IT Security News Daily Summary 2025-06-25

210 posts were published in the last hour

• 21:35 : ‘They’re Not Breathing’: Inside the Chaos of ICE Detention Center 911 Calls
• 21:34 : Citrix bleeds again: This time a zero-day exploited – patch now
• 21:34 : Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)
• 21:6 : TWA 7b: James Webb entdeckt erstmals einen Exoplaneten
• 21:5 : What It Really Means to “Try Harder”
• 20:37 : New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
• 20:37 : Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky’ Document Practices
• 20:37 : US Warns of Iranian Cyber Threats as Tensions Rise Over Middle East Conflict
• 20:37 : Facial recognition: Where and how you can opt out
• 20:5 : IT Security News Hourly Summary 2025-06-25 21h : 20 posts
• 20:4 : US Bipartisan Bill Seeks To Block Chinese AI In Federal Agencies
• 20:4 : Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
• 20:4 : Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests
• 20:4 : Protect Your Privacy: Best Secure Messaging Apps in 2025
• 20:4 : Taiwan Is Rushing to Make Its Own Drones Before It’s Too Late
• 20:4 : Telegram Purged Chinese Crypto Scam Markets—Then Watched as They Rebuilt
• 19:34 : BreachForums: Fünf Admins des Darknet-Datenmarktplatzes in Frankreich in Haft
• 19:32 : A Deep Dive into a Modular Malware Family
• 19:32 : INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa
• 19:32 : Hackers deploy fake SonicWall VPN App to steal corporate credentials
• 19:32 : Amazon’s Ring can now use AI to ‘learn the routines of your residence’
• 19:3 : North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages
• 19:3 : How Avast’s free AI-powered Scam Guardian protects you from online con artists
• 19:3 : AI Deepfake Scams Surge: Over $200 Million Lost in Just Three Months
• 19:3 : CISA Adds Three Known Exploited Vulnerabilities to Catalog
• 18:41 : PNG ist zurück: Bildformat erhält nach mehr als 20 Jahren ein Upgrade
• 18:40 : Russia Frees REvil Hackers, Despite Guilty Pleas
• 18:40 : Five Hackers Behind Notorious Data Selling Platform BreachForums Arrested
• 18:40 : New BRAODO Stealer Campaign Abuses GitHub To Host Payloads And Evade Detection
• 18:40 : Beyond Backup: How Coveware is Revolutionizing Veeam’s Ransomware Defense
• 18:40 : The Era of Agentic Security with Microsoft Security Copilot
• 18:39 : RedirectionGuard: Mitigating unsafe junction traversal in Windows
• 18:11 : Open EarRing: Komfort trifft Technik – aber Vorsicht mit den Touch-Bedienelementen!
• 18:10 : Threat Brief: Escalation of Cyber Risk Related to Iran
• 18:10 : Provider-Agnostic OIDC Auth Flow for Your Apps (PyJWT + FastAPI)
• 18:10 : Chart Your SASE Transformation with Prisma SD-WAN
• 18:10 : Supply chain attacks surge with orgs ‘flying blind’ about dependencies
• 18:10 : Computer vision research feeds surveillance tech as patent links spike 5×
• 18:10 : Vulnerability Summary for the Week of June 16, 2025
• 18:10 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 18:9 : Microsoft Named a Leader in the 2025 IDC CNAPP MarketScape: Key Takeaways for Security Buyers
• 17:37 : Sam Altman Admits Speaking With Microsoft’s Nadella Over Partnership
• 17:36 : Why AI scam protection is more important than ever
• 17:36 : Anthropic just made every Claude user a no-code app developer
• 17:36 : New Malware Spotted in The Wild Using Prompt Injection to Manipulate AI Models Processing Sample
• 17:36 : Air India Express Flight Returns Mid-Air After Suspected GPS Spoofing Near Jammu Border
• 17:36 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 17:36 : nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
• 17:5 : IT Security News Hourly Summary 2025-06-25 18h : 17 posts
• 16:34 : LinuxFest Northwest: Securing Your Web Server
• 16:34 : Fortanix Adds Dashboard to Better Prioritize Remediation Efforts for PQC Era
• 16:34 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 16:34 : Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
• 16:5 : What is single sign-on (SSO)?
