Latest CyberSec News by @thecyberpicker

Two critical Linux flaws allow unprivileged users to gain root access, affecting major distributions

Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols.

Several Instagram ads have been found impersonating banks, including the usage of deepfake videos to defraud consumers.

Barracuda observed a big spike in spam emails generated using AI tools, making up the majority detected in April 2025

Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution.

CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges.

Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal information, while others drive traffic to phishing pages.

Upgraded GodFather banking malware now uses on-device virtualization to hijack apps, enabling real-time fraud

Phishing has evolved—and trust is the new attack vector. ChainLink Phishing uses real platforms like Google Drive & Dropbox to sneak past filters and steal credentials in the browser. Watch Keep Aware's on-demand webinar to see how these attacks work—and how to stop them.

If your identity infrastructure experiences an outage, everything can grind to a halt. This disruption is not acceptable for enterprise security.

Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog.

This week in cybersecurity from the editors at Cybercrime Magazine

ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest

Learn how the North Korean-aligned Famous Chollima is using the a new Python-based RAT, "PylangGhost," to target cryptocurrency and blockchain jobseekers in a campaign affecting users primarily in India.

Attackers are increasingly hiding in plain sight, using the same tools IT and security teams rely on for daily operations. This blog breaks down common techniques and provides recommendations to defenders.

Learn how to define the right ISMS scope for ISO 27001 certification by understanding clauses 4.1–4.3 and aligning with business needs and risks.

Des chercheurs en cybersécurité révèlent que Taïwan subit depuis janvier 2025 une offensive numérique d’ampleur inédite, orchestrée par le groupe HoldingHands. Cette opération d’espionnage et de sabotage cible sans relâche les administrations, entreprises et infrastructures stratégiques de l’île. C'est une attaque

The new Cyber Growth Action Plan aims to support the UK’s cyber industry, including the development of innovative new technologies and startups

Water Curse exploited 76 GitHub accounts to deliver stealthy malware targeting developers and supply chains.

Startups can now achieve FedRAMP Moderate faster. Beyond Identity shares real strategies, costs, and team insights.

The National Cybersecurity Center of Excellence (NCCoE) has published the sixth white paper in its series

The group positions itself “not just as a ransomware group, but as a full-service cybercrime platform”, according to Cybereason

Scammers are abusing sponsored search results, displaying their scammy phone number on legitimate brand websites.

These 5 communication channels are favored by scammers to try and trick victims at least once a week—if not more.

BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated attackers gain remote code execution on vulnerable servers.

Today’s digital threats don’t discriminate by size or sector. Building a solid cybersecurity foundation is no longer optional—it’s essential.

Payment processor Paddle has agreed to settle with the FTC over allegations related to tech support scams

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions.

Work management platform Asana is warning users of its new Model Context Protocol (MCP) feature that a flaw in its implementation potentially led to data exposure from their instances to other users and vice versa.