Latest CyberSec News by @thecyberpicker

UNFI, the biggest supplier to Whole Foods stores, reported that its income will take a hit for the quarter that ends in August because of a recent cyberattack that disrupted operations.

As India becomes a global manufacturing anchor, cybersecurity is becoming the frontline of industrial continuity. Is India ready to protect what it builds?

Le National Health Service (NHS) britannique a confirmé, le lundi 26 juin 2025, un fait tragique et inédit : la mort d’un patient, officiellement liée à une cyberattaque. Retour sur une affaire qui illustre la réalité des cybermenaces sur les infrastructures critiques. Nous sommes en juin 2024 et le groupe de

We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical records are all integrity attacks. More broadly, integrity refers to ensuring that data is correct and accurate from the point it is collected, through all the ways it is used, modified, transformed, and eventually deleted. Integrity-related incidents include malicious actions, but also inadvertent mistakes...

Silver Fox hackers target Chinese-speaking users with fake sites delivering Sainbox RAT and Hidden rootkit

AI SOC Analysts reduce false positives by 90%, boost SOC productivity, and tackle the global analyst shortage.

Ahold Delhaize, one of the world's largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems.

This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest

Surge in scanning activity targets MOVEit Transfer systems, raising concerns over possible exploitation.

GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks

OneClik malware exploits Microsoft ClickOnce to attack energy companies with stealthy Golang backdoors.

​​Microsoft has released the KB5060829 preview cumulative update for Windows 11 24H2, which includes 38 changes, including improvements to the taskbar and a new PC-to-PC migration experience.

American grocery wholesale giant United Natural Foods (UNFI) reports that it has restored its core systems and brought online the electronic ordering and invoicing systems affected by a cyberattack.

Hawaiian Airlines, the tenth-largest commercial airline in the United States, is investigating a cyberattack that has disrupted access to some of its systems.

ShinyHunters threat group members were arrested in a coordinated law enforcement action for their association with BreachForums

The Federal Trade Commission (FTC) has approved $126,000,000 in refunds to be sent to 969,173 Fortnite players as part of a settlement over allegations that Epic Games tricked users into making unwanted purchases.

Amnesty International said it identified dozens of scam compounds in Cambodia, calling the government's response to the nexus of cybercrime and human trafficking "grossly inadequate."

British national Kai West, aka IntelBroker, was charged in the U.S. for a global hacking scheme that stole and sold data.

A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers.

A critical vulnerability in Open VSX Registry could allow attackers to control VS Code extensions, threatening millions of developers.

See an example of the Microsoft Durability Strategy in action, read the case study and learn more about the Microsoft Security Future Initiative.

New South Wales police in Australia have arrested a 27-year-old former Western Sydney University (WSU) student for allegedly hacking into the University's systems on multiple occasions, starting with a scheme to obtain cheaper parking.

The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.

Son arrestation faisait l'objet de rumeurs depuis plusieurs mois, c'est désormais officiel : Kai West, alias « Intelbrocker », a été arrêté en février 2025 en France. Le FBI l'a annoncé dans un communiqué le mercredi 25 juin. Il était l’un des hackers les plus prolifiques et insaisissables de la scène cyber. Derrière

Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC).

Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats

Kai West, a 25-year-old British national, is accused of stealing data from more than 40 organizations during a two-year spree.

Can LLMs red team AI, intro to detection engineering, how to scale security impact via cross-team partnerships

A patient’s death was linked to the 2024 ransomware attack on Synnovis, which disrupted NHS facilities

Sitecore 10.4 - Remote Code Execution (RCE). CVE-2025-27218 . webapps exploit for Multiple platform