• 16:5 : Multiple Brother Devices Vulnerabilities Open Devices for Hacking
• 16:5 : Beware of Weaponized Wedding Invite Scams That Deploys SpyMax RAT on Android Devices
• 16:5 : French cybercrime police arrest five suspected BreachForums admins
• 16:5 : Jailbroken Mistral And Grok Tools Are Used by Attackers to Build Powerful Malware
• 16:5 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 16:5 : Hackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in Africa
• 15:36 : ispace Blames Laser for Moon Crash Landing
• 15:35 : Threat Actors Distribute Compromised SonicWall SSL VPN NetExtender to Steal Sensitive Data
• 15:35 : Enterprises must rethink IAM as AI agents outnumber humans 10 to 1
• 15:35 : European Cybersecurity Leader Heimdal Partners with Montreal’s Fusion Cyber Group for Canadian Market Expansion
• 15:35 : Fortinet Partners with FIRST on New Initiative to Build Global Cyber Capacity
• 15:35 : Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild
• 15:35 : North Korean Hackers as Recruiters Attacking Developers With 35 New Malicious npm Packages
• 15:35 : INTERPOL Warns of Sharp Rise in Cyber Attacks Targeting Western and Eastern Africa
• 15:35 : From Insight to Action: How Tenable One KPIs Drive Exposure Management Success
• 15:35 : CISA Warns of Renewed Exploits Targeting TP-Link Routers with Critical Flaws
• 15:35 : Scania Targeted in Extortion Attempt Following Data Breach
• 15:35 : New Malicious Python Package Found Stealing Cloud Credentials
• 15:35 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 15:6 : Have Fun Teaching – 27,126 breached accounts
• 15:6 : Robinsons Malls – 195,597 breached accounts
• 15:6 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 15:6 : NSA and CISA Urge Adoption of Memory Safe Languages for Safety
• 14:35 : Bumble Axes 30 Percent Of Global Workforce
• 14:35 : AI Agents Are Creating Insider Security Threat Blind Spots, Research Finds
• 14:34 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 14:5 : IT Security News Hourly Summary 2025-06-25 15h : 11 posts
• 14:5 : Ausländische Einflussoperation: Angriffe auf Iran lassen Bots verstummen
• 14:4 : Hacktivist Groups Target U.S. Companies and Military Domains in Retaliation for Iran Attacks
• 14:4 : NetNerve – AI Powered PCAP Analysis to Detect Anomalies & Potential Threats
• 14:4 : Windows 11 Update Configuration Hangs During Update Scanning
• 14:4 : Kubernetes NodeRestriction Vulnerability Allows Nodes to Bypass Resource Allocation Checks
• 14:3 : Hacktivist Groups Attacking U.S. Companies & Military Domains Following Attacks on Iran
• 14:3 : Threat Actors Distribute Hacked Version of SonicWall’s SSL VPN NetExtender to Steal Sensitive Data
• 14:3 : Thousands of SaaS Apps Could Still Be Susceptible to nOAuth
• 14:3 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 14:3 : Tines allows teams to choose the right AI level for any workflow
• 14:3 : Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
• 13:38 : Wer entscheidet 2025 über die Erhöhung des Mindestlohns?
