IT Security News Daily Summary 2025-07-21

167 posts were published in the last hour

• 21:34 : Google just teased its new flagship phone early – Here’s what we’ve gathered
• 21:7 : UNG0002 Deploys Weaponized LNK Files with Cobalt Strike and Metasploit to Target Organizations
• 21:7 : Risk prediction models: How they work and their benefits
• 20:35 : ToolShell: Details of CVEs Affecting SharePoint Servers
• 20:35 : Hackers Hit Microsoft SharePoint Servers Worldwide
• 20:35 : DeerStealer Malware Spread Through Weaponized .LNK and LOLBin Tools
• 20:5 : Beware of npm Phishing Emails Targeting Developer Credentials
• 20:5 : Threat Actors Compromise Popular npm Packages to Steal Maintainers’ Tokens
• 20:5 : This is the soundbar I recommend for deeply immersive audio – and now it’s $600 off
• 20:5 : Another massive security snafu hits Microsoft, but don’t expect it to stick
• 20:5 : Back-to-school cyber safety: Parent checklist
• 20:5 : Hackers exploiting SharePoint zero-day seen targeting government agencies
• 20:5 : IT Security News Hourly Summary 2025-07-21 21h : 4 posts
• 19:32 : MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict
• 19:32 : Threat Actors Leverage Zoho WorkDrive Folder to Deliver Obfuscated PureRAT Malware
• 19:32 : NailaoLocker Ransomware Attacking Windows Systems Using Chinese SM2 Cryptographic Standard
• 19:10 : APT41 Hackers Exploiting Atexec and WmiExec Windows Modules for Malware Deployment
• 19:9 : Cybercriminals Use Zoho WorkDrive Folders to Spread Obfuscated PureRAT Malware
• 19:9 : I replaced my work PC with this Dell laptop, and it was one of my best decisions
• 19:9 : How WIRED Analyzed the Epstein Video
• 18:34 : World Leaks Claims Dell Data Breach, Leaks 1.3 TB of Files
• 18:34 : Software Supply Chain Security Regulations From a DevSecOps Perspective
• 18:34 : Flickering lights? Blown breakers? Your home needs more power – here’s what to do
• 18:34 : Too hot to mow? I tested a robot lawn mower with no boundary wire (and now it’s on sale)
• 18:3 : Attackers Can Exploit Lighthouse Studio RCE Bug to Gain Server Access
• 18:3 : OpenAI wins gold at prestigious math competition – why that matters more than you think
• 18:3 : Inside the Heimdal Labs Deep Dive: A Closer Look at Remote Access Protection
• 18:3 : China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
• 18:3 : Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
• 17:32 : KAWA4096 Ransomware Employs WMI Techniques to Delete Backup Snapshots
• 17:32 : I tested this 9-in-1 off-grid portable power station that claims a 17-year lifespan – here’s my verdict
• 17:32 : Netflix just revealed AI-generated footage in a popular show for the first time – did you spot it?
• 17:5 : IT Security News Hourly Summary 2025-07-21 18h : 7 posts
• 17:3 : AI-Powered Cloaking Tools Help Threat Actors Hide Malicious Domains from Security Scans
• 17:3 : Why the LG C5 OLED is still a favorite TV of mine, especially at $700 off
• 16:37 : Fake npm Website Used to Push Malware via Stolen Token
• 16:37 : 8 ways I quickly leveled up my Linux skills – and you can too
• 16:37 : Tired of AI images online? This search engine lets you hide them from results now
• 16:37 : Need a new laptop for the office? Save $500 on the Dell 16 Plus and improve your workflow
• 16:37 : Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack
• 16:37 : Ukrainian Hackers Claim Major Cyberattack on Russian Drone Manufacturer
• 16:37 : Vulnerability Summary for the Week of July 14, 2025
• 16:37 : Iranian Hackers Deploy New Android Spyware Version
• 16:6 : SharePoint Zero-Day CVE-2025-53770 Actively Exploited: What Security Teams Need to Know
• 16:6 : I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about
• 16:6 : 8 ways I quickly leveled-up my Linux skills – and you can too
• 16:6 : Weak Password Let Ransomware Gang Destroy 158-Year-Old Company
• 16:5 : Microsoft’s AppLocker Flaw Allows Malicious Apps to Run and Bypass Restrictions
• 16:5 : Accounting Firm Targeted by Malware Campaign Using New Crypter
• 16:5 : Fake Receipt Generators Fuel Rise in Online Fraud
• 15:37 : Microsoft SharePoint attacks target on-premises servers
• 15:37 : Hackers Use DNS Records to Hide Malware and AI Prompt Injections
• 15:37 : Healthcare Firms Face Major Threats from Risk Management and Legacy Tech, Report Finds
