Latest CyberSec News by @thecyberpicker

Learn how to evaluate transparency, risks, scalability, and ethical considerations to make informed cybersecurity decisions about AI-powered tools.

Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category

Kaspersky ICS CERT shares trends and statistics on industrial threats in Q1 2025.

The benefits of cybercrime aren't all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses.

The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare

Vulnerability exploitation rose 34% in 2025, revealing that compliance testing alone can't stop evolving threats.

Zero Trust is only as strong as its foundation. Without Kernel Runtime Integrity, your security stack may be built on compromised ground.

On April 14, Dubai’s ruler, Sheikh Mohammed bin Rashid Al Maktoum, announced that the United Arab Emirates would begin using artificial intelligence to help write its laws. A new Regulatory Intelligence Office would use the technology to “regularly suggest updates” to the law and “accelerate the issuance of legislation by up to 70%.” AI would create a “comprehensive legislative plan” spanning local and federal law and would be connected to public administration, the courts, and global policy trends. The plan was widely greeted with astonishment. This sort of AI legislating would be a global “...

Malicious npm package downloaded 2,001 times hides payload via Unicode and Google Calendar links.

APT28 exploited MDaemon zero-day CVE-2024-11182 in targeted webmail hacks across 10+ nations.

This article discusses the five business continuity and disaster recovery capabilities that businesses must have for effective ransomware defense. Lea

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Fortinet vulnerability to its Known Exploited Vulnerabilities catalog.

Valve dément ce 15 mai 2025 avoir été victime d'un piratage. Après examen, il ne s'agit pas d'une infiltration dans ses systèmes. Les SMS qui avaient fuité sont d'anciens SMS envoyés aux utilisateurs de Steam. Dans un communiqué publié ce 15 mai 2025, Steam l'assure : le service n'a pas été piraté. Selon son éditeur

Most online merchants now believe customers pose as big a threat as professional fraudsters

Russian hackers aren’t just targeting Ukraine — they also appear to be going after their defense contractors in other countries, new ESET research surmises.

Google has released emergency security updates to patch a high-severity Chrome vulnerability that has a public exploit and can let attackers hijack accounts.

The ransomware landscape is more fragmented than ever, with no “market leader,” says William Lyne, Head of Intelligence at the NCA

Chrome flaw CVE-2025-4664 enables cross-origin data leaks; active exploit confirmed; update to 136.0.7103.113.

The Trump administration’s CFPB nominee spoke positively in February about the Biden-era rule to regulate the sale of Americans’ personal data, but he is now slotted instead for a Treasury Department role.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog.

The Kaleidoscope ad fraud network uses a combination of legitimate and malicious apps, according to researchers.

The state of Texas reached a mammoth financial agreement with Google last week, securing $1.375 billion in payments to settle two lawsuits concerning the use of consumers' data.

The company halted production at various locations and took potentially affected systems offline.

Google is rolling out a change to Chromium that "de-elevates" Google Chrome so it does not run as an administrator to increase security in Windows.

An network intrusion at Nova Scotia Power in March led to a breach of sensitive customer data, the Canadian utility said in an update about the incident.

Rep. Bennie Thompson, D-Miss., leveled that charge at DHS Secretary Kristi Noem at a hearing Wednesday.

Read the new whitepaper from the Microsoft AI Red Team to better understand the taxonomy of failure mode in agentic AI.

Microsoft presents best practices for securing data and optimizing Microsoft Purview implementation, emphasizing the integration of people, processes, and technology.

Microsoft Intune offers secure, cloud-based endpoint management that helps healthcare providers empower frontline staff and improve patient care.

Congratulations to the winners of the Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond.