Latest CyberSec News by @thecyberpicker

New findings reveal Bitter, an Indian-aligned threat group targeting governments via spear-phishing and advanced malware

Sophisticated nation-state and cybercriminal groups are using insiders to infect targets via hardware devices, despite a lack of reporting of this threat

Managed file transfer (MFT) provides a reliable way to transfer critical business data internally and externally, with built-in features like data encryption.

This week in cybersecurity from the editors at Cybercrime Magazine

Law enforcement officials said initial access brokers with ties to Play ransomware operators continue to exploit multiple vulnerabilities in remote monitoring and management tool SimpleHelp.

Officials from His Majesty's Revenue & Customs, the U.K.'s tax authority, said criminals took over accounts to pilfer £47 million ($63 million) last year.

BidenCash est désormais hors service. La « marketplace », spécialisée dans la revente de cartes bancaires volées, était l'une des plus actives du dark web. Dans une opération conjointe avec les autorités néerlandaises, le FBI a saisi plus de 145 domaines. Un message s’affiche désormais : « Ce site a été saisi par les

Malicious actors are making more use of AI in attacks, even as governments look to boost AI investments

Cisco Talos observed a destructive attack on a critical infrastructure entity within Ukraine, using a previously unknown wiper we are calling “PathWiper.”

At Infosecurity Europe 2025, Axonius’ Jon Ridyard proposed seven best practices to build mature vulnerability management processes

Iran-aligned BladedFeline hackers hit Iraqi and Kurdish officials using custom malware in ongoing espionage effort.

Business Value Assessments help CISOs link security risk to cost, showing ROI and reducing breach fallout.

The German data protection authority (BfDI) has fined Vodafone GmbH, the telecommunications company's German subsidiary, €45 million ($51.4 million) for privacy and security violations.

Discover how attackers manipulate GPTs through data poisoning, jailbreaks, and prompt injections, turning trusted AI tools into cyber threats.

Ransomware was discovered by security researchers in fake installers posing as Chat GPT, Nova Leads, and InVideo AI.

The number of attacks on mobile devices involving malware, adware, or unwanted apps saw a significant increase in the first quarter.

The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q1 2025.

U.S. and Dutch agencies shut down BidenCash, a carding marketplace with 15M stolen cards and 117K users.

Google Threat Intelligence alerte sur une campagne de cyberattaques inédite visant les entreprises européennes et américaines. Leur arme ? Une version frauduleuse de Data Loader, l’outil officiel de Salesforce, pour voler des données et orchestrer des extorsions. Explications. C’est une opération savamment

Two members of a group of cybercriminals named ViLE were sentenced this week for hacking into a federal law enforcement web portal in an extortion scheme.

D'après Google, qui a lancé l'alerte, l'éditeur de logiciels n'a pas à craindre d'éventuelles vulnérabilités techniques. Les pirates...-Cybersécurité

Endpoint and network security is still essential, even as malicious actors turn to supply chains, identities and AI

The Interlock ransomware gang has claimed a recent cyberattack on the Kettering Health healthcare network and leaked data allegedly stolen from breached systems.

Les VPN seront-ils les grands gagnants de la lutte entre les sites pornographiques et le gouvernement français pour le contrôle de l'âge ? Peut-être. En tout cas, les internautes ne s'y trompent pas et les abonnements aux VPN augmentent. Le bras de fer entre les sites pornographiques et le gouvernement français

The U.S. Department of State has announced a reward of up to $10 million for any information on government-sponsored hackers with ties to the RedLine infostealer malware operation and its suspected creator, Russian national Maxim Alexandrovich Rudometov.

Cisco patches critical ISE flaw affecting AWS, Azure, OCI users—unauthenticated access could expose sensitive systems.

The cybercrime marketplace was used by more than 117,000 customers and trafficked more than 15 million credit card numbers since March 2022, the Justice Department said.

Multiple studies show that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it's up to industry to figure out a way to limit the issues the technology introduces.

With many organizations rapidly adopting AI, the Fractional Chief AI Safety Officer (CAISO) is becoming necessary for organizations of all sizes to consider.

Microsoft announced in Berlin today a new European Security Program that promises to bolster cybersecurity for European governments.