Latest CyberSec News by @thecyberpicker

Les services de renseignement ukrainiens et des groupes de hackers alliés déclarent avoir mené une cyberattaque d'envergure contre l’un des principaux fabricants russes de drones militaires. Près de 50 téraoctets de données auraient été dérobés, notamment les plans de modèles de drones militaires en cours de

Google patches six security flaws in Chrome, including zero-day CVE-2025-6558, exploited in the wild.

A prominent Cambodian tycoon was the subject of multiple raids conducted Tuesday by Thai police, who accused him of being involved in cyber scams.

European and U.S. law enforcement have disrupted the operations of a pro-Russian hacker group known for launching distributed denial-of-service attacks against Ukraine and its allies.

To help protect and inform customers, Microsoft highlights protection coverage across the Microsoft Defender security ecosystem. Learn more.

The hacker has deployed a backdoor to modify the boot process and has exploited several different vulnerabilities during the attack spree.

Operations at the grocery distributor, whose customers include Whole Foods, have largely returned to normal, the company said.

An international law enforcement operation conducted this week targeted the members of and infrastructure used by NoName057(16), a pro-Russian hacktivist group that has conducted distributed denial-of-service (DDoS) attacks across Europe since early 2022.

As DHS seeks to transform a federal database for immigrant benefits into a supercharged database to search for noncitizen voters, a trio of senators are pressing for more information.

Microsoft researchers warn they are seeing changing patterns as the cybercrime group has started trying to hack airlines and other industries after targeting retailers and insurers.

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances.

Google researchers reported on a malware campaign against end-of-life SonicWall appliances, noting that the attackers were good at covering their tracks.

A new malware campaign targeting Hong Kong finance has been identified, featuring SquidLoader to deploy Cobalt Strike Beacon

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257.

A data breach at Episource has exposed the personal information of 5.4 million individuals after attackers accessed systems for 10 days

A Europol coordinated operation has taken down key infrastructure used by pro-Russian hacktivist group NoName057(16), as well as a number of arrests

The group, known as “Diskstation,” is accused of encrypting victims’ systems and demanding large cryptocurrency ransoms to restore access to their data, Italy’s Postal and Cybersecurity Police said in a statement.

An international law enforcement operation dubbed "Operation Eastwood" has targeted the infrastructure of the pro-Russian hacktivist group NoName057(16), responsible for distributed denial-of-service (DDoS) attacks across Europe and the US.

Even hard-headed military types can fall victim to romance scams, it seems. A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

Malicious group UNC6148 exploits SonicWall vulnerabilities to deploy OVERSTEP backdoor, targeting patched appliances for data theft.

China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted comms with other units.

The measure aims to prevent compromise of U.S. telecommunications through strengthening network security by establishing “baseline cybersecurity requirements for vendors of telecommunications services” to the country’s 18 intelligence agencies, according to a summary of the bill released by the panel.

AI agents are prone to data exfiltration. See how one attack led to discovery of the knowledge sources, then to data exfiltration of entire customer records.

BlackFog found that publicly disclosed ransomware attacks on retail grew significantly in Q2 compared to Q1, with UK firms heavily targeted

This week in cybersecurity from the editors at Cybercrime Magazine

Generative AI systems risk exploitation without identity-first security, affecting sensitive data and systems. Learn how to secure them.

Researchers expose critical flaw in Windows Server 2025’s dMSA, enabling enterprise-wide access and lateral movement across domains.

Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations.

The decision between immediate action and delayed response made the difference between ransomware prevention and complete encryption in these two real-world Talos IR engagements.

Depuis fin 2024, une campagne d’espionnage d’une sophistication inédite vise les gouvernements d’Asie du Sud-Est. L’outil au cœur de cette opération : HazyBeacon, un logiciel malveillant capable de se dissimuler dans le trafic légitime des services cloud d’Amazon, afin de collecter des informations sensibles sur des