IT Security News Daily Summary 2025-04-03

183 posts were published in the last hour

• 21:13 : Look, no patches! Why Chainguard OS might be the most secure Linux ever
• 21:13 : How to Protect Your Spring Sale from Bots
• 20:37 : EU Pumps €1.3 Billion into Cybersecurity, AI, and Digital Skills to Fortify Europe’s Tech Future
• 20:37 : Ted Schlein’s Ballistic Ventures is raising $100M for a new fund
• 20:37 : OpenAI just made its first cybersecurity investment
• 20:36 : China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
• 20:36 : Popular VPNs are routing traffic via Chinese companies, including one with link to military
• 20:36 : Securing OT Environments with Zero Trust: A Joint Approach by ColorTokens and Claroty
• 20:36 : Protecting Users: Prevent and Stop Cyberthreats Before They Start With Kaseya 365 User
• 20:5 : IT Security News Hourly Summary 2025-04-03 21h : 9 posts
• 19:32 : Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
• 19:13 : Hacker Claims Twilio’s SendGrid Data Breach, Selling 848,000 Records
• 18:32 : Amazon Joins Bidders To Acquire TikTok In US
• 18:31 : Oracle Acknowledges Data Breach and Starts Informing Affected Clients
• 18:31 : Hackers Leveraging Fast Flux Technique to Evade Detection & Hide Malicious Servers
• 18:31 : StreamElements Confirms Data Exposure via Former Third-Party Provider
• 18:31 : Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
• 18:7 : One mighty fine-looking report
• 18:6 : New Phishing Campaign Attacking Investors to Steal Login Credentials
• 18:6 : Threat actors leverage tax season to deploy tax-themed phishing campaigns
• 18:6 : Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
• 17:32 : 50,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Uncanny Automator WordPress Plugin
• 17:31 : Judge Rejects Government’s Attempt to Dismiss EFF Lawsuit Against OPM, DOGE, and Musk
• 17:31 : Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
• 17:9 : Elon Musk Dismisses Reports Of Imminent Departure From DOGE
• 17:9 : Android quietly installed a feature that scans your photos for ‘sensitive content’ – how to remove it
• 17:5 : IT Security News Hourly Summary 2025-04-03 18h : 15 posts
• 16:39 : Operation HollowQuill Uses Malicious PDFs to Target Academic and Government Networks
• 16:38 : Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access
• 16:38 : Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems
• 16:38 : UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
• 16:38 : New Phishing Campaign Targets Investors to Steal Login Credentials
• 16:38 : This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one.
• 16:38 : EFF Joins Amicus Brief Supporting Perkins Coie Law Firm Against Unconstitutional Executive Order
• 16:11 : Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
• 16:11 : How to detect and remove malware from an Android device
• 16:11 : Hunters International Overlaps Hive Ransomware Attacking Windows, Linux, and ESXi Systems
• 16:11 : DarkCloud Stealer Attacking Organizations with Weaponized .TAR Archive to Steal Passwords
• 16:11 : QR codes sent in attachments are the new favorite for phishers
• 16:11 : Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
• 16:11 : China’s FamousSparrow APT Hits United States Via SparrowDoor Malware
• 16:10 : Major Online Platform for Child Exploitation Dismantled
• 15:34 : Wordfence Intelligence Weekly WordPress Vulnerability Report (March 24, 2025 to March 30, 2025)
• 15:34 : EvilCorp join with RansomHub to launch global cyber attacks
• 15:34 : Mark Zuckerberg Lobbies Trump To Avoid Antitrust Trial – Report
• 15:34 : This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one
• 15:34 : Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests
• 15:34 : New Web Skimming Attack Uses Legacy Stripe API to Validate Stolen Card Details
• 15:34 : Russian Seashell Blizzard Attacking Organizations With Custom-Developed Hacking Tools
• 15:34 : Qilin Operators Mimic ScreenConnect Login Page to Deliver Ransomware & Gain Admin Access
• 15:9 : Bitcoin Slides To $81,000 In Trump Tariff Shock
• 15:9 : Understanding ldd: The Linux Dynamic Dependency Explorer
• 15:9 : HellCat Ransomware: What You Need To Know
• 15:9 : When disaster strikes, proper preparation prevents poor performance
• 15:9 : Payment Fraud Detection and Prevention: Here’s All To Know
• 15:9 : App Stores OK’ed VPNs Run by China PLA
• 15:8 : CrushFTP Vulnerability Exploited Following Disclosure Issues
• 14:34 : Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
