Latest CyberSec News by @thecyberpicker

En juillet 2024, Dassault Systèmes annonçait un partenariat avec la pépite Mistral AI, donnant naissance à une nouvelle offre "LMaaS"...-Souveraineté

Cyber Guru, qui développe un outil de sensibilisation en cybersécurité basé sur des modèles de machine learning, met la main sur Mantra,...-Cybersécurité

The ransomware-as-service gang tallied more than 300 victims in industries such as healthcare, manufacturing and technology.

Researchers warn of a "coordinated surge" in the exploitation attempts of SSRF vulnerabilities in multiple platforms.

Des sénateurs ont pris position contre l'avis du gouvernement en faisant voter un amendement anti-backdoor (porte dérobée) pour protéger le chiffrement. La mesure a été prise alors qu'un débat a eu lieu à l'Assemblée nationale. Il a concerné une proposition de loi, dont les contours ont fait craindre à un

KoSpy spyware targets Android users via fake apps, collecting data while evading detection with Firestore.

Repo for simulating Russia, China, DPRK APTs, getting phished by CloudFormation or SSM, 7 flywheels for amplifying your security program

Credential theft surged 3× in a year—but AI-powered malware? More hype than reality. The Red Report 2025 by Picus Labs reveals attackers still rely on proven tactics like stealth & automation to execute the "perfect heist."

This week in cybersecurity from the editors at Cybercrime Magazine

Automation in GRC streamlines compliance, reduces manual effort, and enhances security. Learn how Continuous Controls Monitoring and AI improve efficiency.

ruby-saml vulnerabilities (CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.

Cascading Style Sheets (CSS) are ever present in modern day web browsing, however its far from their own use. This blog will detail the ways adversaries use CSS in email campaigns for evasion and tracking.

Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture

This article shares the latest trends and challenges in backup and disaster recovery by gathering data from over 3,000 IT pros worldwide. Learn more.

AI agents seem like digital employees - they assist with IT support, customer service, and even decision-making - but they differ from humans in critical ways.

Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild.

Cary, North Carolina, 13th March 2025, CyberNewsWire

L'ANSSI, la sentinelle de la cybersécurité en France, fait le bilan d'une année marquée par une recrudescence des cyberattaques, notamment dans le contexte des Jeux olympiques. L'agence souligne le rôle de la Russie dans de nombreuses opérations de déstabilisation. Des bonnes, et des mauvaises nouvelles. L'ANSSI,

VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously

We analyze the activities of the Head Mare hacktivist group, which has been attacking Russian companies jointly with Twelve.

The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR

Security is a team sport. Whether you're a pentester, bug bounty hunter, student, or just love breaking (and fixing) things, our field thrives on shared knowledge, collaboration, and support. We want

Firefox users must update to version 128 before March 14 to prevent add-on failures and security risks.

A critical FreeType vulnerability (CVE-2025-27363) with a CVSS 8.1 score may be actively exploited—update to 2.13.3 now for protection.

Une cyberattaque a récemment touché la mairie de la ville de Lorient. Des données personnelles d'agents municipaux ont été mises en vente sur un célèbre forum de pirates. La municipalité de Lorient (Bretagne) a déclaré le 10 mars avoir subi sur une cyberattaque sur le réseau de la mairie. Dans un communiqué partagé à

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

The Stop CSAM Act aims to enforce stricter measures on big tech to tackle child sexual abuse material. Critics fear this could jeopardize encrypted messaging services.

San Jose, Calif., Mar. 12, 2025, CyberNewswire -- Aptori, a leader in AI-driven application security, today announced the launch of its AI-driven AppSec Platform on Google Cloud Marketplace as part of graduating from Google Cloud’s ISV Startup Springboard program. This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real

Facebook is warning that a FreeType vulnerability in all versions up to 2.13 can lead to arbitrary code execution, with reports that the flaw has been exploited in attacks.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog.