IT Security News Daily Summary 2025-04-08 - IT Security News International (DE, EN)

210 posts were published in the last hour

21:34 : Your Ultimate Website QA Checklist
21:34 : April 2025 Patch Tuesday Analysis
21:34 : Windows CLFS Zero-Day Vulnerability Actively Exploited by Ransomware Group
21:4 : Medusa Ransomware Claims NASCAR Breach in Latest Attack
20:32 : UK’s Request to Keep Apple Privacy Case Secret Rejected
20:32 : Our Privacy Act Lawsuit Against DOGE and OPM: Why a Judge Let It Move Forward
20:5 : IT Security News Hourly Summary 2025-04-08 21h : 15 posts
19:35 : AI agents raise stakes in identity and access management
19:35 : Xanthorox AI: A New Breed of Malicious AI Threat Hits the Darknet
19:35 : Don’t open that JPEG in WhatsApp for Windows. It might be an .EXE
19:35 : Exploitation of CLFS zero-day leads to ransomware activity
19:35 : Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)
19:15 : Microsoft April 2025 Patch Tuesday, (Tue, Apr 8th)
19:14 : Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
19:14 : Microsoft April 2025 Patch Tuesday: Fixing 121 Vulnerabilities, Including a Critical Zero-Day
19:14 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
19:14 : Tax deadline threat: QuickBooks phishing scam exploits Google Ads
19:14 : Don’t open that JPEG sent to WhatsApp for Windows. It might be an .EXE
19:14 : Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
19:14 : Smishing Surge Expected in 2025 Driven by Sophisticated Phishing-as-a-Service Platform
19:14 : Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
18:35 : OpenSSL 3.5.0 enthält nun Post-Quanten-Verfahren
18:33 : WhatsApp for Windows Flaw Could Let Hackers Sneak In Malicious Files
18:33 : New GIFTEDCROOK Stealer Targets Government Organizations to Exfiltrate Sensitive Data
18:33 : Attackers Exploit SourceForge Platform to Distribute Malware
18:32 : Shopware Security Plugin Vulnerability Enables SQL Injection Attacks
18:32 : Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
18:32 : Boulanger – 966,924 breached accounts
18:32 : Windows Common Log File System 0-Day Vulnerability Exploited in the Wild
18:32 : Microsoft Patch Tuesday April 2025 – 121 Vulnerabilities Fixed Including Actively Exploited Zero-Day
18:8 : Microsoft April 2024 Patch Tuesday, (Tue, Apr 8th)
18:8 : 2024 Annual WordPress Security Report by Wordfence
18:8 : Vidar Stealer Uses New Deception Technique to Hijack Browser Cookies and Stored Credentials
18:7 : Why delaying software updates could cost you more than you think
18:7 : Adobe Calls Urgent Attention to Critical ColdFusion Flaws
18:7 : Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity
17:33 : Spionagesatelliten: Bundeswehr einigt sich mit OHB wegen Antennen-Panne
17:32 : 21 Countries Sign Onto Voluntary Pact to Stem the Proliferation of Spyware
17:32 : Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
17:32 : Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
17:13 : How Meta’s new teen accounts aim to keep your kids safer on Facebook
17:13 : Identity Fraud Costs Orgs Average of $7m Annually
17:5 : IT Security News Hourly Summary 2025-04-08 18h : 15 posts
16:37 : Elektronische Patientenakte: Lauterbach will ePA auf freiwilliger Basis ausdehnen
16:36 : What Is Patch Management? Definition, Process, Benefits, and Best Practices [UPDATED 2025]
16:36 : Patch Management vs. Vulnerability Management: A Comparison
16:36 : Six Patch Management Best Practices [Updated 2025]
16:36 : Patch management: Best practices, implementation, and tools
16:36 : Main Types of Patch Management: A Decision-Making Guide
16:36 : Fortinet Addresses Multiple Vulnerabilities in FortiAnalyzer, FortiManager, & Other Products
16:36 : Vidar Stealer With New Deception Technique to Steal Browser Cookies & Stored Credentials
16:36 : Zoom Workplace Apps Vulnerability Let Attackers Inject Malicious Script
16:36 : 26,000+ Discussions on Dark Web Forums Towards Hacking Financial Organizations
16:35 : New Red Team Technique “RemoteMonologue” Exploits DCOM To Gain NTLM Authentication Remotely
16:35 : Network Access Vendor Portnox Secures $37.5 Million Investment
16:7 : Zoom Workplace Apps Vulnerability Enables Malicious Script Injection Through XSS Flaws
16:7 : Google fixes two Android zero-day bugs actively exploited by hackers
16:7 : Octane Raises $6.75M for Smart Contract Security Tech
16:7 : 6 Cybersecurity Mistakes That Put Businesses at Risk
16:7 : Yoojo Exposes Millions of Sensitive Files Due to Misconfigured Database
16:7 : Russians Seize Malware-Infected Ukrainian Drones
16:7 : Google Releases April Android Update to Address Two Zero-Days
15:32 : Cyber Threat emerges from PDF files
15:32 : Fortinet Warns of Multiple Vulnerabilities in FortiAnalyzer, FortiManager, & Other Products
15:32 : WhatsApp fixed a spoofing flaw that could enable Remote Code Execution
15:32 : Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding
15:8 : Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities
15:8 : The default TV setting you should turn off ASAP – and why it makes a big difference
15:8 : What is a key risk indicator (KRI) and why is it important?
15:8 : Morphing Meerkat PhaaS Using DNS Reconnaissance To Generate Phishing Pages Based on Target
15:8 : OpenSSL 3.5.0 Released with Support for Post-Quantum Cryptography
15:8 : SAP April 2025 Security Update : Critical Code Injection Vulnerabilities Patched
15:8 : Developers Beware of Malicious VS Code Extension Apps With Million of Installations
15:8 : Fortinet Warns of FortiSwitch Vulnerability Let Attackers Modify Admin Passwords
15:7 : Google AI taken for a ride by April Fools’ Day joke
15:7 : DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks
15:7 : NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog
14:38 : Warum KI-Forscher so schnell wohl nicht arbeitslos werden
14:38 : Bisher nur im Browser verfügbar: Google spendiert praktischem KI-Dienst eigene App
14:38 : KI erobert die Charts: Sind menschliche Musiker bald überflüssig?
14:38 : Cyberattacke aus Russland: Deutsche Gesellschaft für Osteuropakunde im Visier
14:37 : Identity Management Day Expert Commentary
14:37 : What Microsoft Knows About AI Security That Most CISOs Don’t?
14:37 : Hacker Claims Oracle Cloud Breach, Threatens to Leak Data
14:37 : Malware Campaign Uses Fake CAPTCHAs, Tricks Online Users
14:37 : DragonForce Asserts Dominance Over RansomHub Ransomware Network
14:37 : Jit launches AI agents to ease AppSec workload
14:12 : The Critical Role of Telemetry Pipelines in 2025 and Beyond
14:11 : Threat Actor Leaked Data from Major Bulletproof Hosting Medialand
14:11 : Google to Patch 23-years Old Chrome Vulnerability That Leaks Browsing History
14:11 : NIST Will Mark All CVEs Published Before 01/01/2018 as ‘Deferred’
14:11 : Oracle Confirms that Hackers Broke Systems & Stole Client Login Credentials
14:11 : Threat Actors May Leverage CI/CD Environments to Gain Access To Restricted Resources
14:11 : OpenSSL 3.5 Final Release – Live
14:5 : IT Security News Hourly Summary 2025-04-08 15h : 25 posts
13:36 : Von Hotel bis Handel – Zutrittssicherheit mit Mehrwert
13:35 : Critical Linux RCE Vulnerability in CUPS ? What We Know and How to Prepare
13:35 : CISA Alerts on Actively Exploited CrushFTP Authentication Bypass Vulnerability
13:35 : Over 5,000 Ivanti Connect Secure Devices Exposed to RCE Vulnerabilities
13:35 : 6 Reasons to Visit Check Point at RSAC 2025
13:35 : 100 Days of YARA: Writing Signatures for .NET Malware
13:35 : SAP Patches Critical Code Injection Vulnerabilities
13:35 : The race to secure the AI/ML supply chain is on — get out front
13:35 : 11 cyber defense tips to stay secure at work and home
13:8 : HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials
13:7 : Threat Actors Exploit CI/CD Environments to Gain Unauthorized Access to Restricted Resources
13:7 : Malicious VS Code Extensions with Millions of Installs Put Developers at Risk
13:7 : Over 26,000 Dark Web Discussions Focused on Hacking Financial Organizations
13:7 : EFF, Civil Society Groups, Academics Call on UK Home Secretary to Address Flawed Data Bill
13:7 : Scattered Spider stops the Rickrolls, starts the RAT race
13:7 : Aurascape Banks Hefty $50 Million to Mitigate ‘Shadow AI’ Risks
12:36 : [UPDATE] [mittel] Apache Tomcat: Mehrere Schwachstellen
12:35 : Researchers demonstrate the UK’s first long-distance ultra-secure communication over a quantum network
12:35 : ESET Vulnerability Exploited for Stealthy Malware Execution
12:35 : Netskope One DLP On Demand enhances data security capabilities
