183 posts were published in the last hour
- 22:13 : What VirusTotal Missed — Discover with Unknown Cyber
- 22:13 : Enhancing cloud security in AI/ML: The little pickle story
- 21:34 : New ReaderUpdate malware variants target macOS users
- 21:34 : Signalgate storm intensifies as journalist releases full secret Houthi airstrike chat
- 21:14 : Security expert Troy Hunt hit by phishing attack
- 21:14 : Mike Waltz Left His Venmo Friends List Public
- 21:14 : Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware
- 21:14 : Broadcom Extends Scope of VMware vDefend Cybersecurity Platform
- 20:34 : Production Line Cameras Vulnerabilities Let Attackers Stop The Recordings
- 20:34 : US defense contractor cops to sloppy security, settles after infosec lead blows whistle
- 20:5 : IT Security News Hourly Summary 2025-03-26 21h : 14 posts
- 20:3 : Napster Sold And Will Return As Interactive Streaming Service
- 20:3 : SignalGate Isn’t About Signal
- 20:2 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
- 20:2 : A New Tool to Detect Cellular Spying | EFFector 37.3
- 20:2 : OpenAI Offering $100K Bounties for Critical Vulnerabilities
- 20:2 : Winter 2024 SOC 1 report is now available with 183 services in scope
- 19:38 : Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats
- 19:38 : 2025-03-26: SmartApeSG traffic for fake browser update leads to NetSupport RAT and StealC
- 19:38 : BSidesLV24 – IATC – Difficult Conversations
- 19:38 : Effectively implementing resource control policies in a multi-account environment
- 19:12 : UK Proposes To Allow Satellites To Resolve UK Mobile Not-Spots
- 19:12 : Benefits and challenges of zero standing privileges
- 19:12 : SignalGate Isn’t About Signal
- 19:12 : How to Delete Your 23andMe Data
- 18:32 : Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
- 18:32 : Has GetReal cracked the code on AI deepfakes? $18M and an impressive client list say yes
- 18:32 : Leaked data exposes a Chinese AI censorship machine
- 18:32 : CVE-2024-9956: Critical WebAuthentication Vulnerability in Google Chrome on Android
- 18:32 : Titan Security Keys now available in more countries
- 18:12 : Security Silos Are Failing: Why CTEM Is Key to Smarter Cyber Defense
- 18:12 : New npm Malware Attack Infects Popular Ethereum Library with Backdoor
- 18:12 : 5 best Linux distros for staying anonymous – when a VPN isn’t enough
- 18:12 : New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
- 18:12 : SectopRAT as Weaponized Cloudflare Turnstile Challenge Attacks Windows Users
- 17:39 : Why Healthcare Executives Should Prioritize Security Compliance
- 17:39 : Waymo Confirms Washington DC Robotaxi Plan For 2026
- 17:38 : Pakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android Users
- 17:38 : B1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for Free
- 17:38 : Hackers Exploit COM Objects for Fileless Malware and Lateral Movement
- 17:38 : Threat Actors Use “Atlantis AIO” Tool to Automate Credential Stuffing Attacks
- 17:38 : Files stolen from NSW court system, including restraining orders for violence
- 17:38 : What is a web application firewall (WAF)? WAF explained
- 17:38 : Making a case for the cybersecurity data fabric
- 17:38 : Introducing the Mend.io Value Dashboard: Measure and Showcase Your Security Impact
- 17:5 : IT Security News Hourly Summary 2025-03-26 18h : 18 posts
- 17:4 : Next.js Middleware Flaw Lets Attackers Bypass Authorization
- 17:4 : New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access
- 17:4 : YouTube Creators Under Attack via Brand Collaborators Requests Using Clickflix Technique
- 17:4 : Top 3 Cyber Attacks In March 2025
- 17:4 : AI Technology is Helping Criminal Groups Grow Stronger in Europe, Europol Warns
- 16:38 : Third-Party Data Breaches: The Hidden Threat Lurking in Vendor Networks
- 16:38 : Has GetReal cracked the code on AI deepfakes? $18M and an impressive client list says yes
- 16:38 : Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
- 16:38 : SecurityScorecard Observes Surge in Third-Party Breaches
- 16:38 : Effectively implementing resource controls policies in a multi-account environment
- 16:7 : Inaba Denki Sangyo CHOCO TEI WATCHER mini
- 16:7 : 3 in 4 Enterprise Users Upload Data to GenAI Including Passwords and Keys
- 16:7 : New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload
- 16:6 : How AI is Fueling ATOs & Fake Account Creation—And Why Bot Detection Needs to Evolve
- 16:6 : BSidesLV24 – IATC – Hungry, Hungry Hackers
