Latest CyberSec News by @thecyberpicker

TAG-110 abandoned HTA-based payloads in January 2025, using macro-enabled Word templates to target Tajik institutions.

60 npm packages and VS Code extensions deployed sandbox-evasive malware to steal system data, developer credentials, and crypto wallets.

Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful."

OpenAI is planning to ship a new ChatGPT-powered product by 2026, but we aren't looking at yet another model.

70% of US sites drop ad cookies despite opt-outs, risking fines and distrust; real-time validation prevents this

Le fabricant allemand d'articles de sport a déclaré qu'un “tiers non autorisé” avait obtenu certaines données de personnes ayant...-Cybersécurité

From TikTok malware drops to zero-day exploits, this week’s roundup is packed with critical intel.

The US National Institute of Standards and Technology (NIST) published a white paper introducing a new metric called Likely Exploited Vulnerabilities (LEV)

Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks.

A list of topics we covered in the week of May 19 to May 25 of 2025

Lovable, which is a Vibe coding company, announced that Claude 4 has reduced its errors by 25% and made it faster by 40%.

xAI, founded by Elon Musk, is preparing to launch Grok 3.5, the company's next state-of-the-art AI model.

You can now connect your Box and Dropbox accounts to Deep Research on ChatGPT and pull data, which will be used by the AI to conduct research.

A new report claims that OpenAI's o3 model altered a shutdown script to avoid being turned off, even when explicitly instructed to allow shutdown

The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff.

Glitch has announced it is ending app hosting and user profiles on July 8, 2025, responding to changing market dynamics and extensive abuse problems that have raised operational costs.

The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks.

La suite va vous surprendre, ou pas. « Pourquoi est-ce aussi cher ? Bonjour ? ». Les deux messages ont été envoyés le 17 avril 2025 à une vingtaine de minutes d’intervalle. Quelques minutes plus tard, la réponse du cybercriminel affilié au dangereux groupe Lockbit fuse, à la fois ironique et menaçante. « Nous

ABB Cylon Aspect Studio 3.08.03 - Binary Planting. CVE-2024-13946 . local exploit for Multiple platform

Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow. CVE-2022-2070 . remote exploit for Multiple platform

WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass. CVE-2025-2594 . webapps exploit for Multiple platform

Java-springboot-codebase 1.1 - Arbitrary File Read. CVE-2025-46822 . webapps exploit for Java platform

ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation. CVE-n/a . remote exploit for Multiple platform

Windows 2024.15 - Unauthenticated Desktop Screenshot Capture. CVE-n/a . remote exploit for Windows platform

Microsoft Windows Server 2016 - Win32k Elevation of Privilege. CVE-2023-29336 . local exploit for Windows platform

Winos 4.0 malware campaign active since Feb 2025 uses fake installers, Catena loader, and AV evasion tactics.

Pour échapper aux trackers, à la publicité ciblée ou simplement ne pas enregistrer son historique de navigation, il est commun d’activer la navigation privée. Voici pourquoi c’est une fausse bonne idée. La plupart des navigateurs web disposent d’une fonctionnalité de navigation privée. Très pratique et simple à