IT Security News Daily Summary 2025-03-24

173 posts were published in the last hour

• 22:6 : CloudSEK Disputes Oracle Over Data Breach Denial with New Evidence
• 21:34 : The Trump administration planned Yemen strikes in an unauthorized Signal chat
• 21:34 : Chinese APT Weaver Ant infiltrated a telco in Asia for over four years
• 21:34 : FCC on the prowl for Huawei and other blocked Chinese makers in America
• 21:14 : Got a suspicious E-ZPass text? Don’t click the link (and what to do if you already did)
• 21:13 : How to Delete Your Data From 23andMe
• 21:13 : As nation-state hacking becomes ‘more in your face,’ are supply chains secure?
• 20:32 : 5 Unexpected Devices You Didn’t Know Could Spread Malware
• 20:32 : Wi-Fi 6 vs. Wi-Fi 6E vs. Wi-Fi 7: What are the differences?
• 20:7 : DeepSeek-V3 now runs at 20 tokens per second on Mac Studio, and that’s a nightmare for OpenAI
• 20:6 : Microsoft’s new AI agents aim to help security pros combat the latest threats
• 20:6 : 230 Protects Users, Not Big Tech
• 20:5 : IT Security News Hourly Summary 2025-03-24 21h : 9 posts
• 19:37 : Albabat Ransomware Expands Reach to Target Linux and macOS Platforms
• 19:37 : Pocket Card Users Targeted in Sophisticated Phishing Campaign
• 19:36 : Hackers Deploy Fake Semrush Ads to Steal Google Account Credentials
• 19:36 : CISA Adds One Known Exploited Vulnerability to Catalog
• 19:36 : Spit Happens: 23andMe is Bankrupt — Secure Your DNA Data NOW Already
• 19:36 : Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
• 19:16 : How to delete your 23andMe data and why you should do it now
• 19:16 : Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked
• 19:15 : US lifts sanctions on Tornado Cash, a crypto mixer linked to North Korean money laundering
• 18:32 : New Rust-Based Linux Kernel Module Unveiled to Detect Rootkits
• 18:31 : How to Enter the US With Your Digital Privacy Intact
• 18:9 : New Phishing Campaign Targets macOS Users with Fake Security Alerts
• 18:9 : Cyber Guardians: INE Trains Security Champions in Cybersecurity for National Physicians Week 2025
• 18:9 : Four Members of Hacker Group Behind 90 Worldwide Data Breaches Exposed
• 18:9 : Enhancing Satellite Security by Encrypting Video Data Directly on Payloads
• 18:9 : Clio: Real-Time Logging Tool with Locking, User Authentication, and Audit Trails
• 18:9 : AI bots scraping your data? This free tool gives those pesky crawlers the run-around
• 18:9 : Albabat Ransomware Evolves with Cross-Platform Capabilities and Enhanced Attack Efficiency
• 17:34 : Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT
• 17:34 : Cato Uses LLM-Developed Fictional World to Create Jailbreak Technique
• 17:34 : Cyber Guardians: INE Security Champions Cybersecurity Training During National Physicians Week 2025
• 17:34 : Microsoft unveils Microsoft Security Copilot agents and new protections for AI
• 17:34 : Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
• 17:34 : VanHelsingRaaS Expands Rapidly in Cybercrime Market
• 17:5 : IT Security News Hourly Summary 2025-03-24 18h : 13 posts
• 17:4 : Meta Agrees To Halt Personalised Ads For UK Woman
• 17:4 : Did your Google Maps Timeline disappear? Here’s the fix to get yours back
• 16:34 : Hackers Using Fake Semrush Ads to Steal Google Accounts Login Credentials
• 16:34 : NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD
• 16:34 : Protecting your personal information from data brokers
• 16:34 : Ukraine Railway Systems Hit by Targeted Cyber-Attack
• 16:34 : Use AWS service reference information to automate policy management workflows
• 16:7 : North Korea establish Military Cyber Center to conduct espionage
• 16:7 : Authorization Bypass in Next.js Middleware Found
• 16:7 : AI agents swarm Microsoft Security Copilot
• 16:6 : Cyberattack disrupts train ticket sales in Ukraine
