Latest CyberSec News by @thecyberpicker

Microsoft has removed a compatibility hold that prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update because of a known issue that triggers restarts with blue screen of death (BSOD) errors.

Phishers are using legitimate looking Instagram emails in order to scam users.

Cisco Talos warned that the Chaos group, thought to be formed of former BlackSuit members, has launched a wave of attacks targeted a variety of sectors

Près d’un salarié français sur deux a déjà été victime d’une cyberattaque réussie : voilà le constat que dresse KnowBe4 dans un rapport publié le 24 juillet 2025. Selon la société de cybersécurité américaine, les Français se sentiraient moins armés que d'autres salariés dans le monde face au cybermenaces. Ils sont

Mitel addressed a critical MiVoice MX-ONE flaw that could allow an unauthenticated attacker to conduct an authentication bypass attack.

Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay protected.

Kim Se Un, Jo Kyong Hun and Myong Chol Min are accused of helping North Korea evade U.S. and United Nations sanctions through an IT worker plot that involved tricking companies into hiring North Koreans using stolen identities.

Law enforcement has seized the dark web leak sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years.

A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory.

ChatGPT Agent is now rolling out to users with $20 Plus subscription, but OpenAI warns that it will take a few days for the rollout to finish.

Get to know the real people behind cybersecurity’s front lines. In this week’s newsletter, sci-fi meets reality, humanity powers technology and a few surprises are waiting to be discovered.

The Departments of Energy, Homeland Security and Health and Human Services have been impacted.

KrebsOnSecurity recently heard from a reader whose boss's email account got phished and was used to trick one of the company's customers into sending a large payment to scammers. An investigation into the attacker's infrastructure points to a long-running Nigerian…

Fire Ant exploited VMware flaws to breach ESXi and vCenter, targeting isolated systems for persistent access.

Mitel fixes critical MiVoice and MiCollab flaws that allow account access and SQL attacks. Users must update to avoid system compromise.

President Donald Trump’s pick to lead CISA told senators Thursday that he would prioritize evicting China from the U.S. supply chain.

Sean Plankey said he would double down on CISA’s core mission and “allow the operators to operate.”

A threat actor called EncryptHub has compromised a game on Steam to distribute info-stealing malware to unsuspecting users downloading the title.

Netherlands-based cybersecurity firm Eye Security told Reuters and Bloomberg that hackers have successfully breached at least 400 governments and businesses around the world.

CastleLoader malware infected 469 devices via ClickFix, GitHub, and phishing since May 2025. Malware delivery is evolving fast.

Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform.

A large-scale malware campaign known as SarangTrap has been observed using fake dating apps to steal personal data, targeting South Korean users

The US FBI has issued public announcements warning families of The Com, an online criminal network involving minors in various illicit activities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Bloomberg Comdb2.   Comdb2 is an open source, high-availability database developed by Bloomberg. It supports features such as clustering, transactions, snapshots, and isolation. The implementation of the database utilizes optimistic locking for concurrent operation. The vulnerabilities mentioned in this blog post have been patched by the vendor, all in adherence to Cisco’s third-party vulnerability

Sophos and SonicWall patched critical RCE flaws in firewall and SMA 100 products affecting select users.

Automatically generating fuzzing harnesses and vulnerability proof-of-concepts, 5 incentives security programs should pursue, it's always DNS

A group dubbed 'Fire Ant' is targeting VMware ESXi hypervisors, a type of software that controls and hosts virtual machines for enterprise networks.