IT Security News Daily Summary 2025-07-07

143 posts were published in the last hour

• 21:36 : FBI Warning: Scattered Spider Hackers Are Targeting Airlines, Too
• 21:2 : Hijacking Ollama’s Signed Installer for Code Execution
• 20:34 : CitrixBleed 2 exploits are on the loose as security researchers yell and wave their hands
• 20:5 : IT Security News Hourly Summary 2025-07-07 21h : 12 posts
• 20:4 : ICC Contained Cyberattack Amid Espionage Threats and Pressure
• 19:32 : AT&T Reaches $177M Deal Over 2019 and 2024 Data Breaches
• 19:32 : New Batavia spyware targets Russian industrial enterprises
• 19:32 : Gamers Playing Call of Duty Hacked – RCE Exploited Let Players Hack Other Players’ PCs
• 19:5 : Malware Attacks on Android Devices Surge in Q2, Driven by Banking Trojans and Spyware
• 19:4 : Elon Musk’s ‘truth-seeking’ Grok AI peddles conspiracy theories about Jewish control of media
• 19:4 : CISA Adds Four Known Exploited Vulnerabilities to Catalog
• 19:4 : Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild
• 18:37 : Parrot Security OS 6.4 Released – What’s New!
• 18:37 : Abusing Trust: Threat Actors Leverage Signed Drivers for Stealthy Windows Kernel Exploits
• 18:36 : New Slopsquatting Attack Exploits Coding Agent Workflows to Deliver Malware
• 18:36 : Introducing Threat Watch Live: Heimdal’s New Monthly Cybersecurity Intelligence Webinar
• 18:36 : IT Gain Ingram Micro Internal Systems Hit by Ransomware Attack
• 18:36 : Parrot OS 6.4 Released With Update For Popular Penetration Testing Tools
• 18:36 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 18:36 : SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools
• 17:36 : BladedFeline Exploits Whisper and PrimeCache to Breach IIS and Microsoft Exchange Servers
• 17:36 : Shadow AI Is Exploding, Governance Needs to Catch Up
• 17:36 : Chaos Ransomware Strikes Optima Tax Relief, Leaks 69GB of Sensitive Customer Data
• 17:36 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 17:5 : IT Security News Hourly Summary 2025-07-07 18h : 5 posts
• 17:3 : Batavia Spyware Targets Employees via Weaponized Word Documents Delivering Malware Payloads
• 17:3 : New Slopsquatting Attack Leverage Coding Agents Workflows to Deliver Malware
• 17:3 : NordDragonScan Attacking Windows Users to Steal Login Credentials
• 17:2 : Survey Surfaces Myriad Small Business Security Challenges
• 17:2 : Microsoft Phases Out Password Autofill in Authenticator App, Urges Move to Passkeys for Stronger Security
• 17:2 : Vulnerability Summary for the Week of June 30, 2025
• 17:2 : Learn how to build an AI-powered, unified SOC in new Microsoft e-book
• 17:2 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 16:35 : NSB Warns of Cybersecurity Risks Linked to Popular Chinese Apps Like Rednote, Weibo, TikTok, WeChat, and Baidu Cloud
• 16:35 : 10 simple ways Mac users can better protect their privacy – and why they should
• 16:34 : Horizon Healthcare RCM Reports Ransomware Breach Impacting Patient Data
• 16:34 : Swiss Health Foundation Ransomware Attack Exposes Government Data
• 16:34 : How Ransomware Has Impacted Cyber Insurance Assessment Approach
• 16:34 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 16:4 : Over 1,000 Fake Domains Imitating Amazon Prime Day Created to Target Online Shoppers
• 16:4 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 16:4 : 2025 CyberVadis report now available for due diligence on third-party suppliers
• 15:32 : AiLock Ransomware Emerges with Hybrid Encryption Tactics: ChaCha20 Meets NTRUEncrypt
• 15:32 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 15:3 : VenusTech and Salt Typhoon Breach Sheds Light on China’s Covert Cyber Mercenary Networks
