Latest CyberSec News by @thecyberpicker

Attackers have already used the exploit dubbed “ToolShell” to intrude hundreds of organizations globally, including private companies and government agencies.

CVE-2025-54309 could allow remote attackers to obtain admin access via HTTPS

Several critical data governance and security vulnerabilities contributed to the 2023 Toyota data breach, including misconfiguration and inadequate controls.

Ring users on TikTok, Reddit, and X are reporting multiple unauthorized device logins all dating back to May 28.

Des acteurs malveillants ont exploité mi-juillet 2025 des failles de sécurité critiques sur Microsoft SharePoint. Des attaques ciblées, qui concernent les versions dites « on-premise », installées localement chez le client, permettent à un attaquant d’exécuter à distance du code. Microsoft a déjà identifié au moins

This week in cybersecurity from the editors at Cybercrime Magazine

Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers.

Google confirmed detecting active exploits for the sandbox escape zero-day, patching the vulnerability with Chrome 138.0.7204.157.

ProPublica is reporting: Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found. The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage...

AI now powers Zero Trust enforcement across all CISA pillars, helping 80% of firms adopt by 2026. Learn why human-machine teaming is key.

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

A newly rebranded extortion gang known as "World Leaks" breached one of Dell's product demonstration platforms earlier this month and is now trying to extort the company into paying a ransom.

Learning a new language doesn't have to mean night classes, bulky textbooks, or boring apps. With Babbel, you can pick up real-world conversation skills through short, fun, and practical lessons. And right now, you can get a lifetime subscription for only $159 (regularly $599).

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface.

Microsoft has issued an urgent patch for most SharePoint servers after cybersecurity researchers found threat actors globally exploiting a zero-day vulnerability in the products.

On-prem SharePoint customers have been told to assume compromise, with attackers observed to be exfiltrating data from victim servers across critical sectors

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa.

A list of topics we covered in the week of July 14 to July 20 of 2025

Hackers bypass FIDO keys using spoofed portals and QR codes, exposing MFA weaknesses and risking user accounts.

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks.

JavaScript cryptojackers hit 3,500+ sites using stealth WebSocket miners and Magecart-linked infrastructure.

HPE fixed two flaws in Instant On Access Points that could allow admin access and command injection. Patch now to stay secure.

Microsoft warns of active SharePoint exploits affecting on-prem users; 54 victims confirmed in major attack.

Hackers target Web3 developers using fake AI tools and malware to steal crypto wallets and credentials.

Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface.

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide.

npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.

SharePoint zero-day CVE-2025-53770 exploited in mass attacks breaching 75+ orgs; on-prem users at high risk.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog.

npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.