Latest CyberSec News by @thecyberpicker

This week in cybersecurity from the editors at Cybercrime Magazine

Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits

Automating security questionnaires, vendor risk management, and compliance tasks helps businesses cut costs, reduce manual workload, and improve security efficiency.

Ce sont encore des dizaines de noms de domaine qui ont été bloqués lors du match PSG-OM, pour empêcher les pirates d'accéder à des retransmissions illicites. Des actions organisées de façon à ennuyer au maximum les resquilleurs, mais qui sont jugées encore trop insuffisantes par les titulaires de droits. La lutte

Bitdefender said the malicious app campaign has resulted in more than 60 million downloads of malicious apps from the Google Play Store

331 Android apps with 60M+ downloads ran full-screen ads, stole credentials, and bypassed security in a large-scale ad fraud and phishing scheme.

The share of businesses scrapping most of their AI initiatives increased to 42% this year, up from 17% last year, according to S&P Global Market Intelligence.

Google is set to acquire Wiz, a cloud security platform founded in 2020, for $32bn in an all-cash deal

Amazon informed Echo users in the US that the "Do not send voice recordings" feature will stop working on March 28, 2025.

Improve multi-cloud identity security with better visibility, governance, and resilience using advanced analytics, orchestration tools, and automated failover mechanisms.

Really interesting research: “How WEIRD is Usable Privacy and Security Research?” by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract: In human factor fields such as human-computer interaction (HCI) and psychology, researchers have been concerned that participants mostly come from WEIRD (Western, Educated, Industrialized, Rich, and Democratic) countries. This WEIRD skew may hinder understanding of diverse populations and their cultural differences. The usable privacy and security (UPS) field has inherited many research methodologies from research on human factor fields. We conducted a literature review to understand the extent to which participant samples in UPS papers were from WEIRD countries and the characteristics of the methodologies and research topics in each user study recruiting Western or non-Western participants. We found that the skew toward WEIRD countries in UPS is greater than that in HCI. Geographic and linguistic barriers in the study methods and recruitment methods may cause researchers to conduct user studies locally. In addition, many papers did not report participant demographics, which could hinder the replication of the reported studies, leading to low reproducibility. To improve geographic diversity, we provide the suggestions including facilitate replication studies, address geographic and linguistic issues of study/recruitment methods, and facilitate research on the topics for non-WEIRD populations...

BADBOX 2.0 botnet infects 1M+ Android devices for ad fraud, proxy abuse, and cybercrime, leveraging pre-installed malware and trojanized apps

MirrorFace targets an EU diplomatic group using ANEL and AsyncRAT, marking a shift in its cyber espionage tactics beyond Japan

While Okta provides robust native security features, configuration drift, identity sprawl, and misconfigurations can provide opportunities for attacke

The GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow.

!exploitable Episode Three - Devfile Adventures

Ce sont encore des dizaines de noms de domaine qui ont été bloqués lors du match PSG-OM, pour empêcher les pirates d'accéder à des retransmissions illicites. Des actions organisées de façon à ennuyer au maximum les resquilleurs, mais qui sont jugées encore trop insuffisantes par les titulaires de droits. La lutte

Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains

Apparu pour la première fois en 2021, le gang de ransomware derrière Medusa a déjà fait plus de 300 victimes dans plusieurs secteurs...-Cybersécurité

Microsoft warns of StilachiRAT, a stealthy remote access trojan that steals credentials, crypto wallets, and system data while evading forensic detect

A ransomware-as-a-service (RaaS) operation called 'BlackLock' has emerged as one of the more active ransomware operations of 2025.

The latest smishing scam follows a familiar process as ones the industry has seen over the past decade.

GitHub was forced to take action this weekend to help users after a threat actor compromised a popular open source package used by more than 23,000 organizations.

defcontrainings

Threat actors began exploiting a recently disclosed Apache Tomcat vulnerability immediately after the release of a PoC exploit code.

French authorities have allowed Pavel Durov, Telegram's CEO and founder, to temporarily leave the country while criminal activity on the messaging platform is still under investigation.

Frankfurt, Germany, Mar. 17, 2025, CyberNewswire -- Cyberattacks are no longer an abstract threat - they dominate risk planning for companies worldwide. The latest Link11 European Cyber Report shows an alarming trend: the number of DDoS attacks has more than doubled, and they are shorter, more targeted, and more technically sophisticated. Organizations that do not

​Microsoft has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, ensure persistence, and extract sensitive information data.

OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist.

Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. This blog primarily focuses on analysis of the WWStartupCtrl64.dll module that contains the RAT capabilities and summarizes the malware’s key behaviors, capabilities, and the potential risk posed to systems and users.