Latest CyberSec News by @thecyberpicker

Kaspersky expert dissects the MS-RPC security mechanism and provides a step-by-step analysis of calling a function from the Netlogon interface.

Le géant du web va bientôt proposer à ses utilisateurs professionnels de Gmail une solution de chiffrement de bout en bout, peu importe le...-Cybersécurité

Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution

Novice hacker Coquettte exposed through OPSEC failure using Proton66 to distribute malware and illicit content via fake antivirus sites.

A l'occasion du Forum InCyber, l'entreprise allemande Hornetsecurity a annoncé le rachat du français Altospam, spécialisée dans la...-Cybersécurité

CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data.

GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code.

Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE). CVE-2024-42640 . remote exploit for Multiple platform

Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.

Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS). CVE-2024-43687 . remote exploit for Hardware platform

Apache Parquet flaw CVE-2025-30065 enables remote code execution from crafted files, risking data pipelines.

CERT-UA reports three cyberattacks since fall 2024 using WRECKSTEEL malware to steal Ukrainian state data.

Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection. CVE-2024-9054 . remote exploit for Hardware platform

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

At least 12,000 people in Texas had sensitive financial information stolen by hackers who secretly implanted malicious code into the utility payment website of the City of Lubbock.

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.

The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks.

Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files.

​Microsoft is testing a new taskbar icon scaling feature that automatically scales down Windows taskbar icons to show more apps when it gets too overcrowded.

Up to one in five of the most popular mobile VPNs are owned by Chinese companies that do their best to hide the fact.

International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used to evade detection.

CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs.

Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025.

Ransomware gangs and Russian government hackers are increasingly turning to an old tactic called “fast flux” to hide the location of infrastructure used in cyberattacks.

Tax-themed phishing hit 2,300 U.S. firms in Feb 2025 using QR codes and fake login pages.

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.

As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.

The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development.

AppSmith 1.47 - Remote Code Execution (RCE). CVE-2024-55963 . webapps exploit for Java platform

Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017.