Latest CyberSec News by @thecyberpicker

Cloudflare now blocks AI web crawlers by default, requiring permission from site owners for access

sters

Researchers have found a set of vulnerabilities in Bluetooth connected devices that could allow an attacker to spy on users.

Google has patched a critical type confusion vulnerability in Chrome, the fourth zero-day fix in 2025

On Monday, the International Criminal Court (ICC) announced that it's investigating a new "sophisticated" cyberattack that targeted its systems last week.

Proofpoint has identified similarities between the tactics of a pro-Russian cyber espionage group and a cybercriminal gang

A security flaw in IDEs like Visual Studio Code lets attackers bypass extension verification, running malicious code on developer machines

The U.S. Department of Justice (DoJ) announced coordinated law enforcement actions against North Korean government's fund raising operations using remote IT workers.

The ICC said the new incident was the second “of its type” it has faced in recent years, relating to an espionage attack in 2023

Posts about macOS malware, exploits, and tools

The intruders who gained access to the grocer’s online systems in November had access to information including birthdays, Social Security numbers and bank account details.

Esse Health, a healthcare provider based in St. Louis, Missouri, is notifying over 263,000 patients that their personal and health information was stolen in an April cyberattack.

AI is a tool that can combat cybersecurity threats. From threat detection to automated response, explore key use cases that are shaping the future of security.

Posts about macOS malware, exploits, and tools

U.S. issues warning on potential Iranian cyber-attacks, urging stronger protections for critical infrastructure and defense sectors.

Spain's Guardia Civil and Europol touted an operation that took down an international scheme that lured victims into bogus cryptocurrency investments.

This week in cybersecurity from the editors at Cybercrime Magazine

CertiK found $2.47bn in crypto was stolen in H1 2025, largely due to two major security incidents – ByBit and Cetus

Building automation giant Johnson Controls is notifying individuals whose data was stolen in a massive ransomware attack that impacted the company's operations worldwide in September 2023.

Dozens of accounts on X that promoted Scottish independence went dark during an internet blackout in Iran. Well, that’s one way to identify fake accounts and misinformation campaigns.

Google releases an update for Chrome’s CVE-2025-6554, a critical zero-day flaw, to prevent exploitation

Discover how to secure browser usage in enterprises, from GenAI risks to control enforcement, with a three-stage maturity model.

Facebook's pursuit of your personal data continues apace, and now it has a new target: photos on your phone that you haven't shared with it yet.

Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year.

Real-time vulnerability detection and anomaly reporting tools enable cybersecurity teams to swiftly identify and neutralize threats before they intensify.

OneClik malware exploits Microsoft ClickOnce to attack energy companies with stealthy Golang backdoors.

The threat actor Sarcoma has been held responsible for a ransomware attack on a Swiss health foundation

Le FBI met le secteur aérien en état d’alerte. Les compagnies internationales et leurs partenaires sont ciblés par une nouvelle vague d’attaques informatiques, orchestrées par le groupe « Scattered Spider ». Ces hackers, déjà célèbres pour avoir frappé des casinos et de grandes entreprises américaines, semblent