• 13:36 : Keep Your Tech FLAME Alive: Akamai Trailblazer Maite Vitar
• 13:36 : Windows 11 Configuration Bug Freezes Update Scanning Process
• 13:36 : Firefox 140 Launches with Critical Code Execution Bug Fix – Update Now
• 13:36 : Educated Manticore Reemerges: Iranian Spear-Phishing Campaign Targeting High-Profile Figures
• 13:36 : AI Evasion: The Next Frontier of Malware Techniques
• 13:36 : Frost & Sullivan Report Validates Value of Consolidated Security
• 13:36 : Welcome to the New Cyber Battleground
• 13:36 : Post-Quantum Cryptography Implementation Enterprise-Readiness Analysis
• 13:36 : Many data brokers are failing to register with state consumer protection agencies
• 13:36 : Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears
• 13:36 : LapDogs Campaign Shows Chinese Groups’ Growing Use of ORB Networks
• 13:36 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 13:36 : Stellar Cyber updates MITRE ATT&CK Aligned Coverage Analyzer
• 13:36 : Mitiga Helios AI accelerates alert triage and incident response for SecOps teams
• 13:35 : Fortanix PQC Central boosts post-quantum readiness
• 13:35 : Microsoft nOAuth Flaw Still Exposes SaaS Apps Two Years After Discovery
• 13:7 : Weiteres Update-Debakel: Android TV 14 für Chromecast mit Google TV erneut fehlerhaft
• 13:6 : The Road Trip of Threat Modeling: A Journey to Efficiency, Effectiveness, And Value
• 13:6 : Does your generative AI protect your privacy? New study ranks them best to worst
• 13:6 : Ring’s new generative AI feature is here to answer your ‘who’s there?’ or ‘what was that?’ questions
• 13:6 : Ring cameras and doorbells now use AI to provide specific descriptions of motion activity
• 13:6 : ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
• 13:6 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 13:5 : OpenRouter raises $40 million to simplify AI model overload
• 13:5 : SAP GUI Input History Found Vulnerable to Weak Encryption
• 12:35 : ChatGPT bringt KI-Bilder direkt in euren Whatsapp-Chat
• 12:34 : Realtek Bluetooth Flaw Allows Attackers to Launch DoS Attacks During Pairing
• 12:33 : Authorization sprawl: Attacking modern access models
• 12:33 : I’ve Seen Things, pt II
• 12:33 : Program Execution, follow-up
• 12:33 : Chrome Security Update: Patch for 11 Vulnerabilities Enabling Malicious Code Execution
• 12:33 : Threat Actors Poison Search Results & Exploits Popularity of ChatGPT and Luma AI to Deliver Malicious Payloads
• 12:33 : CISA Releases Guide to Reduce Memory Safety Vulnerabilities in Modern Software Development
• 12:33 : Critical Kibana Vulnerabilities Allows Heap Corruption and Remote Code Execution
• 12:33 : Hackers Abuse ConnectWise to Hide Malware
• 12:33 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 12:5 : Mozilla Firefox: Mehrere Schwachstellen
• 12:5 : Google Chrome: Mehrere Schwachstellen
• 12:4 : Handoff für Android? Google plant eine Funktion, die dem Ökosystem bisher fehlte
• 12:4 : Microsoft bietet ein weiteres Jahr kostenlosen Support für Windows 10 – mit einem Haken
• 12:4 : [UPDATE] [mittel] Gitea: Mehrere Schwachstellen
• 12:4 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen
• 12:4 : [NEU] [mittel] Google Chrome: Mehrere Schwachstellen
• 12:3 : Chrome Releases Security Patch for 11 Code Execution Vulnerabilities
• 12:3 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 12:3 : Windows 10: How to get security updates for free until 2026
• 11:36 : Silicon UK In Focus Podcast: From Data to Decisions
• 11:36 : Tesla Robotaxis Catch Attention Of Federal Safety Regulators
• 11:36 : Threat Actors Manipulate Search Results, Exploit ChatGPT and Luma AI Popularity to Deliver Malicious Payloads
• 11:36 : CISA Publishes Guide to Address Memory Safety Vulnerabilities in Modern Software Development
• 11:36 : Mainline Health Systems data breach impacted over 100,000 individuals
• 11:36 : What LLMs Know About Their Users
• 11:35 : New Vulnerabilities Expose Millions of Brother Printers to Hacking
• 11:35 : SonicWall Warns of Trojanized NetExtender Stealing User Information
• 11:35 : How to Tame Your Multi-Cloud Attack Surface with Pentesting
• 11:35 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 11:35 : Beware the Hidden Risk in Your Entra Environment
• 11:35 : Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
• 11:5 : IT Security News Hourly Summary 2025-06-25 12h : 17 posts
• 11:4 : Akamai Reveals New Strategies for Defenders to Combat Cryptominer Attacks
• 11:4 : NetNerve: AI-Powered Tool for Deep PCAP Threat Detection
• 11:3 : Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization
• 11:3 : Linux CentOS Web Panel Vulnerability Let Attackers Execute Malicious Remote Code – PoC Released
• 11:3 : Code Execution Vulnerability Patched in GitHub Enterprise Server
• 11:3 : Why Sincerity Is a Strategic Asset in Cybersecurity
• 11:3 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 11:3 : Mastercard adds secure on-chain access to crypto
• 11:3 : Ransomware Attacks Dip in May Despite Persistent Retail Targeting
• 10:34 : Moodle: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:34 : [NEU] [hoch] Podman: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:34 : [NEU] [mittel] TeamViewer: Schwachstelle ermöglicht Privilegieneskalation
• 10:34 : [NEU] [niedrig] Moodle: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:34 : [NEU] [mittel] Hitachi Energy Relion 650/670 series: Mehrere Schwachstellen ermöglichen Denial of Service
• 10:34 : [NEU] [mittel] Red Hat Enterprise Linux: Schwachstelle ermöglicht Codeausführung
• 10:33 : APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications
• 10:33 : Incogni vs. DeleteMe: Which service removes your personal data best?
