IT Security News Daily Summary 2025-03-18

190 posts were published in the last hour

22:9 : CISA Probationary Reinstatements
22:9 : Google Acquires Wiz for Record $32 Billion
22:9 : AMOS and Lumma stealers actively spread to Reddit users
22:9 : CISA fires, now rehires and immediately benches security crew on full pay
21:14 : Threat Assessment: GitHub Actions Supply Chain Attack: The Compromise of tj-actions/changed-files
21:14 : Randall Munroe’s XKCD ‘Water Balloons’
21:13 : Recon Village – Maltego Community Workshop: OSINT & Custom Transforms
20:34 : Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft
20:34 : HP Launches Printers with Quantum Resilient Cryptography
20:11 : Google Acquires Startup Wiz for $32B to Make ‘Cybersecurity More Accessible And Simpler’
20:11 : AI Is Turbocharging Organized Crime, EU Police Agency Warns
20:5 : IT Security News Hourly Summary 2025-03-18 21h : 7 posts
19:36 : How a researcher with no malware-coding skills tricked AI into creating Chrome infostealers
19:36 : Here’s why Google pitched its $32B Wiz acquisition as ‘multicloud’
19:36 : Learn Secure Java Development with OffSec’s New Course
19:9 : How AI agents help hackers steal your confidential data – and what to do about it
19:9 : Alphabet’s $32B Wiz Acquisition Boosts Cloud Security
19:9 : 8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Groups
19:9 : New Clearfake Variant Leverages Fake reCAPTCHA To Trick Users Deliver Malicious PowerShell Code
18:32 : Scammers Sneak 300+ Ad Fraud Apps onto Google Play with 60M Downloads
18:31 : US tech jobs outlook clouded by DOGE cuts, Trump tariffs
18:4 : I always turn off this default TV setting when watching movies – here’s why you should, too
18:4 : 2024 H2 IRAP report is now available on AWS Artifact for Australian customers
17:35 : New ClearFake Variant Uses Fake reCAPTCHA to Deploy Malicious PowerShell Code
17:35 : MirrorGuard: Adaptive Defense Mechanism Against Jailbreak Attacks for Secure Deployments
17:34 : Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices
17:34 : Fake Coinbase Migration Messages Target Users to Steal Wallet Credentials
17:34 : Hackers Employ DLL Side-Loading To Deliver Malicious Python Code
17:34 : Bybit Hack – Sophisticated Multi-Stage Attack Details Revealed
17:34 : How to Stop Expired Secrets from Disrupting Your Operations
17:5 : IT Security News Hourly Summary 2025-03-18 18h : 16 posts
17:2 : AI innovation requires AI security: Hear what’s new at Microsoft Secure
16:34 : You have 4 days to update Firefox before everything breaks
16:34 : ChatGPT SSRF bug quickly becomes a favorite attack vector
16:34 : Critical AMI BMC Vulnerability Exposes Servers to Disruption, Takeover
16:34 : The rise of DAST 2.0 in 2025
16:34 : New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
16:34 : AWS completes the annual UAE Information Assurance Regulation compliance assessment
16:12 : Google buys Wiz for $32 billion
16:12 : What is security automation?
16:12 : Schneider Electric EcoStruxure Panel Server
16:12 : Schneider Electric EcoStruxure Power Automation System
16:12 : Rockwell Automation Lifecycle Services with VMware
16:12 : Schneider Electric EcoStruxure Power Automation System User Interface (EPAS-UI)
16:12 : Schneider Electric ASCO 5310/5350 Remote Annunciator
16:11 : CISA scrambles to contact fired employees after court rules layoffs ‘unlawful’
16:11 : Squid Werewolf Mimic as Recruiters Attacking Job Seekers To Exfiltrate Personal Data
15:37 : AI chatbots can be hijacked to steal Chrome passwords – new research exposes flaw
15:36 : How to guard against a vicious Medusa ransomware attack – before it’s too late
15:36 : Turn off this default TV setting ASAP for better picture quality – especially when watching movies
15:36 : Microsoft isn’t fixing 8-year-old shortcut exploit abused for spying
15:36 : Major Data Breach at Jaguar Land Rover Raises Security Concerns
15:36 : New Malware Impersonates Browser Extensions to Steal Login Credentials
15:36 : Nearly Half of Companies Lack AI-driven Cyber Threat Plans, Report Finds
15:36 : Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers
15:7 : Orion Security emerges from stealth using LLMs to track your enterprise’s data flow and stop it from leaking out
15:7 : Cloudflare to Implement Post-Quantum Cryptography to Defend Attacks from Quantum Computers
15:7 : New Sophisticated Phishing Attack Exploiting Microsoft 365 Infrastructure To Attack Users
15:7 : 331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security
15:7 : Microsoft Warns of New StilachiRAT Stealing Remote Desktop Protocol Sessions Data
15:7 : DocSwap Malware as Security Document Viewer Attacking Android Users Worldwide
15:7 : CyCognito improves security operations automation and risk visibility
15:7 : New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
15:7 : Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security
15:7 : Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
15:7 : New Report Highlights Common Passwords in RDP Attacks
14:34 : Bringing Security to Digital Product Design
14:34 : Google Agrees to Acquire Wiz in $30B Deal
14:34 : How AI and automation are reshaping security leadership
14:34 : Whistic announces next generation of Assessment Copilot
14:9 : Analyze Mobile Threats Faster: ANY.RUN Introduces Android OS to Its Interactive Sandbox
14:9 : Hackers Exploit Hard Disk Image Files to Deploy VenomRAT
14:9 : New BitM Attack Enables Hackers to Hijack User Sessions in Seconds
14:9 : Is your Chromecast still throwing errors? This fix will get you streaming again
14:9 : How to turn off motion smoothing on your TV (and why you should do it ASAP)
14:9 : How can Organizations Secure Low-Code No-Code Development
14:9 : AI’s Impact on Enterprise Security and How CISOs Should Prepare
14:9 : 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft
14:9 : Stealthy StilachiRAT steals data, may enable lateral movement
14:9 : Google Buys Wiz in $32bn Cloud Security Push
14:9 : BlackBasta Ransomware Ties to Russian Authorities Uncovered
14:5 : IT Security News Hourly Summary 2025-03-18 15h : 30 posts
13:37 : Fake DeepSeek AI Installers, Websites, and Apps Spreading Malware
13:37 : Microsoft Warns of StilachiRAT Stealing Remote Desktop Protocol Session Data
13:37 : DocSwap Malware Masquerades as Security Document Viewer to Attack Android Users Worldwide
13:37 : Squid Werewolf Mimics Recruiters to Target Job Seekers and Steal Personal Data
13:36 : Hackers Use DLL Side-Loading to Deploy Malicious Python Code
13:36 : Bybit Hack: Details of Sophisticated Multi-Stage Attack Uncovered
13:36 : This new tool lets you see how much of your data is exposed online – and it’s free
13:36 : Confirmed: Google buys Wiz for $32B to beef up in cloud security
13:36 : ChatGPT Vulnerability Actively Exploited From 10,000+ IPs to Attack US Government Organizations
13:36 : Google Parent Alphabet in Talks to Acquire Cyber Security Group Wiz for $30bn
13:36 : GIMP 3.0 Image Editor Released For Linux, macOS, Unix, and Windows
13:36 : Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash
13:36 : New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads
13:36 : Over 16.8 Billion Records Exposed as Data Breaches Increase 6%
13:12 : AI Addressing New Need to Secure Data from The Inside Out
13:12 : Google’s Parent Alphabet in Talks to Acquire Cybersecurity Firm Wiz for $30 Billion
13:12 : Amazon Ends Local Voice Processing, Transitions Fully to Cloud
13:12 : How Manufacturers Can Turn Security Into a Competitive Advantage
13:11 : Halliday raises $20 million to build AI agents that operate safely on blockchain
13:11 : What is Bundesamt für Sicherheit in der Informationstechnik (BSI)?
13:11 : The 10 Most Common Website Security Attacks (and How to Protect Yourself)
13:11 : Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos
13:11 : Dashlane Review 2025: Features, Pricing, and Security
13:10 : Confirmed: Google is buying Wiz for $32B to beef up in cloud security
13:10 : SOC and Awe — How Autonomous Security Is Changing the Game
13:10 : New Cloudflare Service Provides Real-Time Threat Intelligence
13:10 : Transforming Security Operations With Generative AI
13:9 : SquareX Launches “Year of Browser Bugs” (YOBB) to Expose Critical Security Blind Spots
13:9 : Google to acquire Wiz for $32 billion
13:9 : Large-Scale Malicious App Campaign Bypassing Android Security
12:37 : Secure File Transfer as a Critical Component for AI Success
12:37 : How to calculate the cost of a data breach
12:36 : Google is buying Wiz for up to $33B to beef up in cloud security
12:36 : Wellbeing in the Cybersecurity Sector: A Call for Participation
12:36 : New BitM Attack Lets Hackers Steal User Sessions Within Seconds
12:7 : Cloudflare Adopts Post-Quantum Cryptography to Combat Future Quantum Attacks
12:7 : Google is buying Wiz for $32B to beef up in cloud security, sources say
12:7 : Amazon disables option to store Echo voice recordings on your device
12:7 : Western Alliance Bank Discloses Data Breach Linked to Cleo Hack
12:7 : “My Vas Pokhoronim!”
11:32 : Hackers Exploit SSRF Vulnerability to Attack OpenAI’s ChatGPT Infrastructure
11:32 : GitHub Action tj-actions/changed-files was compromised in supply chain attack
11:32 : Is Security Human Factors Research Skewed Towards Western Ideas and Habits?
11:32 : PoC Exploit Released for Use-after-free Linux Kernel Vulnerability
11:32 : Denmark Warns of Serious Cyber Attacks Targeting Telecommunication Sector
11:32 : Red Team Tool Cobalt Strike 4.11 Released With out-of-the-box Evasion Options
11:32 : Crypto Exchange OKX Suspends Tool Used by North Korean Hackers to Steal Funds
11:32 : “My vas pokhoronim!”
11:32 : FBI: Free file converter sites and tools deliver malware
11:32 : BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse
11:31 : China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
11:31 : How to Improve Okta Security in Four Steps
11:13 : DeepMind’s Hassabis Urges UK To Expand AI Ambitions
11:13 : TruffleHog: New Burp Suite Extension for Secret Scanning Released
11:13 : FCC Chairman Establishes New National Security Council to Tackle Tech Threats
11:13 : The API Security Illusion: IT Leaders May Be Overconfident
11:13 : Insight Into Reliaquest’s Critical Cyber Threats to Hospitality and Recreation Report
11:13 : GitHub Leak Puts Software Supply Chains at Risk: Thousands of Secrets Exposed
11:13 : Massive RSA Encryption Flaw Exposes Millions of IoT Devices to Attack
11:13 : UK wants dirt on data brokers before criminals get there first
11:5 : IT Security News Hourly Summary 2025-03-18 12h : 7 posts
10:34 : New Intel Chief Lip-Bu Tan ‘Considers’ Job Cuts, Factory Revamp
10:34 : BYD Says Latest EVs Can Charge As Fast As Pumping Petrol
10:7 : Top 10 Best Penetration Testing Companies in 2025
10:7 : 5 Chromecast features you’re not using enough on your TV (including a smart home buff)
10:7 : ChatGPT Vulnerability Exploited Against US Government Organizations
10:7 : The Future of Enterprise Security: AI-powered Lateral Defense in a Dynamic Threat Landscape
10:7 : Third of UK Supply Chain Relies on “Chinese Military” Companies
9:34 : New Huawei Chip Appears As Company Shifts Away From Windows, Intel
9:34 : South Korea Sees China Chip Exports Slump
9:34 : TikTok rolls out a new Security Checkup tool. Here’s how it works
9:34 : CISO Global launches AI-driven cloud security solution
9:6 : SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware
8:34 : ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery
8:34 : Telegram’s Durov Allowed To Leave France As Probe Continues
8:34 : Crypto Platform OKX Suspends Tool Abused by North Korean Hackers
8:34 : New StilachiRAT uses sophisticated techniques to avoid detection
8:7 : Python Bot Delivered Through DLL Side-Loading, (Tue, Mar 18th)
8:7 : Cobalt Strike 4.11 Released with Built-In Evasion Features for Red Teams
8:6 : Google Released Open Source Version of OSV-Scanner Tool for Vulnerability Scanning
8:6 : Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
8:5 : IT Security News Hourly Summary 2025-03-18 09h : 3 posts
7:32 : Extortion crew threatened to inform Edward Snowden (?!) if victim didn’t pay up
7:32 : GitHub repositories targeted, Apache Tomcat RCE exploit, BEC campaigns target Microsoft 365
7:13 : Thousands of British musicians fall silent over government AI plans
6:34 : PoC Exploit Released for Linux Kernel Use-After-Free Vulnerability
6:34 : Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit
6:34 : How financial institutions can minimize their attack surface
6:4 : Cyber Attack halts a murder shooting trial in American court
6:4 : How to Identify Zero-Day Attacks and Their Repercussions
6:4 : Denmark Issues Warning on Major Cyber Attacks Targeting Telecom Sector
6:4 : Hackers target AI and crypto as software supply chain risks grow
5:36 : Google Launches Open-Source OSV-Scanner for Detecting Security Vulnerabilities
5:6 : Cybersecurity jobs available right now: March 18, 2025
2:36 : SOAR vs SIEM: What’s the Difference?
2:36 : UK NHS API Flaw Exposes Critical Mobile Security Risks
2:5 : IT Security News Hourly Summary 2025-03-18 03h : 2 posts
2:4 : ISC Stormcast For Tuesday, March 18th, 2025 https://isc.sans.edu/podcastdetail/9368, (Tue, Mar 18th)
1:7 : ‘Dead simple’ hijacking hole in Apache Tomcat ‘now actively exploited in the wild’
0:34 : How to Permanently and Securely Delete Photos from an iPhone
0:8 : Court filing: DOGE aide broke Treasury policy by emailing unencrypted database
23:35 : Tech Firms Now Face Fines Under Online Safety Act
23:35 : GitHub Actions supply chain attack spotlights CI/CD risks
23:35 : Google revives talks to acquire Wiz at higher valuation
23:35 : Celebrating Women in Cybersecurity for Women’s History Month
23:11 : iPhone-Android: A Major Privacy Upgrade is Coming Soon
23:11 : California’s A.B. 412: A Bill That Could Crush Startups and Cement A Big Tech AI Monopoly
23:5 : IT Security News Hourly Summary 2025-03-18 00h : 4 posts

Related

Post navigation