Latest CyberSec News by @thecyberpicker

The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks.

Another top appropriations Democrat criticized budget cuts affecting the Cybersecurity and Infrastructure Security Agency, saying the Trump administration has “illegally gutted funding for cybersecurity.”

Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices.

SCIM Hunting - Beyond SSO

An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system.

Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned.

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years.

How do attackers exploit authority bias to manipulate victims? Martin shares proactive strategies to protect yourself and others in this must-read edition of the Threat Source newsletter.

After paying the hacker a ransom, PowerSchool previously said it believed the incident had been “contained” because the hacker turned over a video showing the data being deleted.

As per a recent FBI warning, criminals are phishing users of payroll, and similar platforms to not only steal their credentials but also their funds.

The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector

The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector

We're rolling out a brand new feature in Malwarebytes for iOS: the ability to block Google sponsored ads directly on Safari.

FreeDrain exploited SEO and free hosting to run 38,000+ phishing pages stealing crypto wallets since 2022.

Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims' activity, and harvesting credentials after breaching their networks.

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks

Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack.

People and organizations across Japan are being inundated with phishing messages from cybercriminals who are using CoGUI, a sophisticated toolkit that lets them avoid detection.

Qilin ransomware led April 2025 with 45 data leaks, driven by NETXLOADER’s stealthy malware delivery method.

SonicWall fixes 3 critical SMA 100 flaws enabling root-level remote code execution via SSL-VPN access.

Several posts on DPRK IT workers infiltrating companies, Sentinel One on fighting off threat actors, Anthropic shares how attackers were using Claude

Federal authorities, including the EPA and the U.S. Department of Energy, urged network defenders to secure remote access and use stronger passwords.

The age of AI guessing our passwords is upon us and we need to change the ways we authenticate and use passwords where we have no alternatives.

Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations.

Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files.

Qilin ransomware led April 2025 with 45 data leaks, driven by NETXLOADER’s stealthy malware delivery method.

Discover key findings from VikingCloud's 2025 SMB Threat Landscape Report, highlighting the cybersecurity challenges and risks faced by small businesses.

This week in cybersecurity from the editors at Cybercrime Magazine

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions

With escalating tariffs and trade tensions reshaping global supply chains, interos.ai breaks down the new threats to financial markets, shipping and geopolitics.