Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30531 bookmarks
Custom sorting
Hacker steals $27 million in BigONE exchange crypto breach
Hacker steals $27 million in BigONE exchange crypto breach
Cryptocurrency exchange BigONE announced that it suffered a security breach, in which hackers stole various digital assets valued at $27 million.
·bleepingcomputer.com·
Hacker steals $27 million in BigONE exchange crypto breach
Chinese hackers breached National Guard to steal network configurations
Chinese hackers breached National Guard to steal network configurations
The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks.
·bleepingcomputer.com·
Chinese hackers breached National Guard to steal network configurations
Max severity Cisco ISE bug allows pre-auth command execution, patch now
Max severity Cisco ISE bug allows pre-auth command execution, patch now
A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices.
·bleepingcomputer.com·
Max severity Cisco ISE bug allows pre-auth command execution, patch now
Airbus prépare l’A400M à devenir le « vaisseau mère » des drones de combat
Airbus prépare l’A400M à devenir le « vaisseau mère » des drones de combat
L’Airbus A400M, connu depuis ses débuts comme une référence mondiale du transport militaire, s’apprête à endosser de nouveaux rôles. Parmi eux ? Celui de « vaisseau mère » pour les drones de combat. Initialement conçu pour l’emport de charges lourdes et le soutien logistique, l’A400M voit ses missions s’élargir au
·numerama.com·
Airbus prépare l’A400M à devenir le « vaisseau mère » des drones de combat
Elite Russian university launches degree program on sanctions evasion
Elite Russian university launches degree program on sanctions evasion
The Higher School of Economics (HSE), a leading Russian institution, said the two-year course will focus on international corporate compliance and business ethics, and will be taught in both Russian and English.
·therecord.media·
Elite Russian university launches degree program on sanctions evasion
Adoption agency leaks over a million records
Adoption agency leaks over a million records
The database contained 1,115,061 records including the names of children, birth parents, adoptive parents, and other potentially sensitive information like case notes.
·malwarebytes.com·
Adoption agency leaks over a million records
Compliance is Falling Behind with Non-Human Identities | CSA
Compliance is Falling Behind with Non-Human Identities | CSA
Every major compliance framework, including PCI DSS, GDPR, and ISO 27001, requires strong access controls. Yet Non-Human Identities (NHIs) are often overlooked.
·cloudsecurityalliance.org·
Compliance is Falling Behind with Non-Human Identities | CSA
Security Vulnerabilities in ICEBlock - Schneier on Security
Security Vulnerabilities in ICEBlock - Schneier on Security
The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being “misguided” about the privacy offered by iOS, and of being an Apple fanboy. The issue isn’t what ICEBlock stores. It’s about what it could accidentally reveal through its tight integration with iOS...
·schneier.com·
Security Vulnerabilities in ICEBlock - Schneier on Security
Comment la Chine a infiltré la Garde Nationale américaine pendant 9 mois
Comment la Chine a infiltré la Garde Nationale américaine pendant 9 mois
Une unité de la Garde nationale américaine a été « massivement » compromise par le groupe de cyberespionnage chinois « Salt Typhoon ». Survenue entre mars et décembre 2024, l'opération aurait permis aux pirates d’accéder à des informations sensibles, compromettant potentiellement la sécurité de multiples
·numerama.com·
Comment la Chine a infiltré la Garde Nationale américaine pendant 9 mois