Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30533 bookmarks
Custom sorting
New Fortinet FortiWeb hacks likely linked to public RCE exploits
New Fortinet FortiWeb hacks likely linked to public RCE exploits
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257.
·bleepingcomputer.com·
New Fortinet FortiWeb hacks likely linked to public RCE exploits
Pro-Russian Cybercrime Network Demolished in Operation Eastwood
Pro-Russian Cybercrime Network Demolished in Operation Eastwood
A Europol coordinated operation has taken down key infrastructure used by pro-Russian hacktivist group NoName057(16), as well as a number of arrests
·infosecurity-magazine.com·
Pro-Russian Cybercrime Network Demolished in Operation Eastwood
Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group
Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group
An international law enforcement operation dubbed "Operation Eastwood" has targeted the infrastructure of the pro-Russian hacktivist group NoName057(16), responsible for distributed denial-of-service (DDoS) attacks across Europe and the US.
·bleepingcomputer.com·
Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group
Senate panel passes Intelligence Authorization Act that takes aim at telecom hacks
Senate panel passes Intelligence Authorization Act that takes aim at telecom hacks
The measure aims to prevent compromise of U.S. telecommunications through strengthening network security by establishing “baseline cybersecurity requirements for vendors of telecommunications services” to the country’s 18 intelligence agencies, according to a summary of the bill released by the panel.
·therecord.media·
Senate panel passes Intelligence Authorization Act that takes aim at telecom hacks
Copilot Studio: AIjacking Leads to Data Exfiltration | CSA
Copilot Studio: AIjacking Leads to Data Exfiltration | CSA
AI agents are prone to data exfiltration. See how one attack led to discovery of the knowledge sources, then to data exfiltration of entire customer records.
·cloudsecurityalliance.org·
Copilot Studio: AIjacking Leads to Data Exfiltration | CSA
Retail Ransomware Attacks Jump 58% Globally in Q2 2025
Retail Ransomware Attacks Jump 58% Globally in Q2 2025
BlackFog found that publicly disclosed ransomware attacks on retail grew significantly in Q2 compared to Q1, with UK firms heavily targeted
·infosecurity-magazine.com·
Retail Ransomware Attacks Jump 58% Globally in Q2 2025
AWS, Google Drive, Dropbox : quand le cloud est détourné pour espionner des négociations
AWS, Google Drive, Dropbox : quand le cloud est détourné pour espionner des négociations
Depuis fin 2024, une campagne d’espionnage d’une sophistication inédite vise les gouvernements d’Asie du Sud-Est. L’outil au cœur de cette opération : HazyBeacon, un logiciel malveillant capable de se dissimuler dans le trafic légitime des services cloud d’Amazon, afin de collecter des informations sensibles sur des
·numerama.com·
AWS, Google Drive, Dropbox : quand le cloud est détourné pour espionner des négociations
Grok 4 benchmark results: Tops math, ranks second in coding
Grok 4 benchmark results: Tops math, ranks second in coding
Grok 4 is a huge leap from Grok 3, but how good is it compared to other models in the market, such as Gemini 2.5 Pro? We now have answers, thanks to new independent benchmarks.
·bleepingcomputer.com·
Grok 4 benchmark results: Tops math, ranks second in coding
Google fixes actively exploited sandbox escape zero day in Chrome
Google fixes actively exploited sandbox escape zero day in Chrome
Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection.
·bleepingcomputer.com·
Google fixes actively exploited sandbox escape zero day in Chrome
Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack
Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack
Cloudflare highlighted a huge rise in hyper-volumetric DDoS attacks in Q2 2025, with attackers seeking to overwhelm defenses
·infosecurity-magazine.com·
Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack
Education Sector is Most Exposed to Remote Attacks
Education Sector is Most Exposed to Remote Attacks
CyCognito research finds that a third of education sector APIs, web apps and cloud assets are exposed to attack
·infosecurity-magazine.com·
Education Sector is Most Exposed to Remote Attacks
NodeJS 24.x - Path Traversal
NodeJS 24.x - Path Traversal
NodeJS 24.x - Path Traversal. CVE-2025-27210 . remote exploit for NodeJS platform
·exploit-db.com·
NodeJS 24.x - Path Traversal