https://www.infosecurity-magazine.com/news/oregon-man-charged-in-rapper-bot/

Latest CyberSec News by @thecyberpicker
https://cloudsecurityalliance.org/articles/a-breakdown-of-the-iso-27001-certification-process
https://therecord.media/scattered-spider-affiliate-sentenced-10-years
All Apple users should update after company patches zero-day vulnerability in all platforms
Apple has released security updates to patch a zero-day vulnerability tracked as CVE-2025-43300 for all platforms
The Past, Present and Future of Women In Cybersecurity
This week in cybersecurity from the editors at Cybercrime Magazine
Google settles YouTube lawsuit over kids’ privacy invasion and data collection
Google has settled a lawsuit against YouTube for $30 million but did not admit collecting data of minors for targeted advertising.
FBI warns of Russian hackers exploiting 7-year-old Cisco flaw
The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia's Federal Security Service (FSB) are targeting critical infrastructure organizations in attacks exploiting a 7-year-old vulnerability in Cisco devices.
1Password, Dashlane, NordPass… votre gestionnaire de mot de passe est-il à l’abri de cette attaque ?
Lors de la conférence DEFCON 33 en août 2025, le chercheur indépendant en cybersécurité Marek Tóth a démontré qu’une attaque de type clickjacking pouvait mettre en danger des millions d’utilisateurs de gestionnaires de mots de passe parmi les plus populaires au monde. Un procédé qui permettrait à un acteur
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
QuirkyLoader malware spreads via spam since Nov 2024, delivering RATs and stealers in Taiwan, Mexico.
Cybercriminal Linked to Notorious Scattered Spider Gang Gets 10-Year Sentence
Noah Urban, linked with the Scattered Spider cybercriminal gang, will also pay $13m in restitution to victims
Jim Sanborn Is Auctioning Off the Solution to Part Four of the Kryptos Sculpture - Schneier on Security
Well, this is interesting: The auction, which will include other items related to cryptology, will be held Nov. 20. RR Auction, the company arranging the sale, estimates a winning bid between $300,000 and $500,000. Along with the original handwritten plain text of K4 and other papers related to the coding, Mr. Sanborn will also be providing a 12-by-18-inch copper plate that has three lines of alphabetic characters cut through with a jigsaw, which he calls “my proof-of-concept piece” and which he kept on a table for inspiration during the two years he and helpers hand-cut the letters for the project. The process was grueling, exacting and nerve wracking. “You could not make any mistake with 1,800 letters,” he said. “It could not be repaired.”...
Orange Data Breach Raises SIM-Swapping Attack Fears
Orange Belgium revealed that a threat actor has compromised 850,000 customer accounts, with SIM card numbers among the data accessed
We Want Your Feedback! Developing a Transit Cybersecurity Framework Community Profile
The NIST National Cybersecurity Center of Excellence (NCCoE) has published NIST
Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025
Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.
NIST Unveils Guidelines to Help Spot Face Morphing Attempts
NIST has released new guidelines examining the pros and cons of detection methods for face morphing software
“PromptFix” Attacks Could Supercharge Agentic AI Threats
Guardio reveals a new AI take on ClickFix dubbed “PromptFix”
Scattered Spider hacker gets sentenced to 10 years in prison
Noah Michael Urban, a key member of the Scattered Spider cybercrime collective, was sentenced to 10 years in prison on Wednesday after pleading guilty to charges of wire fraud and conspiracy in April.
FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage.
Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft
Scattered Spider hacker Noah Urban sentenced to 10 years, $13M restitution, after SIM swapping crypto thefts.
US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin
CERT/CC disclosed serious data exposure vulnerabilities in Workhorse Software used by hundreds of U.S. cities and towns.
Orange Belgium discloses data breach impacting 850,000 customers
Orange Belgium, a subsidiary of telecommunications giant Orange Group, disclosed on Wednesday that attackers who breached its systems in July have stolen the data of approximately 850,000 customers.
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks
Apple patches CVE-2025-43300 zero-day in iOS, iPadOS, and macOS after active exploitation reports.
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
A 21-year-old Florida man at the center of a prolific cybercrime group known as "Scattered Spider" was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of…
OpenAI says GPT-6 is coming and it'll be better than GPT-5 (obviously)
OpenAI's CEO Sam Altman told reporters that GPT-6 is already in the works, and it'll not take as long as GPT-5.
CIS Benchmarks August 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for August 2025.
https://www.bleepingcomputer.com/news/security/ai-website-builder-lovable-increasingly-abused-for-malicious-activity/
News alert: Link11 warns of rising API and bot attacks, launches integrated WAAP platform
Frankfurt, Germany, Aug. 20, 2025, CyberNewswire — Link11, a Germany-based global IT security provider, has released insights into the evolving cybersecurity threat landscape and announced the capabilities of its Web Application and API Protection (WAAP) platform, designed to provide multi-layered defenses against modern digital threats. The rapid pace of digital transformation has expanded the opportunities
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software.
Apple fixes new zero-day flaw exploited in targeted attacks
Apple has released emergency updates to patch another zero-day vulnerability that was exploited in an "extremely sophisticated attack."
FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage
Russian hackers exploit Cisco CVE-2018-0171 since 2022, breaching global networks and targeting U.S. infrastructure.