IT Security News Daily Summary 2025-04-28

210 posts were published in the last hour

• 21:2 : Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia
• 21:2 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 20:31 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 20:5 : IT Security News Hourly Summary 2025-04-28 21h : 15 posts
• 20:2 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 19:31 : The future of AI in cybersecurity in a word: Optimistic
• 19:31 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 19:2 : RSA Conference 2025
• 19:2 : How payment tokenization works and why it’s important
• 19:2 : Bugcrowd Launches Red Team Service to Test Cybersecurity Defenses
• 19:2 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 18:32 : M&S Tells Distribution Centre Staff To Stay At Home
• 18:32 : Verizon’s Data Breach Report Findings ‘Underscore the Importance of a Multi-Layered Defense Strategy’
• 18:32 : CISA Adds Three Known Exploited Vulnerabilities to Catalog
• 18:32 : Windscribe Acquitted on Charges of Not Collecting Users’ Data
• 18:32 : Threat Actors Weaponize Language Software to Windows-Based Remote Surveillance Malware
• 18:32 : Threat Actors Increasingly Utilize Ransomware as a Service Boosted by EDR Killers
• 18:32 : Threat Actors Leverage Access to Valid Accounts via Phishing Attack
• 18:32 : EFF Leads Prominent Security Experts in Urging Trump Administration to Leave Chris Krebs Alone
• 18:32 : Millions at Risk as Malicious Actors Hijack Popular YouTube Accounts
• 18:32 : North Korean Hacker Group Targets Cryptocurrency Developers via LinkedIn
• 18:31 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 18:3 : BreachForums Displays Message About Shutdown, Cites MyBB 0day Flaw
• 18:3 : FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023
• 18:3 : 19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email
• 18:2 : RansomHub Ransomware Deploys Malware to Breach Corporate Networks
• 18:2 : Writer releases Palmyra X5, delivers near GPT-4.1 performance at 75% lower cost
• 18:2 : Microsoft Rolls Recall Out to General Public After Privacy Backlash
• 18:2 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 17:32 : Critical Craft CMS Flaws Exploited in Wild: 300+ Servers Breached, Experts Warn
• 17:32 : RansomHub Ransomware Deploying Malware to Compromise Corporate Networks
• 17:32 : Texas’s War on Abortion Is Now a War on Free Speech
• 17:31 : Blackpoint Cyber Extends MDR Service to Improve Cyber Resiliency
• 17:31 : Faster, more personalized service begins at the frontline with Microsoft Intune
• 17:31 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 17:5 : IT Security News Hourly Summary 2025-04-28 18h : 6 posts
• 17:4 : Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin
• 17:4 : Power In Spain, Portugal Knocked Out By Atmospheric Anomaly
• 17:4 : Python-Based Discord RAT Enables Remote Control and Disruption Through a Simple Interface
• 17:4 : Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts
• 17:4 : Citizen Lab says exiled Uyghur leaders targeted with Windows spyware
• 17:3 : From 112K to 4M folks’ data – HR biz attack goes from bad to mega bad
• 17:3 : Palo Alto Networks to Acquire AI Security Firm Protect AI
• 17:3 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 16:36 : How Malwarebytes’ security tools can help companies stop online scams before it’s too late
• 16:36 : Citizen Lab say exiled Uyghur leaders targeted with Windows spyware
• 16:36 : Trump Administration’s Targeting of International Students Jeopardizes Free Speech and Privacy Online
• 16:36 : NetFoundry Raises $12 Million for Network Security Solutions
• 16:36 : Anthropic Outlines Bad Actors Abuse Its Claude AI Models
• 16:36 : Vulnerability Summary for the Week of April 21, 2025
• 16:36 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 16:7 : Hannibal Stealer: Cracked Variant of Sharp and TX Malware Targets Browsers, Wallets, and FTP Clients
• 16:7 : Advanced Multi-Stage Carding Attack Hits Magento Site Using Fake GIFs and Reverse Proxy Malware
• 16:7 : SAP Zero-Day Vulnerability Exploited – Posing Business Risks
• 16:7 : China Claims that the US Attacked a Major Encryption Provider & Stole Sensitive Data
• 16:7 : 19 APT Hackers Attacking Asia Company’s Servers by Exploiting Vulnerability & Spear Phishing Email
• 16:7 : SEIKO EPSON Printer Vulnerabilities Let Attackers Execute Arbitrary Code
• 16:7 : BreachForums Reveals Law Enforcement Crackdown Exploiting MyBB 0-Day Vulnerability
• 16:7 : SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells
• 16:7 : JPMorgan Chase CISO Fires Warning Shot Ahead of RSA Conference
• 16:6 : Palo Alto Networks to Acquire Protect AI, Launches AI Security Platform
• 16:6 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 15:32 : Power blackouts across Spain, Portugal and France, likely by Cyber Attack
• 15:32 : Rack Ruby Framework Vulnerabilities Let Attackers Inject and Manipulate Log Content
• 15:32 : Veza Banks $108 Million Series D at $808 Million Valuation
• 15:31 : Chinese Ghost Hackers Focus on Profits, Attack Key Sectors in the US and UK
• 15:31 : SK Telecom Malware Attack Exposes USIM Data in South Korea
• 15:31 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 15:2 : Combat Rising Account Abuse: Akamai and Ping Identity Partner Up
• 15:2 : Windows 11 25H2 to be Released Possibly With Minor Changes
• 15:2 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 14:32 : Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites
• 14:32 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 14:32 : Uyghur Diaspora Group Targeted with Remote Surveillance Malware
• 14:5 : IT Security News Hourly Summary 2025-04-28 15h : 17 posts
• 14:2 : How Malwarebytes’ new security tools help stop online scams before it’s too late
• 14:2 : Key Takeaways from the 2025 Global Threat Landscape Report
• 14:2 : From 112k to 4 million folks’ data – HR biz attack goes from bad to mega bad
• 14:2 : AuditBoard AI governance solution mitigates risks associated with AI systems
• 14:2 : Palo Alto Networks Prisma AIRS safeguards the enterprise AI ecosystem
• 14:2 : ArmorCode Anya accelerates critical security decisions
• 14:2 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 13:33 : SAP NetWeaver 0-Day Flaw Actively Exploited to Deploy Webshells
• 13:33 : Check Point CloudGuard WAF Wins American Business Award for Cyber Security
• 13:33 : Malwarebytes’ new security tools help shield you from online scams – here’s how
• 13:33 : New RedExt Chrome Extension Tool for Red Teamers with Flask-based C2 Server
• 13:33 : Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack
• 13:33 : Monitoring Dark Web Threats – CISO’s Proactive Approach
• 13:33 : ESET Integrates Detection & Response Capabilities With Splunk SIEM
• 13:32 : FBI Reports Shocking ₹1.38 Lakh Crore Loss in 2024, 33% Increased From 2023
• 13:32 : Back online after ‘catastrophic’ attack, 4chan says it’s too broke for good IT
• 13:32 : AppOmni Adds MCP Server to Platform for Protecting SaaS Applications
• 13:32 : Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy
• 13:32 : Censys enables security teams to be more proactive in their threat hunting
• 13:32 : Trend Micro helps organizations secure AI-driven workloads
• 13:32 : Netskope One enhancements cover a broad range of AI security use cases
• 13:32 : Sentra Data Security for AI Agents protects AI-powered assistants
• 13:32 : ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
• 13:31 : Half of Mobile Devices Run Outdated Operating Systems
• 13:3 : 8 ways to protect your privacy on Linux and keep your data safe
• 13:3 : Cisco AI Defense embeds with ServiceNow SecOps tools
• 13:3 : A large-scale phishing campaign targets WordPress WooCommerce users
• 13:3 : Employee monitoring app exposes users, leaks 21+ million screenshots
• 13:3 : Cybersecurity CEO Charged with Installing Malware on Hospital Computers
• 13:3 : Wallarm Extends API Security Reach to AI Agents
• 13:3 : Abnormal AI improves security awareness training with AI agents
• 13:3 : Researchers Note 16.7% Increase in Automated Scanning Activity
• 12:32 : Darcula Phishing Kit Uses AI to Evade Detection, Experts Warn
• 12:32 : Embracing the Future of Work with Innovations in Prisma SASE
• 12:32 : Deploy Bravely with Prisma AIRS
• 12:32 : 4chan back online after ‘catastrophic’ attack, says it’s too broke for good IT
• 12:32 : 4 Million Affected by VeriSource Data Breach
• 12:32 : Cisco Unveils Open Source AI Reasoning Model for Cybersecurity Use Cases
• 12:32 : Anetac Human Link Pro secures both human and non-human identities
• 12:32 : Flashpoint Ignite enhancements improve threat intelligence
• 12:31 : Avocado OS: Open-source Linux platform for embedded systems
• 12:4 : Windows 11 25H2 Expected to Launch with Minor Changes
• 12:4 : Introducing XSIAM 3.0
• 12:4 : RSA defends organizations against AI-powered identity attacks
• 11:37 : JokerOTP Dismantled After 28,000 Phishing Attacks, 2 Arrested
• 11:37 : China Claims U.S. Cyberattack Targeted Leading Encryption Company
• 11:37 : 4 Different Types of VPNs & When to Use Them
• 11:36 : PoC rootkit Curing evades traditional Linux detection systems
• 11:36 : Selecting Cybersecurity Vendors – CISO’s Decision Framework
• 11:36 : React Router Vulnerabilities Let Attackers Spoof Contents & Modify Values
• 11:36 : FastCGI Library Vulnerability Exposes Embedded Devices to Code Execution Attacks
• 11:36 : Assessing Third-Party Vendor Risks – CISO Best Practices
• 11:36 : Critical Vulnerabilities Found in Planet Technology Industrial Networking Products
• 11:36 : Da bloccati a supportati: aiutare i miei clienti ad atterrare in sicurezza con FireMon
• 11:36 : How Breaches Start: Breaking Down 5 Real Vulns
• 11:5 : Car Subscription Features Raise Your Risk of Government Surveillance, Police Records Show
• 11:5 : Wallarm Agentic AI Protection blocks attacks against AI agents
• 11:5 : IT Security News Hourly Summary 2025-04-28 12h : 5 posts
• 10:35 : ASUS Fixed Critical Auth Bypass Vulnerability In AiCloud Routers
• 10:35 : DoorDash Makes £2.7bn Buyout Offer For Deliveroo
• 10:34 : Pure EV Sales Regain Market Share In China
• 10:34 : Nigeria Upholds $220m Fine Against Meta Over Data Policies
• 10:34 : Spotify ‘To Raise Prices Outside US’ This Summer
• 10:34 : Google Ad Monopoly Remedy Trial To Begin On Friday
• 10:34 : How to Negotiate Your NIS2 Fine or Completely Avoid the Risk
• 10:34 : The API Imperative: Securing Agentic AI and Beyond
• 10:34 : NetRise Adds Tool to Analyze Application Binaries for Security Flaws
• 10:34 : NetRise ZeroLens identifies undisclosed software weaknesses
• 10:5 : IR Trends Q1 2025: Phishing soars as identity-based attacks persist
• 10:5 : Attackers chained Craft CMS zero-days attacks in the wild
• 10:5 : Storm-1977 Hackers Compromised 200+ Crypto Mining Containers Using AzureChecker CLI Tool
• 10:5 : Hackers Selling Advanced Stealthy HiddenMiner Malware on Dark Web Forums
• 10:5 : CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices
• 10:4 : RSA Conference 2025 – Pre-Event Announcements Summary (Part 3)
• 10:4 : Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)
• 10:4 : Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools
• 10:4 : ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies
• 9:32 : FBI Asks for Help Tracking Chinese Salt Typhoon Actors
• 9:2 : NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk
• 9:2 : Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution
• 9:2 : New Bill Mandates Cybersecurity Overhaul for Federal Contractors
