Latest CyberSec News by @thecyberpicker

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and session hijacking.

Two executive orders President Donald Trump has signed in recent months could prove to have a more dramatic impact on cybersecurity than first thought, for better or for worse.

Microsoft haul this month covers 109 CVEs… more or less

Fortinet warns of a critical FortiSIEM vulnerability, tracked as CVE-2025-25256, that is actively exploited in attacks in the wild.

PS1Bot malvertising campaign uses in-memory PowerShell attacks since early 2025, enabling stealth data theft.

The Office of the Pennsylvania Attorney General has announced that a recent cyberattack has taken down its systems, including landline phone lines and email accounts.

There is a really great series of online events highlighting cool uses of AI in cybersecurity, titled Prompt||GTFO. Videos from the first three events are online. And here’s where to register to attend, or participate, in the fourth. Some really great stuff here.

A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, marked a deliberate shift in targeting that has historically preceded new vulnerability disclosures.

The guidance includes specific examples for three critical infrastructure sectors that held workshops with CISA.

Officials reiterated their belief that hackers were not exploiting the flaw, but nonetheless urged users to immediately check their systems.

In the August 2025 patch Tuesday round Microsoft fixed a total of 111 Microsoft vulnerabilities, some of which are very important.

A critical RCE vulnerability in Erlang’s OTP SSH daemon has been identified that allows unauthenticated command execution

Researchers at Horizon3.ai discovered the flaw after flagging unusual behavior in a customer environment.

AI-powered trading platforms have been observed exploiting deepfake technology to trick investors with fake endorsements

Zoom and Xerox patched critical flaws enabling privilege escalation and RCE, risking corporate network compromise.

Four related algorithms are now ready for use to protect data created and transmitted by the Internet of Things and other electronics.

Plankey combines strategic vision, operational experience, and a strong commitment to public service — qualities essential for this role. He served as principal deputy assistant secretary at the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, where he played a key role in safeguarding the nation’s critical energy infrastructure from cyber threats. His work there gave him direct experience managing risk at the intersection of digital and physical security.

Microsoft will remove PowerShell 2.0 from Windows starting in August, eight years after announcing its deprecation and keeping it around as an optional feature.

Why do manual identity workflows continue to exist, when the consequences of getting them wrong are so serious and when automation is increasingly common?

RomCom hackers group exploited the WinRAR zero-day in spearphishing attacks to deliver backdoors. WinRAR fixed the flaw with v.7.13.

The personal data of almost 145,000 people who were registered in Manpower’s systems was compromised

Microsoft has asked customers this week to disregard incorrect CertificateServicesClient (CertEnroll) errors that appear after installing the July 2025 preview update and subsequent Windows 11 24H2 updates.

This week in cybersecurity from the editors at Cybercrime Magazine

The countdown is on for security teams still managing digital certificates with spreadsheets and manual workarounds. Related: Preparing for the quantum future Starting in 2026, TLS certificate lifespans will begin dropping sharply — from 398 days to just 47 by 2029. That shift isn’t just a technical nuance. It’s a foundational disruption to how enterprises

AI SOC Agents cut incident dwell time by automating triage and investigations, improving security outcomes.

CVE-2025-25256 in FortiSIEM scored 9.8 CVSS; active exploit found, prompting urgent patching. (

What is the CCNP Security certification? Why should you consider taking it to level up in your cyber security career? Read this article to learn more.

One of the few things many disliked about ChatGPT was the confusing number of models. OpenAI claimed GPT-5 would fix this, but it seems to have made it worse.

The flexibility and scalability of virtualization comes with significant risks if security and management practices are not modernized accordingly.