• 15:6 : These XR glasses gave me a 135-inch screen to work from while traveling (and now they’re on sale)
• 15:6 : This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap
• 15:6 : Why I highly recommend the M4 MacBook Air to most people (and now it’s on sale)
• 15:5 : Microsoft Fix Targets Attacks on SharePoint Zero-Day
• 14:35 : Snake Keylogger Uses Persistence via Scheduled Tasks to Steal Login Data Undetected
• 14:35 : Microsoft fixes two SharePoint zero-days under attack, but it’s not over – how to patch
• 14:35 : I found a tablet that could replace my iPad and Kindle – and it’s worth every penny
• 14:35 : Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying
• 14:35 : Ditch your Dyson: This cordless stick vacuum cleans my home more effectively (and it’s 26% off)
• 14:35 : The best CRM software with email marketing in 2025: Expert tested and reviewed
• 14:34 : Surveillance Company Using SS7 Bypass Attack to Track the User’s Location Information
• 14:5 : IT Security News Hourly Summary 2025-07-21 15h : 10 posts
• 14:4 : Researchers Release PoC Exploit for High-Severity NVIDIA AI Toolkit Bug
• 14:4 : This lightweight Linux distro makes switching from Windows 10 easy
• 14:4 : Don’t miss your chance to exhibit at TechCrunch Disrupt 2025
• 14:4 : Hackers Exploiting Microsoft Flaw to Attack Governments, Businesses
• 13:33 : Independent Tests Prove It: Check Point’s SASE Excels in Security & User Experience
• 13:33 : I found the perfect card reader that has it all – it even doubles as a storage box
• 13:33 : I tested Samsung’s Galaxy Z Fold 7, and it became my new favorite foldable (despite the limitations)
• 13:33 : Installing apps on Linux? 4 ways it’s different than any other OS – and mistakes to avoid
• 13:33 : U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog
• 13:33 : CISA Warns of Microsoft SharePoint Server 0-Day RCE Vulnerability Exploited in Wild
• 13:33 : Dell Data Breach – Test Lab Platform Hacked by World Leaks Group
• 13:33 : APT41 Hackers Leveraging Atexec and WmiExec Windows Modules to Deploy Malware
• 13:33 : “Ring cameras hacked”? Amazon says no, users not so sure
• 13:33 : Iranian APT Targets Android Users With New Variants of DCHSpy Spyware
• 13:7 : Why Customer Experience Is the New Battleground in Zero Trust
• 13:7 : What is a CISO (chief information security officer)?
• 13:7 : New zero-day bug in Microsoft SharePoint under widespread attack
• 13:7 : Indian crypto exchange CoinDCX confirms $44 million stolen during hack
• 13:7 : New CrushFTP Critical Vulnerability Exploited in the Wild
• 12:32 : My 8 ChatGPT Agent tests produced only 1 near-perfect result – and a lot of alternative facts
• 12:32 : Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
• 12:6 : PHP PDO Flaw Allows Attackers to Inject Malicious SQL Commands
• 12:6 : Four new Android spyware samples linked to Iran’s intel agency
• 12:6 : New KAWA4096’s Ransomware Leverages Windows Management Instrumentation to Delete Shadow Copies
• 12:6 : Livewire Vulnerability Exposes Millions of Laravel Apps to Remote Code Execution Attacks
• 12:6 : Lighthouse Studio RCE Vulnerability Let Attackers Gain Access to Hosting Servers
• 12:6 : Marketing, Law Firms Say Data Breaches Impact Over 200,000 People
• 12:6 : Assessing the Role of AI in Zero Trust
• 12:5 : ⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
• 11:32 : Microsoft Confirms Hackers Exploiting SharePoint Flaws, Patch Now
• 11:32 : Surveillance Firm Exploits SS7 Flaw to Track User Locations
• 11:32 : Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks
• 11:32 : Another Supply Chain Vulnerability
• 11:32 : The Overlooked Risk in AI Infrastructure: Physical Security
• 11:5 : How quickly do we patch? A quick look from the global viewpoint, (Mon, Jul 21st)
• 11:5 : Google Patched A Chrome Zero-Day That Allowed Sandbox Escape
• 11:5 : GameForge AI Hackathon 2025: Building the Bridge Between Natural Language and Game Creation
• 11:5 : CoinDCX Hack Leads to $44.2 Million Loss
• 11:5 : IT Security News Hourly Summary 2025-07-21 12h : 7 posts
• 10:37 : Microsoft Bars China Tech Support From US Military After Critical Report
• 10:37 : New GhostContainer Malware Hits High-Value MS Exchange Servers in Asia
• 10:37 : Why Agentic Security Doesn’t Mean Letting Go of Control
• 10:37 : HPE Warns of Aruba Hardcoded Credentials Allowing Attackers to Bypass Device Authentication