• 9:2 : 5 Best NIS2 Compliance Software and Solution Providers
• 9:2 : How to Prepare for NIS2 Audits – A Compliance Expert’s View
• 9:2 : Industry Moves for the week of April 28, 2025 – SecurityWeek
• 9:2 : Oregon Agency Won’t Say If Hackers Stole Data in Cyberattack
• 8:36 : Viasat Modems Zero-Day Vulnerabilities Let Attackers Execute Remote Code
• 8:36 : Securing IoT Devices – CISO’s Strategic Resource Guide
• 8:36 : Fog Ransomware Directory With Active Directory Exploitation Tools & Scripts Uncovered
• 8:36 : Reducing Cyber Insurance Costs – CISO Proactive Measures
• 8:36 : WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors
• 8:36 : Government Set to Ban SIM Farms in European First
• 8:5 : IT Security News Hourly Summary 2025-04-28 09h : 13 posts
• 8:4 : Obfuscation Techniques: A Key Weapon in the Ongoing War Between Hackers and Defenders
• 8:4 : Zoom Platform Misused by Elusive Comet Attackers in Fraud Scheme
• 7:32 : Meta Cuts Staff In Oculus Studios Division
• 7:32 : CISA Alerts Users to Security Flaws in Planet Technology Network Products
• 7:32 : React Router Vulnerabilities Allow Attackers to Spoof Content and Alter Values
• 7:32 : A week in security (April 21 – April 27)
• 7:32 : Allurity acquires Infigo IS to strengthen its position in Europe
• 7:32 : Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
• 7:31 : SAP zero-day active, another OAuth exploit, cybersecurity CEO arrested
• 7:5 : The 2026 FIFA World Cup is coming to North America, and so are the ticket scams
• 7:4 : New iOS Vulnerability Could Brick iPhones with Just One Line of Code
• 7:4 : New iOS Critical Vulnerability That Could Brick iPhones With a Single Line of Code
• 7:4 : Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025
• 6:32 : Cyber Security Company CEO Arrested for Installing Malware Onto Hospital Computers
• 6:32 : ‘Slopsquatting’ and Other New GenAI Cybersecurity Threats
• 6:32 : Google Cloud Enhances Databases with Firestore and MongoDB Features
• 6:32 : Blue Shield of California Data Breach Exposes 4.7M Members’ Info
• 6:7 : Chinese cars can secretly transfer data from charging stations in UK
• 6:7 : Essential Cloud Security Practices Every User Must Follow
• 6:7 : Three IXON VPN Client Vulnerabilities Let Attackers Escalate Privileges
• 6:7 : Cybercriminals Selling Sophisticated HiddenMiner Malware on Dark Web Forums
• 6:7 : Threat actors are scanning your environment, even if you’re not
• 6:6 : Cybersecurity Updates: CEO Legal Troubles, Global Cyber Rules, Microsoft Fix Issues, and AI at B-Side SF
• 5:32 : Cybersecurity Firm CEO Arrested for Planting Malware in Hospital Systems
• 5:32 : GoSearch: Open-source OSINT tool for uncovering digital footprints
• 5:5 : IT Security News Hourly Summary 2025-04-28 06h : 1 posts
• 5:4 : Ransomware attacks are getting smarter, harder to stop
• 4:34 : Most critical vulnerabilities aren’t worth your attention
• 4:6 : 400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild
• 3:34 : Samsung admits Galaxy devices can leak passwords through clipboard wormhole
• 2:5 : IT Security News Hourly Summary 2025-04-28 03h : 6 posts
• 2:4 : ISC Stormcast For Monday, April 28th, 2025 https://isc.sans.edu/podcastdetail/9426, (Mon, Apr 28th)
• 1:5 : Navigating Through The Fog
• 1:5 : Breakthrough Could Lead to Quantum Encryption in 10 Years
• 1:4 : Creating Impenetrable Cloud Compliance Practices
• 1:4 : Delivering Value with Advanced IAM
• 1:4 : Optimistic About Your Cybersecurity Strategy?
• 1:4 : Are You Capable of Managing NHIDs Efficiently?
• 0:38 : SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics, (Sun, Apr 27th)
• 0:38 : New geolocus-cli For ONYPHE’s Geolocus Database
• 23:5 : IT Security News Hourly Summary 2025-04-28 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 17
• 22:55 : IT Security News Daily Summary 2025-04-27