• 15:3 : How to detect and fix a jailbroken iPhone
• 15:3 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 15:3 : Iran-Aligned Hacking Group Targets Middle Eastern Governments
• 14:37 : Isolated Recovery Environments: A Critical Layer in Modern Cyber Resilience
• 14:37 : Eight Malicious Firefox Extensions Expose Users to Credential Theft and Surveillance
• 14:37 : Employee Spotlight: Getting to Know Alon Kanat
• 14:36 : 12 top enterprise risk management trends in 2025
• 14:36 : Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks
• 14:36 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 14:5 : IT Security News Hourly Summary 2025-07-07 15h : 16 posts
• 14:3 : NightEagle APT Unleashes Custom Malware and Zero-Days to Infiltrate Industrial Systems
• 14:2 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 13:35 : SatanLock Ransomware Ends Operations, Says Stolen Data Will Be Leaked
• 13:35 : Inside the ZIP Trap: How APT36 Targets BOSS Linux to Exfiltrate Critical Data
• 13:35 : How Let’s Encrypt made the internet safer and HTTPS standard – and free
• 13:34 : Taiwan flags security risks in popular Chinese apps after official probe
• 13:34 : NordDragonScan: Quiet Data-Harvester on Windows
• 13:34 : Free certificates for IP addresses: security problem or solution?
• 13:34 : The Critical Role of Proxy Servers in Modern Digital Infrastructure
• 13:34 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 13:3 : Ingram Micro Confirms Ransomware Incident Impacting Internal Infrastructure
• 13:3 : 7 useful things the Flipper Zero can do that still blows my mind – two years later
• 13:3 : Ingram Micro says ongoing outage caused by ransomware attack
• 13:3 : Linux Boot Vulnerability Allows Bypass of Secure Boot Protections on Modern Linux Systems
• 13:3 : Top 10 Security Service Edge (SSE) Solutions For Network Security – 2025
• 13:3 : 1000+ New Fake Domains Mimic Amazon Prime Day Registered to Hunt Online Shoppers
• 13:3 : RingReaper – New Linux EDR Evasion Tool Using io_uring Kernel Feature
• 13:3 : Ingram Micro Scrambling to Restore Systems After Ransomware Attack
• 13:3 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 13:2 : Researchers Share CitrixBleed 2 Detection Analysis After Initial Hold
• 12:32 : BERT Ransomware Group Targets Asia and Europe on Multiple Platforms
• 12:32 : New Phishing Attack Impersonates DWP to Steal Credit Card Information from Users
• 12:32 : Threat Actors Turn Job Offers into Scams, Causing Over $264 Million in Losses in 2024
• 12:32 : Phishing platforms, infostealers blamed as identity attacks soar
• 12:32 : 16 Billion Exposed Records Offer Blueprint for Mass Exploitation
• 12:32 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 12:2 : Gamers hacked playing Call of Duty: WWII—PC version temporarily taken offline
• 12:2 : Manufacturing Security: Why Default Passwords Must Go
• 12:2 : ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
• 11:32 : Comodo Internet Security 2025 Flaws Allow Remote Code Execution With SYSTEM Privileges
• 11:32 : XWorm RAT Deploys New Stagers and Loaders to Bypass Defenses
• 11:32 : 8 New Malicious Firefox Extensions Steal OAuth Tokens, Passwords and Spy on Users
• 11:32 : 10 Best Vulnerability Management Tools In 2025
• 11:32 : Threat Actors Abusing Signed Drivers to Launch Modern Kernel Level Attacks on Windows
• 11:32 : 10 Best Secure Network As A Service For MSP Providers – 2025
• 11:32 : Police in Brazil Arrest a Suspect Over $100M Banking Hack
• 11:32 : Hackers Target Employee Credentials Amid Spike in ID Attacks
• 11:5 : IT Security News Hourly Summary 2025-07-07 12h : 6 posts
