Latest CyberSec News by @thecyberpicker

For this special live recording of To Catch a Thief at The New York Stock Exchange, host and former lead cybersecurity and digital espionage reporter for The...

Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.

Microsoft presents best practices for securing data and optimizing Microsoft Purview implementation, emphasizing the integration of people, processes, and technology.

After hearing about ChatGPT o3 ability at geo-guessing we decided to run some tests and the tested AIs didn't fail to amaze us

Increased law enforcement pressure has forced ransomware groups like DragonForce and Anubis to move away from traditional affiliate models

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors

Attackers have been observed dropping webshell backdoors and researchers warn the application is popular among government agencies.

MTN Group said an “unknown third-party has claimed to have accessed data linked” to parts of its system and that the incident “resulted in unauthorised access to personal information of some MTN customers in certain markets.”

The massive British retailer is still struggling to recover from the cyberattack, which it first acknowledged on Tuesday.

British retailer giant Marks & Spencer (M&S) has suspended online orders while working to recover from a recently disclosed cyberattack.

Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.

A recent Windows security update that creates an 'inetpub' folder has introduced a new weakness allowing attackers to prevent the installation of future updates.

APIs have become foundational to digital business operations, serving as the behind-the-scenes glue that connects apps, platforms and partners. Related: OWASP’s Top 10 Web App Security Risks But this growing reliance has opened a new front in cybersecurity—one where attackers are quietly exploiting weaknesses buried deep in business logic. In this RSAC Fireside Chat, I

British retailer M&S continues to tackle a cyber incident with online orders now paused for customers

North Korean hackers use fake crypto firms and job interview lures to spread cross-platform malware targeting IT professionals globally.

African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries.

​Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network.

The CCM’s GRC domain helps organizations ensure that their enterprise risk management and cybersecurity compliance programs effectively address the cloud.

SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers.

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers.

Threat actors exploit SAP NetWeaver flaw + zero-day suspected + CVE-2025-31324 enables file uploads.

Spécialiste du stockage, reconnu pour ses NAS, Synology est aussi expert dans la gestion et la protection des données. Un savoir-faire que la société met à disposition des particuliers et des entreprises désireuses de sécuriser leurs données les plus sensibles. Contrairement à ce que l’on pourrait croire, il ne

This week in cybersecurity from the editors at Cybercrime Magazine

Researchers have found a Chrome extension that can act on the user’s behalf by using a popular AI agent orchestration protocol

Walk through what makes Kubernetes security so challenging and how security teams can get started with it in a way that sets them up for long-term success.

Long story of a $250 million cryptocurrency theft that, in a complicated chain events, resulted in a pretty brutal kidnapping.

Panaseer's latest cybersecurity study revealed that US companies have paid $155M in data breach lawsuit settlements over just six months

23.7M secrets leaked in 2024 + 70% still valid from 2022 expose risks from unmanaged machine identities.

Threat actors exploit SAP NetWeaver flaw + zero-day suspected + CVE-2025-31324 enables file uploads.