Latest CyberSec News by @thecyberpicker

Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities

When AI fails, it often fails fast and loud. Apply CSA’s AI Resilience Benchmarking Model to 4 real incidents to get a better understanding of AI failures.

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia.

This week in cybersecurity from the editors at Cybercrime Magazine

AWS default IAM roles with AmazonS3FullAccess exposed accounts to privilege escalation and lateral movement.

SideWinder exploited CVE-2017-0199 to deploy StealerBot malware in South Asian government networks.

Peter Green Chilled, which ships refrigerated food to supermarkets, is the latest company in the U.K.'s grocery sector to announce disruption from a cyberattack.

The bankrupt 23andMe, along with all of its genetic data, has been bought by US drugmaker Regeneron Pharmaceuticals.

Critics tell CyberScoop the U.S. federal government had many failings in the lead up to and the response to the Salt Typhoon breach.

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.

A DoorDash driver stole over $2.5 million over several months: The driver, Sayee Chaitainya Reddy Devagiri, placed expensive orders from a fraudulent customer account in the DoorDash app. Then, using DoorDash employee credentials, he manually assigned the orders to driver accounts he and the others involved had created. Devagiri would then mark the undelivered orders as complete and prompt DoorDash’s system to pay the driver accounts. Then he’d switch those same orders back to “in process” and do it all over again. Doing this “took less than five minutes, and was repeated hundreds of times for many of the orders,” writes the US Attorney’s Office...

Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises

Explore how consent phishing exploits OAuth to bypass MFA, granting attackers persistent access to SaaS apps. Learn strategies to defend against this threat.

Discover findings from Pentera's 2025 State of Pentesting Report, including breach rates, alert fatigue, budget trends & the rise of software testing.

La collectivité francilienne a annoncé avoir été victime d'une importante cyberattaque. En conséquence, “l'ensemble des systèmes d'information...-Cybersécurité

You'd hope that spending $6,000 on a printer would give you a secure experience, free from viruses and other malware. However, in the case of Procolored printers, you'd be wrong.

Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media

China-Linked Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority

A new cryptojacking campaign dubbed RedisRaider is hijacking publicly exposed Redis servers by injecting cron jobs using legitimate configuration comm

Cybersecurity Observatory of the Unipegaso's malware lab published a detailed analysis of the Sarcoma ransomware.

Malicious Open Source Packages Abused Social Media APIs and Implanted Backdoors Linked to Hacktivist Group

OpenAI is planning to combine multiple products (features or models) into its next foundational model, which is called GPT-5.

Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network.

A flaw in O2 UK's implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target.

Mozilla addressed two critical Firefox flaws that could be potentially exploited to access sensitive data or achieve code execution.

Arla Foods has confirmed to BleepingComputer that it was targeted by a cyberattack that has disrupted its production operations.

Microsoft has released out-of-band updates to fix a known issue causing Windows 10 systems to boot into BitLocker recovery after installing the May 2025 security updates.

We are excited to introduce Microsoft Entra Agent ID, which extends identity management and access capabilities to AI agents. Learn more.

RVTools site served Bumblebee malware via official installer; Procolored software hid BTC-stealing clipper.