Latest CyberSec News by @thecyberpicker

Chinese threat actor UAT-6382 exploited CVE-2025-0944 in Trimble Cityworks to drop malware on U.S. systems.

The legislation Sens. Gary Peters and James Lankford would create an executive branch panel to align federal cyber rules.

Malware campaign exploiting TikTok’s popularity has been observed using social engineering to spread Vidar and StealC

Police arrested 270 suspects following an international law enforcement action codenamed 'Operation RapTor' that targeted dark web vendors and customers from ten countries.

Kettering Health is facing significant disruptions from a cyber-attack that impacted patient care

Elective inpatient and outpatient procedures at the health system’s facilities were canceled Tuesday.

Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide.

Signal implements new screen security on Windows 11, blocking screenshots by default to protect user privacy from Microsoft’s Recall feature.

Detailed guide on all the ways to harden GitHub Actions, Uber's Secret Management Platform that manages >150,000 secrets, "LLM TTPs" + a tool to detect and hunt adversarial prompts

Get key insights into sustainability reporting, including why you should invest in it, what factors to cover, and the different standards you can align with.

Chinese-speaking hackers have exploited a now-patched Trimble Cityworks zero-day to breach multiple local governing bodies across the United States.

The US cryptocurrency exchange claimed that the breach occurred in December 2024

Windows Server 2025 flaw allows any user with dMSA write permissions to escalate privileges and compromise AD.

The Lumma infostealer infrastructure has suffered a serious blow by a coordinated action of the DOJ and Microsoft.

The Federal Trade Commission (FTC) has finalized an order requiring web hosting giant GoDaddy to secure its services to settle charges of data security failures that led to several data breaches since 2018.

This week in cybersecurity from the editors at Cybercrime Magazine

Neglected AWS resources like S3 buckets and IAM roles can become hacker entry points. Learn how to spot and secure hidden cloud vulnerabilities.

A stalkerware company that recently leaked millions of users' personal information online has taken all of its assets offline without any explanation.

The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass

Three critical Versa Concerto flaws disclosed after 90 days allow remote code execution via reverse proxy misconfigurations.

New laws demand provable cybersecurity programs. Learn how CIS Controls and tools help meet legal, scalable standards.

UNC5221 exploited Ivanti EPMM flaws CVE-2025-4427/4428 in global attacks starting May 15, 2025, enabling remote access and data theft

Technology and innovation have transformed every part of society, including our electoral experiences. Campaigns are spending and doing more than at any other time in history. Ever-growing war chests fuel billions of voter contacts every cycle. Campaigns now have better ways of scaling outreach methods and offer volunteers and donors more efficient ways to contribute time and money. Campaign staff have adapted to vast changes in media and social media landscapes, and use data analytics to forecast voter turnout and behavior. Yet despite these unprecedented investments in mobilizing voters, overall trust in electoral health, democratic institutions, voter satisfaction, and electoral engagement has significantly declined. What might we be missing?...

52% of breaches stem from manual identity workflows in disconnected apps—causing customer loss and compliance risks.

Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader.

​Signal has updated its Windows app to protect users' privacy by blocking Microsoft's AI-powered Recall feature from taking screenshots of their conversations.

For years, network security has revolved around the perimeter: firewalls, antivirus, endpoint controls. But as attackers grow more sophisticated — and as operations scatter to the cloud, mobile, and IoT — it’s increasingly what happens inside the network that counts. Related: The NDR evolution story Enter Network Detection and Response (NDR) — a space once

Cybercriminals are using AI-based tools to generate voice clones of the voices of senior US officials in order to scam people.

West Lothian Council confirmed that ransomware attackers have stolen personal and sensitive information held on its education network

Microsoft and Europol dismantled Lumma’s 2,300-domain C2 network after 10M infections tied to credential and crypto theft.