Latest CyberSec News by @thecyberpicker

Anthropic is secretly working on two new models called Claude Sonnet 4 and Opus 4, which are believed to be the company's most advanced AI models.

ChatGPT's Operator, which is still in research preview, will soon become a "very useful tool," according to Jerry Tworek, VP of Research at OpenAI.

An appeals court has upheld the dismissal of a lawsuit by Jamal Khashoggi's widow against spyware maker NSO Group, citing lack of jurisdiction.

Cellcom CEO Brighid Riordan said the company has been dealing with a “cyber incident” but they “simply don’t have a lot of facts.”

A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML responses.

A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine.

Cellcom, a regional wireless carrier based in Wisconsin, announced that a cyberattack caused a service outage it faced during the past week.

Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI.

A sting involving law enforcement and private sector companies disrupted the Lumma infostealer — malware sold around the globe to cybercriminals and credited for millions of infections.

APT28, a Russian state-linked hacking group, is targeting Western logistics and tech firms supporting Ukraine.

The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region.

APT28 targets NATO-aligned logistics and tech firms via malware, phishing, and 7 CVEs to spy on Ukraine aid routes.

In documents filed with regulators in Maine on Tuesday, Coinbase said the information leaked included details like photos of passports and government IDs, as well as account information such as balances and transaction history.

Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE).. remote exploit for Windows platform

A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems.

Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold.

The 19-year-old Assumption College student, Matthew Lane, also was charged Tuesday with hacking and demanding a ransom payment from an unnamed telecommunications company, according to Massachusetts federal prosecutors.

Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains, part of its infrastructure backbone worldwide.

Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law enforcement, facilitated the disruption of Lumma infrastructure.

A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer

Basic vulnerabilities account for most cyberattacks, but security leaders say they’re more concerned about the risks of AI, new research shows.

One of Moscow’s most infamous hacker teams is targeting logistics and technology companies supporting Kyiv’s war effort.

The U.K. department store chain warns online transactions will be disrupted through July and says food, fashion and home goods have experienced disruptions.

Patching is basic cyber hygiene — but executing it at scale, securely, and fast? That's the real challenge. ThreatLocker's Patch Management flips the script with control, visibility, and Zero Trust workflows built for today's threat landscape.

Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns

A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI assistants, and crypto utilities, to steal browser cookies and execute remote scripts secretly.

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware loader on users' machines.

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals.

PureRAT attacks on Russian firms surged 4x in 2025, using email lures and dual malware payloads.

Dover, Del., May 21, 2025, CyberNewswire -- Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration of the European Vulnerability Database (EUVD) into its platform. Operated by the European Union Agency for Cybersecurity (ENISA), the EUVD is a publicly accessible vulnerability repository developed in response to the NIS2 Directive.