IT Security News Daily Summary 2025-04-02

180 posts were published in the last hour

• 21:34 : Keeping Your Cloud Deployments Safe and Sound
• 21:34 : Proactively Managing NHIs to Prevent Breaches
• 21:34 : Secure Secrets Setup: Sleep Soundly at Night
• 21:34 : Empower Your Team with Efficient Secrets Rotation
• 21:13 : 79 Arrested as Dark Web’s Largest Child Abuse Network ‘Kidflix’ Busted
• 21:13 : How to disable ACR on your TV (and why doing it makes such a big difference for privacy)
• 21:13 : AWS achieves Cloud Security Assurance Program (CSAP) low-tier certification in AWS Seoul Region
• 20:8 : Seamless Security Integration Strategies in Software Development
• 20:8 : How Each Pillar of the 1st Amendment is Under Attack
• 20:8 : Crimelords at Hunters International tell lackeys ransomware too ‘risky’
• 20:5 : IT Security News Hourly Summary 2025-04-02 21h : 15 posts
• 19:34 : Fake Zoom Ends in BlackSuit Ransomware
• 19:34 : Crimelords at Hunters International told lackeys ransomware too ‘risky’
• 19:34 : How to Check Email Deliverability?
• 19:11 : OpenAI Secures $40 Billion Funding Deal With SoftBank, Others
• 19:10 : DMARC Adoption among APAC’s Higher Education Sector
• 19:10 : Planning for your IAM Roles Anywhere deployment
• 18:31 : Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities
• 18:8 : Hacker Leaks 144GB of Royal Mail Group Data, Blames Supplier Spectos
• 18:8 : Over 1,500 PostgreSQL Servers Hit by Fileless Malware Attack
• 18:8 : Hackers Exploit Cloudflare for Advanced Phishing Attacks
• 18:8 : New Malware Targets Magic Enthusiasts to Steal Logins
• 18:8 : SmokeLoader Malware Uses Weaponized 7z Archives to Deliver Infostealers
• 18:8 : Hackers Use DeepSeek and Remote Desktop Apps to Deploy TookPS Malware
• 18:8 : Why Generative AI Needs Human Oversight to Build Trust
• 18:8 : 5 betting app scams to be aware of in 2025
• 18:8 : T-Mobile settlement payouts begin this month – how much you could get
• 18:7 : Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say
• 18:7 : ChatGPT Down For Thousands Of Users Worldwide – Latest Outage Updates
• 18:7 : In The Shifting Threat Landscape, Organizations Need to Ditch Third-Party Agents and Embrace Zero Trust Security
• 18:7 : New Android Banking Trojan ‘Crocodilus’ Emerges as Sophisticated Threat in Spain and Turkey
• 18:7 : Alibaba Launches Lates Open-source AI Model from Qwen Series for ‘Cost-effective AI agents’
• 17:35 : Tesla Sales Plummet Amid Elon Musk Backlash
• 17:35 : 8 Best Application Firewall (WAF) Solutions in 2025
• 17:15 : Top 10 Patch My PC Alternatives for Automated Patching
• 17:15 : RolandSkimmer: Silent Credit Card Thief Uncovered
• 17:15 : Serial Entrepreneurs Raise $43M to Counter AI Deepfakes, Social Engineering
• 17:15 : Join Us at the OpenSSL Conference in Prague – October 7 to 9, 2025 – Share Your Expertise and Shape the Future of Secure Communications
• 17:5 : IT Security News Hourly Summary 2025-04-02 18h : 11 posts
• 16:32 : What is a uniform resource identifier (URI)?
• 16:32 : New Outlaw Linux Malware Leveraging SSH Brute-Forcing & Corn Jobs to Maintain Persistence
• 16:32 : Vulnerabilities Expose Jan AI Systems to Remote Manipulation
• 16:32 : Experts Suggest Evolving Cyber Attacks Not Ending Anytime Soon
• 16:32 : Stripe API Skimming Campaign Unveils New Techniques for Theft
• 16:11 : Amazon Launches Nova AI Agent To Perform Browser Actions
• 16:11 : Site-Blocking Legislation Is Back. It’s Still a Terrible Idea.
• 16:11 : Royal Mail Investigates Data Breach Affecting Supplier
• 15:36 : Google Calendar leading to Phishing Scams and Data Thefts
• 15:36 : A new security fund opens up to help protect the fediverse
• 15:36 : Cyberhaven Banks $100 Million in Series D, Valuation Hits $1 Billion
• 15:36 : Sydney Tools Data Leak Exposes Millions of Customer and Employee Records
• 15:11 : China’s FamousSparrow APT Hits Americas with SparrowDoor Malware
• 15:11 : Anthropic flips the script on AI in education: Claude’s Learning Mode makes students do the thinking
• 15:11 : Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU
• 15:11 : Trump’s national security adviser reportedly used his personal Gmail account to do government work
• 15:11 : Don’t let cyberattacks keep you down
• 15:11 : Oracle’s masterclass in breach comms: Deny, deflect, repeat
• 15:11 : Gray Bots Surge as Generative AI Scraper Activity Increases
• 14:35 : Surge in Scans for Juniper “t128” Default User, (Wed, Apr 2nd)
• 14:35 : Canon Printer Drivers Flaw Could Let Hackers Run Malicious Code
• 14:35 : Uplimit raises stakes in corporate learning with suite of AI agents that can train 1,000 employees simultaneously
• 14:35 : U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog
• 14:35 : What Makes Endpoint Detection and Response (EDR) Important? With Solid Use Cases
• 14:35 : 20,000 WordPress Sites Vulnerable to Arbitrary File Upload and Deletion Attacks
• 14:35 : Apple Fined $162 Million by French Authorities for Mobile App Advertising Dominance
• 14:35 : Google Cloud Platform Privilege Escalation Vulnerability Allows Access to Sensitive Data
• 14:34 : Firefox 137 Released With Fix for Multiple High Severity Vulnerabilities
• 14:34 : AI Giving Rise of the ‘Zero-Knowledge’ Threat Actor
• 14:34 : CVEs lose relevance: Get proactive — and think beyond vulnerabilities
• 14:34 : The Future of Security Operations: Why Next-Gen SIEM is a Necessity
• 14:34 : Lucid Faces Increasing Risks from Phishing-as-a-Service
• 14:34 : Malicious Actors Employ Atlantis AIO to Target 140+ Platforms
• 14:34 : Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
• 14:8 : Brinker Named Among “10 Most Promising Defense Tech Startups of 2025”
• 14:8 : Trump’s national security advisor reportedly used his personal Gmail account to do government work
• 14:8 : “Nudify” deepfakes stored unprotected online
• 14:8 : Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses
• 14:8 : Travelers Cyber Risk Services reduces the risk of a cyberattack
• 14:8 : Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK
• 14:5 : IT Security News Hourly Summary 2025-04-02 15h : 13 posts
• 13:37 : Firefox 137 Launches with Patches for High-Severity Security Flaws
• 13:37 : Top Ten Passwords Used by Hackers to Attack the RDP Servers
• 13:37 : Attackers Leveraging JavaScript & CSS to Steal User Browsing History
• 13:37 : Google Brings End-to-End Encryption for Gmail Business Users
• 13:37 : New Android Malware ‘Salvador Stealer’ That Phish & Steals Your Banking Details & OTPs
• 13:37 : North Korea’s IT Operatives Are Exploiting Remote Work Globally
• 13:37 : How to map and manage your cyber attack surface with EASM
• 13:10 : Google Cloud Platform Vulnerability Exposes Sensitive Data to Attackers
• 13:10 : The Weaponization of PDFs : 68% of Cyberattacks begin in your inbox, with 22% of these hiding in PDFs
• 13:9 : Augment Code debuts AI agent with 70% win rate over GitHub Copilot and record-breaking SWE-bench score
• 13:9 : iOS 18.4 update draining your iPhone’s battery? Try these 6 fixes
• 13:9 : KeePass Review (2025): Features, Pricing, and Security
• 13:9 : CISA Adds One Known Exploited Vulnerability to Catalog
• 13:9 : Top Data Breaches of March 2025
• 13:9 : Exploited: Critical Unauthenticated Access Vulnerability in CrushFTP (CVE-2025-2825)
• 13:9 : Utimaco releases Quantum Protect solution
• 12:37 : 20,000 WordPress Sites at Risk of File Upload & Deletion Exploits
• 12:37 : Apple Fined $162 Million by France Authorities for Mobile Ad Market Domination
• 12:37 : Bridewell appoints Sam Thornton as COO to strengthen operations and accelerate growth
• 12:36 : Top 8 Sophos Intercept X Alternatives for Ransomware Encryption Protection
• 12:36 : Multiple Chrome Vulnerabilities Let Attackers Execute Arbitrary Code
• 12:36 : ImageRunner Flaw Exposed Sensitive Information in Google Cloud
• 12:12 : QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials
• 12:12 : Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub
• 12:12 : Clicked on a phishing link? Take these 7 steps ASAP to protect yourself
• 12:12 : For healthcare orgs, disaster recovery means making sure docs can save lives during ransomware infection
• 12:12 : Google is making sending end-to-end encrypted emails easy
• 12:12 : Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
• 12:12 : Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers
• 11:33 : Gootloader Malware Spreads via Google Ads with Weaponized Documents
• 11:33 : Hackers Hijack Telegram Accounts via Default Voicemail Passwords
