Latest CyberSec News by @thecyberpicker

With financial stress at an all-time high, people are desperately seeking relief. Sadly, scammers know this all too well.

GPT-4o raises privacy concerns with broad data collection, third-party sharing, and AI training risks. Businesses are restricting AI use to protect sensitive data.

In an interview with Recorded Future News, Deibert explained the technical aspects of the Citizen Lab’s methods and how spyware companies continue to evolve to evade detection.

This week in cybersecurity from the editors at Cybercrime Magazine

Austin, TX, United States, 19th March 2025, CyberNewsWire

World-renowned physicist, Professor Brian Cox, will headline day one of Infosecurity Europe, analyzing the science behind quantum computing and the challenges it brings

ClearFake malware infects 9,300+ websites, using fake reCAPTCHA and Web3 tactics to spread Lumma and Vidar Stealers, exposing 200,000+ users.

Join Beyond Identity’s webinar to learn how secure-by-design access blocks phishing, MFA bypass, and identity threats before they strike.

Security firm Barracuda said it has detected more than a million phishing-as-a-service (PhaaS) attacks in 2025

The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog

California Cryobank sent out a warning it suffered a data breach that exposed customers' personal information.

As AI scales, it faces latency, privacy issues, and network bandwidth constraints. Edge computing addresses this by processing data near the edge of a network.

L'année 2024 a été marquée par un accroissement des fuites de données. Chaque jour, 16 fuites ont été déclarées à la Cnil, pour un total de...-Club Data Protection

Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts

Identity-based attacks are rising, but ITDR helps detect threats, prioritize risks, and stop breaches before they happen.

Un site anonyme a publié une carte contenant les informations personnelles de propriétaires de Tesla. Dans un contexte de fortes tensions contre Elon Musk et son entreprise, la plateforme encourage même la revente des véhicules pour être retiré de la liste. Un site web polémique a mis en ligne une carte interactive

Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies

The new Arcane stealer spreads via YouTube and Discord, collecting data from many applications, including VPN and gaming clients, network utilities, messaging apps, and browsers.

Two critical mySCADA myPRO flaws (CVSS 9.3) allow remote command execution, threatening industrial control systems and requiring urgent patching.

U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog.

CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update tj-actions/changed-files by April 4.

The move, which critics say is unconstitutional, also potentially threatens numerous agency investigations and enforcement around privacy and cybersecurity.

We’ve seen this movie before. Alphabet, Google’s parent company's, $32 billion bid for Wiz isn’t just about security and privacy. It’s the latest round in Big Tech’s long-running game of business leapfrog—where each giant keeps lunging into the next guy’s home turf, trying to reshape the battlefield in its favor. Think about it. Google tried

US sperm donor giant California Cryobank is warning customers it suffered a data breach that exposed customers' personal information.

The agency still plans to keep workers on paid administrative leave, despite ongoing concerns about its ability to address cyber threats.

Reddit users from trading and crypto subreddits are being lured into installing malware disguised as premium cracked software.

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint.

Palo Alto, Calif., Mar. 18, 2025, CyberNewswire -- SquareX, a pioneer in Browser Detection and Response (BDR) space, announced the launch of the "Year of Browser Bugs" (YOBB) project today, a year-long initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors -

The Zero Day Initiative measured the prevalence of manipulated Windows shortcut files in campaigns attributed to nation-state hacking groups — finding at least 11 exploited a bug that allows malicious use of the files.