• 10:37 : CoinDCX Hacked – $44.2 million Wiped off From the Platform
• 10:37 : Securing Revenue Data in the Cloud: Compliance and Trust in a Digital Age
• 10:37 : UK Tax Fraud Scheme Uncovered Following Arrests in Romania
• 10:8 : Cyber-Attack Group Targets Singapore Infrastructure
• 10:8 : The Breach of Trust: What the Alleged Apple iPhone Theft Says About Tech Espionage in 2025
• 10:8 : GIGABYTE’s new AI PCs are slim, multitasking powerhouses for professionals
• 10:8 : Is your house power-starved? Why the extra juice might be worth the squeeze
• 10:7 : Surveillance Firm Bypasses SS7 Protections to Retrieve User Location
• 10:7 : Microsoft: Attackers Actively Compromising On-Prem SharePoint Customers
• 9:32 : UBTech Humanoid Robot Changes Own Battery
• 9:32 : The SOC files: Rumble in the jungle or APT41’s new target in Africa
• 9:5 : Microsoft AppLocker Flaw Lets Malicious Apps Bypass Security Restrictions
• 9:5 : Microsoft Released Emergency Security Update to Patch Critical SharePoint 0-Day Vulnerability
• 9:5 : Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers
• 9:5 : 750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service
• 9:5 : Cybersecurity Isn’t Just an IT Line Item — It’s a Business Imperative
• 8:33 : Co-op Boss Says All 6.5m Members Had Data Stolen
• 8:32 : US Lawmaker Dissents As Nvidia Set To Resume China AI Shipments
• 8:32 : Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
• 8:32 : SharePoint zero-day CVE-2025-53770 actively exploited in the wild
• 8:32 : Rumble in the jungle: APT41’s new target in Africa
• 8:5 : Exploring Netstalking: Hidden Internet Gems
• 8:5 : A week in security (July 14 – July 20)
• 8:5 : Exploited CrushFTP Zero-Day Provides Admin Access to Servers
• 8:5 : The Expiring Trust Model: CISOs Must Rethink PKI in the Era of Short-Lived Certificates and Machine Identity
• 8:5 : IT Security News Hourly Summary 2025-07-21 09h : 8 posts
• 7:35 : Top Brass At Meta Settle Shareholder Lawsuit
• 7:35 : CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
• 7:35 : Alaska Airlines grounded itself due to mysterious IT problem
• 7:35 : PoC Exploit Released for Critical NVIDIA AI Container Toolkit Vulnerability
• 7:35 : New PoisonSeed Attack Let Attackers Trick Users into Scanning a QR Code with an MFA Authenticator
• 7:35 : Who’s Watching You? FBI IG Looks to Plug Holes in Ubiquitous Technical Surveillance
• 7:35 : Aruba password warning, SharePoint zero day, Russian vodka maker attacked
• 7:35 : NPM Linter Packages Hijacked, Microsoft’s China Issue, and AI in Phishing Attacks: Cybersecurity Today:
• 7:3 : 7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems
• 7:2 : I still prefer my Google Pixel 9 Pro over the expensive flagships – and it’s not even close
• 7:2 : PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
• 6:36 : Alaska Airlines grounds itself due to mysterious IT problem
• 6:7 : Japan discovers object out beyond Pluto that rewrites the Planet 9 theory
• 6:7 : New 7-Zip Vulnerability Enables Weaponized RAR5 File to Crash Your System
• 6:7 : World Health Organization CISO on securing global health emergencies
• 6:7 : How to land your first job in cybersecurity
• 5:34 : SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
• 5:34 : PoisonSeed Attack Tricks Users into Scanning Malicious MFA QR Codes
• 5:34 : Calico: Open-source solution for Kubernetes networking, security, and observability
• 5:5 : CrushFTP 0-Day Vulnerability Actively Exploited to Breach Servers
• 5:5 : Cyber turbulence ahead as airlines strap in for a security crisis
• 4:34 : 3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics
• 4:34 : Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
• 4:34 : Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
• 4:7 : New 7-Zip Vulnerability Enables Malicious RAR5 File to Crash Your System
• 4:7 : Are your employees using Chinese GenAI tools at work?
• 2:5 : IT Security News Hourly Summary 2025-07-21 03h : 1 posts
• 2:2 : ISC Stormcast For Monday, July 21st, 2025 https://isc.sans.edu/podcastdetail/9534, (Mon, Jul 21st)
• 2:2 : 5 tips for building foundation models for AI
• 0:32 : Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack
• 23:5 : IT Security News Hourly Summary 2025-07-21 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 29
• 22:55 : IT Security News Daily Summary 2025-07-20