Latest CyberSec News by @thecyberpicker

Dutch intelligence report warns of growing Russian aggression with hybrid warfare

​Microsoft has resolved a known issue causing Remote Desktop sessions to freeze on Windows Server 2025 and Windows 11 24H2 devices.

Barclays found that romance scam victims lost £8000 on average in 2024, a significant increase from the previous year

Microsoft has fixed several known issues that caused Blue Screen of Death (BSOD) and installation issues on Windows Server 2025 systems with a high core count.

Ripple’s xrpl.js npm package backdoored on April 21, exposing 135K users’ private keys to attackers.

Google scraps new third-party cookie prompt in Chrome + boosts Incognito protections + DOJ eyes Chrome breakup.

Verizon’s 2025 Data Breach Investigations Report noted a 37% increase in ransomware attacks and a 34% increase in exploited vulnerabilities.

Thousands of students, teachers and administrators had information stolen from the Baltimore City Public Schools system during a ransomware attack in February.

OpenAI’s GPT-4.1 was released without a public safety report, prompting SplxAI researchers to test its resilience against misuse.

Marks & Spencer (M&S) has disclosed that it is responding to a cyberattack over the past few days that has impacted operations, including its Click and Collect service.

An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan.

Russia-linked phishing attacks targeting NGOs with ties to Ukraine ask victims to join a video call, and result in them gaining access to Microsoft 365 accounts,

A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote control feature to trick users into granting them access to their machines.

Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in Windows Subsystem for Linux 2 (WSL2).

South Korea's largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers.

Docker malware fakes Teneo node heartbeats to earn crypto + 63-layer obfuscation hides the code.

La célèbre chaîne de magasins britannique a confirmé gérer un “cyberincident”, créant d'importantes perturbations de paiement et sur les délais...-Cybersécurité

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallets.

Android phones will soon reboot themselves after sitting idle for three days. iPhones have had this feature for a while; it’s nice to see Google add it to their phones.

The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

In the race to scale generative AI capabilities, executives plan to increase foundational technology investments, according to Broadridge.

The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity

A new malware campaign utilizing NFC-relay techniques has been identified carrying out unauthorized transactions through POS systems and ATMs

A proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, Outlook, and Teams.

Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution. CVE-2024-4367 . remote exploit for Multiple platform

Billbug, a China-linked espionage group, has been observed targeting critical sectors in Southeast Asia with new tools

In a statement filed to London’s stock exchange on Tuesday afternoon, the company said it made “some minor, temporary changes to our store operations” as soon as it became aware of the incident.

Microsoft Windows 11 - Kernel Privilege Escalation. CVE-2024-21338 . local exploit for Windows platform

WordPress Core 6.2 - Directory Traversal. CVE-2023-2745 . webapps exploit for PHP platform

The Data Security and Privacy domain of the Cloud Controls Matrix addresses critical areas of the data lifecycle, like data classification and data disposal.