Latest CyberSec News by @thecyberpicker

Experts are warning about the proliferating market for targeted spyware and espionage. Why should we be concerned?

Learn how to optimize your SIEM solution with key strategies and practices.

YouTube game cheat videos deliver Arcane stealer malware; attack chain extracts sensitive data via batch files and PowerShell.

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers.

This is serious: A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used “tj-actions/changed-files” utility, is now believed to have originated from an earlier breach of the “reviewdog/action-setup@v1” GitHub Action, according to a report. […] CISA confirmed the vulnerability has been patched in version 46.0.1. Given that the utility is used by more than 23,000 GitHub repositories, the scale of potential impact has raised significant alarm throughout the developer community...

Annual pentests can leave security gaps that attackers can exploit for months. Learn more from Outpost24 about why continuous penetration testing (PTaaS) offers real-time detection, remediation, and stronger protection.

Microsoft has lifted an upgrade block that prevented Asphalt 8: Airborne players from upgrading their systems to Windows 11 24H2 due to compatibility issues.

Cybercriminals working on behalf of nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage.

Threat modeling (with) LLMs, tj-actions woes, reading a threat actor's Telegram C2

The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack.

Cybercriminals use AI for phishing, deepfakes, and adaptive malware, while organizations deploy AI for anomaly detection, automation, and predictive defense.

Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog.

Swiss global solutions provider Ascom has confirmed a cyberattack on its IT infrastructure as a hacker group known as Hellcat targets Jira servers worldwide using compromised credentials.

Veeam and IBM patch critical vulnerabilities—Veeam’s CVE-2025-23120 (CVSS 9.9) and IBM’s AIX flaws—preventing potential remote exploits

This week in cybersecurity from the editors at Cybercrime Magazine

Bridewell has released its annual report on critical infrastructure security leaders’ perceived cybersecurity maturity and threats

This award recognizes outstanding supply chain professionals making significant contributions to the industry

Microsoft 365’s shared responsibility model assigns providers robust infrastructure security while users enforce controls, boosting cybersecurity.

CISOs often seek to improve team performance, but feel overwhelmed by the size and complexity of the situation. Start by making a small, 1% improvement.

Six governments likely use Paragon’s Graphite spyware, disrupting 90 attacks and prompting iOS 18 fixes.

February’s Operation Henhouse resulted in hundreds of arrests and the seizure of £7.5m

UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting.

CISA adds flaw CVE-2024-48248 to NAKIVO pre-10.11.3; active exploit risks data exposure, FCEB must mitigate by April 9, 2025.

33.3M U.S. SMBs risk non-compliance. Automated monitoring cuts fines and boosts security

La présidente de la fondation Signal prévient que la loi Narcotrafic est susceptible de provoquer un retrait de son application de messagerie instantanée du marché français. En cause ? Les dispositions pouvant nuire à la sécurité des communications chiffrées. L'avertissement a pris la forme d'un tweet, publié dans

The Pennsylvania State Education Association (PSEA) has sent breach notifications to over 500,000 current and former members

New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035

Le groupe de chercheurs Citizen Lab a publié un rapport sur la société israélienne Paragon Solutions, qui commercialise le logiciel espion...-Cybersécurité

Un Français sur trois a déjà utilisé des outils d'intelligence artificielle en...-IA générative