Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30533 bookmarks
Custom sorting
Hunters International ransomware shuts down after World Leaks rebrand
Hunters International ransomware shuts down after World Leaks rebrand
​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom.
·bleepingcomputer.com·
Hunters International ransomware shuts down after World Leaks rebrand
Surveillance Used by a Drug Cartel - Schneier on Security
Surveillance Used by a Drug Cartel - Schneier on Security
Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice department report. The incident was disclosed in a justice department inspector general’s audit of the FBI’s efforts to mitigate the effects of “ubiquitous technical surveillance,” a term used to describe the global proliferation of cameras and the thriving trade in vast stores of communications, travel, and location data...
·schneier.com·
Surveillance Used by a Drug Cartel - Schneier on Security
ChatGPT vous renvoie vers de mauvaises URLs et c’est formidable pour les hackers
ChatGPT vous renvoie vers de mauvaises URLs et c’est formidable pour les hackers
Une Ă©tude de la sociĂ©tĂ© de cybersĂ©curitĂ© Netcraft rĂ©vĂšle que des cybercriminels exploitent les errances des LLMs comme ChatGPT ou Perplexity. Cette nouvelle mĂ©thode de piratage repose sur les faux liens renvoyĂ©s par les IA gĂ©nĂ©ratives. Il Ă©tait une Ă©poque, pas si lointaine, oĂč l'utilisateur lambda cherchait lui-mĂȘme
·numerama.com·
ChatGPT vous renvoie vers de mauvaises URLs et c’est formidable pour les hackers
Microsoft asks users to ignore Windows Firewall config errors
Microsoft asks users to ignore Windows Firewall config errors
Microsoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update.
·bleepingcomputer.com·
Microsoft asks users to ignore Windows Firewall config errors
Linux Users Urged to Patch Critical Sudo CVE
Linux Users Urged to Patch Critical Sudo CVE
Two elevation of privilege vulnerabilities have been discovered on the popular Sudo utility, affecting 30-50 million endpoints in the US alone
·infosecurity-magazine.com·
Linux Users Urged to Patch Critical Sudo CVE
Cette offre pCloud 2-en-1 est parfaite pour assurer la sécurité de vos données personnelles
Cette offre pCloud 2-en-1 est parfaite pour assurer la sécurité de vos données personnelles
À l’heure oĂč les fuites de donnĂ©es sont devenues monnaies courantes, la protection des donnĂ©es personnelles n’a jamais Ă©tĂ© aussi importante. D’autant plus qu’il existe dĂ©sormais plĂ©thore d’outils plus puissants les uns que les autres pour accompagner les internautes dans cette tĂąche. En juin dernier, un fichier
·numerama.com·
Cette offre pCloud 2-en-1 est parfaite pour assurer la sécurité de vos données personnelles
STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through
STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through
APIs have become the digital glue of the enterprise — and attackers know it. Related: API security - the big picture In this debut edition of the Last Watchdog Strategic Reel (LWSR), A10 Networks’ Field CISO Jamison Utter cuts through the noise from RSAC 2025 with a sharp breakdown of today’s API threatscape. From 15,000
·lastwatchdog.com·
STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through
News alert: SquareX research finds browser AI agents are proving riskier than human employees
News alert: SquareX research finds browser AI agents are proving riskier than human employees
Palo Alto, Calif., Jun. 30, 2025, CyberNewswire--Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case. SquareX’s research reveals that Browser AI Agents are more likely to fall prey to cyberattacks than employees, making them the new weakest link that enterprise security teams need to
·lastwatchdog.com·
News alert: SquareX research finds browser AI agents are proving riskier than human employees
NimDoor crypto-theft macOS malware revives itself when killed
NimDoor crypto-theft macOS malware revives itself when killed
North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations.
·bleepingcomputer.com·
NimDoor crypto-theft macOS malware revives itself when killed
DOJ investigates ex-ransomware negotiator over extortion kickbacks
DOJ investigates ex-ransomware negotiator over extortion kickbacks
An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals.
·bleepingcomputer.com·
DOJ investigates ex-ransomware negotiator over extortion kickbacks
Spain arrests hackers who targeted politicians and journalists
Spain arrests hackers who targeted politicians and journalists
The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country's government.
·bleepingcomputer.com·
Spain arrests hackers who targeted politicians and journalists
Cisco warns that Unified CM has hardcoded root SSH credentials
Cisco warns that Unified CM has hardcoded root SSH credentials
Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.
·bleepingcomputer.com·
Cisco warns that Unified CM has hardcoded root SSH credentials
Strategic Synergy: CSA STAR, CCM, and FedRAMP 20x | CSA
Strategic Synergy: CSA STAR, CCM, and FedRAMP 20x | CSA
By strategically integrating CSA’s STAR program, FedRAMP 20x can deliver improved clarity, consistency, and trust in cloud security.
·cloudsecurityalliance.org·
Strategic Synergy: CSA STAR, CCM, and FedRAMP 20x | CSA
Citrix warns of login issues after NetScaler auth bypass patch
Citrix warns of login issues after NetScaler auth bypass patch
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances.
·bleepingcomputer.com·
Citrix warns of login issues after NetScaler auth bypass patch
Bluff ou futur scandale ? L’entourage de Trump victime d’un chantage de hackers pro-iraniens
Bluff ou futur scandale ? L’entourage de Trump victime d’un chantage de hackers pro-iraniens
Un groupe de hackers pro-iranien a revendiquĂ©, le 30 juin 2025, le vol de prĂšs de 100 gigaoctets d’emails appartenant Ă  des membres de l’entourage de Donald Trump. Cette annonce intervient dans un contexte de tensions accrues entre Washington et TĂ©hĂ©ran, aprĂšs les frappes amĂ©ricaines contre les sites nuclĂ©aires en
·numerama.com·
Bluff ou futur scandale ? L’entourage de Trump victime d’un chantage de hackers pro-iraniens
Android SMS Stealer Infects 100,000 Devices in Uzbekistan
Android SMS Stealer Infects 100,000 Devices in Uzbekistan
New Android malware Qwizzserial has infected 100,000 devices, primarily in Uzbekistan, stealing SMS data via Telegram distribution
·infosecurity-magazine.com·
Android SMS Stealer Infects 100,000 Devices in Uzbekistan
AI Models Mislead Users on Login URLs
AI Models Mislead Users on Login URLs
A third of AI-generated login URLs lead to incorrect or dangerous domains, according to Netcraft
·infosecurity-magazine.com·
AI Models Mislead Users on Login URLs
Suspendu par son employeur, il sabote le réseau informatique de la boßte
Suspendu par son employeur, il sabote le réseau informatique de la boßte
L’ex-employĂ© d’une entreprise basĂ©e dans le Yorkshire a Ă©tĂ© condamnĂ© Ă  7 mois de prison ferme, le 30 juin 2025, pour avoir volontairement sabotĂ© l’infrastructure informatique de son ancien employeur. L’homme a agi par vengeance, aprĂšs avoir Ă©tĂ© suspendu de ses fonctions. Mohammed Umar Taj, 31 ans, travaillait comme
·numerama.com·
Suspendu par son employeur, il sabote le réseau informatique de la boßte