Latest CyberSec News by @thecyberpicker

More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update are high-severity flaws.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for March 2025.

Apple released emergency software patches Tuesday that address a zero-day vulnerability in the company’s WebKit web browser engine.

Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus.

X’s wave of outages resembled a DDoS attack and Dark Storm Team, a prolific threat group specializing in such attacks, claimed responsibility.

Boston, Mass., Mar. 11, 2025, CyberNewswire -- GitGuardian, the security leader behind GitHub's most installed application, today released its comprehensive "2025 State of Secrets Sprawl Report," revealing a widespread and persistent security crisis that threatens organizations of all sizes. The report exposes a 25% increase in leaked secrets year-over-year, with 23.8 million new credentials detected

Researchers at Cato Networks said that during a recent investigation into router vulnerabilities, they discovered a new botnet — which they named Ballista — infecting TP-Link Archer devices.

Microsoft has released the KB5053606 cumulative update for Windows 10 22H2 and Windows 10 21H2, which fixes numerous bugs, including one preventing SSH connections.

Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in "extremely sophisticated" attacks.

The groups told lawmakers that both the committee and the law provide vital protections for cyber threat information swapping.

Microsoft has released Windows 11 KB5053598 and KB5053602  cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues.

Blind Eagle targeted 1,600 victims in Colombia using spear-phishing, exploiting CVE-2024-43451, and distributing malware via GitHub and Bitbucket.

Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities.

Shutdowns always hamper government operations, but personnel cuts further exacerbate cyber risks, experts say.

Blind Eagle has been running campaigns targeting the Colombian government with malicious .url files and phishing attacks

Lots of interesting details in the story: The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China’s Ministry of Public Security who allegedly worked with them, and two other alleged hackers who are said to be part of the Chinese hacker group APT27, or Silk Typhoon, which prosecutors say was involved in the US Treasury breach late last year. […] According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year. An internal Treasury report ...

Microsoft announced that it will drop support for the Remote Desktop app (available via the Microsoft Store) on May 27 and replace it with its new Windows App.

L'Agence nationale de la sécurité des systèmes d'information (Anssi) a publié son panorama annuel sur l'état de la cybermenace dans l'Hexagone....-Cybersécurité

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies. These enhanced features help this malware family steal and exfiltrate files and system and user information, such as digital wallet data and notes, among others.

New York sues Allstate over data breach, alleging security failures that exposed the driver’s license numbers of nearly 200,000 individuals

A report by cyber insurance firm Coalition shows six of every 10 ransomware claims involved compromised VPN or firewall.

Plankey previously held key roles at the Department of Energy and National Security Council during the first Trump administration.

A newly discovered clipboard hijacking operation dubbed 'MassJacker' uses at least 778,531 cryptocurrency wallet addresses to steal digital assets from compromised computers.

Retardée par la dissolution de l'Assemblée nationale, la procédure d'adoption de la loi de transposition de la directive NIS 2 arrive enfin sur...-Club Data Protection

A pair of data breaches in late 2020 and early 2021 exposed driver’s license numbers of almost 200,000 people.

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation.

Cybercriminals are using AI for help in planning and conducting cyberattacks—but cybersecurity vendors are fighting back. Learn from Acronis Threat Research Unit about how AI-powered security solutions are closing the gap in the battle against AI-driven cyber threats.

President Donald Trump nominated Sean Plankey to head the Cybersecurity and Infrastructure Security Committee on Tuesday,