Latest CyberSec News by @thecyberpicker

Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default.

Anthropic's Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages.

Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that these scam gambling sites…

The FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in Amsterdam that hosted the online operation.

Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible.

Dans une alerte publiée le 27 août 2025, le FBI, conjointement avec les services de renseignement de douze pays, a annoncé avoir formellement identifié trois entreprises chinoises utilisées comme paravent par Salt Typhoon. Depuis plusieurs années, ce groupe de cyberespionnage infiltre des infrastructures hautement

Anthropic—maker of AI coding chatbot Claude—says cybercriminals have abused Claude to automate and orchestrate sophisticated attacks.

While ransomware gangs traditionally rely on deploying malware to encrypt files, a threat actor’s recent tactics show they no longer need to do that during attacks.

Nx malware uses AI CLIs to find secrets, ESET discovers malware sample leveraging OpenAI's OSS model, binary exploitation CTF for Phrack's 40th

MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its network in April.

Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams

The Sunday attack disrupted key services across the state and led to the theft of some data.

Palo Alto, Calif., Aug. 28, 2025, CyberNewswire — It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over

Salt Typhoon hit 600 organizations in 80 countries since 2019, exploiting router flaws for global espionage.

Microsoft is rolling out a feature that defaults to saving your documents to the cloud. Consumers are divided.

Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data.

A new report from the Brennan Center for Justice says the Trump administration has foreshadowed plans to meddle with mail-in voting, voter rolls and much more.

Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States.

Shadow IT isn't theoretical—it's everywhere. Intruder uncovered exposed backups, open Git repos, and admin panels in just days, all hiding sensitive data. Make your hidden assets visible before attackers do.

Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages

Data breaches cost $4.44M in 2025 as app flaws and GenAI risks surge, driving urgent security changes.

Examine the structure of AI agents, the identity gaps they expose, and the principles required to govern them as they take on a larger role in enterprises.

This week in cybersecurity from the editors at Cybercrime Magazine

Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation

Enterprise security teams are under more pressure than ever to secure sprawling application estates, without slowing down delivery. That's why, over the first half of 2025, we've delivered some of our

German prosecutors charged a man with carrying out a damaging cyberattack on Rosneft Deutschland, the German subsidiary of Russia’s state-owned oil giant, in the weeks following Russia's invasion of Ukraine.

15M Trello profiles leaked in 2024; built-in SaaS security fails, making third-party backup essential.

Everyone hates robocalls. However, it’s difficult to track down all the scammers and spammers that make them, so the Federal Communications...

Anthropic—maker of AI coding chatbot Claude—says cybercriminals have abused Claude to automate and orchestrate sophisticated attacks.