Latest CyberSec News by @thecyberpicker

CERT-UA reports three cyberattacks since fall 2024 using WRECKSTEEL malware to steal Ukrainian state data.

Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection. CVE-2024-9054 . remote exploit for Hardware platform

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

At least 12,000 people in Texas had sensitive financial information stolen by hackers who secretly implanted malicious code into the utility payment website of the City of Lubbock.

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.

The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks.

Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files.

​Microsoft is testing a new taskbar icon scaling feature that automatically scales down Windows taskbar icons to show more apps when it gets too overcrowded.

Up to one in five of the most popular mobile VPNs are owned by Chinese companies that do their best to hide the fact.

International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used to evade detection.

CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs.

Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025.

Ransomware gangs and Russian government hackers are increasingly turning to an old tactic called “fast flux” to hide the location of infrastructure used in cyberattacks.

Tax-themed phishing hit 2,300 U.S. firms in Feb 2025 using QR codes and fake login pages.

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.

As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.

Posts about macOS malware, exploits, and tools

Posts about macOS malware, exploits, and tools

The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development.

AppSmith 1.47 - Remote Code Execution (RCE). CVE-2024-55963 . webapps exploit for Java platform

Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017.

CISA earlier this week added CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, to its known exploited vulnerabilities catalog.

Phishers are putting QR codes as images in attachments because it helps them bypass email filters.

An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users

The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the organization and began leaking samples of stolen data.

Nagios Log Server 2024R1.3.1 - Stored XSS.. webapps exploit for Multiple platform

Recognizing the importance of aligning with new developments, CSA has released a mapping between the Cloud Controls Matrix (CCM) v4.0 and FedRAMP.

A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process

Par la voix de Clara Chappaz, la ministre déléguée de l'IA et du numérique, le gouvernement a lancé un appel aux grands patrons de choisir des...-Cybersécurité