Latest CyberSec News by @thecyberpicker

A program manager at Lawrence Livermore National Laboratory told lawmakers Tuesday that the recent contract expiration puts OT security at risk.

The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure.

​​Microsoft has released the KB5062660 preview cumulative update for Windows 11 24H2 with twenty-nine new features or changes, with many gradually rolling out, such as the new Black Screen of Death and Quick Machine Recovery tool.

Interlock ransomware is being used to target critical infrastructure and businesses across North America and Europe, the FBI and other federal agencies warned.

A House hearing on state voter roll purges saw GOP lawmakers claim outdated voter lists enable fraud, but evidence was scant. Experts and voters testified about the real impacts of registration challenges and voter roll maintenance.

Microsoft is rolling out significant changes to Windows 11 24H2 as part of the Windows Resilience Initiative, designed to reduce downtime and help devices recover from serious failures, as well as an overhaul of the all-too-familiar BSOD crash screens.

A new variant of the banking trojan 'Coyote' has begun abusing a Windows accessibility feature, Microsoft's UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft.

NIST has issued draft updates to Special Publication (SP) 800-53 to provide additional guidance on how to securely and reliably deploy patches and updates in

L'écosystème cyber est en alerte depuis la découverte de deux vulnérabilités « zero-day » affectant la célèbre solution de gestion collaborative SharePoint de Microsoft. Toujours activement exploitées, ces failles sont au cœur d’une large campagne de piratage menée, selon de nombreux experts, par des groupes de

AMEOS Group, an operator of a massive healthcare network in Central Europe, has announced it has suffered a security breach that may have exposed customer, employee, and partner information.

CISA and the FBI warned on Tuesday of increased Interlock ransomware activity targeting businesses and critical infrastructure organizations in double extortion attacks.

Microsoft links SharePoint attacks to three China-based groups; flaws allow code execution and data theft on unpatched systems.

Education was the fourth-most-targeted sector during the first half of 2025, according to a report from Comparitech.

Linen Typhoon, Violet Typhoon and Storm-2603 are behind the initial attack spree that erupted over the weekend. Other threat groups are now following suit.

The company urged customers to apply security updates as security researchers warn of escalating attacks.

A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes

A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.

A widespread RFQ scam exploited net payment terms to fraudulently obtain high-value devices

The British government announced plans to prohibit public sector organizations and critical infrastructure operators from paying ransoms to cybercriminals, marking a significant shift in the nation's approach to combating ransomware attacks.

Russian cybersecurity researchers identified and dismantled a network of domains operated by the hacker group NyashTeam.

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks.

Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the SharePoint vulnerabilities

A tech startup is using personal data stolen by infostealer malware that it has found on the dark web, and then selling access to that data.

Modified AllaKore RAT and Ghost Crypt crypter target Mexican entities and global victims for financial fraud.

Cisco confirms active exploitation of critical ISE bugs, exposing systems to remote root access. Urgent patching advised.

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.

Learn more about how Microsoft Sentinel data lake accelerates AI adoption, empowering teams to detect and respond faster

A woman in Florida was tricked into giving thousands of dollars to a scammer after her daughter's voice was AI-cloned and used in a scam.

The United Kingdom's government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks.

Unlock faster, safer deployments by leveling up your IaC maturity. Reduce misconfig risk, alert fatigue, and cloud costs—here’s how.