Latest CyberSec News by @thecyberpicker

US CISA confirms no change in defense against Russian cyber threats despite the Trump administration's pause on offensive operations.

CISA adds five exploited vulnerabilities to its KEV catalog, including flaws in Cisco, Microsoft, and Progress software.

Google’s March 2025 Android Security Bulletin fixes 44 vulnerabilities, including two actively exploited flaws.

San Francisco, Calif., Mar. 3, 2025, CyberNewswire -- With the growing importance of security compliance for startups, more companies are seeking to achieve and maintain compliance with frameworks like SOC 2, ISO 27001 & GDPR. Bubba AI, Inc. is building a comprehensive solution for these organizations to easily integrate compliance workflows and build their own

Google’s monthly batch of security fixes addressed 43 vulnerabilities.

A U.S. Cyber Command “defend forward” team is now on-site conducting forensics collection and analysis, according to Palau officials.

Rubrik disclosed last month that one of its servers hosting log files was breached, causing the company to rotate potentially leaked authentication keys.

The newspaper chain previously confirmed the attack would likely have a material impact on its financial condition.

U.S. CISA adds Cisco Small Business Routers and Microsoft Windows Win32k flaws to its Known Exploited Vulnerabilities catalog.

The Cybersecurity and Infrastructure Security Agency (CISA) shot down reports that changes are being made to how they approach cyber threats from Russia following a report by The Guardian last week.

The US Cybersecurity and Infrastructure Security Agency says that media reports about it being directed to no longer follow or report on Russian cyber activity are untrue, and its mission remains unchanged.

Microsoft is investigating a new Microsoft 365 outage that is affecting Teams customers and causing call failures.

JavaGhost exploits AWS misconfigurations to run phishing campaigns via SES and WorkMail, evading email protections

A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices.

CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems.

The statement is a rebuttal to stories suggesting otherwise.

Government services offered by one of the largest counties in Maryland are still being limited more than a week after it was targeted by a cyberattack.

On Monday, the United Kingdom's privacy watchdog announced that it is investigating TikTok, Reddit, and Imgur because of privacy concerns about how they are processing children's data.

Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware

Threat actors are exploiting a privilege escalation flaw in Paragon Partition Manager for “bring your own vulnerable driver” (BYOVD) attacks.

Researchers from Nokia Deepfield and GreyNoise warn the botnet has grown to more than 30,000 devices.

Guidance for investigating macOS intrusions where sophisticated threat actors are taking steps to hide their activity.

A growing number of companies are adopting risk-based and data-centric cybersecurity approaches like data security posture management (DSPM).

Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence models.

​Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication.

The US Cybersecurity and Infrastructure Security Agency confirmed it will keep defending against Russian cyber threats to US critical infrastructure

Paragon Software patches CVE-2025-0289, a zero-day flaw in BioNTdrv.sys, exploited for privilege escalation and ransomware

U.K. ICO launches investigations into TikTok, Reddit, and Imgur over concerns about children's data privacy and online safety compliance

Threat actors use ClickFix to spread Havoc C2 malware via SharePoint and Microsoft Graph API, while scammers exploit Google Ads to target PayPal users

A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API