• 14:34 : Amazon’s First Project Kuiper Satellites Slated For 9 April Launch
• 14:34 : Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance
• 14:34 : Time for demystifying “failure is the key to success”
• 14:34 : Operation HollowQuill Weaponizing PDF Documents to Infiltrate Academic & Government Networks
• 14:34 : AI-based Gray Bots Targeting Web Application, with Request of 17,000+ Per Hour
• 14:34 : SonicWall Firewall Vulnerability Exploited to Gain Unauthorized Network Access
• 14:34 : EvilCorp & RansomHub Working Together to Attack Organizations Worldwide
• 14:34 : Cisco AnyConnect VPN Server Vulnerability Let Attacker Trigger DoS Condition
• 14:33 : Orion Brings Fully Homomorphic Encryption to Deep Learning for AI Privacy
• 14:15 : AutonomyAI Emerges from Stealth with $4M Pre-Seed Funding to Transform Front-End Development with Autonomous AI Agents
• 14:15 : Location, name, and photos of random kids shown to parents in child tracker mix up
• 14:15 : Hackers Leveraging DeepSeek & Remote Desktop Apps to Deliver TookPS Malware
• 14:15 : Hackers Actively Scanning for Juniper’s Smart Router With Default Password
• 14:15 : Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control
• 14:15 : Calyx Institute: A Case Study in Grassroots Innovation
• 14:15 : Cequence Marks Another Milestone with AWS Security Competency Achievement
• 14:15 : Bitsight Identity Intelligence provides visibility into compromised accounts
• 14:5 : IT Security News Hourly Summary 2025-04-03 15h : 17 posts
• 13:36 : AI Penetration Testing: How to Secure LLM Systems
• 13:36 : Hunters International Ransomware Gang Rebranding, Shifting Focus
• 13:36 : Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
• 13:36 : Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
• 13:13 : SonicWall Firewall Vulnerability Enables Unauthorized Access
• 13:13 : DarkCloud Stealer Uses Weaponized .TAR Archives to Target Organizations and Steal Passwords
• 13:13 : New Trinda Malware Targets Android Devices by Replacing Phone Numbers During Calls
• 13:13 : Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
• 13:13 : Celebrate World Cloud Security Day with our new Zero Trust and Hybrid Cloud Security eBook
• 13:13 : 8 Best Enterprise Password Managers
• 13:13 : Why is someone mass-scanning Juniper and Palo Alto Networks products?
• 13:13 : Google Makes Sending Encrypted Emails Easier for Gmail Users
• 13:13 : Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware
• 12:42 : Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
• 12:41 : CISA and Partners Issue Fast Flux Cybersecurity Advisory
• 12:41 : Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
• 12:41 : New Web Skimming Attack Exploits Legacy Stripe API to Validate Stolen Card Data
• 12:41 : AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hours
• 12:41 : EvilCorp and RansomHub Collaborate to Launch Worldwide Attacks on Organizations
• 12:41 : Russian Seashell Blizzard Targets Organizations Using Custom-Built Hacking Tools
• 12:41 : A bizarre iOS 18.4 bug is surprising iPhone users with random app installs
• 12:41 : EDR Implementation: Essential Features, Considerations, And Best Practices
• 12:41 : EDR vs NGAV: Which Works Better for Your Organization?
• 12:41 : NDR vs EDR: A Comparison Between the Two Cybersecurity Solutions
• 12:40 : Threat Actors Allegedly Selling SnowDog RAT Malware With Control Panel on Hacker Forums
• 12:40 : New Malware Attacking Magic Enthusiasts to Steal Login Credentials
• 12:40 : Multiple Jenkins Plugins Vulnerability Let Attackers Access Sensitive Information
• 12:40 : Google’s Quick Share for Windows Vulnerability Let Attackers Remote Code
• 12:40 : SmokeLoader Malware Using Weaponized 7z Archive to Distribute Infostealers
• 12:40 : AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar
• 12:4 : Multiple Jenkins Plugin Vulnerabilities Expose Sensitive Information to Attackers
• 12:4 : Google’s Quick Share for Windows Vulnerability Allows Remote Code Execution
• 12:4 : NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat
• 12:4 : Fast Flux: A National Security Threat
• 12:4 : Cybersecurity M&A Roundup: 23 Deals Announced in March 2025
• 11:37 : Trump’s Tariffs: Implications For Tech Sector
• 11:37 : AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
• 11:37 : Web 3.0 Requires Data Integrity
• 11:36 : Hackers Exploit Default Voicemail Passwords to Hijack Telegram Accounts
• 11:36 : EU: These are scary times – let’s backdoor encryption!
