IT Security News Daily Summary 2025-04-10

168 posts were published in the last hour

• 21:2 : npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers
• 20:34 : Analysis of Threat Actor Activity
• 20:33 : How We Knew the Oracle Breach Was Real | Grip Security
• 20:5 : IT Security News Hourly Summary 2025-04-10 21h : 10 posts
• 20:4 : Writer unveils ‘AI HQ’ platform, betting on agents to transform enterprise work
• 20:4 : The best AirTag wallets of 2025: Expert tested and recommended
• 20:4 : Imperva Customers Are Protected Against CVE-2025-31161 in CrushFTP
• 19:36 : U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
• 19:4 : Polestar Benefits From Targetting Disgruntled Tesla Owners – Report
• 19:4 : Randall Munroe’s XKCD ‘Stargazing 4’
• 19:4 : Why Some Vendors Upcharge for CRQ Integrations
• 18:31 : US sensor giant Sensata admits ransomware derailed ops
• 18:7 : Threat actors thrive in chaos
• 18:7 : Google Eyes User Browsing Data Search in New Patent Filing
• 18:7 : US sensor giant Sensata admits ransomware disrupts operations
• 18:7 : NSA Warns of Fast Flux DNS Evasion Employed by Cybercrime Outfits
• 18:6 : Chinese Cyber Espionage Suspected in New Ivanti VPN Malware Attack
• 18:6 : ToddyCat Hackers Exploit ESET Vulnerability to Deploy Stealth Malware TCESB
• 17:7 : Siemens Solid Edge
• 17:7 : ABB Arctic Wireless Gateways
• 17:6 : Rockwell Automation Arena
• 17:6 : Subnet Solutions PowerSYSTEM Center
• 17:6 : Siemens Insights Hub Private Cloud
• 17:5 : IT Security News Hourly Summary 2025-04-10 18h : 24 posts
• 16:34 : OpenAI Countersues Elon Musk, Citing Interference
• 16:33 : Shuckworm Group Leverages GammaSteel Malware in Targeted PowerShell Attacks
• 16:2 : Sensata Technologies hit by a ransomware attack
• 16:2 : Smokeloader Users Identified and Arrested in Operation Endgame
• 16:2 : ViperSoftX Malware Spreads Through Cracked Software, Targeting Unsuspecting Users
• 16:2 : China-based SMS Phishing Triad Pivots to Banks
• 16:2 : CVE-2024-57727: Path Traversal Vulnerability in SimpleHelp Web Application
• 15:35 : PC Shipments Grow In Q1 Amid Tariff Worries
• 15:35 : AI To Drive Data Centre Energy Demand
• 15:35 : RansomHub RaaS in Disarray After Affiliate Chat Access Suddenly Revoked
• 15:34 : A Seven‑Year‑Old Cisco Flaw Now Lets Hackers Execute Code Remotely on Network Gear
• 15:34 : GOFFEE Deploys PowerModul in Coordinated Strikes on Government and Energy Networks
• 15:34 : Rogue Account‑Creation Flaw Leaves 100 K WordPress Sites Exposed
• 15:34 : The State of AI Malware and Defenses Against It
• 15:34 : RSA Conference 2025
• 15:34 : Congress Takes Another Step Toward Enabling Broad Internet Censorship
• 15:34 : Europol Targets Customers of Smokeloader Pay-Per-Install Botnet
• 15:34 : What is DSPM? Understanding Data Security Posture Management
• 15:34 : Navigating PCI DSS 4.0 Compliance: How Automated Data Discovery Can Help
• 15:34 : BSidesLV24 – Breaking Ground – Hell-0_World | Making Weather Cry
• 15:34 : Google Cloud: China Achieves “Cyber Superpower” Status
• 15:9 : Wordfence Intelligence Weekly WordPress Vulnerability Report (March 31, 2025 to April 6, 2025)
• 15:9 : Malicious ‘mParivahan’ App Circulates on WhatsApp, Skimming Sensitive Mobile Data
• 15:9 : Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs
• 15:9 : Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
• 15:8 : OCC major incident, Oracle confirms hack, Smokeloader servers seized
• 14:34 : Unraveling the U.S. toll road smishing scams
• 14:34 : AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites
• 14:34 : SonicWall Patches Multiple Vulnerabilities in NetExtender VPN Client For Windows
• 14:34 : Cable – A Post-Exploitation Toolkit For Active Directory Reconnaissance & Exploitation
• 14:34 : Dell Warns of Critical PowerScale OneFS Vulnerabilities Allows User Account Takeover
• 14:34 : AkiraBot Spammed 80,000 Websites by Employing CAPTCHA Bypass & Network Evasion Techniques
• 14:34 : Child predators are lurking on dating apps, warns report
• 14:34 : Lazarus Gang Targets Job Seekers to Install Malware
• 14:34 : Dark Web Site DogeQuest Targets Tesla Owners Using Data from ParkMobile Breach
• 14:33 : Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity
• 14:5 : IT Security News Hourly Summary 2025-04-10 15h : 15 posts
• 14:4 : Securing a Hyperconnected World: The Case for Check Point’s Hybrid Mesh Security Architecture
• 14:4 : Trump orders federal investigation into former CISA director Chris Krebs
• 14:4 : Juniper Networks Patches Dozens of Junos Vulnerabilities
• 14:4 : CyberArk releases identity security solution for AI agents
• 14:4 : Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses
• 14:4 : Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024
• 13:36 : SonicWall Patches Multiple Vulnerabilities in NetExtender Windows Client
• 13:36 : Dell Alerts Users to Critical PowerScale OneFS Flaws Enabling Account Takeover
• 13:36 : Why security stacks need to think like an attacker, and score every user in real time
• 13:36 : Can VPNs Be Tracked by the Police?