• 16:6 : Top 10+ Open-Source SOAR Tools to Enhance Your SecOps Experience
• 16:6 : Oracle Denies Cloud Breach After Hacker Offers to Sell Data
• 15:32 : The Rise of VanHelsing RaaS: A New Player in the Ransomware Landscape
• 15:32 : Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools
• 15:32 : New Linux Kernel Rust Module Unveiled to Detect Rootkits
• 15:32 : Hackers Could Drop Teams Malware via Browser’s Cache Smuggling
• 15:32 : Operation Red Card – 300+ Cyber Criminals Arrested Linking to Multiple Hacking Activities
• 15:32 : Pocket Card Users Under Attack Via Sophisticated Phishing Campaign
• 15:32 : Keeping Secrets Out of Logs: Strategies That Work
• 15:32 : Why Unencrypted Files Pose a Serious Security Risk
• 15:32 : The Growing Threat of Infostealer Malware: What You Need to Know
• 15:32 : Microsoft Warns of Malvertising Campaign Impacting Over 1 Million Devices Worldwide
• 15:32 : Huge Spike in Social Media and Email Hacks – Simple Ways to Protect Yourself
• 15:31 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 15:31 : VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
• 15:31 : Authorities Seize 1842 Devices in Africa’s Cybercrime Crackdown
• 15:15 : Akamai?s Channel-First Strategy: Driving Partner Success in 2025
• 15:15 : Advances In Quantum Computing Signal an Urgent Post-Quantum Cryptography (PQC) Imperative for Enterprises
• 15:15 : Russian Firm Offers $4 Million for Telegram Exploits
• 15:15 : Vulnerability Summary for the Week of March 17, 2025
• 15:15 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 14:34 : Cloudflare Unveils AI Labyrinth a New Approach to Exhaust AI Crawlers and Other Bots
• 14:34 : WordPress Plugin Vulnerability Exposes 200k+ Sites to Code Execution Attacks
• 14:34 : WordPress Plug-in Vulnerability Let Hackers Inject Malicious SQL Queries
• 14:34 : FCC Conducting Investigation into Chinese Entities Placed on the Government’s Prohibited List
• 14:34 : Clio – Real-Time Logging Tool With Locking, User Authentication, and Audit Trails
• 14:34 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 14:11 : Privacy Aware Bots, (Mon, Mar 24th)
• 14:11 : 23andMe’s genes not strong enough to avoid Chapter 11
• 14:11 : Webinar Tomorrow: Which Security Testing Approach is Right for You?
• 14:11 : Report: Fortune 500 employee-linked account exposure
• 14:11 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 14:5 : IT Security News Hourly Summary 2025-03-24 15h : 10 posts
• 13:34 : Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
• 13:34 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 13:11 : Key Cybersecurity Themes for 2025
• 13:11 : CleanStack: Dual-Stack Solution to Defend Against Memory Corruption Attacks
• 13:11 : Operation Red Card: Authorities Arrest 300+ Linked to Cyber Attacks
• 13:11 : Getting to Know Julio Lemus
• 13:11 : Critical Chrome Vulnerability Let Attackers Execute Arbitrary Code
• 13:11 : CleanStack – A Dual-Stack for Defending Against Memory Corruption Attacks
• 13:11 : US Lifts Sanctions Against Crypto Mixer Tornado Cash
• 13:11 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 12:32 : VanHelsingRaaS Emerges, Targeting Linux, BSD, ARM, and ESXi Systems
• 12:32 : FCC Investigates Chinese Entities on US Government’s Prohibited List
• 12:32 : Chinese ‘Web Shell Whisperer’ Leverages Shells and Tunnels to Establish Stealthy Persistence
• 12:32 : 23andMe faces an uncertain future — so does your genetic data
• 12:32 : Attackers can bypass middleware auth checks by exploiting critical Next.js flaw
• 12:32 : FCC Probes Whether Banned Chinese Telecom Providers Still Operating in US
• 12:32 : Prevent, Detect, Contain: A Guide Against Black Basta Affiliates’ Attacks
• 12:32 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 12:7 : Is Washington losing its grip on crypto, or is it a calculated pivot to digital dominance?