• 11:36 : Phishers are increasingly impersonating electronic toll collection companies
• 11:36 : AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock
• 11:5 : IT Security News Hourly Summary 2025-04-03 12h : 15 posts
• 11:4 : T-Mobile’s $25,000 data breach payouts begin this month – how to check your eligibility
• 11:4 : 39 Million Secrets Leaked on GitHub in 2024
• 10:31 : Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability
• 10:31 : Sensitive Data Breached in Highline Schools Ransomware Incident
• 10:4 : 1,500+ PostgreSQL Servers Compromised With Fileless Malware Attack
• 10:4 : Verizon Call Filter App Vulnerability Let Attackers Access Call History Logs
• 10:4 : 39M Secret API Keys & Credentials Leaked from GitHub – New Tools to Revamp Security
• 10:4 : GoResolver – A New Tool to Analyze Golang Malware & Extract Obfuscated Functions
• 10:4 : Authorities Taken Down Child Abuse Platform “Kidflix” With 2M+ Users
• 10:4 : Heterogeneous stacks, ransomware, and ITaaS: A DR nightmare
• 10:4 : Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks
• 9:32 : Hackers Selling SnowDog RAT Malware With Remote Control Capabilities Online
• 9:32 : Want AI to work for your business? Then privacy needs to come first
• 9:31 : Google Released Second Fix for Quick Share Flaws After Patch Bypass
• 9:31 : Over Half of Attacks on Electricity and Water Firms Are Destructive
• 9:6 : Authorities Shut Down Kidflix Child Abuse Platform in Major Takedown
• 9:6 : 10 Best Open-Source Blue Team Tools – 2025
• 9:6 : Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent
• 9:6 : Nearly 600 Phishing Domains Emerge Following Bybit Heist
• 8:36 : Sophisticated QR Code Phishing Attack Targeting Microsoft 365 Users to Steal Logins
• 8:36 : WinRAR “Mark of the Web” Bypass Vulnerability Let Attackers Arbitrary Code
• 8:36 : Corgea BLAST uncovers hidden vulnerabilities in code
• 8:36 : 1touch.io helps organizations safeguard sensitive data
• 8:11 : Massive GitHub Leak: 39M API Keys & Credentials Exposed – How to Strengthen Security
• 8:11 : The big VPN choice: System-wide or just in the browser? How to decide
• 8:11 : Defense in Depth is Broken – It’s Time to Rethink Cybersecurity
• 8:11 : Bluefin simplifies network tokenization access and management for merchants
• 8:11 : Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
• 8:5 : IT Security News Hourly Summary 2025-04-03 09h : 3 posts
• 7:34 : Prince Ransomware – An Open Source Ransomware Builder That Automatically Build Ransomware Freely Available in GitHub
• 7:34 : Cisco Smart Licensing Utility Vulnerabilities Let Attackers Gain Admin Access
• 7:34 : DeepSeek Revives China’s Tech Industry, Challenging Western Giants
• 7:34 : CyberQP launches Zero Trust Helpdesk Security Platform
• 7:33 : North Korean IT workers move into Europe, Stripe API skimming unveils theft techniques, Verizon API flaw exposes call history
• 7:11 : GoResolver: A Powerful New Tool for Analyzing Golang Malware
• 7:11 : The Evolution of Smishing: 3 Ways to Detect and Prevent Attacks
• 7:11 : Beware fake AutoCAD, SketchUp sites dropping malware
• 6:34 : Verizon Call Filter App Vulnerability Exposed Call Log Data of Customers
• 6:34 : Cisco Smart Licensing Utility Flaws Allowed Attackers to Gain Admin Access
• 6:34 : Customer info allegedly stolen from Royal Mail, Samsung via compromised supplier
• 6:3 : Data Breaches and ransomware remain top concerns on World Cloud Security Day
• 6:3 : Gootloader Malware Attacking Users Via Google Search Ads Using Weaponized Documents
• 6:2 : 7 ways to get C-suite buy-in on that new cybersecurity tool
• 5:34 : New Triada Trojan comes preinstalled on Android devices
• 5:13 : Cybercriminals exfiltrate data in just three days
• 5:13 : Building a cybersecurity strategy that survives disruption
• 5:13 : Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation
• 5:13 : Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
• 4:32 : Review: Zero to Engineer
• 4:31 : Open-source malware doubles, data exfiltration attacks dominate
• 2:15 : ISC Stormcast For Thursday, April 3rd, 2025 https://isc.sans.edu/podcastdetail/9392, (Thu, Apr 3rd)
• 2:5 : IT Security News Hourly Summary 2025-04-03 03h : 6 posts
• 1:4 : Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive [Guest Diary], (Wed, Apr 2nd)
• 0:13 : How to Recover Deleted Photos from an iPhone
• 0:13 : AI Protection: Securing The New Attack Frontier
• 0:13 : Evolution and Growth: The History of Penetration Testing
• 0:13 : How to defend against a password spraying attack?
• 0:13 : Alibaba Launches Latest Open-source AI Model from Qwen Series for ‘Cost-effective AI agents’
• 23:36 : Aura or LifeLock: Who Offers Better Identity Protection in 2025?
• 23:5 : IT Security News Hourly Summary 2025-04-03 00h : 8 posts
• 23:4 : The Weaponization of PDFs : 68% of Cyber attacks begin in your inbox, with 22% of these hiding in PDFs
• 22:55 : IT Security News Daily Summary 2025-04-02
• 22:34 : New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows
• 22:15 : Raw Deel: Corporate spy admits role in espionage at HR software biz Rippling