Latest CyberSec News by @thecyberpicker

A new Microsoft AI agent, named Project Ire, is able to autonomously classify malware at a global scale with a high level of precision

How to build an AI agent that triages GuardDuty alerts, lessons learned scaling Netflix's detection pipelines, Anthropic releases a slash command and GitHub Action for performing secure code review

The company said it had linked recent hacks to customers’ use of legacy credentials when migrating from Gen 6 to Gen 7 firewalls.

Microsoft Exchange customers have been urged to apply fixes set out in a hybrid deployment security update published in April

Scammers are targeting Facebook users in this latest phishing campaign.

Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor

Most companies have not turned cybersecurity awareness—especially in cloud & SaaS environments—into action. They need to shift to continuous posture management.

Attackers used 11 Go and 2 npm packages to spread malware across platforms, putting open-source developers at risk.

Axis camera flaws allow remote code execution and access to 6,500 systems, risking surveillance takeovers.

LAS VEGAS — A decade ago, the rise of public cloud brought with it a familiar pattern: runaway innovation on one side, and on the other, a scramble to retrofit security practices not built for the new terrain. Related: GenAI workflow risks Shadow IT flourished. S3 buckets leaked. CISOs were left to piece together fragmented

This week in cybersecurity from the editors at Cybercrime Magazine

TeaOnHer turns out to be at least as leaky as its female counterpart, Tea Dating Advice app.

The scam lures users into claiming free credits on fake online gaming sites, that require "verification deposit" to cash in winnings.

WhatsApp will now show a Safety Overview to the users whenever an unknown number adds them to a new group, alerting them of potential scams.

The founders of the Samourai Wallet (Samourai) cryptocurrency mixer have pleaded guilty to laundering over $200 million for criminals.

SonicWall confirms recent SSL VPN attacks link to patched CVE-2024-40766 and reused passwords, urging password resets.

AI-fueled attacks rise as cloud security evolves; enterprises deploy real-time AI defense to keep pace.

Microsoft warns of CVE-2025-53786 in Exchange Server risking cloud identity abuse; admins urged to patch.

Hackers tricked workers over the phone at Google, Adidas, and more to grant access to Salesforce data.

The government of China has accused Nvidia of inserting a backdoor into their H20 chips: China’s cyber regulator on Thursday said it had held a meeting with Nvidia over what it called “serious security issues” with the company’s artificial intelligence chips. It said US AI experts had “revealed that Nvidia’s computing chips have location tracking and can remotely shut down the technology.”

Ce mercredi 6 août 2025, la compagnie aérienne Air France-KLM a annoncé avoir été victime d'une « violation de données ». Parmi les informations compromises, figurent des données personnelles de clients. Voici ce que des cybercriminels pourraient potentiellement faire avec ces informations. Après Bouygues Telecom,

A jury has ruled that Meta accessed sensitive information from women's reproductive health tracking app Flo without consent.

Ukraine's CERT-UA warns of phishing attacks by UAC-0099 targeting defense sectors, using malware like MATCHBOIL, MATCHWOK, and DRAGSTARE.

Malwarebytes has been awarded the prestigious MRG Effitas Android 360° Certificate, one of the toughest independent tests in mobile security.

The Alliance for Creativity and Entertainment (ACE) announced the shutdown of Rare Breed TV, a major illegal IPTV service provider, after reaching a financial settlement with its operators.

A UK government initiative to tackle Companies House fraud has raised security concerns

Air France and KLM announced on Wednesday that attackers had breached a customer service platform and stolen the data of an undisclosed number of customers.

SonicWall has claimed an uptick in Akira ransomware intrusions is due to legacy password use

Bouygues Telecom a révélé avoir été victime d’une cyberattaque d’ampleur exceptionnelle : les données personnelles de millions de clients ont été dérobées. Coordonnées, informations contractuelles, IBAN… des données sensibles sont dans la nature. La menace : celui de voir un prélèvement SEPA non autorisé apparaître

Dell est au centre d'une alerte de cybersécurité depuis le 5 août 2025 et la découverte des failles « ReVault », qui touchent plus de 100 modèles de ses ordinateurs portables Latitude, Precision et XPS. Ces vulnérabilités dans la puce de sécurité ControlVault3 permettent à des attaquants d’accéder de façon