Latest CyberSec News by @thecyberpicker

Xerox VersaLink MFP vulnerabilities (CVE-2024-12510, CVE-2024-12511) enable credential theft via LDAP and SMB/FTP. Patch now to prevent security breac

Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions.

JPMorgan Chase Bank (Chase) will soon start blocking Zelle payments to social media contacts to combat a significant rise in online scams utilizing the service for fraud.

Microsoft announced the deprecation of the Location History feature from Windows, which let applications like the Cortana virtual assistant to fetch location history of the device.

Social media platform X (formerly Twitter) is now blocking links to "Signal.me," a URL used by the Signal encrypted messaging to share your account info with another person.

Une campagne de phishing par SMS usurpe la banque BNP Paribas en prétextant une fausse alerte sur votre compte. Les hackers cherchent à dérober les données personnelles à travers des faux sites copiant l'établissement bancaire. Les clients de BNP Paribas sont actuellement victimes d'une nouvelle campagne de phishing.

Microsoft discovers new XCSSET macOS malware variant with enhanced obfuscation, persistence, and infection strategies.

Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks

Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects

South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns

The EFF has released its Atlas of Surveillance, which documents police surveillance technology across the US.

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app.

Financial technology giant Finastra is notifying victims of a data breach after their personal information was stolen by unknown attackers who first breached its systems in October 2024.

Stay ahead with the 2025 CompTIA A+ Update! Compare 220-1101/1102 vs 220-1201/1202, explore key changes, and get expert exam prep tips.

Discover how Continuous Threat Exposure Management (CTEM) enhances cybersecurity by proactively detecting and neutralizing threats before they escalat

South Korea halts DeepSeek AI downloads from February 15, 2025, over privacy violations and security flaws, pending compliance.

This week in cybersecurity from the editors at Cybercrime Magazine

Après s'être infiltrés dans les réseaux de plusieurs opérateurs télécoms américains, les hackers chinois de Salt Typhoon ont visé de nouvelles...-Cybersécurité

More ASUS customers can now install Windows 11 24H2 after applying a BIOS update that resolves blue screen of death (BSOD) issues acknowledged in October.

New Golang malware leverages Telegram for C2, executing PowerShell commands and self-destructing to evade detection.

From Google espionage to crypto scams, this week's Cyber Recap uncovers it all—read more now

A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers

Pro-Russia group NoName057(16) launched DDoS attacks on Italian sites, targeting airports, the Transport Authority, major ports, and banks

Two Estonian nationals have pleaded guilty to running a cryptocurrency-related Ponzi scheme

Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation

A list of topics we covered in the week of February 10 to February 16 of 2025

In a late panel discussion on Saturday at the Munich Security Conference, Kaupo Rosin protested the use of the word which has been applied to a range of hostile activities that are deemed to be deniable or below the threshold justifying an armed response.

A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country.

Google Chrome has updated the existing "Enhanced protection" feature with AI to offer "real-time" protection against dangerous websites, downloads and extensions.