https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-monitoring/implementing-siem-and-soar-platforms/priority-logs-for-siem-ingestion-practitioner-guidance

Latest CyberSec News by @thecyberpicker
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
60 npm packages and VS Code extensions deployed sandbox-evasive malware to steal system data, developer credentials, and crypto wallets.
Google claims users find ads in AI search 'helpful'
Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful."
OpenAI plans to ship an interesting ChatGPT product by 2026
OpenAI is planning to ship a new ChatGPT-powered product by 2026, but we aren't looking at yet another model.
CISO's Guide To Web Privacy Validation And Why It's Important
70% of US sites drop ad cookies despite opt-outs, risking fines and distrust; real-time validation prevents this
Cybersécurité : Adidas alerte certains clients sur la fuite de leurs données
Le fabricant allemand d'articles de sport a déclaré qu'un “tiers non autorisé” avait obtenu certaines données de personnes ayant...-Cybersécurité
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
From TikTok malware drops to zero-day exploits, this week’s roundup is packed with critical intel.
NIST Introduces New Metric to Measure Likelihood of Vulnerability Exploits
The US National Institute of Standards and Technology (NIST) published a white paper introducing a new metric called Likely Exploited Vulnerabilities (LEV)
Fake software activation videos on TikTok spread Vidar, StealC
Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks.
A week in security (May 19 – May 25)
A list of topics we covered in the week of May 19 to May 25 of 2025
Vibe coding company says Claude 4 reduced syntax errors by 25%
Lovable, which is a Vibe coding company, announced that Claude 4 has reduced its errors by 25% and made it faster by 40%.
Leak suggests xAI is getting ready to ship Grok 3.5
xAI, founded by Elon Musk, is preparing to launch Grok 3.5, the company's next state-of-the-art AI model.
ChatGPT Deep Research can now pull data from Dropbox and Box
You can now connect your Box and Dropbox accounts to Deep Research on ChatGPT and pull data, which will be used by the AI to conduct research.
Researchers claim ChatGPT o3 bypassed shutdown in controlled test
A new report claims that OpenAI's o3 model altered a shutdown script to avoid being turned off, even when explicitly instructed to allow shutdown
Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware
The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff.
Glitch to end app hosting and user profiles on July 8
Glitch has announced it is ending app hosting and user profiles on July 8, 2025, responding to changing market dynamics and extensive abuse problems that have raised operational costs.
Leader of Qakbot cybercrime network indicted in U.S. crackdown
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks.
« Pourquoi est-ce aussi cher ? » Les négociations surprenantes entre cybercriminels et victimes
La suite va vous surprendre, ou pas. « Pourquoi est-ce aussi cher ? Bonjour ? ». Les deux messages ont été envoyés le 17 avril 2025 à une vingtaine de minutes d’intervalle. Quelques minutes plus tard, la réponse du cybercriminel affilié au dangereux groupe Lockbit fuse, à la fois ironique et menaçante. « Nous
ABB Cylon Aspect Studio 3.08.03 - Binary Planting
ABB Cylon Aspect Studio 3.08.03 - Binary Planting. CVE-2024-13946 . local exploit for Multiple platform
Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow. CVE-2022-2070 . remote exploit for Multiple platform
WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass. CVE-2025-2594 . webapps exploit for Multiple platform
Java-springboot-codebase 1.1 - Arbitrary File Read
Java-springboot-codebase 1.1 - Arbitrary File Read. CVE-2025-46822 . webapps exploit for Java platform
ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation
ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation. CVE-n/a . remote exploit for Multiple platform
Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
Windows 2024.15 - Unauthenticated Desktop Screenshot Capture. CVE-n/a . remote exploit for Windows platform
Microsoft Windows Server 2016 - Win32k Elevation of Privilege
Microsoft Windows Server 2016 - Win32k Elevation of Privilege. CVE-2023-29336 . local exploit for Windows platform
Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware
Winos 4.0 malware campaign active since Feb 2025 uses fake installers, Catena loader, and AV evasion tactics.
« La navigation privée suffit à protéger mon anonymat en ligne » : mythe ou réalité ?
Pour échapper aux trackers, à la publicité ciblée ou simplement ne pas enregistrer son historique de navigation, il est commun d’activer la navigation privée. Voici pourquoi c’est une fausse bonne idée. La plupart des navigateurs web disposent d’une fonctionnalité de navigation privée. Très pratique et simple à
Département des Hauts-de-Seine attaqué, opération d'Europol… Les 5 actus cyber de la semaine
L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, une...-Cybersécurité
OpenAI confirms Operator Agent is now more accurate with o3
OpenAI says Operator Agent now uses the o3 model, which means it's now significantly better at reasoning capabilities.
Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
Meta’s AI plans face legal action for collecting E.U. user data without opt-in consent, starting May 27.