Latest CyberSec News by @thecyberpicker

The municipal water company in the town of Mataró said it is working with the Catalonian authorities to recover and restore its infrastructure.

This week in cybersecurity from the editors at Cybercrime Magazine

Darcula adds GenAI tools + Lowers phishing skills barrier + 25,000 scam pages taken down.

While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline

A new era of real-time supply chain visibility and proactive risk mitigation is here for government agencies.

As cyber threats get smarter, companies are using Zero Trust Security Models to keep their data safe. This way of thinking means "never trust, always verify."

A significant security gap in Linux runtime security caused by the 'io_uring' interface allows rootkits to operate undetected on systems while bypassing advanced Enterprise security software.

NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a “red herring”

WhatsApp adds Advanced Chat Privacy feature that allows users to block others from sharing chat content outside the app.

Commvault flaw CVE-2025-34028 enables pre-auth SSRF leading to code execution; fix in 11.38.20+ versions.

71% of healthcare attacks involve ransomware + 11-day downtime + HIPAA mandates segmentation + Zero Trust critical.

ETSI’s says new technical specification for securing AI models and systems sets international benchmark

Ofcom’s Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms

Dans son rapport annuel, la branche chargée de la cybercriminalité au sein de la police fédérale américaine alerte sur une nette...-Cybersécurité

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

WhatsApp adds chat export block for privacy + Meta fined €200M by EU for illegal ad consent model.

A community for Hackers, Researchers, DEF CON Groups, and anyone looking to explore the world of security.

We accept the challenge. The supply chain industry needs a risk management platform built for commercial success.

Shopify is facing a class action lawsuit that could change the way globally active companies can be held accountable

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network edge devices.

A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency's sensitive case files in early March. The whistleblower said accounts created…

Cybersecurity News

A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning.

Blue Shield of California said an improper Google Analytics configuration exposed the data of more than 4.5 million people, while state regulators recently received more than a dozen other reports involving healthcare-related organizations.

New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn.

The key findings from the 2024 FBI IC3 cybercrime report, including record-breaking losses, top scams, and ransomware trends.

Governments around the world have appeared to ease off from using internet shutdowns to silence protesters and control access to information, according to new data from internet infrastructure company Cloudflare.

WhatsApp has introduced a new Advanced Chat Privacy feature to protect sensitive information exchanged in private chats and group conversations.

DPRK hackers stole $137M in 2023 from TRON users via phishing, fueling nuclear programs and cyberattacks.

The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has observed threat actors taking advantage of unsecured workload identities to gain access to resources, including containerized environments. Microsoft data […]