Latest CyberSec News by @thecyberpicker

M&S chairman Archie Norman provided more insights into the April ransomware attack, but did not confirm whether a payment was made to the attackers

Microsoft’s July 2025 Patch Tuesday update resolves 130 vulnerabilities, including critical RCE and SQL Server flaws.

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft's most-dire…

Researchers are especially concerned about a high-severity defect in SQL Server and a critical vulnerability in SPNEGO, a foundational protocol.

The court vacated the district court’s decision to dismiss the case against NSO Group, saying it abused its discretion in doing so.

U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers at U.S. universities and kicking off a cyberattack spree targeting Microsoft Exchange servers.

Microsoft released Patch Tuesday security updates for July 2025, which addressed 130 flaws, including one a Microsoft SQL Server zero-day.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for July 2025.

Microsoft has released its monthly security update for July 2025, which includes 132 vulnerabilities affecting a range of products, including 14 that Microsoft marked as “critical.”

The arrest came at the request of the United States, which hailed the development as a sign that patience in pursuing cybercriminals in court is rewarded.

M&S confirmed today that the retail outlet's network was initially breached in a "sophisticated impersonation attack" that ultimately led to a DragonForce ransomware attack.

Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android.

Learn more about Microsoft's Secure Future and Initiative and eliminating high-privileged access across all Microsoft 365 applications.

The Justice Department confirmed the arrest in a statement, unsealing a nine-count indictment on Tuesday accusing Xu and co-defendant Zhang Yu of being involved in “computer intrusions between February 2020 and June 2021, including the indiscriminate HAFNIUM computer intrusion campaign that compromised thousands of computers worldwide, including in the United States.”

A North Korean man was the focus of Tuesday’s announcement, which also included a Russian man, his companies and North Korean firms.

A novel tapjacking technique can exploit user interface animations to bypass Android's permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device.

Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan's Malpensa Airport on a U.S. warrant.

Hackers are exploiting Shellter’s leaked Elite license to distribute Lumma Stealer, SectopRAT, and more. This affects cybersecurity and red team tools

Today is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server.

Microsoft has released Windows 11 KB5062553 and KB5062552 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues.

Microsoft has released the KB5062554 cumulative update for Windows 10 22H2 and Windows 10 21H2, with thirteen new fixes or changes.

Discourse 3.2.x - Anonymous Cache Poisoning. CVE-2024-47773 . webapps exploit for Multiple platform

Microsoft Outlook - Remote Code Execution (RCE).. remote exploit for Windows platform

Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover. CVE-2024-50477 . webapps exploit for Multiple platform

Anatsa banking malware targets North American users via Google Play, leading to credential theft and financial fraud

Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.

Sudo 1.9.17 Host Option - Elevation of Privilege. CVE-2025-32462 . local exploit for Linux platform

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE). CVE-2025-47228 . remote exploit for Multiple platform

Microsoft Defender for Endpoint (MDE) - Elevation of Privilege. CVE-2025-47161 . local exploit for Multiple platform

The Iran-linked ransomware-as-a-service group Pay2Key.I2P told affiliates that they can keep a larger cut of extortion payments if they attack entities within Iran's adversaries.