Latest CyberSec News by @thecyberpicker

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware.

This week in cybersecurity from the editors at Cybercrime Magazine

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

Multi-stage phishing attack in Dec 2024 used .JSE, PowerShell, and AutoIt to deliver Agent Tesla.

A Server-Side Request Forgery (SSRF) attack occurs when an attacker tricks a server into making requests to other services. Review a real-world SSRF attack.

Inventio Lite 4 - SQL Injection. CVE-2024-44541 . webapps exploit for PHP platform

UJCMS 9.6.3 - User Enumeration via IDOR. CVE-2024-12483 . webapps exploit for Multiple platform

KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection. CVE-2024-11728 . webapps exploit for PHP platform

Langflow 1.3.0 - Remote Code Execution (RCE). CVE-2025-3248 . remote exploit for Multiple platform

Apache Commons Text 1.10.0 - Remote Code Execution. CVE-2022-42889 . webapps exploit for Multiple platform

Tatsu 3.3.11 - Unauthenticated RCE. CVE-2021-25094 . webapps exploit for PHP platform

Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation. CVE-2024-11972 . webapps exploit for Multiple platform

Le Digital Markets Act, le règlement européen sur le droit du numérique, force Apple à autoriser l'installation de magasins concurrents de l'App Store sur ses iPhone et iPad. AltStore Classic, disponible depuis le 17 avril, permet d'installer des applications illégales avec du contenu pirate. Des mois avant l'entrée

AI use in SaaS tools bypasses security controls, creating shadow integrations and real breach risks.

Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point

XorDDoS malware targeted 71.3% of U.S. systems in latest wave; Docker, IoT, and Linux bots fuel rise.

Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices.

A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.

A near-miss episode of attempted defunding spotlights a need for a better way

Entertainment venue management firm Legends International warns it suffered a data breach in November 2024, which has impacted employees and people who visited venues under its management.

In this week’s newsletter, Thorsten muses on how search engines and AI quietly gather your data while trying to influence your buying choices. Explore privacy-friendly alternatives and get the scoop on why it's important to question the platforms you interact with online.

compop.ca 3.5.3 - Arbitrary code Execution. CVE-2024-48445 . webapps exploit for Multiple platform

AnyDesk 9.0.1 - Unquoted Service Path.. local exploit for Windows platform

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies.

According to a complaint filed by a former employee, cybercriminals exfiltrated records that held personal information like names and Social Security numbers belonging to 76,000 current and former employees of Paradies Shops.

Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation. CVE-2024-12955 . webapps exploit for Multiple platform