Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30556 bookmarks
Custom sorting
Cloud Security: Who Owns the Responsibility? | CSA
Cloud Security: Who Owns the Responsibility? | CSA
Explore how cloud, DevOps, SOC teams share security roles, combat alert fatigue, and work with AI-powered purple teaming for effective threat response.
·cloudsecurityalliance.org·
Cloud Security: Who Owns the Responsibility? | CSA
La double authentification de Gmail n’arrête plus les hackers russes
La double authentification de Gmail n’arrête plus les hackers russes
Des hackers russes, soupçonnés d’appartenir au groupe APT29 (alias Cozy Bear), ont réussi à contourner la double authentification de Gmail sans exploiter de faille technique, mais en visant le maillon faible de la chaîne : l'humain. On fait le point sur cette opération de social engineering d’une rare sophistication
·numerama.com·
La double authentification de Gmail n’arrête plus les hackers russes
WordPress Motors theme flaw mass-exploited to hijack admin accounts
WordPress Motors theme flaw mass-exploited to hijack admin accounts
Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site.
·bleepingcomputer.com·
WordPress Motors theme flaw mass-exploited to hijack admin accounts
Russian hackers bypass Gmail MFA using stolen app passwords
Russian hackers bypass Gmail MFA using stolen app passwords
Russian hackers bypass multi-factor authentication and access Gmail accounts by leveraging app-specific passwords in advanced social engineering attacks that impersonate U.S. Department of State officials.
·bleepingcomputer.com·
Russian hackers bypass Gmail MFA using stolen app passwords
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup
CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors' crypto.
·bleepingcomputer.com·
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup
Friday Squid Blogging: Gonate Squid Video - Schneier on Security
Friday Squid Blogging: Gonate Squid Video - Schneier on Security
This is the first ever video of the Antarctic Gonate Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
·schneier.com·
Friday Squid Blogging: Gonate Squid Video - Schneier on Security
6 Steps to 24/7 In-House SOC Success
6 Steps to 24/7 In-House SOC Success
24/7 SOCs are essential for off-hours breach protection. Discover how to build one with AI and efficient staffing.
·thehackernews.com·
6 Steps to 24/7 In-House SOC Success
BitoPro exchange links Lazarus hackers to $11 million crypto heist
BitoPro exchange links Lazarus hackers to $11 million crypto heist
The Taiwanese cryptocurrency exchange BitoPro claims the North Korean hacking group Lazarus is behind a cyberattack that led to the theft of $11,000,000 worth of cryptocurrency on May 8, 2025.
·bleepingcomputer.com·
BitoPro exchange links Lazarus hackers to $11 million crypto heist
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
Minister of Health Ana ‘Akau’ola then told parliament on Thursday that an unnamed ransomware gang attacked the National Health Information System, demanding millions in ransom to restore the system.
·therecord.media·
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
Microsoft investigates OneDrive bug that breaks file search
Microsoft investigates OneDrive bug that breaks file search
​Microsoft is investigating a known OneDrive issue that is causing searches to appear blank for some users or return no results even when searching for files they know they've already uploaded.
·bleepingcomputer.com·
Microsoft investigates OneDrive bug that breaks file search
« On est dans le marketing de la peur » : des experts décryptent la (fausse ?) fuite inédite de 16 milliards d’identifiants
« On est dans le marketing de la peur » : des experts décryptent la (fausse ?) fuite inédite de 16 milliards d’identifiants
La presse mondiale s’est enflammée, le 19 juin 2025 : « 16 milliards de mots de passe en fuite ! » Apple, Google, Facebook, tous concernés. Les titres alarmistes se sont multipliés, évoquant la « plus grande fuite de l'Histoire » et appelant à la vigilance extrême. Mais que s’est-il vraiment passé ? Numerama a
·numerama.com·
« On est dans le marketing de la peur » : des experts décryptent la (fausse ?) fuite inédite de 16 milliards d’identifiants
Aflac discloses breach amidst Scattered Spider insurance attacks
Aflac discloses breach amidst Scattered Spider insurance attacks
On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen personal and health information.
·bleepingcomputer.com·
Aflac discloses breach amidst Scattered Spider insurance attacks