Latest CyberSec News by @thecyberpicker

RubyGems and PyPI hit by credential-stealing packages targeting automation and crypto users, prompting new security rules.

Leaked credentials caused 22% of 2024 breaches, with a 160% rise in 2025, highlighting urgent detection needs.

Google’s vulnerability finding team is again pushing the envelope of responsible disclosure: Google’s Project Zero team will retain its existing 90+30 policy regarding vulnerability disclosures, in which it provides vendors with 90 days before full disclosure takes place, with a 30-day period allowed for patch adoption if the bug is fixed before the deadline. However, as of July 29, Project Zero will also release limited details about any discovery they make within one week of vendor disclosure. This information will encompass: The vendor or open-source project that received the report ...

Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC legacy authentication protocol by default starting late August.

Microsoft announced that it will phase out the Microsoft Lens PDF scanner app for Android and iOS devices starting September 15, 2025.

The judiciary announced stronger protections for its case management system following reports of a major breach of sensitive court documents in multiple states

Two senior officials defended the agency’s progress amid concerns about the effects of mass layoffs and budget cuts.

​An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia University current and former students and employees after breaching the university's network in May.

Une équipe de chercheurs en cybersécurité a démontré, à l’été 2025, les risques liés à l'intégration du LLM de Google Gemini au cœur des objets connectés du quotidien. Leur recherche, intitulée « Invitation Is All You Need », prouve que l'injection d'un simple prompt malveillant dans une invitation Google Calendar

SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks.

Bouygues Telecom revealed the attackers stole personal data of 6.4 million customers, including contact details, contractual data and international bank account numbers

GreedyBear used 150+ fake browser extensions to steal $1M in crypto, showing evolving cybercrime tactics.

The U.S. Department of Homeland Security (DHS) says the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before their infrastructure was dismantled last month.

Two weeks ago, the ransomware gang’s darknet extortion sites were seized in an operation involving police from more than nine countries including Germany, France and the United Kingdom.

The statement from the U.S. court system follows reports that the judiciary suffered a recent cyber breach.

Cybersecurity News

Air France and KLM warn of a data breach exposing customer data via unauthorized access to a third-party platform. Air France and KLM reported a data breach after hackers accessed a third-party platform, potentially exposing some customers’ personal information. Both airlines confirmed that threat actors gained access to the platform of an unnamed service provider […]

Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data

Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer's computers.

AI agents are non-human identities that don’t just hold credentials—they do something with them. How can we apply Zero Trust to these autonomous actors?

The Department of Homeland Security said the Russian cybercrime collective received at least $370 million in ransom payments, based on current cryptocurrency valuations.

The NSA’s CAPT program, launched in 2024 with Horizon3.ai, now benefits 1000 of the 300,000 US Defense Industrial Base companies

CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday morning at 9:00 AM ET.

We found a host of blogspot pages involved in a malware campaign to promote their own content by using a LikeJack Trojan.

After a long wait, GPT-5 is finally rolling out. It's available for free, Plus, Pro and Team users today. This means everyone gets to try GPT-5 today, but paid users get higher limits.

Can AI really write safer code? Martin dusts off his software engineer skills to put it it to the test. Find out what AI code failed at, and what it was surprisingly good at. Also, we discuss new research on how AI LLM models can be used to assist in the reverse engineering of malware.

SocGholish malware spreads via fake updates, impacting major threat actors through TDS systems and JavaScript loaders.

A new Endpoint Detection and Response (EDR) killer that is considered to be the evolution of 'EDRKillShifter,' developed by RansomHub, has been observed in attacks by eight different ransomware gangs.

Bouygues Telecom warns it suffered a data breach after the personal information of 6.4 million customers was exposed in a cyberattack.