IT Security Weekend Catch Up – March 23, 2025

Comments
close searching

23.03.2025 | 13:25

IT Security Weekend Catch Up – March 23, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – March 23, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Cloudflare turns AI against itself with endless maze of irrelevant facts
  2. People are using Google’s new AI model to remove watermarks from images
  3. EU mandates Apple to open up iPhone, iOS to competitors under Digital Markets Act
  4. A win for encryption: France rejects backdoor mandate
  5. The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it
  6. Social media platforms face huge fines under UK’s new digital safety laws
  7. TikTok will be blocked in Albania for one year
  8. Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied
  9. Banned Russian channel RT secretly pays video bloggers who promote Kremlin narratives
  10. Ukrainian military targeted in new Signal spear-phishing attacks
  11. Warning over free online file converters that actually install malware

For the more technical

  1. GitHub Action tj-actions/changed-files supply chain attack: everything you need to know
  2. New GitHub Action supply chain attack: reviewdog/action-setup
  3. Kali Linux 2025.1a release (2025 Theme, & Raspberry Pi)
  4. Apple’s Passwords app was vulnerable to phishing attacks for nearly three months after launch
  5. Microsoft fixes Windows update bug that uninstalled Copilot
  6. Windows shortcut exploit abused as zero-day in widespread APT campaigns
  7. Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
  8. BitM up! Session stealing in seconds using the browser-in-the-middle technique
  9. Hijacking a Python upload server: writeup from Insomni'hack CTF 2025
  10. One PUT request to own Tomcat: CVE-2025-24813 RCE is in the wild
  11. In-depth technical analysis of the Bybit hack
  12. Virtue or vice? A first look at Paragon’s proliferating spyware operations
  13. WhatsApp patched zero-click flaw exploited in Paragon spyware attacks
  14. State of WordPress security in 2025
  15. Hundreds of malicious Google Play-hosted apps bypassed Android 13 security with ease
  16. AMOS and Lumma stealers actively spread to Reddit users
  17. StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
  18. Albabat ransomware group potentially expands targets to multiple OS, uses GitHub to streamline operations

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Cloudflare turns AI against itself with endless maze of irrelevant facts People are using Google’ 2025-03-23T13:25:19+01:00

Comments