Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31279 bookmarks
Custom sorting
News alert: New Heimdal study reveals tool overload is driving fatigue, missed threats in MSPs
News alert: New Heimdal study reveals tool overload is driving fatigue, missed threats in MSPs
London, Aug. 11, 2025, CyberNewswire—A survey of 80 North American MSPs shows fragmented security stacks drive fatigue, missed threats, and business inefficiency Security tools meant to protect managed service providers are instead overwhelming them. A new study from Heimdal and FutureSafe reveals that 89% of MSPs struggle with tool integration while 56% experience alert fatigue
·lastwatchdog.com·
News alert: New Heimdal study reveals tool overload is driving fatigue, missed threats in MSPs
North Korean Kimsuky hackers exposed in alleged data breach
North Korean Kimsuky hackers exposed in alleged data breach
The North Korean state-sponsored hackers known as Kimsuky has reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky's values, stole the group's data and leaked it publicly online.
·bleepingcomputer.com·
North Korean Kimsuky hackers exposed in alleged data breach
Ransomware gang claims attack on St. Paul city government
Ransomware gang claims attack on St. Paul city government
The Interlock ransomware gang is claiming to have carried out a cyberattack that has disrupted the operations of the city government of St. Paul, Minnesota.
·therecord.media·
Ransomware gang claims attack on St. Paul city government
Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach "critical organizations" in the country.
·bleepingcomputer.com·
Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads.
·bleepingcomputer.com·
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Ghost CMS 5.59.1 - Arbitrary File Read
Ghost CMS 5.59.1 - Arbitrary File Read
Ghost CMS 5.59.1 - Arbitrary File Read. CVE-2023-40028 . webapps exploit for Multiple platform
·exploit-db.com·
Ghost CMS 5.59.1 - Arbitrary File Read
Ghost CMS 5.42.1 - Path Traversal
Ghost CMS 5.42.1 - Path Traversal
Ghost CMS 5.42.1 - Path Traversal. CVE-2023-32235 . webapps exploit for Multiple platform
·exploit-db.com·
Ghost CMS 5.42.1 - Path Traversal
OpenAI is testing 3,000-per-week limit for GPT-5 Thinking
OpenAI is testing 3,000-per-week limit for GPT-5 Thinking
OpenAI has responded to criticism that it shipped GPT-5 with token limits to minimize cost and maximize profit not with words, but rather with a new 3,000-per-week limit.
·bleepingcomputer.com·
OpenAI is testing 3,000-per-week limit for GPT-5 Thinking
Microsoft tests cloud-based Windows 365 disaster recovery PCs
Microsoft tests cloud-based Windows 365 disaster recovery PCs
Microsoft has announced the limited public preview of Windows 365 Reserve, a service that provides temporary desktop access to pre-configured cloud PCs for employees whose computers have become unavailable due to cyberattacks, hardware issues, or software problems.
·bleepingcomputer.com·
Microsoft tests cloud-based Windows 365 disaster recovery PCs
Comment Google se retrouve victime d’une cyberattaque qu’il avait lui-même documentée
Comment Google se retrouve victime d’une cyberattaque qu’il avait lui-même documentée
Le 8 août 2025, plusieurs dirigeants de petites et moyennes entreprises reçoivent un email inattendu de Google. Le géant américain les informe qu’une fuite a exposé leurs coordonnées, ainsi que des notes relatives à leurs activités commerciales. En cause : une cyberattaque ayant permis à des pirates d’accéder à l’une
·numerama.com·
Comment Google se retrouve victime d’une cyberattaque qu’il avait lui-même documentée
The Rise of Native Phishing: Microsoft 365 Apps Abused in Attacks
The Rise of Native Phishing: Microsoft 365 Apps Abused in Attacks
Native phishing turns trusted tools into attack delivery systems. Varonis shows how attackers weaponize Microsoft 365 apps, like OneNote & OneDrive, to send convincing internal lures and how to spot them before they spread.
·bleepingcomputer.com·
The Rise of Native Phishing: Microsoft 365 Apps Abused in Attacks