Latest CyberSec News by @thecyberpicker

Victoria's Secret, the fashion giant, has taken down its website and some store services because of an ongoing security incident

DragonForce exploited three SimpleHelp CVEs to hijack an MSP’s RMM tool, steal data, and deploy ransomware on customer systems.

A new EY report found that cybersecurity teams are a major vehicle for business growth, and CISOs should push for a seat at the top table

Executives are under digital siege—and most don't even know it. Related: Shareholders sue over murder At RSAC 2025, I sat down with Chuck Randolph, SVP of Strategic Intelligence and Security at 360 Privacy, to unpack a trend reshaping the threat landscape: the weaponization of personal data against corporate leaders and high-net-worth individuals. For a full

As climate-related risks become more frequent and severe, businesses must take proactive steps to safeguard their operations.

We recently hosted a webinar to introduce Burp Suite DAST, the new name for Burp Suite Enterprise Edition, the best-in-class, automated web application and API security scanning solution for modern Ap

Microsoft has confirmed that some Windows 11 systems might fail to start after installing the KB5058405 security update released during this month's Patch Tuesday.

Campcodes Online Hospital Management System 1.0 - SQL Injection. CVE-2025-5298 . webapps exploit for Multiple platform

Automic Agent 24.3.0 HF4 - Privilege Escalation. CVE-2025-4971 . remote exploit for Multiple platform

Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure. CVE-2025-24071 . remote exploit for Windows platform

EasyDMARC found that just 7.7% of the world’s top 1.8 million email domains have implemented the most stringent DMARC policy

SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal. CVE-2024-28995 . remote exploit for Multiple platform

Data broker giant LexisNexis Risk Solutions has revealed that unknown attackers stole the personal information of over 364,000 individuals in a December breach.

WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing. CVE-2025-4094 . webapps exploit for Multiple platform

Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass. CVE-2024-0204 . remote exploit for Multiple platform

APT41 used Google Calendar to control TOUGHPROGRESS malware via encrypted events; Google shut it down.

CVE-2025-47577 flaw in TI WooCommerce Wishlist lets unauthenticated attackers upload malicious files—no patch yet, 100K+ sites at risk.

Microsoft has released the optional KB5058481 preview cumulative update for Windows 10 22H2 with seven changes, including restoring seconds to the time display in the calendar flyout for those who previously lost it.

​​Microsoft has released the KB5058499 preview cumulative update for Windows 11 24H2 with forty-eight new features or changes, with many gradually rolling out, such as the new Windows Share feature and tje Click to Do Preview.

The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service.

The agreement allows Red Canary to scale, while helping Zscaler expand into MDR.

Hackers are preying on senior corporate leaders at banks, investment firms, utilities and insurance companies worldwide.

251 Amazon-hosted IPs scanned 75 tech targets on May 8 in a one-day exploit surge, showing orchestrated cloud-based recon.

Google Threat Intelligence Group said it developed means to counter the activity, which it linked to APT41.

A newly discovered Go-based Linux botnet malware named PumaBot is brute-forcing SSH credentials on embedded IoT devices to deploy malicious payloads.

Learn how to optimize your SIEM solution with key strategies and practices.

The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure.

The Interlock ransomware gang is deploying a previously undocumented remote access trojan (RAT) named NodeSnake against educational institutes for persistent access to corporate networks.

Decentralized finance platform Cork Protocol paused trading and launched an investigation after millions of dollars' worth of Ethereum were lost in a "security incident."