• 12:7 : Medusa Ransomware Uses Malicious Driver to Disable Security Tools
• 12:6 : How to Balance Password Security Against User Experience
• 12:6 : VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
• 12:6 : ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
• 11:34 : Ex-Cruise Chief Vogt Raises $150m For Robotics Start-Up
• 11:34 : Nine EU Countries Push For New Chips Act
• 11:34 : Cloak Ransomware Hits Virginia Attorney General’s Office, Disrupts IT Systems
• 11:34 : WordPress Plugin Vulnerability Opens Door to SQL Injection Exploits
• 11:34 : Evaluating AI for Security Operations
• 11:34 : California AG Reminds 23andMe Customers of Data Deletion Rights Amid Bankruptcy Filing
• 11:16 : Critical Chrome Vulnerability Allows Attackers to Execute Arbitrary Code
• 11:16 : Top 10 Scam Techniques: What You Need to Know
• 11:16 : Cross-Border Data Compliance: Navigating Public Security Regulations in a Connected World
• 11:16 : Millions of Internet-Connected Weight Machines Via API Endpoints
• 11:15 : Four Faces of Hacker Group Behind 90 Data Breaches Worldwide Revealed
• 11:15 : Chinese Web Shell Whisperer Using Web Shells & Tunnels To Establish Persistence
• 11:15 : NetSfere Launches Quantum-Resilient Messaging Platform for Enterprise and Government Use
• 11:5 : IT Security News Hourly Summary 2025-03-24 12h : 14 posts
• 10:37 : Norwegian Man Files Complaint After ChatGPT Claims He Murdered Children
• 10:37 : ByteDance Researchers Publish High-Performance AI Training Method
• 10:37 : Apple Reshuffles Executives As AI Plans Struggle
• 10:37 : ByteDance’s Largest US Investors ‘In Talks’ Over TikTok Deal
• 10:37 : Gotbit Founder Pleads Guilty To Crypto Manipulation
• 10:36 : Arsen Introduces AI-Powered Phishing Tests to Improve Social Engineering Resilience
• 10:36 : Encrypted Messaging Apps Promise Privacy. Government Transparency Is Often the Price
• 10:36 : Industry Moves for the week of March 24, 2025 – SecurityWeek
• 10:36 : Albabat Ransomware Expands Targets, Abuses GitHub
• 10:36 : Intro to Deceptionology: Why Falling for Scams is Human Nature
• 10:36 : Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
• 10:36 : Teen Boys at Risk of Sextortion as 74% Lack Basic Awareness
• 10:6 : North Korea Launches Military Research Facility to Strengthen Cyber Warfare Operations
• 10:6 : iProov Workforce MFA mitigates risk of account takeovers
• 9:36 : SvcStealer Malware Strikes, Harvesting Sensitive Data from Browsers and Applications
• 9:36 : Microsoft tastes the unexpected consequences of tariffs on time
• 9:36 : FBI warns of malicious free online document converters spreading malware
• 9:36 : Critical Next.js Middleware Vulnerability Let Attackers Gain Unauthorized Access
• 9:36 : New Browser-Based RDP for Secure Remote Windows Server Access
• 9:36 : China’s Baidu Data Leak, Following Data Leak from User
• 9:36 : Google Account Hijackers Target Victims Via Semrush Ads
• 9:6 : A week in security (March 17 – March 23)
• 8:32 : Cloudflare Reveals AI Labyrinth to Counter Automated AI Attacks
• 8:32 : Cloak ransomware group hacked the Virginia Attorney General’s Office
• 8:31 : SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today
• 8:13 : New SvcStealer Malware Attacking Users To Steal Sensitive Data From Browsers & Apps
• 8:13 : North Korea Launches New Military Based Research Center To Strengthen Hacking Capabilities
• 8:13 : New VanHelsingRaaS Attacking Linux, BSD, ARM, and ESXi Systems
• 8:5 : IT Security News Hourly Summary 2025-03-24 09h : 4 posts
• 7:34 : WordPress Plugin Flaw Exposes 200,000+ Sites at Risk of Code Execution
• 7:34 : How AI, corruption and digital tools fuel Europe’s criminal underworld
• 7:34 : Tornado cash sanctions lifted, Russia Cloudflare outage, Microsoft Trust abused
• 7:6 : Tesla owners’ details doxxed online on a website called ‘dogequest’
• 6:34 : Global Cybersecurity spending to reach $377 billion as cyber threats increase
• 6:34 : China’s Baidu Compromised in Data Leak, Affecting Users
• 6:34 : Trump’s Aggression Sours Europe on US Cloud Giants
• 6:34 : Oracle Has One Of The Largest Supply Chain Breaches: Cyber Security Today For March 24, 2025
• 6:7 : Oracle Cloud denies data breach claims of 6 million data files leak
• 6:7 : Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization
• 6:6 : New Browser-Based RDP Tool Enables Secure Remote Access to Windows Servers
• 6:6 : 10 Best Linux Firewalls in 2025
• 6:6 : CVE-2025-29927 – Understanding the Next.js Middleware Vulnerability
• 6:6 : Enterprises walk a tightrope between AI innovation and security
• 5:34 : Mobsters now overlap with cybercrime gangs and use AI for evil, Europol warns
• 5:34 : Finders Keypers: Open-source AWS KMS key usage finder
• 5:11 : How can I integrate NHI logging and auditing into our IAM solution?
• 5:11 : How do I streamline NHI onboarding in identity management systems?
• 5:11 : From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows
• 5:11 : Cloud providers aren’t delivering on security promises
• 2:5 : IT Security News Hourly Summary 2025-03-24 03h : 1 posts
• 2:2 : ISC Stormcast For Monday, March 24th, 2025 https://isc.sans.edu/podcastdetail/9376, (Mon, Mar 24th)
• 0:6 : China bans compulsory facial recognition and its use in private spaces like hotel rooms
• 22:58 : IT Security News Weekly Summary 12
• 22:55 : IT Security News Daily Summary 2025-03-23