Latest CyberSec News by @thecyberpicker

Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape. CVE-2025-2783 . webapps exploit for Windows platform

Grav CMS 1.7.48 - Remote Code Execution (RCE). CVE-2025-50286 . webapps exploit for PHP platform

Elon Musk-owned xAI is testing Grok 4.20, a small update to Grok 4, which already competes with GPT-5 in some benchmarks, such as ARC-AGI 2.

A cyber-attack at Connex Credit Union has compromised data of 172,000 individuals, including sensitive information

Organizations supporting the security vulnerability program said it needed changes to improve stability and rebuild trust.

The cybersecurity world stands immeasurably stronger because of the vision, expertise, and leadership of Amit Yoran. Throughout his distinguished career, Amit fundamentally shaped the field of cybersecurity, setting new standards for excellence, innovation, and resilience. We are proud to honor Amit’s life with our first-ever lifetime CyberScoop 50 award.

Scoop News Group is thrilled to honor the standout winners of the 2025 CyberScoop 50 Awards, recognizing the leaders who protect our networks, data, and infrastructure while driving innovation across cybersecurity.

Cisco ISE 3.0 - Authorization Bypass. CVE-2025-20125 . remote exploit for Multiple platform

Cisco ISE 3.0 - Remote Code Execution (RCE). CVE-2025-20124 . remote exploit for Multiple platform

Microsoft Windows - Storage QoS Filter Driver Checker. CVE-2025-49730 . local exploit for Windows platform

projectworlds Online Admission System 1.0 - SQL Injection. CVE-2025-8471 . webapps exploit for Multiple platform

Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang's encryptors, allowing them to recover a victim's files for free without paying a ransom.

A carmaker has been found to be open to leaking vehicle data and customer information through their dealership portal.

Mere automation tools will struggle in the agentic AI era. For GRC, this means it’s time to move beyond checklists and focus on risk-aware decision-making.

Cyber threats are moving fast—one unpatched vulnerability could turn secure systems into costly breaches.

This week in cybersecurity from the editors at Cybercrime Magazine

The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks.

Still, if data governance and protection aren’t exactly your area of expertise, you may be unsure where to find the best GDPR certifications to stay

Four senior members of a Ghana-based criminal network have been indicted for stealing over $100 million through romance scams and BEC frau

Refined exposure management cuts remediation by 96%, aligning security with business priorities for stronger, efficient protection.

TRM Labs observed crypto payments worth $34.2m moved from victims addresses to a range of destinations likely associated with the group

Fears around children is opening up a new market for automatic license place readers.

Black Hat USA 2025 concluded amid a noticeable shift in tone. Compared to prior years, the discussions were more grounded, and the stakes more clearly defined. Related: GenAI security gaps few see While generative AI remained the central theme, what stood out was the growing consensus that the security community must now contend with a

Cary, United States, 11th August 2025, CyberNewsWire

Over 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise.

Cet été 2025, les automobilistes français doivent faire face à un nouveau piège sur la route des vacances : les faux SMS et mail Ulys. Depuis la mise en place du péage en flux libre, les cybercriminels profitent du flou qui entoure ce nouveau procédé pour arnaquer les voyageurs. Depuis le début de l’été, au moins

Researchers showed how hackers can exploit flaws in a bus’ onboard and remote systems for tracking, control and spying.

Eight European countries have yet to transpose NIS2 into law, exposing them to regulatory action

Commercial red team experts believe AI’s current impact on cyber is overstated