Latest CyberSec News by @thecyberpicker

EncryptHub exploits CVE-2025-26633 with social engineering and rogue MSC files, delivering Fickle Stealer malware.

Here’s the story. The commenters on X (formerly Twitter) are unimpressed. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

A district appeals court ruled that the FCC “correctly determined” that telecoms had a duty to protect customer location data that was sold and later misused by third parties.

The London-based tech and telecom company Colt Technology Services confirmed that a cyberattack earlier this week caused technical issues that it is still addressing.

Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from…

A new report described how criminals use “ghost-tapping” — when stolen payment card details are uploaded onto a burner phone and used in-person to purchase goods.

A cybercriminal was found selling scanned IDs that were stolen from guests at Italian hotels on underground forums, warned CERT-AGID.

National Public Data has changed ownership. Does this mean your personal information has changed hands too?

UAT-7237 exploits unpatched Taiwan servers using SoundBill, Cobalt Strike, and SoftEther VPN for persistent control.

The rules, introduced during the Biden administration, would force telecoms to notify customers when their personally identifiable information is exposed in a hack.

The vulnerability, which Cisco said it discovered during internal security testing, could allow unauthenticated attackers to execute high-privilege commands.

Most companies are planning major AI investments to address growing threats to OT systems.

UK-based telecommunications company Colt Technology Services is dealing with a cyberattack that has caused a multi-day outage of some of the company's operations, including hosting and porting services, Colt Online and Voice API platforms.

Only three in 10 respondents said their application security programs were highly mature.

Microsoft has reminded customers that Windows 10 will be retired in two months after all editions of Windows 10, version 22H2 reach their end of servicing on October 14.

Cisco is warning about a critical remote code execution (RCE) vulnerability in the RADIUS subsystem of its Secure Firewall Management Center (FMC) software.

Germany, the Netherlands and four of the Five Eyes countries share a common asset inventory for industrial cybersecurity

This week in cybersecurity from the editors at Cybercrime Magazine

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918.

Agentic AI shifts privacy from control to trust, challenging laws like GDPR and risking legal exposure.

U.S. sanctions Garantex, successor Grinex, after $100M illicit crypto flow fuels ransomware and sanctions evasion.

Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability.

Porn sites are hiding code in .svg files: Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of “JSFuck,” a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text. Once decoded, the script causes the browser to download a chain of additional obfuscated JavaScript. The final payload, a known malicious script called Trojan.JS.Likejack, induces the browser to like a specified Facebook post as long as a user has their account open...

Cisco has issued a software update to address the vulnerability, which can allow an unauthenticated, remote attacker to inject arbitrary shell commands

A new Checkmarx study reveals that AI-generated code now accounts for over 60% of codebases in some companies, much of which contains known vulnerabilities

Blue Locker ransomware hits Pakistan’s oil & gas sector, severely impacting Pakistan Petroleum; NCERT warns ministries of severe ongoing risk

Cisco patches critical Secure Firewall Management Center flaw allowing remote code execution on vulnerable systems.

A RUSI report warned that money mules are exploiting inadequate security controls in smaller payment service providers to move fraudulent transactions about

C'est une rengaine, devenue presque un passage obligatoire dans de nombreux magasins en France. Au moment de payer, pour profiter d'une remise ou pour créer une carte de fidélité, le client est prié de donner tout un tas de données personnelles. Pourquoi ? Quelles sont les obligations des commerçants ? Et les droits

The U.S. Department of the Treasury has announced sanctions against Grinex, the successor to Russian cryptocurrency exchange Garantex, which was previously sanctioned for helping ransomware gangs launder their money.