- 16:6 : Western Alliance Bank Data Breach Exposes Nearly 22,000 Customers’ Personal Information
- 16:6 : Roman Encryption Employed In Nearly 9K Phishing Attacks
- 16:6 : FBI Warns Against Free Online File Converters as Potential Cybersecurity Threats
- 15:39 : The Importance of Secure Data Management Tools in Higher Education (+ 6 Best-Value Tools for Universities)
- 15:38 : TikTok to take help of Microsoft or Google to banish data security concerns
- 15:38 : Tesla Europe Sales Plummet, As Owners Return EVs At Record Levels
- 15:38 : US Adds 50 Chinese Firms To AI, Chip Blacklist
- 15:38 : Groq and PlayAI just made voice AI sound way more human — here’s how
- 15:38 : Credible nerd says stop using atop, doesn’t say why, everyone panics
- 15:38 : BlackLock Ransomware Targeted by Cybersecurity Firm
- 15:38 : AMTSO Releases Sandbox Evaluation Framework
- 15:38 : Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool
- 15:9 : Generative AI In Business: Managing Risks in The Race for Innovation
- 15:9 : Don’t Respond to Ransomware Attackers With AI, Experts Say
- 15:9 : Island Banks $250M Series E for Enterprise Browser
- 15:9 : GitHub Action Security Breach Raises Concerns Over Supply Chain Risks
- 15:8 : Oscilar AI Agent improves risk analysis and fraud prevention
- 15:8 : China-linked FamousSparrow APT group resurfaces with enhanced capabilities
- 14:37 : Production Line Camera Flaws Allow Hackers to Disable Recordings
- 14:37 : Windows 11 24H2 Update Breaks Connection to the Veeam Backup Server
- 14:37 : North Korean Kimsuky Hackers New Tactics & Malicious Scripts in Latest Attacks
- 14:37 : Your Smart TV May Bring Down the Entire Network
- 14:37 : Operation ForumTroll – APT Hackers Exploit Google Chrome Zero-Day To Bypass Sandbox Protections
- 14:37 : CrushFTP HTTPS Port Vulnerability Leads to Unauthorized Access
- 14:36 : Hackers Use Atlantis AIO Tool to Automate Account Takeover Attacks
- 14:36 : Whitepaper: Voice of Security 2025
- 14:36 : DeRISK Quantified Vulnerability Management evaluates cyber risks using business-level metrics
- 14:36 : If you think you’re immune to phishing attempts, you’re wrong!
- 14:36 : Threat Actors Abuse Trust in Cloud Collaboration Platforms
- 14:11 : YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic
- 14:11 : 6 Best Password Managers (2025), Tested and Reviewed
- 14:11 : Clevo Devices Boot Guard Private Key Exposed Via Firmware Update Packages
- 14:11 : 200 Unique Domains Used by Raspberry Robin Unveiled
- 14:11 : Cloudflare Attributes Recent Service Outage to Password Rotation Error
- 14:11 : Critical NetApp SnapCenter Server Vulnerability Let Attackers Become an Admin User
- 14:11 : CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL
- 14:11 : EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
- 14:5 : IT Security News Hourly Summary 2025-03-26 15h : 15 posts
- 13:37 : Emissions Transparency: Moving Toward a More Rigorous Verification
- 13:37 : Windows MMC Framework Zero-Day Exploited to Execute Malicious Code
- 13:37 : Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists
- 13:36 : Rethinking SAP Security Without Maintenance Contracts
- 13:36 : Malware found on npm infecting local package with reverse shell
- 13:36 : Concentric AI’s UBDA feature identifies unusual user activity
- 13:36 : Malicious npm Packages Deliver Sophisticated Reverse Shells
- 13:9 : CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access
- 13:9 : Transforming Security Management with AI Agents and Assistants
- 13:9 : New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest
- 13:9 : AI Agents and API Security: The Hidden Risks Lurking in Your Business Logic
- 13:9 : The UK’s National Cyber Security Centre Presents Timeline and Roadmap for PQC Migration
- 13:9 : Blumira introduces Microsoft 365 threat response feature
- 13:9 : Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience
- 13:9 : Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks
- 12:35 : Cloudflare Attributes Service Outage to Faulty Password Rotation
- 12:35 : Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server
- 12:35 : Vulnerabilities Allow Remote Hacking of Inaba Plant Monitoring Cameras
- 12:9 : Signal App In Spotlight Amid Secret Chat Controversy Of US Officials
- 12:9 : New Chrome Installer Breaks With Error “This App can’t Run on your PC” on Windows 10 & 11
- 12:8 : DrayTek Routers Vulnerability Exploited in the Wild – Possibly Links to Reboot Loop
- 12:8 : macOS Users Warned of New Versions of ReaderUpdate Malware
