Latest CyberSec News by @thecyberpicker

This week in cybersecurity from the editors at Cybercrime Magazine

Learn how penetration testing uncovers vulnerabilities, boosts compliance, and improves breach response for a more proactive cybersecurity program.

Cobalt found that many security professionals believe a “strategic pause” in genAI deployment is necessary to recalibrate defenses

Scientists can manipulate air bubbles trapped in ice to encode messages.

Why would someone go to the effort of hacking my system? For a start, these findings should serve as a reminder that it isn’t just big corporates who are at

Cybersecurity experts share actionable insights on CTEM, risk reporting, and how to operationalize exposure management effectively

New ITRC data reveals identity crimes are down but impersonation scams now account for a third of all scams

Attackers exploit Docker misconfigurations to mine cryptocurrency using Tor, targeting technology, financial, and healthcare industries.

Learn CIEM and secure cloud access best practices: effective identity visibility, least-privilege, zero‑standing privileges, session control.

L'IA générative s'invite une nouvelle fois dans les arrières-boutiques du cybercrime, où elle révolutionne la manière dont les attaques sont conçues et déployées. Le phénomène WormGPT, déjà inquiétant en 2023, connaît aujourd’hui une seconde jeunesse grâce à deux modèles de pointe : Grok, développé par la société xAI

Ukrainian CERT warns of APT28 using Signal chat to deliver BEARDSHELL, COVENANT malware to government entities.

U.S. House bans WhatsApp on government devices due to security risks, recommending alternatives like Signal.

The NCSC says its Cyber Advisor program is not growing fast enough

Draugnet is a new anonymous threat reporting platform built for the MISP ecosystem

Chinese Salt Typhoon actors exploit Cisco vulnerability to target global telecom providers, including Canadian devices (CVE-2023-20198).

Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.

The steel products giant said it does not expect the cyberattack to have a material impact on its operations.

Four members of REvil were found guilty of computer crimes, but were released after a Russian court determined their sentence would amount to time served.

The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent.

"Uncensored" versions of two mainstream AI tools are the latest examples of how cybercriminals are repurposing the technology for illicit means.

A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices.

Discover how exposure management helps equip teams to anticipate adversarial tactics and neutralize risks before they escalate. Read the latest eBook.

The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists.

A cyber-attack by pro-Iranian group Cyber Fattah has leaked personal information from the Saudi Games online

The Trump administration is expanding the SAVE database to verify voter citizenship, sparking debate over disenfranchising eligible voters despite evidence that noncitizen voting is extremely rare.

DHS warns of rising cyber threats from pro-Iranian hackers after U.S. airstrikes on Iran’s nuclear facilities.

New Echo Chamber jailbreak manipulates LLMs like OpenAI and Google, bypassing safety systems to generate harmful content

Un ancien sergent du renseignement militaire américain a tenté de vendre des secrets à la Chine. Joseph Daniel Schmidt a plaidé coupable, le 18 juin 2025, devant la justice fédérale de son pays. Mais ce qui frappe dans cette affaire d'espionnage, c’est la maladresse presque naïve de son exécution. Confronté au juge

The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.

Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.