Cloud Security Alliance Names Google Cloud as First Company to | CSA

Latest CyberSec News by @thecyberpicker
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.
Man-in-the-Middle Attack Prevention Guide
MITM attacks silently steal data from users via spoofed networks and weak encryption. Learn how to stop them.
⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More
This week’s threats don’t shout — they blend in, borrow trust, and drain wallets.
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies - Schneier on Security
An Arizona woman was sentenced to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers. From an article: According to court documents, Chapman hosted the North Korean IT workers’ computers in her own home between October 2020 and October 2023, creating a so-called “laptop farm” which was used to make it appear as though the devices were located in the United States. The North Koreans were hired as remote software and application developers with multiple Fortune 500 companies, including an aerospace and defense company, a major television network, a Silicon Valley technology company, and a high-profile company...
The Wild West of Shadow IT
Everyone's an IT decision-maker now. Here's how to keep your organization safe in the world of Shadow IT.
Mozilla warns of phishing attacks targeting add-on developers
Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its official AMO (addons.mozilla.org) repository.
Lazarus est de retour : les célèbres voleurs de crypto-monnaies nord-coréens ciblent désormais l’open source
Dans une étude publiée fin juillet 2025, les chercheurs de Sonatype annoncent avoir détecté une vaste campagne d’espionnage menée au sein des écosystèmes open source. Aux commandes : Lazarus, un groupe cybercriminel affilié à l’État nord-coréen, connu depuis plus d’une décennie pour des détournements spectaculaires
Lovense flaws expose emails and allow account takeover
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed.
Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit
The Pwn2Own competition is offering a $1m reward to any teams able to unearth a WhatsApp code execution exploit
CrowdStrike investigated 320 North Korean IT worker cases in the past year | CyberScoop
Threat hunters saw North Korean operatives almost daily, reflecting a 220% year-over-year increase in activity, CrowdStrike said in a new report.
Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024
State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks' Unit 42.
#BHUSA: Cloud Intrusions Skyrocket in 2025
CrowdStrike revealed the surge in cloud intrusions was partly driven by a 40% increase in Chinese-state actors exploiting these environments
A week in security (July 28 – August 3)
A list of topics we covered in the week of July 28 to August 3 of 2025
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
New Android malware PlayPraetor infects 11,000+ devices, targeting banking users via fake Play Store links.
Attackers exploit link-wrapping services to steal Microsoft 365 logins
A threat actor has been abusing link wrapping services from reputed technology companies to mask malicious links leading to Microsoft 365 phishing pages that collect login credentials.
Senate confirms national cyber director pick Sean Cairncross | CyberScoop
The Senate voted to confirm Sean Cairncross as national cyber director Saturday, giving the Trump administration one of its top cyber officials after a more than five-month process.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 56
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
Senate confirms Trump’s national cyber director nominee
Sean Cairncross, a political veteran without significant cybersecurity experience, could turn the relatively new White House office into a major player in the administration
Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE)
Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE). CVE-2025-49683 . local exploit for Windows platform
Swagger UI 1.0.3 - Cross-Site Scripting (XSS)
Swagger UI 1.0.3 - Cross-Site Scripting (XSS). CVE-2025-8191 . remote exploit for Multiple platform
LPAR2RRD 8.04 - Remote Code Execution (RCE)
LPAR2RRD 8.04 - Remote Code Execution (RCE). CVE-2025-54769 . webapps exploit for Multiple platform
Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation
Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation. CVE-2023-3460 . webapps exploit for Multiple platform
Gandia Integra Total 4.4.2236.1 - SQL Injection
Gandia Integra Total 4.4.2236.1 - SQL Injection. CVE-2025-41373 . webapps exploit for Multiple platform
Copyparty 1.18.6 - Reflected Cross-Site Scripting (XSS)
Copyparty 1.18.6 - Reflected Cross-Site Scripting (XSS). CVE-2025-54589 . webapps exploit for Multiple platform
Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure
Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure. CVE-2025-49741 . remote exploit for Windows platform
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
Undetected for a year, Plague malware targets Linux PAM to hijack SSH access and erase forensic traces.
OpenAI prepares new open weight models along with GPT-5
OpenAI isn't just working on GPT-5. It looks like OpenAI is also preparing to release new open-source weights, living up to its name, OpenAI.'
Anthropic says OpenAI engineers using Claude Code ahead of GPT-5 launch
Anthropic says it has revoked OpenAI's access to the Claude API after ChatGPT's engineers were found using Claude's coding tools.