Latest CyberSec News by @thecyberpicker

This week in cybersecurity from the editors at Cybercrime Magazine

Stalkerware app Catwatchful has been leaking customer and victim information. It is one in a long line of such apps to do this.

Microsoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service.

ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks

Over 40 malicious Firefox extensions impersonating popular crypto wallets have been uncovered, putting digital assets at risk.

SentinelLabs observed North Korean actors deploying novel TTPs to target crypto firms, including a mix of programming languages and signal-based persistence

MITRE ATT&CK v17 introduces an ESXi matrix, highlighting hypervisors as critical points of attack. Learn about the new TTPs and how to secure ESXi environments.

​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom.

Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice department report. The incident was disclosed in a justice department inspector general’s audit of the FBI’s efforts to mitigate the effects of “ubiquitous technical surveillance,” a term used to describe the global proliferation of cameras and the thriving trade in vast stores of communications, travel, and location data...

Chinese hackers exploited Ivanti CSA zero-days, targeting French government, media, and telecom sectors in September 2024.

Adaptive AI platforms for SOCs offer real-time alert triage, faster response times, and full-spectrum security coverage.

Une étude de la société de cybersécurité Netcraft révèle que des cybercriminels exploitent les errances des LLMs comme ChatGPT ou Perplexity. Cette nouvelle méthode de piratage repose sur les faux liens renvoyés par les IA génératives. Il était une époque, pas si lointaine, où l'utilisateur lambda cherchait lui-même

Callback phishing scam emails are masquerading as messages from popular brands used for everyday tasks that put small businesses at risk.

Microsoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update.

Two elevation of privilege vulnerabilities have been discovered on the popular Sudo utility, affecting 30-50 million endpoints in the US alone

À l’heure où les fuites de données sont devenues monnaies courantes, la protection des données personnelles n’a jamais été aussi importante. D’autant plus qu’il existe désormais pléthore d’outils plus puissants les uns que les autres pour accompagner les internautes dans cette tâche. En juin dernier, un fichier

CVE-2025-20309 in Cisco Unified CM could grant root access, allowing arbitrary command execution.

Communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM).

APIs have become the digital glue of the enterprise — and attackers know it. Related: API security - the big picture In this debut edition of the Last Watchdog Strategic Reel (LWSR), A10 Networks’ Field CISO Jamison Utter cuts through the noise from RSAC 2025 with a sharp breakdown of today’s API threatscape. From 15,000

Palo Alto, Calif., Jun. 30, 2025, CyberNewswire--Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case. SquareX’s research reveals that Browser AI Agents are more likely to fall prey to cyberattacks than employees, making them the new weakest link that enterprise security teams need to

North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations.

The campaign uses thousands of phishing websites that mimic the design and product listings of retailers like Apple, Nordstrom and Hermes to trick people into entering their credit card information.

An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals.

North Korean cyber group targets Web3 businesses with Nim-based malware, exploiting AppleScript and Telegram for persistent attacks.

Brett Leatherman told CyberScoop in an interview that while the group still poses a threat, the bureau is focused on resilience and victim support, and going on offense could be in the future.

The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country's government.

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.

By strategically integrating CSA’s STAR program, FedRAMP 20x can deliver improved clarity, consistency, and trust in cloud security.

Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances.

Un groupe de hackers pro-iranien a revendiqué, le 30 juin 2025, le vol de près de 100 gigaoctets d’emails appartenant à des membres de l’entourage de Donald Trump. Cette annonce intervient dans un contexte de tensions accrues entre Washington et Téhéran, après les frappes américaines contre les sites nucléaires en