Latest CyberSec News by @thecyberpicker

XorDDoS malware targeted 71.3% of U.S. systems in latest wave; Docker, IoT, and Linux bots fuel rise.

Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.

A near-miss episode of attempted defunding spotlights a need for a better way

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices.

A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.

A near-miss episode of attempted defunding spotlights a need for a better way

Entertainment venue management firm Legends International warns it suffered a data breach in November 2024, which has impacted employees and people who visited venues under its management.

In this week’s newsletter, Thorsten muses on how search engines and AI quietly gather your data while trying to influence your buying choices. Explore privacy-friendly alternatives and get the scoop on why it's important to question the platforms you interact with online.

compop.ca 3.5.3 - Arbitrary code Execution. CVE-2024-48445 . webapps exploit for Multiple platform

AnyDesk 9.0.1 - Unquoted Service Path.. local exploit for Windows platform

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies.

According to a complaint filed by a former employee, cybercriminals exfiltrated records that held personal information like names and Social Security numbers belonging to 76,000 current and former employees of Paradies Shops.

Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation. CVE-2024-12955 . webapps exploit for Multiple platform

A new report fleshes out the resources that went into building DeepSeek’s R1 reasoning model and potential risks to U.S. economic and national security.

Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.

The INC ransomware gang claimed it was behind the cyberattack, which limited operations last November at some of the company's 2,000 stores across the U.S.

Usermin 2.100 - Username Enumeration. CVE-2024-44762 . webapps exploit for Multiple platform

Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE). CVE-2024-42640 . webapps exploit for Multiple platform

ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal.. hardware exploit for PHP platform

ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution. CVE-2024-48840 . hardware exploit for PHP platform

Discord is testing the feature: “We’re currently running tests in select regions to age-gate access to certain spaces or user settings,” a spokesperson for Discord said in a statement. “The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face. For ID verification, the scan of your ID is deleted upon verification.”...

A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing remote scripts.

La célèbre chaîne française d'opticiens et d'acousticiens a subi une cyberattaque en raison d'une faille de sécurité chez l'un de ses...-Cybersécurité

Apple patched two zero-day vulnerabilities that were used in sophisticated targeted attacks manipulating device memory

An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild

The former CISA director departed the cybersecurity company in response to the order, which directs DOJ to investigate him.

Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years

CISA added the high-severity flaw, initially disclosed in 2021, to its known exploited vulnerabilities catalog this week.