Latest CyberSec News by @thecyberpicker

A new malware campaign tricks macOS users with fake Spectrum CAPTCHA sites to steal passwords and deliver Atomic Stealer malware.

Microsoft has released a PowerShell script to help restore an empty 'inetpub' folder created by the April 2025 Windows security updates if deleted. As Microsoft previously warned, this folder helps mitigate a high-severity Windows Process Activation privilege escalation vulnerability.

How to update Chrome browser on every Operating System (Windows, Mac, Linux, Chrome OS, Android, iOS)

U.S. tax resolution firm Optima Tax Relief suffered a Chaos ransomware attack, with the threat actors now leaking data stolen from the company.

ChatGPT developer Open AI has been ordered to maintain user chats as it battle a lawsuit from The New York Times and other publishers.

Face à l'accroissement des menaces cyber, l'Union européenne révise son "Cyber Blueprint". Adopté par le Conseil de l'UE, ce cadre stratégique...-Cybersécurité

Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack.

Not all visions can predict the future. That future is now, and cybersecurity needs to reinvent itself. Zero Trust is the solution.

OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations and scams. These operations originated in many parts of the world, acted in many different ways, and focused on many different targets. A significant number appeared to originate in China: Four of the 10 cases in this report, spanning social engineering, covert influence operations and cyber threats, likely had a Chinese origin. But we’ve disrupted abuses from many other countries too: this report includes case studies of a likely task scam from Cambodia, comment spamming apparently from the Philippines, covert influence attempts potentially linked with Russia and Iran, and deceptive employment schemes...

La récente enquête réclamée par Donald Trump sur l’utilisation de l’autopen par Joe Biden a relancé les débats autour de cette technologie ancienne, pourtant méconnue. Alors que les partisans de Trump y voient une preuve de « décadence cognitive », un rapide retour en arrière sur le fonctionnement et l'histoire de

The group was arrested in December as part of a raid that included 599 Nigerians and 193 other foreign nationals, many of them Chinese, on suspicion of being involved in a range of online crimes.

Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions.

Malicious actors are using deepfakes and voice-cloning technology to target senior executives in both the workplace and personal spaces.

Designing a security-focused Windows Service? Learn more from ThreatLocker about the core components for real-time monitoring, threat detection, and system hardening to defend against malware and ransomware.

State-backed threat actors from a handful of countries are using ChatGPT for a range of malicious purposes, including malware refinement, employment scams and social media disinformation campaigns.

A new data wiper malware named 'PathWiper' is being used in targeted attacks against critical infrastructure in Ukraine, aimed at disrupting operations in the country.

The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely.

The ransomware group combines IT vendor impersonation and phishing frameworks like Evilginx to breach its targets

Cybercriminals are abusing the hospitality industry and its booking platforms to defraud the travelers that visit them

TV streaming devices, digital projectors and other IoT devices are being infected with BadBox 2.0 malware after the original campaign was stifled by German law enforcement.

Relying solely on perimeter defenses for data security is no longer sufficient against modern cyber threats. The Zero Trust model addresses this challenge.

Indian call centers defraud Japanese victims via fake tech support, leading to arrests and global cybercrime crackdown.

Blocking access to public AI applications is not enough to stop employees from putting data at risk

The Ohio-based Kettering Health system said a recent cyberattack was by the Interlock ransomware gang, which had claimed to steal troves of data from the organization.

The U.S. government wants to confiscate millions of dollars in funds tied to illegal employment of North Korean IT workers at American companies.

This week in cybersecurity from the editors at Cybercrime Magazine

IT teams likely struggle to get employees to react to announcements about system upgrades. How do you make sure your messages don’t end up in the digital void?

Experts at Infosecurity Europe 2025 highlighted a range of major industry trends, from advanced social engineering techniques to vulnerability exploits

AEV automates continuous attack simulations for organizations, helping prioritize exploitable risks and improve cyber resilience.

A l'occasion de sa grande messe annuelle, le cloud de Dassault Systèmes a dévoilé une série d'annonces - intégration de Mistral AI sur sa...-Intelligence artificielle