Latest CyberSec News by @thecyberpicker

Proton66-hosted IPs launched global cyberattacks since Jan 8, 2025, exploiting critical CVEs to deploy malware.

A list of topics we covered in the week of April 12 to April 18 of 2025

This week on the Lock and Code podcast, we speak with Sydney Saubestre about DOGE and its access to Americans' data.

Un expert en cybersécurité démontre aux entreprises, à travers une maquette en LEGO, comment une cyberattaque peut mettre en péril une chaîne de production. Un simple zéro tapé sur un clavier et la machine s’arrête. En quelques secondes, une chaîne de production peut être paralysée et une entreprise mise à l'arrêt

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free.

APT29 deployed GRAPELOADER to target European diplomats in early 2025, enhancing stealth and persistence.

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's "leaked credentials" detection app called MACE.

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices.

A new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data.

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025.

3 fake npm packages mimicking Telegram Bot API added SSH backdoors on Linux, risking persistent access.

Google Gemini is testing a ChatGPT-like scheduled tasks feature called "Scheduled Actions," which will allow you to create tasks that Gemini will execute later.

CVE-2025-2492 flaw in ASUS AiCloud routers allows remote control; firmware fix issued for 4 versions.

L'Usine Digitale vous propose un best-of des actualités de la semaine du 14 avril en matière de protection des données. Au menu : l'offre...-Data protection

L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, l'arrêt...-Cybersécurité

FoxCMS 1.2.5 - Remote Code Execution (RCE). CVE-2025-29306 . webapps exploit for Multiple platform

Drupal 11.x-dev - Full Path Disclosure. CVE-2024-45440 . webapps exploit for PHP platform

A live colossal squid was filmed for the first time in the ocean. It’s only a juvenile: a foot long. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

ASUS warns of an authentication bypass flaw in routers that could allow unauthorized execution of functions on the device

The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices.

OpenAI has launched three new reasoning models - o3, o4-mini, and o4-mini-high for Plus and Pro subscribers, but as it turns out, these models do not offer 'unlimited' usage.

An alleged operator of the SmokeLoader malware is now facing federal hacking charges in Vermont after accusations that he stole personal information on more than 65,000 people.

ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device.

The FBI warns that scammers posing as FBI IC3 employees are offering to "help" fraud victims recover money lost to other scammers.

Understand what happened in the Oracle Cloud Infrastructure (OCI) breach and potential mitigation strategies powered by Agentic AI.

Text scams come in many forms and are an ever increasing threat doing an awful lot of financial, and other, damage

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf.

Smishing kits by Wang Duo Yu enabled toll fraud in 8 U.S. states since Oct 2024, stealing user data via fake E-ZPass pages.

The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.

A new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds.