Latest CyberSec News by @thecyberpicker

Minnesota Gov. Tim Walz activated the state national guard to help respond to an ongoing cyberattack on the state's capital city.

Mayor Melvin Carter said during a press conference on Tuesday that the city is most concerned about the data it holds on government employees, arguing that the city does not carry much information on city residents.

Orange, France’s largest telecom provider, reported a cyberattack on one of its internal systems, impacting its operations in EU and Africa.

Minnesota Governor Tim Walz has activated the National Guard in response to a crippling cyberattack that struck the City of Saint Paul, the state's capital, on Friday.

After the initial uproar about leaked images, a researcher was able to access Tea Dating app private messages

The latest guidance on Scattered Spider from the FBI and agencies in the U.K., Canada and Australia says the cybercrime group is often looking for Snowflake data storage credentials when it picks a company to attack.

The Oregon Democrat has vowed to place a hold on the nomination to lead the agency until CISA releases the report.

Aeroflot, Russia's flag carrier, has suffered a cyberattack that resulted in the cancellation of more than 60 flights and severe delays on additional flights.

Allianz notified authorities about a data breach that exposed the information about almost all its US customers

Attacks surged in July 2025 after the threat group updated its process to combine malicious LNK files and a recycled WebDAV technique

Palo Alto, Calif., July 29, 2025, CyberNewswire — Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security indicator. The recent Geco Colorpick case exemplifies how these certifications provide nothing more than a false sense

Phishing emails mimicking PyPI target developers to steal credentials via fake sites. Users urged to stay alert.

Wiz found a critical Base44 flaw letting attackers access private apps via public app_id. Fixed by Wix.

This week on the Lock and Code podcast, we revisit an interview with Joseph Cox about the largest FBI sting operation ever carried out.

Le 25 juillet 2025, sur le tarmac d’une base aérienne française tenue confidentielle, le nouvel avion de renseignement Archange a quitté le sol pour la première fois. Un vol inaugural qui concrétise la volonté de la France d'amplifier sa capacité à écouter, surveiller et anticiper. Avion de Renseignement à Charge

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company.

Some of Orange’s professional and consumer services may be disrupted for a few days because of the cyber incident

International authorities are pursuing the group following the arrests of four suspects in a series of attacks targeting British retailers.

Flaw in Base44 allowed unauthorized access to private apps, bypassing authentication systems

Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser powered by artificial intelligence (AI).

Orange, a French telecommunications company and one of the world's largest telecom operators, revealed that it detected a breached system on its network on Friday.

Manufacturing remains the number one ransomware target, new data from Zscaler shows.

Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth tricks to sneak past modern MFA. See how Push Security shuts them down.

FBI Dallas has seized almost 23 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from Texas companies.

Chaos ransomware rises after BlackSuit takedown, hitting U.S. targets with $300K demands and stealthy evasion tactics.

Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324

Learn how homoglyph attacks work, why they’re a growing concern for major brands, and how DNS Posture Management defends against these invisible threats.

ENISA’s 2025 NIS2 guidance makes compliance more complex, but Talos IR's services directly align with new requirements for reporting, logging and incident response.

This week in cybersecurity from the editors at Cybercrime Magazine