IT Security News Daily Summary 2025-02-26

168 posts were published in the last hour

• 22:32 : Hugging Face launches FastRTC to simplify real-time AI voice and video apps
• 22:32 : US Officials Recommend Using Encrypted Apps for Messaging
• 22:31 : Relieved by Advanced Secrets Security?
• 22:31 : Proactive Measures in Your NHIDR Plans?
• 22:31 : Reassured by Your IAM Processes?
• 22:4 : Prevent Stalkerware In Ex-Relationships | Avast
• 21:32 : Mishing Is the New Phishing — And It’s More Dangerous
• 21:31 : These alternatives to popular apps can help reclaim your online life from billionaires and surveillance
• 20:32 : Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications
• 20:32 : LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager
• 20:32 : Ghostwriter Malware Targets Government Organizations with Weaponized XLS File
• 20:32 : Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data
• 20:31 : Aembit Earns SOC 2 Type II Recertification for Ongoing Security and Compliance
• 20:5 : IT Security News Hourly Summary 2025-02-26 21h : 20 posts
• 20:2 : Windows Virtualization-Based Security Exploited to Develop Highly Evasive Malware
• 20:2 : Poseidon Mac Malware Hiding Within PKG Files to Evade Detections
• 20:2 : App with Over 100,000 Downloads from Google Play Steals User Data and Blackmails
• 20:2 : SonicWall Report: “Threat Actors are Moving at Unprecedented Speeds”
• 19:32 : A Platform-Agnostic Approach in Cloud Security
• 19:32 : How to improve third-party API integration security
• 19:32 : Hacked crypto exchange Bybit offers $140M bounty to trace stolen funds
• 19:7 : EU ‘Unconditionally Approves’ Nokia’s $2.3bn Infinera Purchase
• 19:7 : Threat Actors Exploit DeepSeek Craze to Distribute Vidar Stealer Malware
• 19:7 : Ransomware Group Data-Leak Sites Increasing as Six New Groups Emerge
• 19:7 : Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group
• 19:7 : February 2025 Web Server Survey
• 19:7 : The ultimate cyber spring cleaning checklist
• 19:7 : Google now lets you delete personal info directly from Search – here’s how
• 19:7 : Hacked crypto exchange Bybit offers $140 million bounty to trace stolen funds
• 19:7 : As a SOC/DFIR Team Member, How To Investigate Phishing Kit Attacks
• 19:6 : Anti-Surveillance Mapmaker Refuses Flock Safety’s Cease and Desist Demand
• 19:6 : Fresh Threats to Privacy Around the Globe | EFFector 37.2
• 19:6 : Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV)
• 19:6 : Rethinking remote assistance security in a Zero Trust world
• 18:7 : Google is now lets you delete personal info directly from Search – here’s how
• 18:6 : Silent Killers Exploiting Windows Policy Loophole To Evade Detections & Deploy Malware
• 18:6 : Now Live: Ransomware Resilience & Recovery Summit – Join the Virtual Event In-Progress
• 18:6 : Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
• 17:32 : IT Public Sector Bosses Warn Of Critical Cyber Defence Gaps
• 17:31 : PostgreSQL 12 End of Life: What to Know and How to Prepare
• 17:31 : DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO
• 17:5 : IT Security News Hourly Summary 2025-02-26 18h : 14 posts
• 17:4 : Threat Actor Allegedly Selling VMware ESXi 0-Day Exploit on Hacker Forum
• 17:4 : Internal Chat Logs of Black Basta Ransomware Gang Leaked Online
• 17:4 : 99% of Organizations Report API-Related Security Issues
• 16:32 : Tesla Value Declines As European Sales Plummet – Report
• 16:32 : New Anubis Ransomware Could Pose Major Threat to Organizations
• 16:31 : Lock Out Hackers: Why Every School Needs Strong Passwords
• 16:7 : Personal data of over 3 million US populace leaks in a data breach
• 16:7 : Cellebrite suspends Serbia as customer after claims police used firm’s tech to plant spyware
• 16:7 : Building a security-minded development team: DevSecOps tools and SDLC best practices
• 16:7 : Hackers Use Invisible Unicode Trick to Hide Phishing Attacks
• 16:7 : Lack of Phishing Awareness Among Executives Poses a Security Threat
• 16:7 : Australian IVF Giant Genea Suffers Data Breach Following Cyber Incident
• 16:6 : What cybersecurity pros read for fun
• 16:6 : DISA Global Solutions Confirms Data Breach Affecting 3.3M People
• 15:32 : Microsoft Entra ID DNS Resolution Failures Results in Authentication Issues
• 15:32 : GRUB2 Vulnerabilities Exposes Millions of Linux Systems to Cyber Attack
• 15:32 : Genea IVF Clinic Breached – Thousand of Patient Data at Risk
• 15:32 : MITRE Details New Framework OCCULT for Managing AI Security Threats
• 15:32 : Orange Communication Breached – Hackers Allegedly Claim Leak of 380,000 Emails
• 15:32 : Android happy to check your nudes before you forward them
• 15:32 : Roblox called “real-life nightmare for children” as Roblox and Discord sued
• 15:32 : Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts
• 15:3 : Have I Been Pwned Adds ALIEN TXTBASE Data 280M Emails & Passwords
• 15:3 : TechCrunch Disrupt 2025: 3 days left to save up to $1,130 on passes
• 15:3 : Biggest Challenges in Developing Fintech Apps & How to Overcome Them
• 15:2 : Fortanix protects enterprises from AI and quantum computing threats
• 15:2 : Is your email or password among the 240+ million compromised by infostealers?
• 14:32 : Zero Trust Network Access Without the Performance Penalty
• 14:32 : PCI DSS v4.0.1: The Changes You Need to Know to Qualify for SAQ A
• 14:32 : AI-Powered Ransomware Attacks
• 14:32 : Data Theft Drove 94% of Global Cyberattacks in 2024 & Ransomware Defenses are “Increasingly Complex”
• 14:32 : ACDS Unveils New Updates to EASM Platform, Enhancing Security For Enterprises
• 14:31 : New Phishing Attack Targeting Amazon Prime Users To Steal Login Credentials
• 14:5 : IT Security News Hourly Summary 2025-02-26 15h : 7 posts
• 14:4 : Bybit Reserves ‘Fully Replenished ‘ After Record $1.5bn Crypto Hack
• 14:4 : MITRE Releases OCCULT Framework to Address AI Security Challenges
• 14:4 : OpenAI expands Deep Research access to Plus users, heating up AI agent wars with DeepSeek and Claude
• 14:4 : Leaked Black Basta Chat Logs Reveal $107M Ransom Earnings and Internal Power Struggles
• 13:32 : Bridging the Cyber Security Talent Gap with AI and Experts
• 13:32 : Auto-Deploying Check Point Firewalls with AWS Gateway Load Balancers
• 13:31 : What Is Encryption? Definition, Applications, and Examples
• 13:4 : Anagram takes a gamified approach to employee cybersecurity training
• 13:4 : Signal will withdraw from Sweden if encryption-busting laws take effect
• 13:4 : New ‘Auto-Color’ Linux Malware Targets North America, Asia
• 13:4 : Signal May Exit Sweden If Government Imposes Encryption Backdoor
• 12:32 : Federal Tech Staff Sign Resignation Letter Over Musk’s Doge Cuts
• 12:31 : Signal Threatens to Exit Sweden Over Government’s Backdoor Proposal
• 12:31 : An iCloud Backdoor Would Make Our Phones Less Safe
• 12:7 : Google Announces Quantum-Safe Digital Signatures For Cloud KMS
• 12:7 : Genea IVF Clinic Cyberattack Threatens Thousands of Patient Records
• 12:7 : Trump’s Reckless NIST Purge Puts US Semiconductors, AI Safety at Risk
• 12:7 : Ghostwriter Campaign Targets Ukrainian Government and Belarusian Opposition
• 12:7 : OpenSSF Releases Security Baseline for Open Source Projects
• 12:7 : Malicious PyPI Package “automslc” Enables 104K+ Unauthorized Deezer Music Downloads
• 12:6 : CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
• 12:6 : Three Password Cracking Techniques and How to Defend Against Them
• 12:6 : New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems
• 12:6 : SOC 3.0 – The Evolution of the SOC and How AI is Empowering Human Talent
• 11:32 : RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector
• 11:32 : CISA Releases Two Industrial Control Systems Advisories
• 11:32 : Rockwell Automation PowerFlex 755
• 11:32 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
• 11:32 : Rsync Vulnerabilities Let Hackers Gain Full Control of Servers – PoC Released
• 11:31 : Qualcomm Extends Security Support for Android Devices to 8 Years
• 11:31 : Hundreds of GitHub repos served up malware for years
• 11:5 : Apple Shareholders Vote To Retain Diversity Programmes
• 11:5 : US Background Check Firm Data Breach Exposes 3.3M Records
• 11:5 : IT Security News Hourly Summary 2025-02-26 12h : 11 posts
• 11:4 : GRUB2 Flaws Expose Millions of Linux Devices to Exploitation
• 11:4 : Hackers publish sensitive patient data allegedly stolen from Australian IVF provider Genea
• 11:4 : 3.3 Million People Impacted by DISA Data Breach
• 11:4 : Ransomware Gang Publishes Stolen Genea IVF Patient Data
• 11:4 : HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers
• 10:32 : DISA Global Solutions Data Breach Exposes 3.3M Records, Including SSNs
• 10:32 : Thousands of exposed GitHub repos, now private, can still be accessed through Copilot
• 10:31 : Exploits and vulnerabilities in Q4 2024
• 10:7 : Orange Communication Breached – Hackers Allegedly Claim 380,000 Email Records Exposed
