Latest CyberSec News by @thecyberpicker

Groups calling themselves IT Army of Russia and TwoNet are newly active on Telegram, coordinating operations and seeking new members, researchers at Intel 471 said.

Hunters International, l’un des groupes de ransomwares les plus actifs de ces dernières années, a officiellement annoncé la fermeture de ses opérations en juillet 2025. Le groupe se transforme en une nouvelle entité baptisée « World Leaks », axée uniquement sur l’extorsion de données. Dans le monde de la startup

​Microsoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites.

Rules files to vibe securely, earning $25K from dangling commits, compromising the extension marketplace of Cursor, Windsurf, and other VS Code forks

Interpol said it analyzed five years of data about the illicit industry, which relies on human trafficking to staff up centers with people who are forced to conduct investment fraud, romance scams and other schemes.

A critical Azure Machine Learning flaw allows privilege escalation, risking subscription compromise

Microsoft said it has spent years monitoring North Korea’s campaign to get its citizens hired in IT roles at U.S. companies and recently saw changes in how the campaign operates.

Russian authorities said the man used malware to attack Russian information systems in 2022, blocking access to websites of several local companies and damaging critical infrastructure.

The CVE Board has launched a Consumer Working Group and a Researcher Working Group, allowing new stakeholders to shape the future of the CVE Program

“After careful consideration and in light of recent developments, we have decided to close the Hunters International project,” the prolific cybercrime gang wrote on its darknet site.

The 2024 CrowdStrike outage exposed issues with centralized security solutions, process management, software testing, and incident response planning.

The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to...

This week in cybersecurity from the editors at Cybercrime Magazine

Stalkerware app Catwatchful has been leaking customer and victim information. It is one in a long line of such apps to do this.

Microsoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service.

ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks

Over 40 malicious Firefox extensions impersonating popular crypto wallets have been uncovered, putting digital assets at risk.

SentinelLabs observed North Korean actors deploying novel TTPs to target crypto firms, including a mix of programming languages and signal-based persistence

MITRE ATT&CK v17 introduces an ESXi matrix, highlighting hypervisors as critical points of attack. Learn about the new TTPs and how to secure ESXi environments.

​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom.

Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice department report. The incident was disclosed in a justice department inspector general’s audit of the FBI’s efforts to mitigate the effects of “ubiquitous technical surveillance,” a term used to describe the global proliferation of cameras and the thriving trade in vast stores of communications, travel, and location data...

Chinese hackers exploited Ivanti CSA zero-days, targeting French government, media, and telecom sectors in September 2024.

Adaptive AI platforms for SOCs offer real-time alert triage, faster response times, and full-spectrum security coverage.

Une étude de la société de cybersécurité Netcraft révèle que des cybercriminels exploitent les errances des LLMs comme ChatGPT ou Perplexity. Cette nouvelle méthode de piratage repose sur les faux liens renvoyés par les IA génératives. Il était une époque, pas si lointaine, où l'utilisateur lambda cherchait lui-même

Callback phishing scam emails are masquerading as messages from popular brands used for everyday tasks that put small businesses at risk.

Microsoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update.

Two elevation of privilege vulnerabilities have been discovered on the popular Sudo utility, affecting 30-50 million endpoints in the US alone

À l’heure où les fuites de données sont devenues monnaies courantes, la protection des données personnelles n’a jamais été aussi importante. D’autant plus qu’il existe désormais pléthore d’outils plus puissants les uns que les autres pour accompagner les internautes dans cette tâche. En juin dernier, un fichier

CVE-2025-20309 in Cisco Unified CM could grant root access, allowing arbitrary command execution.

Communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM).