Latest CyberSec News by @thecyberpicker

Google confirmed detecting active exploits for the sandbox escape zero-day, patching the vulnerability with Chrome 138.0.7204.157.

ProPublica is reporting: Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found. The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage...

AI now powers Zero Trust enforcement across all CISA pillars, helping 80% of firms adopt by 2026. Learn why human-machine teaming is key.

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

A newly rebranded extortion gang known as "World Leaks" breached one of Dell's product demonstration platforms earlier this month and is now trying to extort the company into paying a ransom.

Learning a new language doesn't have to mean night classes, bulky textbooks, or boring apps. With Babbel, you can pick up real-world conversation skills through short, fun, and practical lessons. And right now, you can get a lifetime subscription for only $159 (regularly $599).

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface.

Microsoft has issued an urgent patch for most SharePoint servers after cybersecurity researchers found threat actors globally exploiting a zero-day vulnerability in the products.

On-prem SharePoint customers have been told to assume compromise, with attackers observed to be exfiltrating data from victim servers across critical sectors

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa.

A list of topics we covered in the week of July 14 to July 20 of 2025

Hackers bypass FIDO keys using spoofed portals and QR codes, exposing MFA weaknesses and risking user accounts.

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks.

JavaScript cryptojackers hit 3,500+ sites using stealth WebSocket miners and Magecart-linked infrastructure.

HPE fixed two flaws in Instant On Access Points that could allow admin access and command injection. Patch now to stay secure.

Microsoft warns of active SharePoint exploits affecting on-prem users; 54 victims confirmed in major attack.

Hackers target Web3 developers using fake AI tools and malware to steal crypto wallets and credentials.

Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface.

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.

npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.

SharePoint zero-day CVE-2025-53770 exploited in mass attacks breaching 75+ orgs; on-prem users at high risk.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog.

npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.

SharePoint zero-day CVE-2025-53770 exploited in mass attacks breaching 75+ orgs; on-prem users at high risk.

CrushFTP flaw CVE-2025-54309 exploited in wild, giving attackers admin access. Older builds before July 1 are at high risk

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals.

Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft.

L’un a vécu deux mois surréalistes dans un data center assiégé. L’autre se réveille la nuit pour combattre les hackers russes. Numerama s’est rendu en Ukraine pour rapporter les histoires de Kostya et Dmytro, haut commandants dans le privé de la cyberdéfence du pays. « Vybachte, odyn moment. » Excusez-moi, un

GPT-5 might be just a few days or weeks away, as we've spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13.

AI companies could soon disrupt the education market with their new AI-based learning tools for students.