IT Security News Daily Summary 2025-03-31

170 posts were published in the last hour

• 21:34 : Oracle Cloud security SNAFU: IT giant accused of pedantry as evidence vanishes
• 21:33 : Scammers Target Netflix Users: Expert Issues Urgent Warning
• 21:6 : 2025 Cloud Security Insights: Why 97% Say Unified Platforms Are the Future of Protection
• 21:6 : Top Tech Conferences & Events to Add to Your Calendar in 2025
• 21:6 : Security could be the use case AI PCs need
• 20:34 : U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog
• 20:5 : IT Security News Hourly Summary 2025-03-31 21h : 5 posts
• 20:2 : Runway Gen-4 solves AI video’s biggest problem: character consistency across scenes
• 20:2 : Cybersecurity Professor Mysteriously Disappears as FBI Raids His Homes
• 19:32 : Triton RAT Uses Telegram for Remote System Access and Control
• 19:32 : DarkCloud: An Advanced Stealer Malware Sold on Telegram to Target Windows Data
• 19:32 : “Lazarus Hackers Group” No Longer Refer to a Single APT Group But a Collection of Many Sub-Groups
• 19:32 : Earth Alux Hackers Use VARGIET Malware to Target Organizations
• 19:32 : Operation HollowQuill – Weaponized PDFs Deliver a Cobalt Strike Malware Into Gov & Military Networks
• 19:31 : Lazarus Group is No Longer Consider a Single APT Group, But Collection of Many Sub Groups
• 19:7 : Konni RAT Exploit Windows Explorer Limitations To Launches a Multi-Stage Attack & Steal Data
• 19:7 : Weaponized Zoom Installer Used by Hackers to Gain RDP Access and Deploy BlackSuit Ransomware
• 19:7 : Threat Actors Embed Malware in WordPress Sites to Enable Remote Code Execution
• 19:7 : Russian Hackers Leverage Bulletproof Hosting to Shift Network Infrastructure
• 19:6 : SAFECOM Publishes Fall 2024 SAFECOM Bi-Annual Meeting Executive Summary
• 19:6 : Vulnerability Summary for the Week of March 24, 2025
• 18:36 : Stop Exposing Secrets! Secure Your APIs in Postman Like a Pro
• 18:36 : What is a hacker?
• 18:36 : Oracle under fire for its handling of separate security incidents
• 18:36 : Corporate Espionage Group ‘RedCurl’ Expands Tactics with Hyper-V Ransomware
• 18:9 : Cannon Printer Vulnerability Let Attackers Execute Arbitrary Code
• 17:34 : API testing firm APIsec exposed customer data during security lapse
• 17:34 : Gen Z’s Rising Susceptibility to Social Engineering Attacks
• 17:33 : Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
• 17:5 : IT Security News Hourly Summary 2025-03-31 18h : 6 posts
• 17:4 : Elon Musk’s xAI Buys Social Media Platform X
• 17:4 : Announcing EFF’s New Exhibit on Border Surveillance and Accompanying Events
• 17:4 : Check Point confirms breach, but says it was ‘old’ data and crook made ‘false’ claims
• 16:38 : 20,000 WordPress Sites Affected by Arbitrary File Upload and Deletion Vulnerabilities in WP Ultimate CSV Importer WordPress Plugin
• 16:38 : Technical Analysis Published for OpenSSH’s Agent Forwarding RCE Vulnerability
• 16:38 : EFF Installs Border Technology Exhibit at Angel Island Immigration Station
• 16:38 : Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
• 16:7 : Zoom software leading to BlackSuit Ransomware drop on Windows
• 16:7 : Developers Face a Challenge with Fake Hiring That Steals Private Data
• 16:7 : VanHelsing Ransomware Strikes Windows ARM and ESXi Platforms
• 16:6 : Connor Moucka Extradited to U.S. for Snowflake Data Breaches Targeting 165 Companies
• 16:6 : New innovations in Microsoft Purview for protected, AI-ready data
• 16:6 : New Malware Variant RESURGE Exploits Ivanti Vulnerability
• 15:36 : AWS WAF Classic vs WAFV2: Features and Migration Considerations
• 15:36 : New Ubuntu Security Bypasses Allow Attackers to Exploit Kernel Vulnerabilities
• 15:36 : Multiple Dell Unity Vulnerabilities Let Attackers Compromise Affected System
• 15:36 : CrushFTP Vulnerability Exploited to Gain Full Server Access
• 15:36 : Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory
• 15:36 : Online Scams in the Age of AI
