Ransomware-Vorfall bei Oettinger-Brauerei
13:33 : OpenAI Backtracks, Says Non-Profit Will Remain In Control
13:33 : Ransomware Attacks on Food & Agriculture Industry Surge 100% – 84 Attacks in Just 3 Months
13:33 : Popular Instagram Blogger’s Account Hacked to Phish Users and Steal Banking Credentials
13:33 : Microsoft Dynamics 365 Customer Voice Phishing Scam
13:33 : How to securely attach an Apple AirTag to pretty much anything
13:33 : MIT researchers look to tame AI code with new controls
13:33 : RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
13:6 : Kriminalität: Entführer erpressen Kryptomillionäre
13:4 : Strengthening Cybersecurity in the Vulnerable Educational System
13:4 : Microsoft Resolves Group Policy Issue Blocking Windows 11 24H2 Installation
13:4 : Darcula PhaaS: 884,000 Credit Card Details Stolen from 13 Million Global User Clicks
13:4 : Initial Access Brokers Play a Vital Role in Modern Ransomware Attacks
13:4 : Hackers Targeting Schools and Universities in New Mexico with Cyber Attacks
13:4 : Microsoft 365 Copilot and Office Apps Now Protected by SafeLinks at Click Time
13:4 : InterSECt — The Fast Lane to a Secure Future Starts Here
13:3 : Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise
13:3 : Hacker Conversations: John Kindervag, a Making not Breaking Hacker
13:3 : Immersive delivers a team-based approach to application security training
13:3 : Webinar: Securely migrating to the cloud
12:33 : Studie: So viel Zeit ist 2025 zum Knacken eines Passworts nötig
12:32 : DragonForce Ransomware Targets Major UK Retailers, Including Harrods, Marks & Spencer, and Co-Op
12:32 : Mozilla VPN Review (2025): Features, Pricing, and Security
12:32 : US Charges Yemeni Man for Black Kingdom Ransomware Attacks
12:32 : Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches
12:32 : Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks
12:3 : (g+) Eigene Domain-Endung: Mehr Sicherheit für die IT-Infrastruktur
12:3 : CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
12:3 : New GPOHound Tool To Analyze Group Policy in Active Directory For Privilege Escalation Paths
12:3 : New ClickFix Attack Mimics Ministry of Defense Website to Attack Windows & Linux Machines
12:3 : Microsoft Fixes Group Policy Bug That Prevents Installation of Windows 11 24H2
11:34 : Signal meldet sich zu TeleMessage-Affäre zu Wort
11:34 : [NEU] [mittel] Linux Kernel: Mehrere Schwachstellen
11:34 : [UPDATE] [hoch] Google Chrome und Microsoft Edge: Mehrere Schwachstellen
11:34 : [UPDATE] [mittel] Ruby (CGI und URI gem): Mehrere Schwachstellen
11:34 : [UPDATE] [mittel] QEMU: Schwachstelle ermöglicht Denial of Service
11:34 : [UPDATE] [mittel] QEMU: Schwachstelle ermöglicht Offenlegung von Informationen
11:33 : New Cloud Vulnerability Data Shows Google Cloud Leads in Risk
11:33 : Google’s NotebookLM Introduces Voice Summaries in Over 50 Languages
11:33 : OpenAI Shifts For-Profit Branch to Public Benefit Corporation, Staying Under Nonprofit Oversight
11:33 : Fake Student Fraud in Community Colleges
11:32 : Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations
11:32 : Critical Vulnerability in AI Builder Langflow Under Attack
11:32 : Samsung MagicINFO Vulnerability Exploited Days After PoC Publication
11:32 : Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
11:5 : IT Security News Hourly Summary 2025-05-06 12h : 24 posts
11:4 : Cybersicherheit für die Luftfahrt: Wie sich der Schutz der Flughafen-IT verbessern soll
11:4 : Perplexity startet KI-Faktencheck für Whatsapp: So funktioniert es
11:4 : Metas KI-App wird zum Social-Media-Albtraum und Sicherheitsrisiko für Nutzer
11:3 : Mein Freund, der Chatbot: Was es mit uns macht, wenn wir mit KI sprechen
11:3 : 19 Milliarden gestohlene Passwörter analysiert: Diese gravierenden Fehler machen viele immer noch
11:2 : Android Security Update -A Critical RCE Vulnerability Actively Exploited in the Wild
11:2 : Google fixed actively exploited Android flaw CVE-2025-27363
10:33 : Konklave 2025: Zwei Techniker gegen “heimtückische” Spähversuche
10:33 : Verbraucherzentrale warnt: PC-Neukauf wegen Windows-10-Supportende belastet Umwelt
10:32 : Lampion Is Back With ClickFix Lures
10:32 : Waymo Partners Magna To Scale Up Jaguar I-PACE Fleet, With US Factory
10:32 : Entra ID Data Protection: Essential or Overkill?
