Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31297 bookmarks
Custom sorting
Details emerge on BlackSuit ransomware takedown | CyberScoop
Details emerge on BlackSuit ransomware takedown | CyberScoop
The Russian cybercrime group attacked more than 180 organizations before members abandoned the brand and dispersed to new ransomware groups earlier this year.
·cyberscoop.com·
Details emerge on BlackSuit ransomware takedown | CyberScoop
French Telecom Orange Disclosed Suffering A Cyberattack
French Telecom Orange Disclosed Suffering A Cyberattack
Orange telecom confirmed isolating the information systems impacted by the cyberattack, warning users of possible service disruptions.
·latesthackingnews.com·
French Telecom Orange Disclosed Suffering A Cyberattack
« Brushing Scam » et faux QR code sur les colis, la nouvelle arnaque qui alerte le FBI
« Brushing Scam » et faux QR code sur les colis, la nouvelle arnaque qui alerte le FBI
Dans un communiqué publié le 31 juillet, le FBI met en garde contre un nouveau type d'arnaque particulièrement vicieux. Le mode opératoire repose sur deux arnaques déjà en vogue : le « brushing scam » et le « quishing ». Après le livreur qui estimait que votre boîte aux lettres était trop petite, les cybercriminels
·numerama.com·
« Brushing Scam » et faux QR code sur les colis, la nouvelle arnaque qui alerte le FBI
CTM360 spots Malicious ‘ClickTok’ Campaign Targeting TikTok Shop users
CTM360 spots Malicious ‘ClickTok’ Campaign Targeting TikTok Shop users
The ClickTok campaign lures victims with fake TikTok shops and drains their crypto wallets. CTM360 exposes how SparkKitty spyware spreads via trojanized apps, phishing pages, and AI-powered scams.
·bleepingcomputer.com·
CTM360 spots Malicious ‘ClickTok’ Campaign Targeting TikTok Shop users
News alert: OpenSSL conference to convene experts on cryptograohy, compliance and open-source
News alert: OpenSSL conference to convene experts on cryptograohy, compliance and open-source
Newark, NJ, Aug. 4, 2025, CyberNewswire—Early Bird registration is now available for the inaugural OpenSSL Conference, scheduled for October 7–9, 2025, in Prague. The event will bring together leading voices in cryptography, secure systems, and open-source infrastructure. Early registrants can save up to $240 per ticket. Registration Information Registration packages are designed to reflect the
·lastwatchdog.com·
News alert: OpenSSL conference to convene experts on cryptograohy, compliance and open-source
New Plague Linux malware stealthily maintains SSH access
New Plague Linux malware stealthily maintains SSH access
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems.
·bleepingcomputer.com·
New Plague Linux malware stealthily maintains SSH access
Post SMTP Plugin Flaw Risked 400K+ WordPress Sites
Post SMTP Plugin Flaw Risked 400K+ WordPress Sites
The Post SMTP plugin flaw could allow account takeover from an authorized low-privilege user account, such as a Subscriber user.
·latesthackingnews.com·
Post SMTP Plugin Flaw Risked 400K+ WordPress Sites
Inadequate Database Security: A Darkbeam Case Study | CSA
Inadequate Database Security: A Darkbeam Case Study | CSA
2023: Darkbeam failed to follow database security best practices, publicly exposing their Elasticsearch & Kibana interface. No data exfiltration was reported.
·cloudsecurityalliance.org·
Inadequate Database Security: A Darkbeam Case Study | CSA
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.
·bleepingcomputer.com·
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Man-in-the-Middle Attack Prevention Guide
Man-in-the-Middle Attack Prevention Guide
MITM attacks silently steal data from users via spoofed networks and weak encryption. Learn how to stop them.
·thehackernews.com·
Man-in-the-Middle Attack Prevention Guide
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies - Schneier on Security
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies - Schneier on Security
An Arizona woman was sentenced to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers. From an article: According to court documents, Chapman hosted the North Korean IT workers’ computers in her own home between October 2020 and October 2023, creating a so-called “laptop farm” which was used to make it appear as though the devices were located in the United States. The North Koreans were hired as remote software and application developers with multiple Fortune 500 companies, including an aerospace and defense company, a major television network, a Silicon Valley technology company, and a high-profile company...
·schneier.com·
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies - Schneier on Security
The Wild West of Shadow IT
The Wild West of Shadow IT
Everyone's an IT decision-maker now. Here's how to keep your organization safe in the world of Shadow IT.
·thehackernews.com·
The Wild West of Shadow IT