Latest CyberSec News by @thecyberpicker

Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks.

Apple released emergency updates to fix iOS, iPadOS & macOS vulnerabilities actively exploited in sophisticated attacks.

Microsoft has released emergency Windows Server updates to address a known issue preventing Windows containers from launching.

Malicious crypto installers using Node.js since Oct 2024 evade Microsoft Defender via PowerShell and DLLs, enabling stealthy data theft.

CVE-2025-32433 in Erlang SSH scores 10.0 CVSS, enables unauthenticated code execution on telecom and IoT systems.

IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse

U.S. CISA adds SonicWall SMA100 Appliance vulnerabilit to its Known Exploited Vulnerabilities catalog...............

MITRE will be able to keep running the CVE program for at least the next 11 months

Bleu, la coentreprise entre Orange et Capgemini, qui souhaite distribuer les services cloud de Microsoft dans un environnement de confiance, a...-Cloud

Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use

Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024

On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability.

A UK Law firm has been fined £60,000 after data stolen during a 2022 cyber-attack was published on the dark web

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

CVE-2021-20035 added to CISA KEV list due to active exploitation; agencies must patch by May 7.

Apple fixed 2 exploited flaws in iOS 18.4.1, one flagged by Google TAG, urging urgent updates.

TP-Link VN020 F3v(T) TT_V6.2.1021 - Buffer Overflow Memory Corruption. CVE-2024-12344 . remote exploit for Multiple platform

TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS). CVE-2024-12342 . remote exploit for Multiple platform

Bots now account for half of all internet traffic, according to a new study that shows how non-human activity has grown online.

The Cybersecurity and Infrastructure Security Agency on Wednesday said that while the scope of the reported Oracle issue remains unconfirmed, it "presents potential risk to organizations and individuals."

Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices.

MITRE’s U.S.-funded CVE program, a core tool for tracking vulnerabilities, faces funding expiry Wednesday, risking to impact global security.

Google blocked 5.1 billion ads and suspended more than 39.2 million advertiser accounts in 2024, according to its 2024 Ads Safety Report released this week.

Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an "extremely sophisticated attack" against specific targets' iPhones.

The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”

Four Windows Task Scheduler flaws allow attackers to bypass UAC, gain SYSTEM access, and erase logs.

“The CVE Program is invaluable to the cyber community and a priority of CISA,” a CISA spokesperson said. “We appreciate our partners’ and stakeholders’ patience.”

Car rental giant Hertz has been notifying state regulators of a data breach that occurred through third-party file sharing software. Tens of thousands of people are affected, but the company hasn't specified a total number.

The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.

While the last-minute extension averts an immediate lapse in support, rival organizations are being stood up to supplant the global vulnerability system.