Latest CyberSec News by @thecyberpicker

Russian threat actors have been launching phishing campaigns that exploit the legitimate "Linked Devices" feature in the Signal messaging app to gain unauthorized access to accounts of interest.

The rapid evolution of AI is revolutionizing the security operations center (SOC), promising unprecedented efficiency and accuracy.

Rigging the odds in your favor is the only way security practitioners can go.

Hackers use trojanized game installers to spread the StaryDobry XMRig miner, hijacking gaming PCs with 8+ core CPUs.

Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine

Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.

We analyze 2024's key spam and phishing statistics and trends: the hunt for crypto wallets, Hamster Kombat, online promotions via neural networks, fake vacation schedules, and more.

Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials

CISA warns of active exploitation of Palo Alto Networks and SonicWall vulnerabilities, requiring agencies to patch by March 11, 2025, to secure networ

U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog.

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

WinRAR 7.10 was released yesterday with numerous features, such as larger memory pages, a dark mode, and the ability to fine-tune how Windows Mark-of-the-Web flags are propagated when extracting files.

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.

Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router.

Winnti once used a variety of malware, but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.

A flea market buyer found medical information about hundreds of patients on second hand decommissioned hard drives.

A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry's Mod, BeamNG.drive, and Dyson Sphere Program.

New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack.

In a report released on Monday, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices.

Two OpenSSH vulnerabilities (CVE-2025-26465, CVE-2025-26466) allow MitM and DoS attacks.

Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.

Microsoft once again reminded IT administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, just 60 days from now.

The Chinese APT hacking group "Mustang Panda" has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software.

Join Microsoft at RSAC 2025, where we will showcase end-to-end security designed to help organizations accelerate the secure adoption of AI.

The National Assembly, Ecuador's unicameral legislature, says it was able to "identify and counteract" attempts by malicious hackers to breach sensitive systems.

Mustang Panda exploits MAVInject.exe to evade ESET detection, using EA files to sideload TONESHELL backdoor for persistent cyber espionage.

​Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices.