Latest CyberSec News by @thecyberpicker

This week in cybersecurity from the editors at Cybercrime Magazine

Water Curse exploited 76 GitHub accounts to deliver stealthy malware targeting developers and supply chains.

ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest

Learn how the North Korean-aligned Famous Chollima is using the a new Python-based RAT, "PylangGhost," to target cryptocurrency and blockchain jobseekers in a campaign affecting users primarily in India.

Attackers are increasingly hiding in plain sight, using the same tools IT and security teams rely on for daily operations. This blog breaks down common techniques and provides recommendations to defenders.

Learn how to define the right ISMS scope for ISO 27001 certification by understanding clauses 4.1–4.3 and aligning with business needs and risks.

Des chercheurs en cybersécurité révèlent que Taïwan subit depuis janvier 2025 une offensive numérique d’ampleur inédite, orchestrée par le groupe HoldingHands. Cette opération d’espionnage et de sabotage cible sans relâche les administrations, entreprises et infrastructures stratégiques de l’île. C'est une attaque

The new Cyber Growth Action Plan aims to support the UK’s cyber industry, including the development of innovative new technologies and startups

Water Curse exploited 76 GitHub accounts to deliver stealthy malware targeting developers and supply chains.

Startups can now achieve FedRAMP Moderate faster. Beyond Identity shares real strategies, costs, and team insights.

The National Cybersecurity Center of Excellence (NCCoE) has published the sixth white paper in its series

The group positions itself “not just as a ransomware group, but as a full-service cybercrime platform”, according to Cybereason

Scammers are abusing sponsored search results, displaying their scammy phone number on legitimate brand websites.

These 5 communication channels are favored by scammers to try and trick victims at least once a week—if not more.

BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated attackers gain remote code execution on vulnerable servers.

Today’s digital threats don’t discriminate by size or sector. Building a solid cybersecurity foundation is no longer optional—it’s essential.

Payment processor Paddle has agreed to settle with the FTC over allegations related to tech support scams

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions.

Work management platform Asana is warning users of its new Model Context Protocol (MCP) feature that a flaw in its implementation potentially led to data exposure from their instances to other users and vice versa.

CISA warns CVE-2023-0386 is being actively exploited, impacting Linux systems via OverlayFS. Patching is urgent.

Former CIA analyst sentenced to 37 months for leaking Top Secret intel on Israel-Iran plans. National security impact.

Iran throttles web, cites cyber threats; Israeli group hacks bank; U.S. warns of Iranian ICS malware.

Veeam patches 3 major flaws, including CVE-2025-23121, to stop RCE risks in backup software. Update now.

A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI and Mistral, according to Cato Networks.

Last week at Microsoft Build, Azure CTO Mark Russinovich made headlines by telling the truth. Related: A basis for AI optimism In a rare moment of public candor from a Big Tech executive, Russinovich warned that current AI architectures—particularly autoregressive transformers—have structural limitations we won’t engineer our way past. And more than that, he acknowledged

Iran-focused media outlets report Bank Sepah branches are closed, customers are unable to access accounts and payment processing is down.

WhatsApp has announced it will start showing its users targeted ads. Will this be yet another Meta "Pay or OK" choice?

Chrome and Yandex zero-days exploited to deploy Trinper backdoor via phishing; Russian entities targeted.

Security analysts at Google’s Threat Intelligence Group published a warning this week to insurance companies, writing that it is “now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity.”

The AnonsecKh group, which goes by Bl4ckCyb3r on Telegram, claimed at least 73 attacks on Thai organizations in the two weeks following a May 28 incident in which a Cambodian soldier was killed in a skirmish with Thai forces.