Microsoft Excel Use After Free - Local Code Execution
Microsoft Excel Use After Free - Local Code Execution. CVE-2025-27751 . local exploit for Windows platform
Latest CyberSec News by @thecyberpicker
PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
PHP CGI Module 8.3.4 - Remote Code Execution (RCE). CVE-2024-4577 . webapps exploit for PHP platform
Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE). CVE-2025-33073 . remote exploit for Windows platform
Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation. CVE-2024-28000 . webapps exploit for PHP platform
Parrot and DJI variants Drone OSes - Kernel Panic Exploit
Parrot and DJI variants Drone OSes - Kernel Panic Exploit. CVE-2025-37928 . local exploit for Multiple platform
Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS). CVE-2025-46041 . webapps exploit for PHP platform
PCMan FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow. CVE-2025-4255 . remote exploit for Windows platform
Upcoming Speaking Engagements - Schneier on Security
This is a current list of where and when I am scheduled to speak: I’m speaking at the International Conference on Digital Trust, AI and the Future in Edinburgh, Scotland on Tuesday, June 24 at 4:00 PM. The list is maintained on this page.
Windows 11 users want these five features back
When Windows 11 was first released, many long-time users felt features they loved had been taken away overnight. Three and a half years later, the same complaints still rise to the top of the Feedback Hub with tens of thousands of votes.
Anubis ransomware adds wiper to destroy files beyond recovery
WestJet investigates cyberattack disrupting internal systems
WestJet, Canada's second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach.
Palo Alto Networks fixed multiple privilege escalation flaws
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.
Unusual toolset used in recent Fog Ransomware attack
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn.
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
Malware campaign hijacks expired Discord invite links to steal crypto wallets and infect users globally.
News alert: Arsen launches AI-powered vishing simulation to help combat voice phishing at scale
Paris, Jun. 3, 2025, CyberNewswire--Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced the release of its new Vishing Simulation module, a cutting-edge tool designed to train employees against one of the fastest-growing attack vectors: voice phishing (vishing). This new module uses AI-generated voices and adaptive dialogue systems to simulate
Friday Squid Blogging: Stubby Squid - Schneier on Security
Video of the stubby squid (Rossia pacifica) from offshore Vancouver Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
L’attaque hors-norme d’Israël depuis une base secrète en Iran avec des drones explosifs
C'était l'opération dans l'opération. En marge de la campagne Rising Lion lancée par Israël contre l'Iran dans la nuit du 12 au 13 juin 2025, pour attaquer son programme de nucléaire militaire, une action spéciale a aussi eu lieu proche de Téhéran. Elle impliquait une base clandestine et des drones explosifs. Un coup
Paraguay Suffered Data Breach: 7.4 Million Citizen Records Leaked on Dark Web
Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on the dark web.
Google links massive cloud outage to API management issue
Google says an API management issue is behind Thursday's massive Google Cloud outage, which disrupted or brought down its services and many other online platforms.
Roundcube 1.6.10 - Remote Code Execution (RCE)
Roundcube 1.6.10 - Remote Code Execution (RCE). CVE-2025-49113 . webapps exploit for Multiple platform
Windows File Explorer Windows 10 Pro x64 - TAR Extraction
Windows File Explorer Windows 10 Pro x64 - TAR Extraction. CVE-2025-24071 . remote exploit for Windows platform
Coker: We can’t have economic prosperity or national security without cybersecurity
Coker spoke to Recorded Future News about his time as National Cyber Director, what he considers his biggest successes and what he would tell his replacement – who is currently going through the confirmation process.
L'action hors-norme d'Israël depuis une base secrète en Iran pour lancer des drones explosifs - Numerama
C'était l'opération dans l'opération. En marge de la campagne Rising Lion lancée par Israël contre l'Iran dans la nuit du 12 au 13 juin 2025, pour attaquer son programme de nucléaire militaire, une action spéciale a aussi eu lieu proche de Téhéran. Elle impliquait une base clandestine et des drones explosifs. Un coup
Conflit Iran-Israël : c’est quoi, le Pentagon Pizza Index ?
Le « Pentagon Pizza Index », aussi appelé « Pentagon Pizza Meter », est une théorie aussi savoureuse qu’inattendue : le nombre de pizzas commandées autour du Pentagone serait un baromètre officieux des crises internationales et des opérations militaires américaines. Alors que les tensions entre l’Iran et Israël
Your Meta AI chats might be public, and it’s not a bug
Users of the Meta AI seem to be sharing their sensitive conversations with the entire world without being aware of it
Discord flaw lets hackers reuse expired invites in malware campaign
Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware.
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names
Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system
Freefloat FTP Server 1.0 - Remote Buffer Overflow
Freefloat FTP Server 1.0 - Remote Buffer Overflow. CVE-2025-5548 . remote exploit for Multiple platform
CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws
The latest confirmed cyber intrusion hit a utility billing software provider and its customers.
Government offices in North Carolina, Georgia disrupted by cyberattacks
The city government of Thomasville, North Carolina, and a court district in eastern Georgia are responding to recent intrusions into their networks.