12:16 : GIMP: Mehrere Schwachstellen ermöglichen Codeausführung
12:16 : ESET NOD32 Antivirus: Schwachstelle ermöglicht Codeausführung
12:16 : HCL: Sicherheitslücken in BigFix, DevOps und mehr Produkten
12:16 : Nebenbei kriminell: Doppelleben eines Sicherheitsforschers enttarnt
12:16 : [UPDATE] [mittel] Python: Mehrere Schwachstellen ermöglichen Manipulation von Dateien und Umgehung von Sicherheitsmaßnahmen
12:16 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifischen Angriff
12:16 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
12:16 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
12:16 : [UPDATE] [mittel] GIMP: Mehrere Schwachstellen ermöglichen Codeausführung
12:15 : NIST Declares Pre-2018 CVEs Will Be Labeled as ‘Deferred’
12:15 : Google to Patch 23-Year-Old Chrome Bug That Leaked Browsing History
12:15 : SAP April 2025 Update Fixes Critical Code Injection Vulnerabilities
12:14 : Oracle Confirms Breach: Hackers Stole Client Login Credentials
12:14 : How to Use a VPN: 4 Easy Steps to Get Started
12:14 : Google Patched Android 0-Day Vulnerability Exploited in the Wild
12:14 : Linux 6.15-rc1 Released With Major Driver Update & Perfomance Boost
12:14 : Nissan Leaf Vulnerability Exploited to Gain Control Over the Car Remotely
12:14 : Subwiz – New AI-powered Recon Tool to Hunt for Hidden Subdomains
12:14 : Google fixes two actively exploited zero-day vulnerabilities in Android
12:14 : Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security
12:14 : Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges
11:40 : Datennutzung statt Datenschutz?!
11:39 : Arguing Against CALEA
11:39 : UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
11:39 : Agentic AI in the SOC – Dawn of Autonomous Alert Triage
11:39 : CISA Warns of CrushFTP Vulnerability Exploitation in the Wild
11:10 : ToddyCat: Malware nutzt Sicherheitsleck in Antivirensoftware
11:10 : [NEU] [UNGEPATCHT] [hoch] Red Hat JBoss Enterprise Application Platform und WildFly: Schwachstelle ermöglicht Codeausführung
11:10 : [NEU] [mittel] libxml2: Schwachstelle ermöglicht Manipulation von Dateien
11:10 : [NEU] [UNGEPATCHT] [mittel] TianoCore EDK2: Schwachstelle ermöglicht Offenlegung von Informationen
11:10 : [NEU] [hoch] Linux Kernel: Mehrere Schwachstellen
11:10 : [NEU] [mittel] Red Hat Enterprise Linux: Mehrere Schwachstellen
11:9 : Year in Review: Key vulnerabilities, tools, and shifts in attacker email tactics
11:9 : Attackers distributing a miner and the ClipBanker Trojan via SourceForge
11:9 : Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
11:9 : The Web application Penetration Testing Tools That Actually Works
11:9 : Ontinue empowers organizations to mitigate phishing threats
11:5 : IT Security News Hourly Summary 2025-04-08 12h : 20 posts
10:36 : CATL ‘In Talks’ For Controlling Stake In Nio’s Power Unit
10:36 : China’s YMTC Publishes Memory Patent Applications
10:36 : Online Gaming Risks and How to Avoid Them
10:36 : Google Releases April 2025 Android Security Patch Addressing Actively Exploited Vulnerabilities
10:36 : Everest ransomware group’s Tor leak site offline after a defacement
10:35 : Android Update Patches Two Exploited Vulnerabilities
10:10 : Samsung Android: Mehrere Schwachstellen
10:10 : Hacker hacken Hacker: Darknet-Website einer Cyberbande plötzlich entstellt
10:10 : [NEU] [hoch] Dell PowerScale OneFS: Mehrere Schwachstellen
10:10 : [NEU] [hoch] Samsung Android: Mehrere Schwachstellen
10:10 : [NEU] [niedrig] Axis Axis OS: Schwachstelle ermöglicht Offenlegung von Informationen
10:10 : [NEU] [hoch] WebKitGTK und WPE WebKit: Mehrere Schwachstellen
10:7 : Vishing: The voice scam you need to know about
9:40 : Android Patchday April 2025: Mehrere Schwachstellen
9:40 : [NEU] [hoch] Android Patchday April 2025: Mehrere Schwachstellen
9:40 : [NEU] [mittel] Red Hat Ansible Automation Platform: Schwachstelle ermöglicht Offenlegung von Informationen
9:37 : US Power Utilities Receive Massive AI Data Centre Requests
9:37 : BYD Launches Luxury Denza EV Brand In Europe
9:37 : How CEOs Can Embrace GenAI for Business Growth
9:37 : CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
9:36 : Boards Urged to Follow New Cyber Code of Practice
9:20 : [NEU] [hoch] SAP Patchday April 2025: Mehrere Schwachstellen
9:20 : [NEU] [mittel] Graylog: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
9:20 : [NEU] [mittel] IBM App Connect Enterprise: Schwachstelle ermöglicht Denial of Service
9:20 : [NEU] [mittel] PowerDNS: Schwachstelle ermöglicht Denial of Service
9:17 : What Business Leaders Need to Know to Prevent Tax Identity Fraud in 2025
9:16 : Linux 6.15-rc1 Released: Better Drivers, Faster Performance
9:16 : Hackers Abuse Windows .RDP Files to Launch Unauthorized Remote Desktop Sessions
9:16 : Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages
9:16 : Threat Actor Leaks Data from Major Bulletproof Hosting Provider Medialand
9:16 : Kelloggs Data Breach – Hackers Breached the Servers and Stolen Data
9:16 : ANY.RUN’s Enhanced Threat Intelligence Feeds With Unique IOC for SOC/DFIR Teams
9:16 : Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks
8:38 : ChatGPT und Rezepte: Warum die KI nicht erkennt, was lecker ist
8:38 : Patchday: Google warnt vor Attacken auf Android-Geräte
8:34 : Singapore Banks Hit By Ransomware Data Breach
8:34 : Microsoft Ends Projects With Wicresoft In China
8:34 : Google Patches Actively Exploited Android 0-Day Vulnerability
8:34 : Google fixed two actively exploited Android zero-days
8:7 : Android-Patchday: Angreifer nutzen Lücken im USB-Audio-Treiber aus
8:5 : IT Security News Hourly Summary 2025-04-08 09h : 5 posts
7:35 : SAP-Patchday: 18 Schwachstellenmeldungen, einige sind kritisch
7:35 : Spionage möglich: Google patcht teils aktiv ausgenutzte Android-Lücken
7:32 : Kellogg’s Servers Breached, Hackers Steal Sensitive Data
7:32 : PoC Exploit Released for Yelp Flaw that Exposes SSH Keys on Ubuntu Systems
7:32 : Qevlar Raises $14M to Lead the Agentic AI Revolution
7:32 : Apple encryption appeal, Xanthorox AI tool, weaponizing CRM
7:9 : Vorbereitung auf Betriebsunterbrechungen und Krisen
7:6 : Can a DDoS Cyber Attack Lead to Political Warfare?
7:6 : Xanthorox AI: New Automated Hacking Tool Surfaces on Hacker Forums
7:6 : PowerDMARC to showcase email security advancements at RSAC 2025
6:37 : CrushFTP: Neuer CVE-Eintrag und Details zu attackierter Schwachstelle
6:34 : Cyber Attacks make UK SMEs loose £3.4 billion a year
6:34 : Apollo Router Vulnerability Enables Resource Exhaustion via Optimization Bypass
6:11 : WhatsApp for Windows Flaw Allowed Remote Code Execution via File Attachments
6:11 : WhatsApp Vulnerability Let Attackers Execute Malicious Code Via Attachments
5:35 : Anzeige: Künstliche Intelligenz strategisch und sicher im Unternehmen


10.4K	8K	100+	500+

Related

Post navigation