Latest CyberSec News by @thecyberpicker

Learn how AI-driven APIs reshape threat models and discover actionable security practices to protect data and prevent breaches.

​Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs and quarantine some of their emails.

Tech giants pledged millions to secure open-source code. Then AI came along.

RatOn malware, first seen July 5, 2025, evolves into ATS trojan targeting crypto wallets and Czech banking.

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution.

Certaines opérations de lutte contre le piratage sont plus faciles à mener que d'autres. Celle qui consistait à en finir avec la plateforme Calcio a été simple à mener : un coup de pression a suffi, en somme, à en croire l'alliance mondiale anti-piratage. Calcio. Pour les fans de football, c'est le surnom que l'on

What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community

This week in cybersecurity from the editors at Cybercrime Magazine

A court has ordered Google to pay $425m in a class action lawsuit after it was found to have misled users about their online privacy.

ReliaQuest warns that phishing campaigns abusing the Axios user agent have surged 241% in three months

Au moins trois agences régionales de santé (ARS) seraient touchées par une cyberattaque en France. Selon les premiers communiqués, publiés le 8 septembre, l'attaque viserait un opérateur accompagnant les ARS dans leurs projets numériques. Le communiqué de l’ARS Pays de la Loire, publié le 8 septembre, souligne

Explore how compliance-as-code and automation empower utilities to meet NERC CIP and NRC 5.71 amid the AI energy surge.

Microsoft is testing new File Explorer AI-powered features that will enable Windows 11 users to work with images and documents without needing to open the files.

A House select committee said Chinese actors impersonated Representative John Moolenaar to steal information that could be used to influence trade talks

A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results. This is a pretty exciting paper from a theoretical perspective, but I don’t see it leading to any practical real-world cryptanalysis. The fact that there are some weird circumstances that result in Fiat-Shamir insecurities isn’t new—many dozens of papers have been published about it since 1986. What this new result does is extend this known problem to slightly less weird (but still highly contrived) situations. But it’s a completely different matter to extend these sorts of attacks to “natural” situations...

Shadow AI Agents multiply unchecked across enterprises today, leaking data and impersonating users, outpacing governance.

Akamai found TOR-based Docker API cryptojacking in Aug 2025, hinting at botnet plans and data theft.

MostereRAT phishing campaign targets Japanese users with advanced evasion tactics, disabling defenses and stealing data.

Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account

Le logiciel de gestion multimédia Plex a annoncé le 8 septembre 2025 avoir été victime d'un incident de sécurité. Les pirates responsables de l’attaque auraient eu accès à de nombreuses données clients. Dans un mail adressé aux personnes concernées, l’entreprise américaine invite ses utilisateurs à prendre plusieurs

88% of boards see cybersecurity as business risk; continuous validation proves ROI and prevents $5M losses.

Des chercheurs alertent sur les risques d’une intégration croissante de l’intelligence artificielle dans la chaîne de commandement militaire. Testés en simulation, les modèles d’IA privilégieraient quasi systématiquement l’escalade, jusqu’au scénario d’un conflit nucléaire. Vers un scénario apocalyptique ? Des

20 npm packages with 2B weekly downloads compromised after maintainer phishing led to crypto-stealing malware.

This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2.

This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 11 version 24H2.

This guidance, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners, presents a shared vision of Software Bill of Materials (SBOM) and the value that increased software component and supply chain transparency can offer to the global community.

Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases.

45 domains linked to Salt Typhoon date back to May 2020, revealing ongoing China-backed cyber espionage.

Cybercrime hubs in Southeast Asia scammed Americans out of at least $10 billion last year, a 66% increase from 2023, officials said.

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have…