- 11:36 : DeepSeek users targeted with fake sponsored Google ads that deliver malware
- 11:36 : Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware
- 11:36 : AI Data Poisoning
- 11:36 : ETSI Publishes New Quantum-Safe Encryption Standards
- 11:9 : Crypto Heist Suspect “Wiz” Arrested After $243 Million Theft
- 11:9 : New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit
- 11:9 : APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections
- 11:9 : The default TV setting you should turn off ASAP – and why you shouldn’t wait to do it
- 11:9 : How to Build a Mature Vulnerability Management Program
- 11:9 : Implementing Privileged Access Workstations: A Step-by-Step Guide
- 11:9 : NCSC taps influencers to make 2FA go viral
- 11:9 : Critical Next.js Vulnerability in Hacker Crosshairs
- 11:9 : Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
- 11:8 : How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More
- 11:5 : IT Security News Hourly Summary 2025-03-26 12h : 9 posts
- 10:34 : New Chrome Installer Fails on Windows 10 & 11 With “This app can’t run on your PC” Error
- 10:34 : Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack
- 10:34 : AI vs. Cybercriminals: Who Wins the Race in Next-Gen Threat Detection?
- 10:34 : ENISA Probes Space Threat Landscape in New Report
- 10:12 : Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors
- 10:11 : Critical NetApp SnapCenter Server Vulnerability Allows Attackers to Gain Admin Access
- 10:11 : North Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent Attacks
- 10:11 : New IOCONTROL Malware Attacking Critical Infrastructure to Gain Remote Access and Control
- 10:11 : FBI Issues new alert over phishing SMS scam targeting highway toll customers
- 9:35 : Clevo Devices Vulnerable as Boot Guard Private Key Leaks via Firmware Updates
- 9:34 : Chainguard VMs reduces risk and engineering complexity
- 9:34 : Sumsub launches Reusable Digital Identity product suite
- 9:34 : Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
- 9:34 : UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats
- 9:8 : BrowserStack Private Devices helps organizations comply with stringent security requirements
- 8:34 : Safeguarding Data for the Quantum Era
- 8:34 : DrayTek Router Vulnerability Exploited in the Wild – Linked to Reboot Loop Issue
- 8:34 : Google fixed the first actively exploited Chrome zero-day since the start of the year
- 8:34 : New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials – Unofficial Patch
- 8:34 : CISA Warns of Four Vulnerabilities, and Exploits Surrounding ICS
- 8:34 : Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code
- 8:34 : Cyberhaven enhances Linea AI platform to improve data security
- 8:5 : IT Security News Hourly Summary 2025-03-26 09h : 3 posts
- 8:4 : Quantum-Proofing Enterprise Security: The Clock is Ticking
- 7:35 : Authentication bypass CVE-2025-22230 impacts VMware Windows Tools
- 7:35 : EncryptHub exploit, Copilot agents, PETs in government
- 7:4 : AI Datasets Reveal Human Values Blind Spots
- 7:4 : Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild
- 7:4 : Oracle Denies Hack Despite Hacker’s Evidence: Cyber Security Today for March 26, 2025
- 6:32 : Malaysia PM says NO to $10m demand of ransomware gang
- 6:32 : Motivations for Hackers to launch Cyber Attacks
- 6:31 : Appsmith Developer Tool Vulnerability Exposes Systems to Remote Code Execution
- 6:11 : Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild
- 6:11 : Malwoverview: First response tool for threat hunting
- 6:11 : A CISO’s guide to securing AI models
- 5:31 : CISA Highlights Four ICS Flaws Being Actively Exploited
- 5:31 : How does your data end up on the dark web?
- 5:13 : New Windows Zero-Day Vulnerability Exposes NTLM Credentials – Unofficial Patch Available
- 5:13 : New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround
- 5:13 : Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
- 2:11 : ISC Stormcast For Wednesday, March 26th, 2025 https://isc.sans.edu/podcastdetail/9380, (Wed, Mar 26th)
- 2:5 : IT Security News Hourly Summary 2025-03-26 03h : 1 posts
- 1:34 : War Plan Chat Includes Journalist
- 1:2 : Finally, an outdoor security camera with useful features and no monthly subscription fees
- 0:34 : [Guest Diary] Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest, (Wed, Mar 26th)
- 23:7 : Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
- 23:5 : IT Security News Hourly Summary 2025-03-26 00h : 3 posts