Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure
Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure. CVE-2025-24071 . remote exploit for Windows platform
Latest CyberSec News by @thecyberpicker
#Infosec2025: Over 90% of Top Email Domains Vulnerable to Spoofing Attacks
EasyDMARC found that just 7.7% of the world’s top 1.8 million email domains have implemented the most stringent DMARC policy
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal. CVE-2024-28995 . remote exploit for Multiple platform
Data broker LexisNexis discloses data breach affecting 364,000 people
Data broker giant LexisNexis Risk Solutions has revealed that unknown attackers stole the personal information of over 364,000 individuals in a December breach.
WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing. CVE-2025-4094 . webapps exploit for Multiple platform
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass. CVE-2024-0204 . remote exploit for Multiple platform
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations
APT41 used Google Calendar to control TOUGHPROGRESS malware via encrypted events; Google shut it down.
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
CVE-2025-47577 flaw in TI WooCommerce Wishlist lets unauthenticated attackers upload malicious files—no patch yet, 100K+ sites at risk.
Windows 10 KB5058481 update brings seconds back to calendar flyout
Microsoft has released the optional KB5058481 preview cumulative update for Windows 10 22H2 with seven changes, including restoring seconds to the time display in the calendar flyout for those who previously lost it.
Windows 11 KB5058499 update rolls out new Share and Click to Do features
Microsoft has released the KB5058499 preview cumulative update for Windows 11 24H2 with forty-eight new features or changes, with many gradually rolling out, such as the new Windows Share feature and tje Click to Do Preview.
Questions mount as Ivanti tackles another round of zero-days | CyberScoop
The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.
APT41 malware abuses Google Calendar for stealthy C2 communication
The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service.
Zscaler enters agreement to buy Red Canary
The agreement allows Red Canary to scale, while helping Zscaler expand into MDR.
CFOs, financial execs in crosshairs of ‘highly targeted’ spearphishing campaign
Hackers are preying on senior corporate leaders at banks, investment firms, utilities and insurance companies worldwide.
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch
251 Amazon-hosted IPs scanned 75 tech targets on May 8 in a one-day exploit surge, showing orchestrated cloud-based recon.
Chinese hackers used Google Calendar to aid attacks on government entities | CyberScoop
Google Threat Intelligence Group said it developed means to counter the activity, which it linked to APT41.
New PumaBot botnet brute forces SSH credentials to breach devices
A newly discovered Go-based Linux botnet malware named PumaBot is brute-forcing SSH credentials on embedded IoT devices to deploy malicious payloads.
Cybercrime To Cost The World $12.2 Trillion Annually By 2031
Learn how to optimize your SIEM solution with key strategies and practices.
Czech Republic accuses China's APT31 of a cyberattack on its Foreign Ministry
The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure.
Interlock ransomware gang deploys new NodeSnake RAT on universities
The Interlock ransomware gang is deploying a previously undocumented remote access trojan (RAT) named NodeSnake against educational institutes for persistent access to corporate networks.
More than $12 million stolen from crypto platform Cork Protocol
Decentralized finance platform Cork Protocol paused trading and launched an investigation after millions of dollars' worth of Ethereum were lost in a "security incident."
Pakistan Arrests 21 in ‘Heartsender’ Malware Service
Authorities in Pakistan have arrested 21 individuals accused of operating "Heartsender," a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for HeartSender were organized crime groups that tried to trick victim…
Fake AI video generator tools lure in Facebook and LinkedIn users to deliver malware
Cybercriminals are using text-to-video-AI tools to lure victims to fake websites that deliver malware like infostealers and Trojans.
Deepfake-posting man faces huge $450,000 fine
A man is facing a $450,000 AU fine after he published deepfake images of prominent Australian women on the now-defunct MrDeepfakes...
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore
Iranian hacker pleads guilty to Robbinhood ransomware attacks causing $19M+ in losses, crippling U.S. cities via BYOVD and crypto laundering tactics.
Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack
China-linked APT31 hacked Czech Foreign Affairs Ministry from 2022, violating UN cyber norms.
Dark Partners cybercrime gang fuels large-scale crypto heists
A sprawling network of fake AI, VPN, and crypto software download sites is being used by the "Dark Partner" threat actors to conduct a crypto theft attacks worldwide.
Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor
Over 9,000 ASUS routers are compromised by a novel botnet dubbed "AyySSHush" that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys.
Ivanti Vulnerability Exploit Could Expose UK NHS Data
Two NHS England trusts could see highly sensitive patient records exposed
Microsoft, Dutch government spot new Russian hacking group targeting critical infrastructure
The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods.