Latest CyberSec News by @thecyberpicker

A tech startup is using personal data stolen by infostealer malware that it has found on the dark web, and then selling access to that data.

Modified AllaKore RAT and Ghost Crypt crypter target Mexican entities and global victims for financial fraud.

Cisco confirms active exploitation of critical ISE bugs, exposing systems to remote root access. Urgent patching advised.

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.

Learn more about how Microsoft Sentinel data lake accelerates AI adoption, empowering teams to detect and respond faster

A woman in Florida was tricked into giving thousands of dollars to a scammer after her daughter's voice was AI-cloned and used in a scam.

The United Kingdom's government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks.

Unlock faster, safer deployments by leveling up your IaC maturity. Reduce misconfig risk, alert fatigue, and cloud costs—here’s how.

The UK government said a public consultation showed widespread support on a payment ban for public sector and CNI organizations

This week in cybersecurity from the editors at Cybercrime Magazine

Britain's Home Office wants public feedback on several anti-ransomware proposals, including a requirement for all victims to report attacks to law enforcement.

Despite being a rebrand of several ransomware families, GLOBAL GROUP innovated with the use of an AI chatbot in the negotiation process

Authorities said they raided the Budapest residence of a man believed to be "Hano," the suspect in a series of cyberattacks on independent media outlets.

Learn what it takes to move from SOC to CISO—skills, challenges, and strategic steps for advancement.

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain.

ASIC said the financial services firm’s failings led to a data breach impacting nearly 10,000 clients

True IAM security starts with visibility—mapping identities, assessing risk, and turning insights into action to reduce attack surfaces.

Law journal article that looks at the Dual_EC_PRNG backdoor from a US constitutional perspective: Abstract: The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any of three theories removed the Fourth Amendment’s requirement that this be reasonable. The first is that a challenge to the encryption backdoor might fail for want of a search or seizure. The Article rejects this both because the Amendment reaches some vulnerabilities apart from the searches and seizures they enable and because the creation of this vulnerability was itself a search or seizure. The second is that the role of the technology companies might have brought this backdoor within the private-search doctrine. The Article criticizes the doctrine­ particularly its origins in Burdeau v. McDowell­and argues that if it ever should apply, it should not here. The last is that the customers might have waived their Fourth Amendment rights under the third-party doctrine. The Article rejects this both because the customers were not on notice of the backdoor and because historical understandings of the Amendment would not have tolerated it. The Article concludes that none of these theories removed the Amendment’s reasonableness requirement...

Avis aux créateurs de contenus : de faux logiciels CapCut circulent pour vous piéger. Des cybercriminels ont créé de fausses versions du célèbre logiciel de montage, promettant de nouvelles fonctionnalités d’IA. Leur but ? Vous pousser à télécharger un fichier malveillant capable de prendre le contrôle total de vos

A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app

A comprehensive analysis of the year's new macOS malware

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function. CVE-2025-51401 . webapps exploit for PHP platform

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field. CVE-2025-51403 . webapps exploit for PHP platform

Abnormal AI found that 96% of security leaders have no plans to reduce the headcount in SOC teams as a result of AI adoption, instead focusing on reallocating roles

Microsoft is asking businesses to reach out for support to mitigate a known issue causing Cluster service and VM restart issues after installing this month's Windows Server 2019 security updates.

Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow. CVE-2025-7795 . remote exploit for Multiple platform

Discourse 3.1.1 - Unauthenticated Chat Message Access. CVE-2023-45131 . webapps exploit for Multiple platform

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field. CVE-2025-51398 . webapps exploit for PHP platform

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Personal Canned Messages. CVE-2025-51400 . webapps exploit for PHP platform

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname. CVE-2025-51397 . webapps exploit for PHP platform