Latest CyberSec News by @thecyberpicker

La start-up tricolore déploie plusieurs agents capables d'automatiser une partie du travail des analystes dans les centres d'opérations de...-Cybersécurité

This week in cybersecurity from the editors at Cybercrime Magazine

From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their emails. And finally we reveal the tools that adversaries most heavily utilized last year.

Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation

Google has issued patches for 62 vulnerabilities in Android, including two actively exploited zero-days.

Learn what third-party risk management (TPRM) entails, what staff augmentation is, and how to decide whether it’s the right solution for your TPRM needs.

CERT-UA identifies GIFTEDCROOK malware stealing browser data via phishing Excel files in attacks targeting Ukrainian institutions.

Agentic AI transforms SOCs by autonomously triaging and investigating 100% of alerts, reducing burnout and improving detection speed.

At a Congressional hearing earlier this week, Matt Blaze made the point that CALEA, the 1994 law that forces telecoms to make phone calls wiretappable, is outdated in today’s threat environment and should be rethought: In other words, while the legally-mandated CALEA capability requirements have changed little over the last three decades, the infrastructure that must implement and protect it has changed radically. This has greatly expanded the “attack surface” that must be defended to prevent unauthorized wiretaps, especially at scale. The job of the illegal eavesdropper has gotten significantly easier, with many more options and opportunities for them to exploit. Compromising our telecommunications infrastructure is now little different from performing any other kind of computer intrusion or data breach, a well-known and endemic cybersecurity problem. To put it bluntly, something like Salt Typhoon was inevitable, and will likely happen again unless significant changes are made...

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog

A l'occasion du Forum InCyber, L'Usine Digitale a eu l'occasion d'échanger avec Grégoire Germain, le CEO et co-fondateur d'HarfangLab, une...-Cybersécurité

Malicious actors are using SourceForge to distribute a miner and the ClipBanker Trojan while utilizing unconventional persistence techniques.

CrushFTP flaw CVE-2025-31161 exploited since March 30; 815 systems unpatched as agencies race to secure.

The British government has launched a new code of practice designed to boost corporate cyber governance

Sony XAV-AX5500 1.13 - Firmware Update Validation Remote Code Execution (RCE). CVE-2024-23922 . remote exploit for Multiple platform

InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation. CVE-2024-30896 . remote exploit for Multiple platform

Google addressed 62 vulnerabilities with the release of Android 's April 2025 security update, including two actively exploited zero-days.

GeoVision GV-ASManager 6.1.0.0 - Information Disclosure. CVE-2024-56902 . webapps exploit for Multiple platform

Jasmin Ransomware - Arbitrary File Download (Authenticated).. webapps exploit for Multiple platform

jQuery 3.3.1 - Prototype Pollution & XSS Exploit. CVE-2020-7656CVE-2019-11358 . webapps exploit for Multiple platform

Nagios Xi 5.6.6 - Authenticated Remote Code Execution (RCE). CVE-2019-15949 . webapps exploit for Multiple platform

WordPress User Registration & Membership Plugin 4.1.1 - Unauthenticated Privilege Escalation.. webapps exploit for Multiple platform

UNA CMS 14.0.0-RC - PHP Object Injection.. webapps exploit for Multiple platform

Google patched 62 flaws, including two actively exploited kernel bugs, closing exploit chains used in Android attacks.

Google has built a cybersecurity assistant for information security professionals, and now they’re looking for researchers to play with it.

Serbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International.

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research.

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog.

The 21 signatories support a number of steps, such as banning vendors who behave illegally, in a document agreed to last week in Paris.

Microsoft announced today that, based on customer feedback, it will indefinitely delay removing driver synchronization in Windows Server Update Services (WSUS).