Latest CyberSec News by @thecyberpicker

Tools to scan MCP servers and an MCP WAF, 4 AppSec archetypes, how to strategically protect your org with limited resources

In its latest operation, Lazarus took advantage of major gaps in the open-source software supply chain — like developers depending on unvetted packages and the lack of oversight for popular tools that are often maintained by just one or two people.

Semperis found that executives were physically threatened in 40% of ransomware incidents, in a bid to pressure victims to pay demands

Mike Burgess, who leads the Australian Security Intelligence Organisation, said at the Annual Hawke Lecture at the University of South Australia that he was putting a dollar figure on the economic cost of espionage for the first time to stress the “real, present and costly danger” facing Australia.

Proton has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS.

Researchers have found that in roughly 80% of cases, spikes in malicious activity like network reconnaissance, targeted scanning, and brute-forcing attempts are a precursor to the disclosure of new security vulnerabilities (CVEs) within six weeks.

QR codes promise convenience, but most people don’t realize the sheer ease with which those codes can be weaponized. Learn more about the new “quishing” threat.

A bipartisan pair of senators are introducing legislation Thursday that would direct a White House office to develop a strategy for reckoning with the cybersecurity ramifications of quantum computers, and require agencies to begin pilot programs on quantum-safe encryption.

A Florida correctional institution leaked the names, email addresses, and telephone numbers of visitors to the facility to every inmate.

UNC4899 used job lures and cloud exploits to breach two firms, steal crypto, and embed malware in open source.

Scammers are using texts that appear to have been sent to a wrong number to get targets to engage in a conversation.

SentinelOne boosts enterprise cyber defense with AI-powered endpoint security, cutting response time and risk across industries.

This week in cybersecurity from the editors at Cybercrime Magazine

SOCs face alert overload and rising costs as SIEMs struggle with cloud complexity and false positives.

UNC2891 used a 4G Raspberry Pi and Linux rootkits to breach ATM networks, exposing flaws in banking infrastructure.

Peter Gutmann and Stephan Neuhaus have a new paper—I think it’s new, even though it has a March 2025 date—that makes the argument that we shouldn’t trust any of the quantum factorization benchmarks, because everyone has been cooking the books: Similarly, quantum factorisation is performed using sleight-of-hand numbers that have been selected to make them very easy to factorise using a physics experiment and, by extension, a VIC-20, an abacus, and a dog. A standard technique is to ensure that the factors differ by only a few bits that can then be found using a simple search-based approach that has nothing to do with factorisation…. Note that such a value would never be encountered in the real world since the RSA key generation process typically requires that |p-q| > 100 or more bits [9]. As one analysis puts it, “Instead of waiting for the hardware to improve by yet further orders of magnitude, researchers began inventing better and better tricks for factoring numbers by exploiting their hidden structure” [10]...

Phishing remained the top initial access method in Q2 2025, while ransomware incidents see the emergence of new Qilin tactics.

LLMs may serve as powerful assistants to malware analysts to streamline workflows, enhance efficiency, and provide actionable insights during malware analysis.

The arrest of members of the Scattered Spider cyber-attack group have temporarily halted new intrusions, however, similar threat actors continue to pose risks

Overview

Avast researchers shared a step-by-step guide to decrypt files for victims of FunkSec ransomware

Experts argue that password managers are still useful despite Microsoft Authenticator ditching its capabilities

Depuis fin juillet, des centaines de pharmacies russes n'accueillent plus aucun patient. La raison ? Deux des plus grands réseaux d'officines du pays sont victimes d'une cyberattaque majeure. Réservation de médicaments en ligne indisponible, personnel mis au chômage forcé : un nouveau pan de l'économie russe est visé

North Korea’s Lazarus Group has been blamed for a cyber-espionage campaign using open source packages

Critical WordPress flaw CVE-2025-5394 lets attackers take over sites using the "Alone" theme. 120K+ attempts blocked.

Researchers have released a decryptor for the ransomware FunkSec, allowing victims to recover their encrypted files for free.

Critical flaws in Dahua cameras let hackers take control remotely. The vendor has released patches, users should update firmware asap.

Google wants to shorten delays in the vulnerability lifecycle by sharing limited details about newly discovered defects within a week of reporting to the affected vendor.

The agreement could completely reshape the market for identity security, according to analysts.