Latest CyberSec News by @thecyberpicker

If someone is going to negotiate with criminals for you, that person should at least be on your side.

Sonatype’s latest Open Source Malware Index report has identified more than 16,000 malicious open source packages, representing a 188% annual increase

The company behind AV/EDR evasion tool Shellter has confirmed the product is being used by threat actors

China’s Hikvision vows legal battle after Canada bans its operations, citing national security concerns

PortSwigger returns to Black Hat USA and DEF CON 33 with a host of new talks, events and ways to meet PortSwigger and the creators of Burp Suite.

Russian organizations have been targeted by Batavia spyware in a phishing attack, exfiltrating documents and system info.

Trend Micro has observed the Bert ransomware group in operation since April 2025, with confirmed victims in sectors including healthcare, technology and event services

Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches.

CISA adds four critical vulnerabilities to its KEV list, with active exploitation confirmed. Federal agencies must update by July 2025.

A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies.

Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens.

Police in Brazil arrested an employee of C&M Software, who allegedly told them he had sold his login credentials to the hackers behind a massive theft via the PIX instant payment system.

Hackers stole nearly $140 million from six banks in Brazil by using an employee's credentials from C&M, a company that offers financial connectivity solutions.

Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as 'AMOS') that comes with a backdoor, to attackers persistent access to compromised systems.

Organizations on multiple continents — particularly in the health and tech sectors — have been breached by a ransomware group calling itself Bert, according to researchers at Trend Micro.

Gamemakers have only said they are investigating an unspecified “issue.” Players are posting videos of their computers being compromised.

Read the new e-book from Microsoft on how organizations can unify security operations to better meet the challenges of today’s cyberthreat landscape.

SEO poisoning delivers trojanized tools, targeting SMBs and spreading malware via fake websites

The cybercrime ring has infiltrated more than 100 businesses since 2022, including more than a dozen since it regrouped earlier this year.

A previously undocumented spyware called 'Batavia' has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures.

Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers.

Ingram Micro published a statement on Saturday saying it discovered “ransomware on certain of its internal systems,” which it immediately took offline.

When it comes to executing identity processes, 96% of organizations still rely on manual workflows. Automation is the exception rather than the standard.

The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.

The technology company said the attack has affected its ability to process and ship orders.

Iran-aligned BladedFeline group has been observed targeting the government of Iraq and KRG with advanced malware

How isolated recovery environments differ from traditional disaster recovery strategies, and how to implement them.

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software.

C'est l'heure des grands départs pour des milliers d'automobilistes français. Depuis la fin du mois de juin, le trafic sur les autoroutes françaises se densifie. C’est aussi le moment choisi par des groupes cybercriminels pour relancer une vague d’arnaques aux péages Ulys. Sur les 20 employés d'Humanoid présents dans