10:32 : Darcula Phishing as a Service Operation Snares 800,000+ Victims
10:4 : GIMP: Schwachstelle ermöglicht Codeausführung
10:4 : [NEU] [mittel] GIMP: Schwachstelle ermöglicht Codeausführung
10:3 : Proactive threat hunting with Talos IR
10:3 : Hackers Exploit Fake Chrome Error Pages to Deploy Malicious Scripts on Windows Users
10:3 : New ‘Bring Your Own Installer (BYOI)’ technique allows to bypass EDR
10:2 : Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
9:34 : [NEU] [mittel] OpenBSD: Schwachstelle ermöglicht Denial of Service
9:34 : [NEU] [mittel] Red Hat Enterprise Linux: Mehrere Schwachstellen
9:33 : UK Retail Chains Targeted by Ransomware Attackers Claiming Data Theft
9:33 : Samsung MagicINFO 9 Server Vulnerability Actively Exploited in the Wild
9:33 : Threat Actor Evades SentinelOne EDR to Deploy Babuk Ransomware
9:33 : New ClickFix Attack Imitates Ministry of Defence Website to Target Windows & Linux Systems
9:32 : US Border Agents Are Asking for Help Taking Photos of Everyone Entering the Country by Car
9:32 : Beyond DDoS: The New Breed Of Layer 7 Attacks And How SMEs Can Outmaneuver Them
9:32 : Darcula (PhaaS) Stolen 884,000 Credit Card Details on 13 Million Clicks from Users Worldwide
9:32 : UK’s NCSC Offers Security Tips as Co-op Confirms Data Loss
9:5 : Android Patchday Mai 2025: Mehrere Schwachstellen
9:5 : Sicherheitslücken: IBM Business Automation Workflow kann Zugangsdaten leaken
9:5 : cURL-Maintainer: “Habe die Nase voll” – wegen KI-Bug-Reports
9:5 : Oettinger: Hacker attackieren große deutsche Brauerei mit Ransomware
9:5 : [NEU] [hoch] Android Patchday Mai 2025: Mehrere Schwachstellen
9:5 : [NEU] [mittel] IBM DB2: Mehrere Schwachstellen ermöglichen Denial of Service
9:5 : [NEU] [hoch] IGEL OS: Schwachstelle ermöglicht Privilegieneskalation
9:5 : [NEU] [mittel] BeyondTrust Privileged Remote Access: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
9:5 : [NEU] [niedrig] PyTorch: Schwachstelle ermöglicht Denial of Service
9:3 : Hackers Are Using AI to Steal Your Data—Here’s How to Protect Yourself
9:3 : Firefox’s Future Uncertain Without Google Search Deal, Insider Warns
9:3 : xAI API Key Leak Exposes Proprietary Language Models on GitHub
9:3 : TikTok Hit with €530 Million Fine Over Data Transfers to China
9:3 : Researcher Exploits Regex Filter Flaw to Gain Remote Code Execution
9:3 : PIVOTT Act Revived to Tackle Growing Cybersecurity Workforce Shortages
9:3 : As Vishing Gains Momentum, It’s Time to Fight Back
9:3 : Android Update Patches FreeType Vulnerability Exploited as Zero-Day
8:33 : [UPDATE] [hoch] http/2 Implementierungen: Schwachstelle ermöglicht Denial of Service
8:32 : Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
8:32 : Stealth Tunnels: The Dawn of Undetectable Remote Access
8:32 : Google Gemini Introduces Built-In Image Editing in App
8:32 : What a future without CVEs means for cyber defense
8:5 : IT Security News Hourly Summary 2025-05-06 09h : 11 posts
8:4 : Patchday: Angreifer attackieren Android 13 und 14 mit Schadcode
8:4 : Wie geht IT-Sicherheit für KMU? | Offizieller Blog von Kaspersky
8:3 : Why Modern Businesses Need Cyber Threat Intelligence
8:3 : New GPOHound Tool Analyzes Active Directory GPOs for Escalation Risks
8:3 : Threat Actor Bypass SentinelOne EDR to Deploy Babuk Ransomware
8:3 : UDP Vulnerability in Windows Deployment Services Allows 0-Click System Crashes
8:3 : PCI Compliance Is Not Just A Checkbox It’s A Live-Fire Security Test
8:3 : Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
7:33 : Priorisierung im Mobilfunk: BOS-Digitalfunk wird abgelöst
7:33 : Patchday: Systemkomponente in Android 13 und 14 lässt Schadcode passieren
7:33 : Anzeige: Kostenfreie Teilnahme am IT-Sicherheit-für-Webdev-Kurs
7:32 : Signal App Used by Trump Associate Targeted in Security Breach
7:32 : RSA helps organizations secure passwordless environments
7:32 : Signal clones, easyjson warning, UK retail hacker
7:2 : Smishing on a Massive Scale: ‘Panda Shop’ Chinese Carding Syndicate
7:2 : Over 1,200 SAP Instances Exposed to Critical Vulnerability Exploited in the Wild
7:0 : Google warnt: Gefährliche Android-Lücke wird aktiv ausgenutzt
6:33 : Python InfoStealer with Embedded Phishing Webserver, (Tue, May 6th)
6:33 : Critical Microsoft 0-Click Telnet Vulnerability Enables Credential Theft Without User Action
6:33 : Windows Deployment Services Hit by 0-Click UDP Flaw Leading to System Failures

Post navigation