• 13:36 : Ensuring AI Delivers Value to Business by Making Privacy a Priority
• 13:36 : SpyNote Malware Targets Android Users with Fake Google Play Pages
• 13:4 : HollowQuill Malware Attacking Government Agencies Worldwide Via Weaponized PDF Documents
• 13:3 : Researchers Uncovered Hacking Tools and Techniques Discussed on Russian-Speaking Hacking Forums
• 13:3 : Microsoft 365 Family Subscriptions Users Hit by Licensing Glitch Denies Services
• 13:3 : CatB Ransomware Leveraging Microsoft Distributed Transaction Coordinator to Execute its Payload
• 13:3 : TP-Link IoT Smart Hub Vulnerability Exposes Wi-Fi Credentials
• 13:3 : Your 23andMe genetic data could be bought by China, senator warns
• 13:2 : Study Identifies 20 Most Vulnerable Connected Devices of 2025
• 13:2 : Guidepoint Security & Enzoic: Taking on the Password Problem
• 13:2 : PCI DSS Tokenization vs Encryption: Key Differences to Protect Payment Data
• 13:2 : Trump orders revocation of security clearances for Chris Krebs, SentinelOne
• 12:36 : Langflow AI Builder Vulnerability Allows Remote Server Takeover by Attackers
• 12:36 : Cable: Powerful Post-Exploitation Toolkit for Active Directory Attacks
• 12:36 : Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in Ukraine
• 12:36 : The Identities Behind AI Agents: A Deep Dive Into AI & NHI
• 12:36 : PlayPraetor Reloaded: CTM360 Uncovers a Play Masquerading Party
• 11:34 : Amazon Delays Project Kuiper Launch Amid Bad Weather
• 11:34 : TP-Link Smart Hub Flaw Exposes Users’ Wi-Fi Credentials
• 11:34 : Hackers Claim WooCommerce Breach Exposing 4.4 Million Customer Records
• 11:34 : Google Launches Sec-Gemini v1: A New AI Powerhouse for Cybersecurity
• 11:34 : An APT group exploited ESET flaw to execute malware
• 11:34 : Infosec experts fear China could retaliate against tariffs with a Typhoon attack
• 11:33 : GitHub Announces General Availability of Security Campaigns
• 11:5 : Watch out for these traps lurking in search results
• 11:5 : Russian APT Hackers Using Device Code Phishing Technique to Bypass MFA
• 11:5 : New Mirai Botnet Exploiting TVT DVRs To Gain Administrative Control
• 11:5 : Linux Firewall IPFire 2.29 Released With Support for Post-Quantum Cryptography & Core Updates
• 11:5 : IT Security News Hourly Summary 2025-04-10 12h : 20 posts
• 11:4 : Authorities Seized Smokeloader Malware Operators & Seized Servers
• 11:4 : Microsoft Identity Web Package Vulnerability Exposes Client Secrets & Certificate Information
• 11:4 : Nissan Leaf Hacked for Remote Spying, Physical Takeover
• 11:4 : Europol Arrests Five SmokeLoader Clients Linked by Seized Database Evidence
• 10:34 : Apple Airlifts 600 Tons Of iPhones From India, Amid Trump Tariff Chaos
• 10:34 : Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected
• 10:34 : MIWIC25: Lisa Landau, CEO and Co-Founder of ThreatLight
• 10:34 : Best Automated Patch Management Software in 2025
• 10:34 : Operations of Sensor Giant Sensata Disrupted by Ransomware Attack
• 10:34 : FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)
• 10:2 : Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks
• 10:2 : GOFFEE continues to attack organizations in Russia
• 9:38 : North Korean Hackers Employs Social Engineering Tactics & Python Script to Execute Hidden Commands
• 9:37 : Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens
• 9:37 : CISA Warns of Linux USB-Audio Driver Out-of-Bounds Vulnerability Exploited in the Wild
• 9:37 : New Double-Edged Email Attack Stealing Office365 Credentials and Deliver Malware
• 9:37 : Hackers Allegedly Claiming WooCommerce Breach, 4.4 Million Customer Details Stolen
• 9:37 : Embracing the Future: Mastering Your Cybersecurity Strategy With an Identity Driven Security Approach
• 9:37 : AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites
• 9:7 : CISA Alerts on Actively Exploited Linux Kernel Out-of-Bounds & Read Flaw
• 9:7 : Smokeloader Malware Operators Busted, Servers Seized by Authorities
• 9:7 : CatB Ransomware Abuses Microsoft Distributed Transaction Coordinator for Stealthy Payload Execution
• 9:7 : AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses
• 9:7 : APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks
• 9:7 : ToddyCat Hackers Exploit ESET Flaw to Launch Stealthy TCESB Attack
• 9:6 : Europol: Five pay-per-infect suspects cuffed, some spill secrets to cops
• 9:6 : ‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages
• 9:6 : The API Security Challenge in AI: Preventing Resource Exhaustion and Unauthorized Access
• 9:6 : AI is Reshaping Cyber Threats: Here’s What CISOs Must Do Now
• 9:6 : Operation Endgame Continues with Smokeloader Customer Arrests
• 8:6 : The Cybersecurity Risk No One Talks About: Poor File Management
• 8:5 : IT Security News Hourly Summary 2025-04-10 09h : 11 posts
• 7:34 : So your friend has been hacked: Could you be next?
• 7:34 : 1 billion reasons to protect your identity online
• 7:34 : Repair the bridge before it cracks: Understanding vulnerabilities and weaknesses in modern IT
• 7:34 : Seal Base Images mitigates container vulnerabilities
• 7:34 : AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections
• 7:34 : April 10, 2025
• 7:4 : PAN-OS DoS Vulnerability Allows Attackers to Force Repeated Firewall Reboots
• 7:4 : How Banking Trojan Grandoreiro is Evolving Tactics To Attack Victims in LATAM
• 7:4 : PAN-OS Firewall DoS Vulnerability Let Attacker Reboot Firewall Repeatedly
• 7:4 : Ransomware Groups Attacking Organizations to Exfiltrate Data & Blackmail via Leak Site Posts
• 6:32 : ‘RemoteMonologue’ New Red Team Technique Exploits DCOM To Steal NTLM Credentials Remotely
• 6:32 : Linux Firewall IPFire 2.29 Launches with Post-Quantum Encryption and System Enhancements
• 6:32 : The Reg translates the letter in which Oracle kinda-sorta tells customers it was pwned
• 6:31 : Keysight simplifies security testing for modern chips and embedded devices
• 6:6 : PAN-OS Command Injection Flaw Lets Hackers Execute Arbitrary Code Remotely
• 6:6 : OpenSSH 10.0 Released: New Protocol Changes and Key Security Improvements
• 6:6 : How to find out if your AI vendor is a security risk
• 5:34 : Cyber Threat to submarine cables in China Sea
• 5:34 : OpenSSH 10.0 Released With Protocol Changes & Security Upgrades
• 5:33 : From likes to leaks: How social media presence impacts corporate security
• 5:5 : IT Security News Hourly Summary 2025-04-10 06h : 1 posts
• 5:4 : Proactive Secrets Rotation to Avoid Data Breaches
• 5:4 : Innovations in Managing Cloud Machine Identities
• 4:36 : Review: The Ultimate Kali Linux Book, Third Edition
• 3:33 : Qmulos Launches Q-Behavior Analytics and Audit (Q-BA2)
• 2:34 : Google Released AI-powered Firebase Studio to Accelerate Build, Test, & Deployment
• 2:33 : Hackers Intercepted 100+ Bank Regulators’ Emails for More Than a Year
• 2:5 : IT Security News Hourly Summary 2025-04-10 03h : 1 posts
• 2:4 : ISC Stormcast For Thursday, April 10th, 2025 https://isc.sans.edu/podcastdetail/9402, (Thu, Apr 10th)
• 2:4 : Trump kills clearances for infosec’s SentinelOne, ex-CISA boss Chris Krebs
• 1:4 : Network Infraxploit [Guest Diary], (Wed, Apr 9th)
• 0:4 : Trump Signs Memorandum Revoking Security Clearance of Former CISA Director Chris Krebs
• 23:6 : Linux USB Audio Driver Vulnerability Let Attackers Execute Arbitrary Code Via Malicious USB Device
• 23:5 : IT Security News Hourly Summary 2025-04-10 00h : 9 posts
• 22:55 : IT Security News Daily Summary 2025-04-09
• 22:4 : April’s Patch Tuesday leaves unlucky Windows Hello users unable to login