Latest CyberSec News by @thecyberpicker

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257.

A data breach at Episource has exposed the personal information of 5.4 million individuals after attackers accessed systems for 10 days

A Europol coordinated operation has taken down key infrastructure used by pro-Russian hacktivist group NoName057(16), as well as a number of arrests

The group, known as “Diskstation,” is accused of encrypting victims’ systems and demanding large cryptocurrency ransoms to restore access to their data, Italy’s Postal and Cybersecurity Police said in a statement.

An international law enforcement operation dubbed "Operation Eastwood" has targeted the infrastructure of the pro-Russian hacktivist group NoName057(16), responsible for distributed denial-of-service (DDoS) attacks across Europe and the US.

Even hard-headed military types can fall victim to romance scams, it seems. A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

Malicious group UNC6148 exploits SonicWall vulnerabilities to deploy OVERSTEP backdoor, targeting patched appliances for data theft.

China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted comms with other units.

The measure aims to prevent compromise of U.S. telecommunications through strengthening network security by establishing “baseline cybersecurity requirements for vendors of telecommunications services” to the country’s 18 intelligence agencies, according to a summary of the bill released by the panel.

AI agents are prone to data exfiltration. See how one attack led to discovery of the knowledge sources, then to data exfiltration of entire customer records.

BlackFog found that publicly disclosed ransomware attacks on retail grew significantly in Q2 compared to Q1, with UK firms heavily targeted

This week in cybersecurity from the editors at Cybercrime Magazine

Generative AI systems risk exploitation without identity-first security, affecting sensitive data and systems. Learn how to secure them.

Researchers expose critical flaw in Windows Server 2025’s dMSA, enabling enterprise-wide access and lateral movement across domains.

Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations.

The decision between immediate action and delayed response made the difference between ransomware prevention and complete encryption in these two real-world Talos IR engagements.

Depuis fin 2024, une campagne d’espionnage d’une sophistication inédite vise les gouvernements d’Asie du Sud-Est. L’outil au cœur de cette opération : HazyBeacon, un logiciel malveillant capable de se dissimuler dans le trafic légitime des services cloud d’Amazon, afin de collecter des informations sensibles sur des

Amazon has emailed 200 million customers to warn them about a rather convincing phishing campaign.

Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild.

Grok 4 is a huge leap from Grok 3, but how good is it compared to other models in the market, such as Gemini 2.5 Pro? We now have answers, thanks to new independent benchmarks.

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection.

Cloudflare highlighted a huge rise in hyper-volumetric DDoS attacks in Q2 2025, with attackers seeking to overwhelm defenses

The NIST National Cybersecurity Center of Excellence has developed the draft two-pager

Cloudflare blocked 7.3M DDoS attacks in Q2 2025, down from 20.5M in Q1, while hyper-volumetric attacks surged with 6,500+ blocked.

CyCognito research finds that a third of education sector APIs, web apps and cloud assets are exposed to attack

NodeJS 24.x - Path Traversal. CVE-2025-27210 . remote exploit for NodeJS platform

AI-driven social engineering campaigns are evolving, targeting your employees, customers, and partners with impersonation tactics.

Researchers uncover sophisticated Konfety Android malware using evil twin apps and complex evasion methods to conduct ad fraud.

A few years ago, a casino was breached via a smart fish tank thermometer. Related: NIST's IoT security standard It’s a now-famous example of how a single overlooked IoT device can become an entry point for attackers — and a cautionary tale that still applies today. The Internet of Things (IoT) is expanding at an

SugarCRM 14.0.0 - SSRF/Code Injection. CVE-2024-58258 . webapps exploit for Multiple platform