• 10:7 : New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms
• 10:6 : Geopolitical Tension Fuels APT and Hacktivism Surge
• 9:32 : Fortifying Financial Services Cybersecurity with Threat Intelligence and Cybersecurity Automation
• 9:32 : ExpressVPN gets faster and more secure, thanks to Rust
• 9:32 : CIS Controls Version 8.1: What you need to know
• 9:31 : WordPress Plugin Vulnerability Exposes Millions of Websites to Script Injection Attacks
• 9:31 : Pentera Cyber Pulse identifies new threats and vulnerabilities
• 9:5 : U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
• 9:5 : Have I Been Pwned Added 284 Million Accounts Stolen by Information Stealer Malware
• 9:5 : 2850+ Ivanti Connect Secure Devices Vulnerable to Remote Code Execution Attacks
• 9:5 : US Employee Screening Giant Hacked – 3M People Data at Risk
• 9:5 : Fully Undetected Batch Script Leverages PowerShell & Visual Basic to Drop XWorm
• 9:5 : It’s Time for Defense Tech Companies to Get Ahead of CMMC Before They Get Left Behind
• 9:5 : Seal OS fixes vulnerabilities in Linux operating systems
• 9:5 : Red Hat OpenShift 4.18 enhances security across IT environments
• 9:5 : New Phishing Scam Uses Authentic PayPal Address: Cyber Security Today February 26, 2025
• 8:32 : RSync Vulnerabilities Allow Hackers to Take Full Control of Servers – PoC Released
• 8:32 : Deceptive Signatures: Advanced Techniques in BEC Attacks
• 8:32 : DISA breach, Swedish backdoors, Dems looking into system access
• 8:9 : Millions of WordPress Websites Vulnerable to Script Injection Due to Plugin Flaw
• 8:9 : NCC Group tracks alarming ransomware surge in January
• 8:9 : 200-plus impressively convincing GitHub repos are serving up malware
• 8:5 : IT Security News Hourly Summary 2025-02-26 09h : 4 posts
• 7:32 : New Undetectable Batch Script Uses PowerShell and Visual Basic to Install XWorm
• 7:7 : Ransomware hackers are more interested in data exfiltration than encryption
• 7:6 : Can Passwordless Tactics Help Thwart Major Cyber Threats?
• 7:6 : GitVenom campaign targets gamers and crypto investors by posing as fake GitHub projects
• 6:8 : US Employee Background Check Firm Hacked, 3 Million Records Exposed
• 6:8 : 2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks
• 6:8 : Dalfox: Open-source XSS scanner
• 6:7 : The compliance illusion: Why your company might be at risk despite passing audits
• 5:33 : Have I Been Pwned Reports Huge Data Leak, Adds 284 Million Stolen Accounts
• 5:33 : CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild
• 5:33 : How enterprise leaders can secure and govern agentic AI
• 5:33 : CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
• 3:31 : 50 World’s Best Cyber Security Companies – 2025
• 3:31 : EFF to UK PM Starmer: Call Sisi to Free Alaa and Save Laila
• 3:9 : Incoming deputy head of Homeland Security says CISA needs to be reined in
• 2:32 : [Guest Diary] Malware Source Servers: The Threat of Attackers Using Ephemeral Ports as Service Ports to Upload Data, (Wed, Feb 26th)
• 2:32 : DEF CON 32 – Exploiting Bluetooth: From Your Car To The Bank Account$$
• 2:6 : ISC Stormcast For Wednesday, February 26th, 2025 https://isc.sans.edu/podcastdetail/9340, (Wed, Feb 26th)
• 2:5 : IT Security News Hourly Summary 2025-02-26 03h : 1 posts
• 1:6 : Wi-Fi When Traveling: 12 Ways to Get Internet While Traveling
• 0:31 : Drug-screening biz DISA took a year to disclose security breach affecting millions
• 0:6 : OpenAI drops Deep Research access to Plus users, heating up AI agent wars with DeepSeek and Claude
• 23:31 : Non-Human Identity Security in the Age of AI
• 23:31 : LockBit taunts FBI Director Kash Patel with alleged “Classified” leak threat
• 23:5 : IT Security News Hourly Summary 2025-02-26 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2025-02-25