Latest CyberSec News by @thecyberpicker

This week in cybersecurity from the editors at Cybercrime Magazine

Cybercriminals are extorting the German humanitarian aid group Welthungerhilfe (WHH) for 20 bitcoin. The charity said it will not pay.

Australian airline Qantas alerted customers and authorities about a data breach at a contact center. The industry remains on edge after cyberattacks on airlines elsewhere.

More than 40 fake extensions in Firefox's official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data.

Microsoft is working to fix a DNS misconfiguration that is causing one-time passcode (OTP) message delivery failures in Exchange Online for some users.

Elon Musk-funded xAI is skipping Grok 3.5 and releasing Grok 4 after Independence Day in the United States.

Australian airline Qantas has confirmed a data breach at a third party provider that affects six million customers.

A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks.

Multi-Factor Authentication (MFA) is a core part of Zero Trust strategies. Yet, MFA adoption lags due to the poor user experience, leaving companies vulnerable.

The French cybersecurity agency identified Houken, a new Chinese intrusion campaign targeting various industries in France

A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops. Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost. After discussion between Intel and Canonical’s security teams, we are in agreement that Spectre no longer needs to be mitigated for the GPU at the Compute Runtime level. At this point, Spectre has been mitigated in the kernel, and a clear warning from the Compute Runtime build serves as a notification for those running modified kernels without those patches. For these reasons, we feel that Spectre mitigations in Compute Runtime no longer offer enough security impact to justify the current performance tradeoff...

Phishing campaigns use PDF attachments and callback phishing to exploit brands like Microsoft and DocuSign, affecting businesses and users.

SOCs face evolving cyber threats as 80% of attacks mimic user behavior. Discover how multi-layered NDR detection strategies enhance defense.

U.S. sanctions Russian BPH provider Aeza Group for hosting ransomware attacks, dark web drugs, and cybercrime.

The Treasury said that Aeza Group has provided infrastructure services for notorious infostealer and ransomware operators

Fin juin 2025, la justice américaine a dévoilé l’opération DPRK RevGen, une initiative des principales agences de sécurité du pays (NSA, FBI, contre-espionnage) visant à démanteler un vaste réseau de travailleurs informatiques nord-coréens. Ils auraient infiltré plus de 100 entreprises américaines, dont plusieurs du

Benefits admin specialist Kelly Benefits has revealed a breach impacting over 500,000 individuals across 45 client organizations

Qantas admits that a “significant” volume of customer data may have been stolen from a contact center

Moodle 4.4.0 - Authenticated Remote Code Execution. CVE-2024-43425 . webapps exploit for Multiple platform

gogs 0.13.0 - Remote Code Execution (RCE). CVE-2024-39930 . remote exploit for Multiple platform

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog.

Microsoft SharePoint 2019 - NTLM Authentication. CVE-2025-47166 . remote exploit for Windows platform

Threat actors use Vercel's v0 AI tool to create fake sign-in pages, escalating phishing campaigns.

Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE). CVE-2025-47812 . remote exploit for Multiple platform

Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data.

AT&T has launched a new security feature called "Wireless Lock" that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled.

Critical RCE vulnerability discovered in Anthropic's MCP Inspector, impacting AI developers and networks.