• 15:4 : How Will the Splinternet Impact Cybersecurity
• 15:4 : ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers
• 14:34 : CoffeeLoader uses a GPU-based packer to evade detection
• 14:34 : Russia-linked Gamaredon targets Ukraine with Remcos RAT
• 14:34 : Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program
• 14:5 : Windows 11 Insider Released – Microsoft Removes BypassNRO.cmd Script to Enhance Security
• 14:5 : 9 Best DDoS Protection Service Providers in 2025
• 14:5 : Exploring New Initiatives to Hold Cyber Adversaries Accountable
• 14:5 : ClickFake Interview – Lazarus Hackers Exploit Windows and macOS Users Fake Job Campaign
• 14:5 : Earth Alux Hackers Employ VARGIET Malware to Attack Organizations
• 14:5 : IT Security News Hourly Summary 2025-03-31 15h : 4 posts
• 14:5 : Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
• 14:4 : Unsolved Challenge: Why API Access Control Vulnerabilities Remain a Major Security Risk
• 14:4 : The Unseen Battle: How Bots and Automation Threaten the Web
• 14:4 : CISA reveals new malware variant used on compromised Ivanti Connect Secure devices
• 14:4 : ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
• 14:4 : Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
• 13:7 : How AI is Transforming the Fight Against Data Breaches
• 13:7 : What’s Next For Attack Surface Management? Perspectives From The Market Leader
• 13:6 : Hacker Leaks Samsung Customer Data
• 13:6 : EU invests €1.3 billion in AI and cybersecurity
• 13:6 : ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
• 12:32 : Apache Camel Exploit Attempt by Vulnerability Scan (CVE-2025-27636, CVE-2025-29891), (Mon, Mar 31st)
• 12:32 : The Role of DevSecOps in Securing Multi-Cloud Architectures
• 12:31 : The PIN is Mightier Than the Face
• 12:31 : ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
• 12:2 : Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
• 12:2 : A New Microsoft Tool Automatically Detects, Diagnoses, and Resolves Boot Issues in Windows
• 12:2 : Smoked out – Emmenhtal spreads SmokeLoader malware
• 12:2 : Microsoft Removes bypassnro.cmd in Windows 11 Insider To Stop Users from Installing OS Without MS Account
• 12:2 : DarkCloud – An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows
• 12:2 : Part of EU’s New €1.3 Billion Investment Going to Cybersecurity
• 12:2 : 5 Impactful AWS Vulnerabilities You’re Responsible For
• 12:2 : ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
• 11:34 : Beware! A Fake Zoom Installer Drops BlackSuit Ransomware on Your Windows Systems
• 11:34 : The Signal Chat Leak and the NSA
• 11:13 : Beers with Talos: Year in Review episode
• 11:13 : Linux Distribution Nitrux3.9.1  Releaed – What’s New
• 11:13 : 8 Top Automox Alternatives and Competitors for Patch Management
• 11:13 : ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft
• 11:13 : Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
• 11:5 : IT Security News Hourly Summary 2025-03-31 12h : 13 posts
• 10:34 : TikTok Shop Expands In Europe Amidst US Uncertainty
• 10:34 : An AI Image Generator’s Exposed Database Reveals What People Really Used It For
• 10:34 : Konni RAT Exploit Windows Explorer To Launches a Multi-Stage Attack in Windows
• 10:34 : 170,000 Impacted by Data Breach at Chord Specialty Dental Partners
• 10:34 : Industry Moves for the week of March 31, 2025 – SecurityWeek
• 10:34 : CISA Analyzes Malware Used in Ivanti Connect Secure Zero-Day Attacks
• 10:34 : Understanding Privacy Changes: eBay’s AI Policy and The Future of Data Privacy
• 10:34 : What are CCPA Penalties for Violating Compliance Requirements?
• 10:34 : CRQ & CTEM: Prioritizing Cyber Threats Effectively | Kovrr
• 10:34 : EU Commission to Invest €1.3bn in Cybersecurity and AI
• 10:6 : Available now: 2024 Year in Review
• 10:6 : Overcoming Digital Transformation Challenges: Lessons from Industry Leaders
• 10:6 : Cloud security explained: What’s left exposed?
