Latest CyberSec News by @thecyberpicker

Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF). CVE-n/a . webapps exploit for Go platform

ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF). CVE-2025-28062 . webapps exploit for Python platform

As organizations brace for the rising tide of machine identities and prepare for a post-quantum cryptographic era, a quiet but crucial shift is underway in the financial sector: the deployment of a new, private PKI standard designed specifically to meet banking’s complex operational and compliance needs. Related: Why crypto-agility is a must have While the

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub.

New BYOI technique lets attackers bypass SentinelOne EDR,disable protection, and deploy Babuk ransomware by exploiting agent upgrade process

The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen

Proactive hardening recommendations to defend against UNC3944, aka Scattered Spider, a financially-motivated threat group.

​Microsoft has fixed a known issue preventing Windows 11 24H2 feature updates from being delivered via Windows Server Update Services (WSUS) after installing the April 2025 security updates.

Google’s May 2025 Android update patches 46 flaws; one critical bug exploited since March via FreeType.

Google’s May 2025 Android update patches 46 flaws; one critical bug exploited since March via FreeType.

Langflow flaw CVE-2025-3248 allows unauthenticated code execution + Patch due May 26 + 466 servers exposed.

The monthly Android security update covers 47 vulnerabilities, including a high-severity defect in the widely used FreeType software library.

The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States.

The prolific ransomware gang claimed to have taken over the Peruvian government's domain.

The Pentagon will lay out new security requirements and approval processes for the software it purchases.

A new "Bring Your Own Installer" EDR bypass technique is exploited in attacks to bypass SentinelOne's tamper protection feature, allowing threat actors to disable endpoint detection and response (EDR) agents to install the Babuk ransomware.

The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide.

TeleMessage, an Israeli company that sells an unofficial Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being hacked.

Microsoft warns about the security risks posed by default configurations in Kubernetes deployments, particularly those using out-of-the-box Helm charts, which could publicly expose sensitive data.

Multiple school districts and a university in New Mexico are suffering from cyberattacks wreaking havoc as the end of the school year approaches.

A man believed to be living in Yemen is accused of developing the ransomware and infecting about 1,500 computer systems in the U.S. and elsewhere between March 2021 and June 2023.

Every year at RSAC, the cybersecurity conversation swells with new terms, emerging threats, and fresh takes on familiar problems. What exactly is 'agentic AI?' At RSAC 2025, the volume knob turned to AI — its potential, its peril, and its increasingly complex role in enterprise defense. But behind the keynote gloss, what often resonates most

The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide.

CISA adds CVE-2025-34028 to KEV list after real-world exploits, forcing federal patching by May 23.

Zero-click AirPlay vulnerabilities exposed in March 2025 could let malware spread across networks undetected.

The U.S. government sanctioned the Karen National Army, a militia group, and Saw Chit Thu, its leader, for their purported connections to the cyber fraud industry in Myanmar.

Microsoft announces that it will be joining GASA as a Foundation Member. Read about how Microsoft and the other members of GASA hope to stem losses from cyber scams.

Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

The Skype video call and messaging service is shutting down today, 14 years after replacing Microsoft's Windows Live Messenger.

Le gouvernement américain a fait appel à la société israélienne TeleMessage pour utiliser une version détournée de l'application Signal, qui...-Cybersécurité