Latest CyberSec News by @thecyberpicker

In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023.

Cisco has released patches to address three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) solutions.

Google Threat Intelligence Group said about 20 organizations have been hit by a cybercrime group it tracks as UNC6040.

The FBI and Dutch national police were among the law enforcement agencies that took down BidenCash, a cybercrime marketplace attributed to millions of dollars in fraud since late 2022.

The Ukrainian police arrested a 35-year-old hacker who breached 5,000 accounts at an international hosting company and used them to mine cryptocurrency, resulting in $4.5 million in damages.

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims it hacked the Russian aerospace and defense company Tupolev, which develops Russia's supersonic strategic bombers.

Lee Enterprises notified regulators in Maine of the impact on customer data after a ransomware attack in February that caused significant disruptions.

Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access.

Une vaste campagne malveillante cible depuis plusieurs mois les gamers, hackers amateurs et chercheurs en cybersécurité en diffusant sur GitHub des outils piégés contenant des portes dérobées. L’opération, révélée par les chercheurs de Sophos, se distingue par son ampleur et ses méthodes sophistiquées. Cheat codes

Quatre jours après les frappes de drones, l’Ukraine revendique une cyberattaque cette fois-ci contre le constructeur russe Tupolev. Cette entreprise est à l'origine des avions bombardiers ciblé par le renseignement ukrainien. Quatre jours après les frappes de drones de l’opération « Toile d'araignée », l’Ukraine

Boston, MA, Jun. 4, 2025, – The Healey-Driscoll administration and Massachusetts Technology Collaborative’s (MassTech) MassCyberCenter awarded $198,542 to four Massachusetts-based programs focused on preparing professionals for the cybersecurity workforce. MassTech provided the funds through the Alternative Cyber Career Education (ACE) Grant Program, a statewide effort to support young adults and retrain existing professionals with alternative options to

Moving to cloud-native architecture and modern platforms is allowing enterprises to automate operations and improve security

The FBI is warning about a new scam where cybercriminals exploit NFT airdrops on the Hedera Hashgraph network to steal crypto from cryptocurrency wallets.

Microsoft a dévoilé le European Security Program, une initiative gratuite visant à renforcer la cybersécurité des Etats européens en combinant...-Cybersécurité

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.

The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.

Google has uncovered a vishing campaign by UNC6040 targeting Salesforce users through fake Data Loader apps.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les

Les arnaques au faux livreur Mondial Relay franchissent un nouveau cap : désormais, les escrocs personnalisent leurs SMS avec le nom et le prénom de la victime, rendant la supercherie d’autant plus crédible. Un piège redoutable, alors que les fuites de données se multiplient et que les usurpations d’identité

The agency has lost roughly 1,000 staffers in the wake of the Trump administration’s workforce cuts, losses that could imperil its ability to protect government computer systems and critical infrastructure.

Experts argue the case for “communities of support” to boost SMB cyber-resilience

Google has released an important update for Chrome, patching one actively exploited zero-day and two other security flaws

Attacks on local governments in the last week caused disruptions in the capital of the Choctaw Nation and Puerto Rico, as well as others.

Researchers at Google said the current campaign involving versions of the Salesforce Data Loader tool has targeted about 20 organizations and is ongoing.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les

Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack.

Experts argue that CISOs should avoid product duplication and simplify their language to ensure budget is spent wisely

Hewlett Packard Enterprise (HPE) addressed multiple flaws in its StoreOnce data backup and deduplication solution.

Chaos RAT malware targets Linux and Windows users via phishing and fake tools, enabling remote control.

UNC6040 uses vishing to impersonate IT support, deceiving victims into granting access to their Salesforce instances.