Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30556 bookmarks
Custom sorting
How and where to report an online scam
How and where to report an online scam
Find out where and how victims can report online scams to prevent more victims and possibly recover funds.
·malwarebytes.com·
How and where to report an online scam
Over 84,000 Roundcube instances vulnerable to actively exploited flaw
Over 84,000 Roundcube instances vulnerable to actively exploited flaw
Over 84,000 instances of the Roundcube webmail software are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) vulnerability with a publicly available exploit.
·bleepingcomputer.com·
Over 84,000 Roundcube instances vulnerable to actively exploited flaw
Google patched bug leaking phone numbers tied to accounts
Google patched bug leaking phone numbers tied to accounts
A vulnerability allowed researchers to brute-force any Google account's recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks.
·bleepingcomputer.com·
Google patched bug leaking phone numbers tied to accounts
SentinelOne shares new details on China-linked breach attempt
SentinelOne shares new details on China-linked breach attempt
SentinelOne has shared more details on an attempted supply chain attack by Chinese hackers through an IT services and logistics firm that manages hardware logistics for the cybersecurity firm.
·bleepingcomputer.com·
SentinelOne shares new details on China-linked breach attempt
Linux Foundation unveils decentralized WordPress plugin manager
Linux Foundation unveils decentralized WordPress plugin manager
A collective of former WordPress developers and contributors backed by the Linux Foundation has launched the FAIR Package Manager, a new and independent distribution system for trusted WordPress plugins and themes.
·bleepingcomputer.com·
Linux Foundation unveils decentralized WordPress plugin manager
Designing Blue Team playbooks with Wazuh for proactive incident response
Designing Blue Team playbooks with Wazuh for proactive incident response
Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response.
·bleepingcomputer.com·
Designing Blue Team playbooks with Wazuh for proactive incident response
Major food wholesaler says cyberattack impacting distribution systems
Major food wholesaler says cyberattack impacting distribution systems
The statement said the Rhode Island-based company identified unauthorized activity on its systems on Thursday, prompting officials to take systems offline. The action “has temporarily impacted the Company’s ability to fulfill and distribute customer orders.”
·therecord.media·
Major food wholesaler says cyberattack impacting distribution systems
Designing Blue Team playbooks with Wazuh for proactive cyber defense
Designing Blue Team playbooks with Wazuh for proactive cyber defense
Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response.
·bleepingcomputer.com·
Designing Blue Team playbooks with Wazuh for proactive cyber defense
Shared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?
Shared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?
Cyber threats to the U.S. electric grid are mounting. Attackers—from nation-state actors to ransomware gangs—are growing more creative and persistent in probing utility networks and operational technology systems that underpin modern life. Related: The evolution of OT security And yet, many utility companies remain trapped in a compliance-first model that often obscures real risks rather
·lastwatchdog.com·
Shared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?
Grocery wholesale giant United Natural Foods hit by cyberattack
Grocery wholesale giant United Natural Foods hit by cyberattack
United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack.
·bleepingcomputer.com·
Grocery wholesale giant United Natural Foods hit by cyberattack
Data security is a CX issue, too
Data security is a CX issue, too
A string of cyberattacks have targeted retailers like Adidas and North Face. Incidents like these can weaken customer trust and lead to lost business, experts say.
·cybersecuritydive.com·
Data security is a CX issue, too
Case Study: Inadequate Configuration & Change Control | CSA
Case Study: Inadequate Configuration & Change Control | CSA
The Football Australia 2024 breach resulted from developers misconfiguring their AWS S3 buckets (an example of Misconfiguration and Inadequate Change Control).
·cloudsecurityalliance.org·
Case Study: Inadequate Configuration & Change Control | CSA
Réseaux de désinformation : OpenAI bloque des comptes ChatGPT pilotés par des puissances étrangères
Réseaux de désinformation : OpenAI bloque des comptes ChatGPT pilotés par des puissances étrangères
OpenAI annonce avoir identifié et fermé les comptes ChatGPT de plusieurs groupes liés à des puissances étrangères. L’outil d’IA générative servait à orchestrer des opérations d’influence et de désinformation sur les réseaux sociaux. Leur objectif est clair : polariser les débats publics, diffuser des contenus
·numerama.com·
Réseaux de désinformation : OpenAI bloque des comptes ChatGPT pilotés par des puissances étrangères