Latest CyberSec News by @thecyberpicker

Building automation giant Johnson Controls is notifying individuals whose data was stolen in a massive ransomware attack that impacted the company's operations worldwide in September 2023.

Dozens of accounts on X that promoted Scottish independence went dark during an internet blackout in Iran. Well, that’s one way to identify fake accounts and misinformation campaigns.

Google releases an update for Chrome’s CVE-2025-6554, a critical zero-day flaw, to prevent exploitation

Discover how to secure browser usage in enterprises, from GenAI risks to control enforcement, with a three-stage maturity model.

Facebook's pursuit of your personal data continues apace, and now it has a new target: photos on your phone that you haven't shared with it yet.

Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year.

Real-time vulnerability detection and anomaly reporting tools enable cybersecurity teams to swiftly identify and neutralize threats before they intensify.

OneClik malware exploits Microsoft ClickOnce to attack energy companies with stealthy Golang backdoors.

The threat actor Sarcoma has been held responsible for a ransomware attack on a Swiss health foundation

Le FBI met le secteur aérien en état d’alerte. Les compagnies internationales et leurs partenaires sont ciblés par une nouvelle vague d’attaques informatiques, orchestrées par le groupe « Scattered Spider ». Ces hackers, déjà célèbres pour avoir frappé des casinos et de grandes entreprises américaines, semblent

Interpol warns that scam centers are expanding beyond Southeast Asia

U.S. authorities target North Korean IT worker scheme, arresting one and seizing $7.74M in assets

Google releases an update for Chrome’s CVE-2025-6554, a critical zero-day flaw, to prevent exploitation

Alongside other fixes, Microsoft also addressed 2 publicly disclosed and 5 actively exploited vulnerabilities with June 2025 Patch Tuesday.

Both the US authorities and Microsoft have taken action to disrupt North Korean IT worker schemes

U.S. authorities target North Korean IT worker scheme, arresting one and seizing $7.74M in assets

Automated Malware Analysis - Development and Licensing of Automated Malware Analysis Tools to Fight Malware

Microsoft will end password support in Authenticator by August 2025, shifting to Microsoft account syncing via Edge.

How do U.S. IC organizations strengthen their cloud security in a way that meets their needs? See how the CIS Hardened Images® can help.

U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure.

Since 2024, Microsoft Threat Intelligence has observed remote IT workers deployed by North Korea leveraging AI to improve the scale and sophistication of their operations, steal data, and generate revenue for the North Korean government.

Authors: Andrea Little Limbago, PhD, SVP, Applied AI and Patrick Van Hull, Industry Principal  Remember the empty store shelves in early 2020? COVID-19 did

An email reviewed by Scoop News Group and analyzed by Proofpoint reveals the latest attempt by fraudsters to capitalize on confusion over the Elon Musk-created group.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog.

Federal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams.

U.S. authorities on Monday unsealed indictments, seized financial accounts and made an arrest in the latest attempt to crack down on North Korean remote IT workers.

The Berlin Commissioner for Data Protection has formally requested Google and Apple to remove the DeepSeek AI application from the application stores due to GDPR violations.