Latest CyberSec News by @thecyberpicker

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts.

Learn how to optimize your SIEM solution with key strategies and practices.

Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign

A top FBI official warns that China’s reliance on domestic tech companies for large-scale hacking is a major weakness.

Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives (HDDs).

Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels.

Sogou Zhuyin update server hijacked in Oct 2024 enabled TAOTH to target 49% victims in Taiwan.

Amazon disrupted APT29’s June 2025 campaign exploiting Microsoft device code authentication, redirecting 10% of visitors to malicious domains.

La société américaine Anthropic dévoile une campagne de vols de données orchestrée à l’aide de son modèle de génération de code Claude Code. En un mois, l'opération aurait mis en danger 17 organisations. Le mode opératoire repose sur ce qu’Anthropic désigne comme du vibe hacking. Vibe coding. Voilà le terme tendance

Zero Trust’s foundational concept of “always verify” is essential to building resilience. Reduce the blast radius to reduce the impact of incidents.

The ransomware ecosystem continues to splinter, with new gangs proliferating in the wake of law enforcement takedowns that have scattered affiliates and prompted criminal rebrands.

This week in cybersecurity from the editors at Cybercrime Magazine

Salt Typhoon hit 600 organizations in 80 countries since 2019, exploiting router flaws for global espionage.

A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity

Generative AI platforms challenge DLP tools; Fidelis NDR offers network-based monitoring to prevent sensitive data leaks.

I just heard about this: There’s a travel scam warning going around the internet right now: You should keep your baggage tags on your bags until you get home, then shred them, because scammers are using luggage tags to file fraudulent claims for missing baggage with the airline. First, the scam is possible. I had a bag destroyed by baggage handlers on a recent flight, and all the information I needed to file a claim was on my luggage tag. I have no idea if I will successfully get any money from the airline, or what form it will be in, or how it will be tied to my name, but at least the first step is possible...

The NIST National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Internal Report (IR) 8349,

Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes

HIPAA ensures the confidential handling of protected health information and mandates stringent guidelines for the privacy and security of patient data.

Google warns that Salesloft Drift OAuth breach affects all integrations, not just Salesforce. All tokens should be treated as compromised.

We analyze the built-in protection mechanisms in macOS: how they work, how threat actors can attack them or deceive users, and how to detect such attacks.

Active FreePBX zero-day (CVE-2025-57819) + CVSS 10.0 exploited since Aug 21, 2025 + enables unauthenticated admin access and RCE.

Passwordstate 9.9 fixes authentication bypass flaw on August 28, 2025, adding clickjacking defenses for 29,000 customers.

FBI and Dutch Police seized VerifTools, a $6.4M fake ID marketplace bypassing KYC checks.

The credit rating giant revealed that the breach, which occurred on July 28, was caused by unauthorized access to a third-party application

Les autorités espagnoles ont annoncé le 25 août 2025 avoir procédé à l'arrestation d'un jeune homme de 21 ans en Andalousie. Suspecté d'avoir piraté la plateforme éducative de la région, l'étudiant aurait entre autres modifié ses notes pour décrocher une place dans l'enseignement supérieur. Mars 2025, une première

Dutch intelligence reports Chinese cyber spies (Salt Typhoon, RedMike) targeted the Netherlands, hitting critical infrastructure.

Google reveals UNC6395 exploited Drift OAuth tokens Aug 8–18, 2025, forcing Salesforce to disable integrations

TamperedChef malware spread via fake PDF editors from June 26 to August 21, stealing credentials and cookies.

Miami, Aug. 28, 2025, CyberNewswire — Halo Security, a leading provider of external risk management solutions, today announced significant platform enhancements designed to give security teams greater flexibility and control within the platform. The new features include custom dashboards, configurable reports, and improved automation capabilities that give organizations better control over how they visualize and