Latest CyberSec News by @thecyberpicker

Google reveals UNC6395 exploited Drift OAuth tokens Aug 8–18, 2025, forcing Salesforce to disable integrations

WhatsApp patched CVE-2025-55177 zero-day linked with Apple CVE-2025-43300, exploited in spyware attacks.

First-person account of someone accidentally catching several Humboldt squid on a fishing line. No photos, though. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

In a post mortem of the incident, Baltimore Inspector General Isabel Mercedes Cumming said the city’s accounts payable department had failed to implement corrective measures after previous incidents of fraud and did not have proper protections in place to verify supplier details.

Microsoft has released the KB5064081 preview cumulative update for Windows 11 24H2, which includes thirty-six new features or changes, with many gradually rolling out. These updates include new Recall features and a new way of displaying CPU usage in Task Manager.

Microsoft has resolved a known issue causing false CertificateServicesClient (CertEnroll) error messages after installing the July 2025 preview and subsequent Windows 11 24H2 updates.

Sitecore patched 3 flaws in June–July 2025, including RCE and cache poisoning, risking full platform compromise.

Workado publicly claimed its AI content detector could accurately determine whether a piece of text was generated by AI in 98% of cases. The FTC said its "no better than a coin flip."

Data breaches cost $4.44M in 2025 as app flaws and GenAI risks surge, driving urgent security changes.

WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks.

The defense supply chain is stronger with continuous, real-time monitoring. GAO‑25‑107283, a report recently released by the U.S. Government Accountability Office (GAO), highlights critical supply chain vulnerabilities across the Department of Defense’s 200,000+ supplier ecosystem. Areas for improvement include limited traceability of foreign-origin materials, visibility into lower-tier vendors, and streamlined contractual reporting. The dangers aren’t....

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts.

Learn how to optimize your SIEM solution with key strategies and practices.

Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign

A top FBI official warns that China’s reliance on domestic tech companies for large-scale hacking is a major weakness.

Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives (HDDs).

Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels.

Sogou Zhuyin update server hijacked in Oct 2024 enabled TAOTH to target 49% victims in Taiwan.

Amazon disrupted APT29’s June 2025 campaign exploiting Microsoft device code authentication, redirecting 10% of visitors to malicious domains.

La société américaine Anthropic dévoile une campagne de vols de données orchestrée à l’aide de son modèle de génération de code Claude Code. En un mois, l'opération aurait mis en danger 17 organisations. Le mode opératoire repose sur ce qu’Anthropic désigne comme du vibe hacking. Vibe coding. Voilà le terme tendance

Zero Trust’s foundational concept of “always verify” is essential to building resilience. Reduce the blast radius to reduce the impact of incidents.

The ransomware ecosystem continues to splinter, with new gangs proliferating in the wake of law enforcement takedowns that have scattered affiliates and prompted criminal rebrands.

This week in cybersecurity from the editors at Cybercrime Magazine

Salt Typhoon hit 600 organizations in 80 countries since 2019, exploiting router flaws for global espionage.

A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity

Generative AI platforms challenge DLP tools; Fidelis NDR offers network-based monitoring to prevent sensitive data leaks.

I just heard about this: There’s a travel scam warning going around the internet right now: You should keep your baggage tags on your bags until you get home, then shred them, because scammers are using luggage tags to file fraudulent claims for missing baggage with the airline. First, the scam is possible. I had a bag destroyed by baggage handlers on a recent flight, and all the information I needed to file a claim was on my luggage tag. I have no idea if I will successfully get any money from the airline, or what form it will be in, or how it will be tied to my name, but at least the first step is possible...

The NIST National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Internal Report (IR) 8349,

Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes

HIPAA ensures the confidential handling of protected health information and mandates stringent guidelines for the privacy and security of patient data.