• 10:6 : Malware-Laden Game Removed from Steam as Security Concerns Grow
• 10:6 : Windows 11 quick machine recovery: Restoring devices with boot issues
• 9:34 : The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
• 9:34 : Google Brings Android Development In-House In Major Shift
• 9:34 : SMIC Sees Record Revenue, But Halved Profits
• 9:34 : Microsoft Drops AI Data Centre Projects
• 9:34 : Morphing Meerkat phishing kits exploit DNS MX records
• 9:34 : Threats Actors Hide Malware in WordPress Websites to Execute Code Remotely
• 9:34 : Russian Hackers Using Russia-Based Bulletproof Network to Switch Network Infrastructure
• 9:34 : Triton RAT Leveraging Telegram To Remotely Access & Control Systems
• 9:33 : NCSC Urges Users to Patch Next.js Flaw Immediately
• 9:15 : Harnessing AI to Strengthen Cyber Teams Amidst Talent Shortage
• 9:15 : CrushFTP Vulnerability Lets Hackers Bypass Security and Seize Server Control
• 9:15 : Hackers Distributing Phishing Malware Via SVG Format To Bypass File Detection
• 9:15 : Federal Desktop Core Configuration (FDCC/USGCB) Compliance
• 8:34 : Tencent Invests £1bn In Ubisoft Spin-Off
• 8:34 : BYD Tops Tesla On Global Revenues
• 8:34 : NHS Software Provider Fined £3m Over Breach
• 8:34 : Chinese Lotus Blossom Hackers leverages Windows Management Instrumentation for Network Movement
• 8:34 : CISA Warns of RESURGE Malware Exploiting Ivanti Connect Secure RCE Vulnerability
• 8:34 : Water Gamayun Hackers Exploit MSC EvilTwin Zero-day Vulnerability to Hack Windows Machine
• 8:34 : Apache Tomcat Vulnerability Exploited to Execute Malicious Arbitrary Code on Servers
• 8:34 : New Android Malware “TsarBot” Targeting 750 Banking, Finance & Crypto Apps
• 8:34 : 20 Best Remote Monitoring Tools – 2025
• 8:34 : Daisy Cloud Hacker Group Exposed 30K Login Credentials Across a Wide Range of Services
• 8:34 : Hackers Used Weaponized Zoom Installer to Gain RDP Access & Deploy BlackSuit Ransomware
• 8:34 : Why we’re no longer doing April Fools’ Day
• 8:34 : A week in security (March 24 – March 30)
• 8:34 : US Seizes $8.2m from Romance Baiting Scammers
• 8:5 : IT Security News Hourly Summary 2025-03-31 09h : 7 posts
• 8:4 : From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic
• 8:4 : Malicious Plays: Network Security Challenges During Major Sports Events
• 8:4 : senhasegura rebrands as Segura, marking a new chapter in identity security
• 8:4 : Canada launches breach risk self-assessment online tool
• 8:4 : Canadian Hacker Linked To Anonymous Charged In Texas GOP Hack: Cyber Security Today for March 31, 2025
• 7:34 : Document converter warning, Resurge exploits Ivanti, Blacklock hackers exposed
• 7:8 : Navigating the API Security Landscape: Lessons from GoDaddy’s FTC Settlement
• 7:8 : 23andMe users delete data as company files for bankruptcy and seeks buyer
• 7:8 : Canon Printer Vulnerability Allows Attackers to Execute Arbitrary Code
• 6:34 : Cybersecurity in 2025: The Biggest Threats and How to Protect Yourself
• 6:34 : ClickFix Captcha – A New Technique Hackers Used to Deliver Infostealers, Ransomware, & Quakbot Malware
• 6:34 : Mitel Alerts Users to Severe XSS Vulnerability in MiContact Center
• 6:9 : Cybersecurity news headlines trending on Google
• 6:9 : The Critical Role of Backup and Encryption in Ransomware Defenses
• 6:9 : Multiple Dell Unity Vulnerabilities Allow Attackers to Compromise Systems
• 6:8 : Two things you need in place to successfully adopt AI
• 5:34 : U.S. DOJ Seizes $8.2 Million from Hackers Linked to Pig Butchering Scam
• 5:34 : New Ubuntu Linux Vulnerabilities Let Attackers Exploit Kernel Components
• 5:34 : Critical PHP Vulnerability Let Hackers Bypass the Validation To Load Malicious Content
• 5:6 : Only 2-5% of application security alerts require immediate action
• 5:6 : Exegol: Open-source hacking environment
• 5:5 : IT Security News Hourly Summary 2025-03-31 06h : 1 posts
• 4:34 : UK Cybersecurity Weekly News Roundup – 31 March 2025
• 4:33 : GenAI turning employees into unintentional insider threats
• 3:31 : How to recognize and prevent deepfake scams
• 2:5 : IT Security News Hourly Summary 2025-03-31 03h : 2 posts
• 1:34 : ISC Stormcast For Monday, March 31st, 2025 https://isc.sans.edu/podcastdetail/9386, (Mon, Mar 31st)
• 1:33 : How Each Pillar of the 1st Amendment is Under Attack
• 1:2 : China cracks down on personal information collection. No, seriously
• 0:31 : Fake Zoom Ends in BlackSuit Ransomware
• 23:31 : CISA warns of RESURGE malware exploiting Ivanti flaw
• 23:6 : Oracle Health reportedly warns of info leak from legacy server
• 23:5 : IT Security News Hourly Summary 2025-03-31 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 13
• 22:55 : IT Security News Daily Summary 2025-03-30
• 22:8 : “This isn’t ‘The Matrix’”