Latest CyberSec News by @thecyberpicker

The Treasury Department breach highlights the persistent risks organizations face with identity security. Learn how to better protect your sensitive systems.

ControlVault3 firmware vulnerabilities impacting over 100 Dell laptop models can allow attackers to bypass Windows login and install malware that persists across system reinstalls.

Les autorités taïwanaises ont annoncé le 5 août avoir arrêté plusieurs employés et ex-salariés du constructeur de semi-conducteurs TSMC. Ils sont soupçonnés d’avoir dérobé des secrets technologiques et industriels liés à la fabrication des puces d'une finesse de gravure de 2 nanomètres, fleuron absolu du géant

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered…

This week in cybersecurity from the editors at Cybercrime Magazine

WhatsApp is introducing a new security feature that will help users spot potential scams when they are being added to a group chat by someone not in their contact list.

Microsoft unveils AI system Project Ire to automate malware detection, reducing analyst workload and boosting accuracy.

vCISO adoption surged 319% in one year as SMB demand and AI integration transform cybersecurity delivery.

Hypervisors have demonstrated the potential for widespread outages and data loss. SOC 2 offers a robust compliance framework to address these risks.

C'est la fin de l'aventure pour Dashlane Free. Le gestionnaire de mots de passe annonce l'arrêt prochain de sa formule gratuite, qui était devenue vraiment très contrariante à l'emploi depuis deux ans. Il est temps de passer à la formule payante, ou d'aller voir ailleurs. C'était à l'automne 2023. Dashlane, l'un des

Ransomware actors deploy a range of activities to make it harder for victims to recover and increase the consequences of not paying demands

Trend Micro flaws let attackers run code remotely on Apex One systems; on-premise users must apply fixes now.

Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform.

The UK’s National Cyber Security Centre has released the Cyber Assessment Framework 4.0

Chanel and Pandora have revealed data breaches reportedly linked to attacks on their Salesforce instances

​Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program.

Ukraine’s CERT-UA warns of UAC-0099 and Gamaredon phishing attacks using custom malware and social lures.

C'est la fin de l'aventure pour Dashlane Free. Le gestionnaire de mots de passe annonce l'arrêt prochain de sa formule gratuite, qui était devenue vraiment très contrariante à l'emploi depuis deux ans. Il est temps de passer à la formule payante, ou d'aller voir ailleurs. C'était à l'automne 2023. Dashlane, l'un des

Anthropic restricted OpenAI from using Claude for vibe coding, still allowing them to use Claude APIs for benchmarking, progress evaluations.

CISA adds 3 D-Link router flaws to KEV catalog after confirmed exploits, urging action from agencies.

Google addressed multiple Android flaws, including two Qualcomm vulnerabilities that were actively exploited in the wild.

U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog.

CISA adds 3 D-Link router flaws to KEV catalog after confirmed exploits, urging action from agencies.

AI transforms Pentera’s testing platform, enabling real-time, intent-driven validation for 1,200+ enterprises.

Earlier this week, the Trump administration narrowed export controls on advanced semiconductors ahead of US-China trade negotiations. The administration is increasingly relying on export licenses to allow American semiconductor firms to sell their products to Chinese customers, while keeping the most powerful of them out of the hands of our military adversaries. These are the chips that power the artificial intelligence research fueling China’s technological rise, as well as the advanced military equipment underpinning Russia’s invasion of Ukraine...

Researchers recently warned about a surge in Akira ransomware attacks linked to a potential SonicWall vulnerability.

About 20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.

As adversaries leverage AI to mimic user behavior, agencies must adopt dynamic identity architectures to verify every interaction and safeguard critical missions continuously. As adversaries leverage AI to mimic user behavior, agencies must adopt dynamic identity architectures to verify every interaction and safeguard critical missions continuously.

Danish jewelry giant Pandora has disclosed a data breach after its customer information was stolen in the ongoing Salesforce data theft attacks.