Latest CyberSec News by @thecyberpicker

Text scams come in many forms and are an ever increasing threat doing an awful lot of financial, and other, damage

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf.

Smishing kits by Wang Duo Yu enabled toll fraud in 8 U.S. states since Oct 2024, stealing user data via fake E-ZPass pages.

The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.

A new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds.

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike.

Explore how Data Security Posture Management (DSPM) enhances traditional DLP by offering real-time visibility, risk assessment, and automated protection.

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike.

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware.

This week in cybersecurity from the editors at Cybercrime Magazine

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

Multi-stage phishing attack in Dec 2024 used .JSE, PowerShell, and AutoIt to deliver Agent Tesla.

A Server-Side Request Forgery (SSRF) attack occurs when an attacker tricks a server into making requests to other services. Review a real-world SSRF attack.

Inventio Lite 4 - SQL Injection. CVE-2024-44541 . webapps exploit for PHP platform

UJCMS 9.6.3 - User Enumeration via IDOR. CVE-2024-12483 . webapps exploit for Multiple platform

KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection. CVE-2024-11728 . webapps exploit for PHP platform

Langflow 1.3.0 - Remote Code Execution (RCE). CVE-2025-3248 . remote exploit for Multiple platform

Apache Commons Text 1.10.0 - Remote Code Execution. CVE-2022-42889 . webapps exploit for Multiple platform

Tatsu 3.3.11 - Unauthenticated RCE. CVE-2021-25094 . webapps exploit for PHP platform

Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation. CVE-2024-11972 . webapps exploit for Multiple platform

Le Digital Markets Act, le règlement européen sur le droit du numérique, force Apple à autoriser l'installation de magasins concurrents de l'App Store sur ses iPhone et iPad. AltStore Classic, disponible depuis le 17 avril, permet d'installer des applications illégales avec du contenu pirate. Des mois avant l'entrée

AI use in SaaS tools bypasses security controls, creating shadow integrations and real breach risks.

Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point

XorDDoS malware targeted 71.3% of U.S. systems in latest wave; Docker, IoT, and Linux bots fuel rise.

Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.

A near-miss episode of attempted defunding spotlights a need for a better way

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices.

A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.

A near-miss episode of attempted defunding spotlights a need for a better way