Latest CyberSec News by @thecyberpicker

Google patched the code execution vulnerability with Gemini CLI 0.1.14. Users must update to this release to avoid threats like data theft.

For the auth bypass flaw, Mitel urges upgrading to the patched MiVoice MX-ONE releases, and prevent internet exposure of vulnerable systems.

The Post SMTP plugin flaw could allow account takeover from an authorized low-privilege user account, such as a Subscriber user.

Web traffic to AI sites surged 50% from Feb 2024 to Jan 2025, driven by browser-based GenAI tools

2023: Darkbeam failed to follow database security best practices, publicly exposing their Elasticsearch & Kibana interface. No data exfiltration was reported.

This week in cybersecurity from the editors at Cybercrime Magazine

Arctic Wolf has spotted an increase in Akira ransomware attacks targeting SonicWall SSL VPNs

The UK Online Safety Act promises protection online but risks privacy and free speech. Learn why critics warn it's a step toward surveillance and censorship.

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.

MITM attacks silently steal data from users via spoofed networks and weak encryption. Learn how to stop them.

This week’s threats don’t shout — they blend in, borrow trust, and drain wallets.

An Arizona woman was sentenced to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers. From an article: According to court documents, Chapman hosted the North Korean IT workers’ computers in her own home between October 2020 and October 2023, creating a so-called “laptop farm” which was used to make it appear as though the devices were located in the United States. The North Koreans were hired as remote software and application developers with multiple Fortune 500 companies, including an aerospace and defense company, a major television network, a Silicon Valley technology company, and a high-profile company...

Everyone's an IT decision-maker now. Here's how to keep your organization safe in the world of Shadow IT.

Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its official AMO (addons.mozilla.org) repository.

Dans une étude publiée fin juillet 2025, les chercheurs de Sonatype annoncent avoir détecté une vaste campagne d’espionnage menée au sein des écosystèmes open source. Aux commandes : Lazarus, un groupe cybercriminel affilié à l’État nord-coréen, connu depuis plus d’une décennie pour des détournements spectaculaires

Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed.

The Pwn2Own competition is offering a $1m reward to any teams able to unearth a WhatsApp code execution exploit

Threat hunters saw North Korean operatives almost daily, reflecting a 220% year-over-year increase in activity, CrowdStrike said in a new report.

State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks' Unit 42.

CrowdStrike revealed the surge in cloud intrusions was partly driven by a 40% increase in Chinese-state actors exploiting these environments

A list of topics we covered in the week of July 28 to August 3 of 2025

New Android malware PlayPraetor infects 11,000+ devices, targeting banking users via fake Play Store links.

A threat actor has been abusing link wrapping services from reputed technology companies to mask malicious links leading to Microsoft 365 phishing pages that collect login credentials.

The Senate voted to confirm Sean Cairncross as national cyber director Saturday, giving the Trump administration one of its top cyber officials after a more than five-month process.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Sean Cairncross, a political veteran without significant cybersecurity experience, could turn the relatively new White House office into a major player in the administration

Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE). CVE-2025-49683 . local exploit for Windows platform

Swagger UI 1.0.3 - Cross-Site Scripting (XSS). CVE-2025-8191 . remote exploit for Multiple platform

LPAR2RRD 8.04 - Remote Code Execution (RCE). CVE-2025-54769 . webapps exploit for Multiple platform