• 10:33 : Disrupting the operations of cryptocurrency mining botnets
• 10:33 : AI and collaboration tools: how cyberattackers are targeting SMBs in 2025
• 10:33 : Chrome 138, Firefox 140 Patch Multiple Vulnerabilities
• 10:32 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 10:6 : Admin-Attacken auf HPE OneView für VMware vCenter möglich
• 10:6 : [NEU] [hoch] Gogs: Mehrere Schwachstellen
• 10:6 : [NEU] [mittel] NetBox: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
• 10:6 : [NEU] [mittel] libssh: Schwachstelle ermöglicht Offenlegung von Informationen
• 10:5 : Cybercriminal abuse of large language models
• 10:5 : Akamai Shares New Techniques for Defenders to Shutdown Cryptominer Attacks
• 10:4 : New U.S. Visa Rule Requires Applicants to Change Social Media Accounts Privacy to Public
• 10:4 : NVIDIA Megatron LM Vulnerability Let Attackers Inject Malicious Code
• 10:4 : CISA Issued ICS Advisories Covering Current Vulnerabilities and Exploits
• 10:4 : Sextortion email scammers increase their “Hello pervert” money demands
• 10:4 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 10:4 : XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
• 10:4 : SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
• 10:4 : UK Ransom Payments Double as Victims Fall Behind Global Peers
• 9:38 : Sonicwall: Angreifer kopieren VPN-Daten mittels Fake-NetExtender-App
• 9:37 : UK govt dept website that campaigns against encryption hijacked to advertise … payday loans
• 9:37 : Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People
• 9:37 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 9:37 : Common Good Cyber Fund Launched to Support Non-Profit Security Efforts
• 9:5 : Sonicwall warnt vor mit Schadcode verseuchter Fake-NetExtender-App
• 9:5 : Direkt nach Verurteilung: Russland entlässt hochgefährliche Hacker aus der Haft
• 9:4 : Google Plans to Remove Chrome’s Tab Scrolling Feature
• 9:4 : Securing Our Water: Understanding the Water Cybersecurity Enhancement Act of 2025
• 9:4 : How Secure Login Enhances the Accuracy of Your Marketing Dashboards
• 9:4 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 9:4 : Half of Customer Signups Are Now Fraudulent
• 8:35 : Microsoft bestätigt Google-Chrome-Blockade
• 8:33 : CentOS Web Panel Vulnerability Allows Remote Code Execution – PoC Released
• 8:33 : Critical Kibana Flaws Enable Heap Corruption and Remote Code Execution
• 8:33 : Prometei botnet activity has surged since March 2025
• 8:33 : APT Hackers Abuse Microsoft ClickOnce to Execute Malware as Trusted Host
• 8:33 : TeamViewer for Windows Vulnerability Let Attackers Delete Files Using SYSTEM Privileges
• 8:33 : Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025​​
• 8:33 : North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
• 8:5 : IT Security News Hourly Summary 2025-06-25 09h : 12 posts
• 8:3 : Best Practices for Secrets Management in the Cloud
• 8:3 : A Guide to Secret Remediation Best Practices