• 11:33 : North Korea IT Workers Expand Their Employment Across Europe To Infiltrate the Company Networks
• 11:33 : Rational Astrologies and Security
• 11:32 : North Korea’s Fake IT Worker Scheme Sets Sights on Europe
• 11:5 : CK Hutchison Says No Decision On Telco Spin-off, London Listing
• 11:5 : IT Security News Hourly Summary 2025-04-02 12h : 9 posts
• 11:5 : Meta AI Head Announces Departure
• 11:4 : Channel Triggered Backdoor Attack in Wireless Channels Let Attackers Read Passwords
• 11:4 : Oracle faces Texas-sized lawsuit over alleged cloud snafu and radio silence
• 11:4 : Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks
• 11:4 : How SSL Misconfigurations Impact Your Attack Surface
• 10:14 : TookPS: DeepSeek isn’t the only game in town
• 10:14 : Hackers Actively Targeting SonicWall, Zoho, F5 & Ivanti Systems to Exploit Vulnerabilities
• 10:13 : Exploiting Side-Channel Leakage Enable Successful Exploitations on The Latest Linux Kernel
• 10:13 : CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS
• 10:13 : One of the last of Bletchley Park’s quiet heroes, Betty Webb, dies at 101
• 10:13 : HYPR and IDEMIA Partner to Extend Smart ID Badge Security
• 10:13 : North Korean IT workers set their sights on European organizations
• 9:32 : Researchers Discover Malicious Android Apps Exploiting .NET MAUI
• 9:32 : White House Meeting To Discuss TikTok Sale, Days Ahead Of Ban
• 9:32 : Google Introduces End-to-End Encryption for Gmail Business Users
• 9:32 : Apple backported fixes for three actively exploited flaws to older devices
• 9:32 : Steam Surges to Top of Most Spoofed Brands List in Q1
• 9:9 : New Outlaw Linux Malware Using SSH brute-forcing To Maintain Botnet Activities for long Time
• 9:9 : Get a Lifetime of 1TB Cloud Storage for Only $60 with FolderFort
• 9:9 : Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities
• 9:9 : ICO Apologizes After Data Protection Response Snafu
• 8:32 : Dealing With Merger and Acquisition Driven Vault Sprawl: The Hidden Risks Of Multiple Secret Managers in Large Enterprises
• 8:32 : Hacker Leaks 270,000 Samsung Customer Records—Stolen Credentials Were Left Unchecked for Years
• 8:32 : Spike in Palo Alto Networks scanner activity suggests imminent cyber threats
• 8:32 : Sliver Framework Customized to Boost Evasion & Bypass EDR Detections
• 8:32 : Python Officially Unveils New Standard Lock File Format to Improve Security
• 8:5 : New Study Ranks Platforms By Password Reset Frequency
• 8:5 : Hackers Exploit JavaScript & CSS Tricks to Steal Browsing History
• 8:5 : Ransomware Is a Core Threat Across 93% of Industries – Resilience Key
• 8:5 : IT Security News Hourly Summary 2025-04-02 09h : 8 posts
• 8:4 : Exabeam Nova accelerates threat detection and response
• 8:4 : FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
• 7:33 : Digital Deception: How Hackers Are Weaponizing Your Google Calendar
• 7:33 : Hackers Exploiting Vulnerabilities in SonicWall, Zoho, F5 & Ivanti Systems
• 7:32 : Hackers Exploit Microsoft Teams Messages to Deliver Malware
• 7:32 : Python Introduces New Standard Lock File Format for Enhanced Security
• 7:32 : New Wave of IRS Attacks Targeting Tax Payers Mobile Devices
• 7:32 : CISA Warns of Apache Tomcat Vulnerability Exploited in the Wild
• 7:32 : Mozilla Thunderbird takes on Gmail, surge in scans on PAN GlobalProtect VPNs, Microsoft uncovers bootloader vulnerabilities
• 7:9 : Introducing Policy Center and Customizable Workflows | Grip
• 6:35 : Data Leak of Twitter X and Royal Mail available on Dark Web
• 6:35 : Facial Recognition Technology helps fight against AI Deepfake Cyber Threats
• 6:35 : New KoiLoader Abuses Powershell Scripts to Deliver Malicious Payload
• 6:34 : Hackers Leverage Microsoft Teams Message to Drop Malicious Payload
• 6:34 : Apple belatedly patches actively exploited bugs in older OSes
• 6:34 : New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
• 6:34 : Cyber Security Alerts: Recent Breaches and EDR Software Vulnerabilities
• 6:7 : North Korea’s fake tech workers now targeting European employers
• 5:34 : CISA Alerts on Active Exploitation of Apache Tomcat Vulnerability
• 5:4 : Balancing data protection and clinical usability in healthcare
• 4:36 : BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework
• 4:7 : When bots commit: AI-generated code in open source projects
• 4:7 : Your smart home may not be as secure as you think
• 4:7 : Only 1% of malicious emails that reach inboxes deliver malware
• 2:7 : ISC Stormcast For Wednesday, April 2nd, 2025 https://isc.sans.edu/podcastdetail/9390, (Wed, Apr 2nd)
• 2:7 : Forget Signal. National Security Adviser Waltz now accused of using Gmail for work
• 1:11 : Beyond the PCI DSS v4.0 Deadline: Feroot Ensures Compliance
• 23:5 : Driving Innovation with Robust NHIDR Strategies
• 23:5 : IT Security News Hourly Summary 2025-04-02 00h : 7 posts
• 23:4 : Scaling Your Identity Management Securely
• 23:4 : Can You Confidently Handle NHI Threats?
• 22:55 : IT Security News Daily Summary 2025-04-01
• 22:16 : Best Data Anonymization Tools in 2025
• 22:16 : Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities