Latest CyberSec News by @thecyberpicker

Hackers are exploiting Shellter’s leaked Elite license to distribute Lumma Stealer, SectopRAT, and more. This affects cybersecurity and red team tools

Today is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server.

Microsoft has released Windows 11 KB5062553 and KB5062552 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues.

Microsoft has released the KB5062554 cumulative update for Windows 10 22H2 and Windows 10 21H2, with thirteen new fixes or changes.

Discourse 3.2.x - Anonymous Cache Poisoning. CVE-2024-47773 . webapps exploit for Multiple platform

Microsoft Outlook - Remote Code Execution (RCE).. remote exploit for Windows platform

Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover. CVE-2024-50477 . webapps exploit for Multiple platform

Anatsa banking malware targets North American users via Google Play, leading to credential theft and financial fraud

Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.

Sudo 1.9.17 Host Option - Elevation of Privilege. CVE-2025-32462 . local exploit for Linux platform

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE). CVE-2025-47228 . remote exploit for Multiple platform

Microsoft Defender for Endpoint (MDE) - Elevation of Privilege. CVE-2025-47161 . local exploit for Multiple platform

The Iran-linked ransomware-as-a-service group Pay2Key.I2P told affiliates that they can keep a larger cut of extortion payments if they attack entities within Iran's adversaries.

Microsoft PowerPoint 2019 - Remote Code Execution (RCE). CVE-2025-47175 . remote exploit for Windows platform

Sudo 1.9.17 - Local Privilege Escalation. CVE-2025-32463 . local exploit for Linux platform

An attack linked to the ransomware gang SafePay has disrupted certain fulfillment capabilities.

A new report shows that a select group of large companies uses technologies that the hacker group often targets.

Researchers from Koi Security have detected 18 malicious Chrome and Edge extensions masquerading as benign productivity and entertainment tools

A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.

The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads.

Researchers uncover a supply chain attack targeting the Ethcode VS Code extension, affecting 6,000+ users.

Le 4 juillet 2025, un informaticien de la société C&M Software est arrêté par la police de Sao Paulo. L'homme est suspecté d'avoir aidé des cybercriminels à infiltrer les systèmes de l'entreprise pour 15 000 réais, environ 2 300 euros. Le piratage de la société, qui assure l’interconnexion entre les banques et un

Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses.

Moscow-based cybersecurity firm Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets.

Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses.

Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access—no open firewall ports required. Learn more and get a free trial.

Google says it's Gemini AI will soon be able to access your messages, WhatsApp, and utilities on your phone. But we're struggling to see this as a good thing.

Check Point discovered around 500 suspected Scattered Spider phishing domains, suggesting the group is preparing to expand its targeting

If you treat Policy-as-Code and Infrastructure-as-Code security as interchangeable, you’re setting yourself up for compliance gaps and security incidents.

This week in cybersecurity from the editors at Cybercrime Magazine