Latest CyberSec News by @thecyberpicker

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog.

This guidance outlines how OT owners and operators can create and maintain an asset inventory and OT taxonomy, to protect their most vital assets. It includes steps for defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle management.

OpenAI is slowly addressing all concerns around GPT-5, including rate limits and now its personality, which has been criticized for being less affirmative.

Russia is restricting calls on the WhatsApp and Telegram messaging apps in what it says is a bid to counter criminal activity, but that WhatsApp contends is a response to its defiance of government efforts to violate user communication rights.

The US court filing system, which houses court records and sealed filings, was reportedly hacked by Russians seeking sensitive documents.

Researchers aren’t aware of any active exploitation of the software, but the issue is being dealt with simultaneously as attackers are trying to brute force the company’s security appliances.

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates.

The KB5063878 Windows 11 24H2 cumulative update, released earlier this week, fails to install on some systems according to widespread reports from Windows administrators.

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and session hijacking.

Two executive orders President Donald Trump has signed in recent months could prove to have a more dramatic impact on cybersecurity than first thought, for better or for worse.

Microsoft haul this month covers 109 CVEs… more or less

Fortinet warns of a critical FortiSIEM vulnerability, tracked as CVE-2025-25256, that is actively exploited in attacks in the wild.

PS1Bot malvertising campaign uses in-memory PowerShell attacks since early 2025, enabling stealth data theft.

The Office of the Pennsylvania Attorney General has announced that a recent cyberattack has taken down its systems, including landline phone lines and email accounts.

There is a really great series of online events highlighting cool uses of AI in cybersecurity, titled Prompt||GTFO. Videos from the first three events are online. And here’s where to register to attend, or participate, in the fourth. Some really great stuff here.

A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, marked a deliberate shift in targeting that has historically preceded new vulnerability disclosures.

The guidance includes specific examples for three critical infrastructure sectors that held workshops with CISA.

Officials reiterated their belief that hackers were not exploiting the flaw, but nonetheless urged users to immediately check their systems.

In the August 2025 patch Tuesday round Microsoft fixed a total of 111 Microsoft vulnerabilities, some of which are very important.

A critical RCE vulnerability in Erlang’s OTP SSH daemon has been identified that allows unauthenticated command execution

Researchers at Horizon3.ai discovered the flaw after flagging unusual behavior in a customer environment.

AI-powered trading platforms have been observed exploiting deepfake technology to trick investors with fake endorsements

Zoom and Xerox patched critical flaws enabling privilege escalation and RCE, risking corporate network compromise.

Four related algorithms are now ready for use to protect data created and transmitted by the Internet of Things and other electronics.

Plankey combines strategic vision, operational experience, and a strong commitment to public service — qualities essential for this role. He served as principal deputy assistant secretary at the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, where he played a key role in safeguarding the nation’s critical energy infrastructure from cyber threats. His work there gave him direct experience managing risk at the intersection of digital and physical security.

Microsoft will remove PowerShell 2.0 from Windows starting in August, eight years after announcing its deprecation and keeping it around as an optional feature.

Why do manual identity workflows continue to exist, when the consequences of getting them wrong are so serious and when automation is increasingly common?

RomCom hackers group exploited the WinRAR zero-day in spearphishing attacks to deliver backdoors. WinRAR fixed the flaw with v.7.13.

The personal data of almost 145,000 people who were registered in Manpower’s systems was compromised