Latest CyberSec News by @thecyberpicker

In this article, we discuss the tools and TTPs used in the SideWinder APT's attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years

A list of topics we covered in the week of March 3 to March 9 of 2025

State-sponsored hacking, IoT botnets, ransomware shifts—this week's cyber roundup covers it all. Stay informed, stay secure. Read now

Une faille découverte dans la puce ESP32, présente dans plus d’un milliard d’appareils connectés, pourrait permettre d’accéder à leur mémoire et de manipuler le Bluetooth. Si son exploitation reste complexe, elle soulève des inquiétudes sur la sécurité des objets du quotidien. Les failles en cybersécurité permettent

US authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to 2022 LastPass breach.

Malwarebytes Premium Security has once again been awarded “Product of the Year” after successfully blocking 100% of “in-the-wild” malware samples.

In 2023, victims reported nearly 900,000 cybercrime complaints to the FBI. Altogether, losses eclipsed $12.5 billion — a significant 22% increase from the losses in 2022. Related: Closing the resiliency gap Unsurprisingly, experts predict this trend will continue to grow as we move further into the future. While any business is a potential target for

SilentCryptoMiner infects 2,000 users by posing as a restriction bypass tool, leveraging YouTube and Telegram for distribution.

A new open-source tool named 'Chirp' transmits data, such as text messages, between computers (and smartphones) through different audio tones.

US cities are warning of an ongoing mobile phishing campaign pretending to be texts from the city's parking violation departments about unpaid parking invoices, that if unpaid, will incur an additional $35 fine per day.

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks.

Moscou accuse l'Ukraine d'avoir piraté des organisations d'éducation nationaliste russe pour récolter des données personnelles. Le FSB, le renseignement russe, accuse l'Ukraine d'avoir piraté des agences d'éducation nationaliste et militaire russes. Selon le communiqué du gouvernement russe publié le 6 mars 2025, il

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free.

A software developer has been found guilty of sabotaging his ex-employer's systems by running custom malware and installing a "kill switch" after being demoted at the company.

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented backdoor that could be leveraged for attacks.

Cybercriminals are sending bogus copyright claims to YouTubers to coerce them into promoting malware and cryptocurrency miners on their videos.

L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, la...-Cybersécurité

Honoring the 12 finalists for interos.ai’s inaugural 2025 Women in Supply Chain Awards for Woman of the Year and Young Leader in Supply Chain

La Russie cible désormais les outils d'intelligence artificielle en tentant des les nourrir avec des campagnes de propagande. Une enquête révèle comment ces modèles relaient et amplifient des récits pro-Kremlin. Depuis plusieurs années, la Russie développe des stratégies sophistiquées pour influencer l’opinion

Le Club Data Protection de L'Usine Digitale vous propose un best-of des actualités de la semaine du 3 mars en matière de protection des...-Club Data Protection

The botnet has been involved in DDoS activity targeting telecom companies and gaming platforms.

Squid is a loyalty card platform in Ireland. Blog moderation policy.

A vulnerability initially exploited mostly in cyberattacks against Japanese organizations is now a potential problem worldwide, researchers said Friday.

Mayor Norie Gonzalez Garza sent a letter to Governor Greg Abbott saying the "incident is of such severity and magnitude that extraordinary measures must be taken."

Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution.

An effort launched in 2023 to curb the longstanding issue of pirated Cobalt Strike software being used by cybercriminals appears to have borne fruit.

U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack.

A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices.