Latest CyberSec News by @thecyberpicker

Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture

This article shares the latest trends and challenges in backup and disaster recovery by gathering data from over 3,000 IT pros worldwide. Learn more.

AI agents seem like digital employees - they assist with IT support, customer service, and even decision-making - but they differ from humans in critical ways.

Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild.

Cary, North Carolina, 13th March 2025, CyberNewsWire

L'ANSSI, la sentinelle de la cybersécurité en France, fait le bilan d'une année marquée par une recrudescence des cyberattaques, notamment dans le contexte des Jeux olympiques. L'agence souligne le rôle de la Russie dans de nombreuses opérations de déstabilisation. Des bonnes, et des mauvaises nouvelles. L'ANSSI,

VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously

We analyze the activities of the Head Mare hacktivist group, which has been attacking Russian companies jointly with Twelve.

The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR

Security is a team sport. Whether you're a pentester, bug bounty hunter, student, or just love breaking (and fixing) things, our field thrives on shared knowledge, collaboration, and support. We want

Firefox users must update to version 128 before March 14 to prevent add-on failures and security risks.

A critical FreeType vulnerability (CVE-2025-27363) with a CVSS 8.1 score may be actively exploited—update to 2.13.3 now for protection.

Une cyberattaque a récemment touché la mairie de la ville de Lorient. Des données personnelles d'agents municipaux ont été mises en vente sur un célèbre forum de pirates. La municipalité de Lorient (Bretagne) a déclaré le 10 mars avoir subi sur une cyberattaque sur le réseau de la mairie. Dans un communiqué partagé à

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

The Stop CSAM Act aims to enforce stricter measures on big tech to tackle child sexual abuse material. Critics fear this could jeopardize encrypted messaging services.

San Jose, Calif., Mar. 12, 2025, CyberNewswire -- Aptori, a leader in AI-driven application security, today announced the launch of its AI-driven AppSec Platform on Google Cloud Marketplace as part of graduating from Google Cloud’s ISV Startup Springboard program. This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real

Facebook is warning that a FreeType vulnerability in all versions up to 2.13 can lead to arbitrary code execution, with reports that the flaw has been exploited in attacks.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog.

An advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Wednesday said the group and its affiliates have attacked organizations in the medical, education, legal, insurance, technology and manufacturing industries.

CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month.

ISACA London Chapter members demand e-voting system investigation over security and privacy concerns

Apple has patched a vulnerability in iOS and iPadOS that was under active exploitation in extremely sophisticated attacks.

A new Android spyware named 'KoSpy' is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps.

iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users

The Cybersecurity and Infrastructure Security Agency confirmed this week that it is cutting funding for cybersecurity intelligence sharing bodies amid a wider campaign of firings and budget cuts impacting the federal cybersecurity landscape.

Indian authorities arrested Aleksej Besciokov, the co-founder and one of the administrators of the Russian Garantex crypto-exchange while vacationing with his family in Varkala, India.

Cybercriminals are increasingly targeting school networks through phishing and social engineering, a cybersecurity nonprofit reported.

In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated

Ballista’s attacks on TP-Link devices comes as U.S. lawmakers consider banning the company's products over suspected links to China.

The devices have reached end-of-life status and need to be upgraded, as the company has issued in a security advisory.