Latest CyberSec News by @thecyberpicker

Alors que le démarchage téléphonique s'intensifie et que l'intelligence artificielle générative permet à des bots de simuler des appels, les solutions traditionnelles comme s'inscrire sur Bloctel ou bloquer les numéros un par un ne suffisent plus. Voici une sélection de logiciels recommandés par nos lecteurs pour

Get the latest updates concerning DEF CON and the next DEF CON Conference!

The U.S. CISA adds a vulnerability in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog.

This is a current list of where and when I am scheduled to speak: I’m speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, 2026. I’m speaking at the Personal AI Summit in Los Angeles, California, USA, on Thursday, March 5, 2026. I’m speaking at Tech Live: Cybersecurity in New York City, USA, on Wednesday, March 11, 2026. I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at 5:30 PM GMT on Thursday, March 19, 2026. I’m speaking at RSAC 2026 in San Francisco, California, USA, on Wednesday, March 25, 2026...

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-21962 and CVE-2026-24061.

Threat actors are sending physical letters pretending to be from Trezor and Ledger, makers of cryptocurrency hardware wallets, to trick users into submitting recovery phrases in crypto theft attacks.

Posts about macOS malware, exploits, and tools

Posts about macOS malware, exploits, and tools

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for February 2026.

The MS-ISAC bridges the U.S. SLTT resilience gap by offering under-resourced organizations access to affordable services. Read to learn more.

A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports.

An exploration of the interesting question.

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

As LLMs and diffusion models power more applications, their safety alignment becomes critical. Our research shows that even minimal downstream fine‑tuning can weaken safeguards, raising a key question: how reliably does alignment hold as models evolve?

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends.  Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used for promotional purposes, a technique we call AI Recommendation Poisoning.

New guide details how a unified, AI ready SIEM platform empowers security leaders to operate at the speed of AI, strengthen resilience, accelerate detection and response, and more.

South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access and the exposure of data belonging to more than 5.5 million customers.

State-backed hackers from China, Russia, Iran, and North Korea target defense contractors using espionage, malware, hiring scams, and edge exploits.

Suspected Russian actor deploys CANFAIL malware via phishing, targeting Ukrainian defense, energy, and aid sectors using LLM-assisted lures.

The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.

Social engineering and zero-day vulnerability weaponization are getting faster and easier, two information sharing and analysis centers said in new reports.

Cisco Talos links UAT-9921 to VoidLink, a modular Zig-based malware targeting Linux cloud systems with stealth plugins and C2 control.

Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar.

This week in cybersecurity from the editors at Cybercrime Magazine

Explains how CSA STAR guides cloud-first organizations to manage identity risk, govern access, and continuously assure cloud security.

Posts about macOS malware, exploits, and tools