• 11:4 : Qwizzserial Android Malware Masquerades as Legit Apps to Steal Banking Data and Intercept 2FA SMS
• 11:4 : Microsoft to Remove PowerShell 2.0 from Windows 11 Due to Security Risks
• 11:4 : Threat Actors Use AV/EDR Evasion Framework in the Wild to Deploy Malware Payloads
• 11:4 : Qantas Contacted by Potential Cybercriminal Following Data Breach
• 10:34 : Google AI Overviews Face EU Antitrust Complaint
• 10:34 : EU Says AI Act Will Proceed Despite Critricism
• 10:34 : Hitachi Energy Says AI Power Spikes Threaten Stability
• 10:34 : Hackers Steal Data From Louis Vuitton Korea
• 10:34 : Windows Update Revamped with Smarter Interface for Security Notifications
• 10:4 : Batavia spyware steals data from Russian organizations
• 10:4 : NightEagle APT Attacking Industrial Systems by Exploiting 0-Days and With Adaptive Malware
• 10:4 : ScriptCase Vulnerabilities Let Attackers Execute Remote Code and Gain Server Access
• 10:4 : 8 New Malicious Firefox Extensions Steals OAuth Tokens, Passwords and Spy on Users
• 9:32 : Exposing Scattered Spider: New Indicators Highlight Growing Threat to Enterprises and Aviation
• 9:32 : Hundreds of Malicious Domains Registered Ahead of Prime Day
• 8:35 : France Fines Shein 40m Euros Over Fake Discounts
• 8:35 : Synopsys, Cadence Shares Surge After EDA Controls Lifted
• 8:35 : Apple China Sales Grow For First Time In Two Years
• 8:35 : Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats
• 8:34 : Aligning Software Security Practices with the EU CRA Requirements
• 8:34 : Digging Gold with a Spoon – Resurgence of Monero-mining Malware
• 8:34 : U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
• 8:34 : IT Giant Ingram Micro Reveals Ransomware Breach
• 8:5 : What’s My (File)Name?, (Mon, Jul 7th)
• 8:5 : RingReaper: New Linux EDR Evasion Tool Exploits io_uring Kernel Feature
• 8:5 : IT Security News Hourly Summary 2025-07-07 09h : 5 posts
• 8:4 : APT36 Attacking BOSS Linux Systems With Weaponized ZIP Files to Steal Sensitive Data
• 8:4 : 10 Best Network Security Solutions For Chief Security Officer To Consider – 2025
• 7:34 : Linux Boot Vulnerability Lets Attackers Bypass Secure Boot Protections
• 7:34 : A week in security (June 30 – July 6)
• 7:34 : Ingram Micro cyberattack, Telefonica possible breach, LLM URL recommendation problem
• 7:2 : ScriptCase Vulnerabilities Allow Remote Code Execution and Full Server Compromise
• 7:2 : July 2025 Patch Tuesday forecast: Take a break from the grind
• 6:41 : PoC Released for Linux Privilege Escalation Flaw in udisksd and libblockdev
• 6:40 : AI built it, but can you trust it?
• 6:40 : Ingram Micro Ransomware Attack and the Rise of Linux SSH Server Compromises
• 6:4 : CitrixBleed 2 Vulnerability PoC Published – Experts Warn of Mass Exploitation Risk
• 6:4 : TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors
• 5:34 : Review: Attack Surface Management
• 5:33 : Aegis Authenticator: Free, open-source 2FA app for Android
• 5:6 : Warning: North Korean Hackers Target macOS Users with Fake Zoom Updates
• 5:6 : New technique detects tampering or forgery of a PDF document
• 5:5 : IT Security News Hourly Summary 2025-07-07 06h : 2 posts
• 4:4 : Cloud security maintains its position as top spending priority
• 3:32 : PoC Released for Linux Privilege Escalation Vulnerability via udisksd and libblockdev
• 2:33 : Aeza Group Latest BPH Service Provider Sanctioned by U.S. Treasury
• 2:7 : ISC Stormcast For Monday, July 7th, 2025 https://isc.sans.edu/podcastdetail/9514, (Mon, Jul 7th)
• 23:5 : IT Security News Hourly Summary 2025-07-07 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 27
• 22:55 : IT Security News Daily Summary 2025-07-06