Latest CyberSec News by @thecyberpicker

Google Threat Intelligence alerte sur une campagne de cyberattaques inédite visant les entreprises européennes et américaines. Leur arme ? Une version frauduleuse de Data Loader, l’outil officiel de Salesforce, pour voler des données et orchestrer des extorsions. Explications. C’est une opération savamment

Two members of a group of cybercriminals named ViLE were sentenced this week for hacking into a federal law enforcement web portal in an extortion scheme.

D'après Google, qui a lancé l'alerte, l'éditeur de logiciels n'a pas à craindre d'éventuelles vulnérabilités techniques. Les pirates...-Cybersécurité

Endpoint and network security is still essential, even as malicious actors turn to supply chains, identities and AI

The Interlock ransomware gang has claimed a recent cyberattack on the Kettering Health healthcare network and leaked data allegedly stolen from breached systems.

Les VPN seront-ils les grands gagnants de la lutte entre les sites pornographiques et le gouvernement français pour le contrôle de l'âge ? Peut-être. En tout cas, les internautes ne s'y trompent pas et les abonnements aux VPN augmentent. Le bras de fer entre les sites pornographiques et le gouvernement français

The U.S. Department of State has announced a reward of up to $10 million for any information on government-sponsored hackers with ties to the RedLine infostealer malware operation and its suspected creator, Russian national Maxim Alexandrovich Rudometov.

Cisco patches critical ISE flaw affecting AWS, Azure, OCI users—unauthenticated access could expose sensitive systems.

The cybercrime marketplace was used by more than 117,000 customers and trafficked more than 15 million credit card numbers since March 2022, the Justice Department said.

Multiple studies show that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it's up to industry to figure out a way to limit the issues the technology introduces.

With many organizations rapidly adopting AI, the Fractional Chief AI Safety Officer (CAISO) is becoming necessary for organizations of all sizes to consider.

Microsoft announced in Berlin today a new European Security Program that promises to bolster cybersecurity for European governments.

In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023.

Cisco has released patches to address three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) solutions.

Google Threat Intelligence Group said about 20 organizations have been hit by a cybercrime group it tracks as UNC6040.

The FBI and Dutch national police were among the law enforcement agencies that took down BidenCash, a cybercrime marketplace attributed to millions of dollars in fraud since late 2022.

The Ukrainian police arrested a 35-year-old hacker who breached 5,000 accounts at an international hosting company and used them to mine cryptocurrency, resulting in $4.5 million in damages.

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims it hacked the Russian aerospace and defense company Tupolev, which develops Russia's supersonic strategic bombers.

Lee Enterprises notified regulators in Maine of the impact on customer data after a ransomware attack in February that caused significant disruptions.

Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access.

Une vaste campagne malveillante cible depuis plusieurs mois les gamers, hackers amateurs et chercheurs en cybersécurité en diffusant sur GitHub des outils piégés contenant des portes dérobées. L’opération, révélée par les chercheurs de Sophos, se distingue par son ampleur et ses méthodes sophistiquées. Cheat codes

Quatre jours après les frappes de drones, l’Ukraine revendique une cyberattaque cette fois-ci contre le constructeur russe Tupolev. Cette entreprise est à l'origine des avions bombardiers ciblé par le renseignement ukrainien. Quatre jours après les frappes de drones de l’opération « Toile d'araignée », l’Ukraine

Boston, MA, Jun. 4, 2025, – The Healey-Driscoll administration and Massachusetts Technology Collaborative’s (MassTech) MassCyberCenter awarded $198,542 to four Massachusetts-based programs focused on preparing professionals for the cybersecurity workforce. MassTech provided the funds through the Alternative Cyber Career Education (ACE) Grant Program, a statewide effort to support young adults and retrain existing professionals with alternative options to

Moving to cloud-native architecture and modern platforms is allowing enterprises to automate operations and improve security

The FBI is warning about a new scam where cybercriminals exploit NFT airdrops on the Hedera Hashgraph network to steal crypto from cryptocurrency wallets.

Microsoft a dévoilé le European Security Program, une initiative gratuite visant à renforcer la cybersécurité des Etats européens en combinant...-Cybersécurité

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.

The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.

Google has uncovered a vishing campaign by UNC6040 targeting Salesforce users through fake Data Loader apps.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les