Latest CyberSec News by @thecyberpicker

APT29 deployed GRAPELOADER to target European diplomats in early 2025, enhancing stealth and persistence.

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's "leaked credentials" detection app called MACE.

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices.

A new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data.

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025.

3 fake npm packages mimicking Telegram Bot API added SSH backdoors on Linux, risking persistent access.

Google Gemini is testing a ChatGPT-like scheduled tasks feature called "Scheduled Actions," which will allow you to create tasks that Gemini will execute later.

CVE-2025-2492 flaw in ASUS AiCloud routers allows remote control; firmware fix issued for 4 versions.

L'Usine Digitale vous propose un best-of des actualités de la semaine du 14 avril en matière de protection des données. Au menu : l'offre...-Data protection

L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, l'arrêt...-Cybersécurité

FoxCMS 1.2.5 - Remote Code Execution (RCE). CVE-2025-29306 . webapps exploit for Multiple platform

Drupal 11.x-dev - Full Path Disclosure. CVE-2024-45440 . webapps exploit for PHP platform

A live colossal squid was filmed for the first time in the ocean. It’s only a juvenile: a foot long. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

ASUS warns of an authentication bypass flaw in routers that could allow unauthorized execution of functions on the device

The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices.

OpenAI has launched three new reasoning models - o3, o4-mini, and o4-mini-high for Plus and Pro subscribers, but as it turns out, these models do not offer 'unlimited' usage.

An alleged operator of the SmokeLoader malware is now facing federal hacking charges in Vermont after accusations that he stole personal information on more than 65,000 people.

ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device.

The FBI warns that scammers posing as FBI IC3 employees are offering to "help" fraud victims recover money lost to other scammers.

Understand what happened in the Oracle Cloud Infrastructure (OCI) breach and potential mitigation strategies powered by Agentic AI.

Text scams come in many forms and are an ever increasing threat doing an awful lot of financial, and other, damage

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf.

Smishing kits by Wang Duo Yu enabled toll fraud in 8 U.S. states since Oct 2024, stealing user data via fake E-ZPass pages.

The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.

A new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds.

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike.

Explore how Data Security Posture Management (DSPM) enhances traditional DLP by offering real-time visibility, risk assessment, and automated protection.

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike.

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware.

This week in cybersecurity from the editors at Cybercrime Magazine