Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools
Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools
Latest CyberSec News by @thecyberpicker
Why Should CISOs Join an ISAC for Cyber Defense? | CSA
ISACs provide CISOs with real-time threat intelligence, industry-specific insights, and collective defense strategies, strengthening cybersecurity across organizations.
« LâIA doit asservir lâhumanitĂ© » : des chercheurs ont rendu fous des chatbots
Des chercheurs ont injecté du code malveillant dans deux agents conversationnels, dont ChatGPT. AprÚs un long « bourrage », le chatbot a fini par donner des réponses surprenantes sur d'autres sujets, suggérant d'asservir les humains. Que se passe-t-il si l'IA ne s'entraine que sur des codes malveillants ? Plusieurs
Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds
In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities
Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons
Cellebrite blocked Serbia from using its solution after reports that police used it to infect the phones of a journalist and activist
OpenSSF Publishes Security Framework for Open Source Software
OpenSSF has released new baseline security best practices to improve open source software quality
Crypto : La plateforme Bybit piratée par la Corée du Nord, 1,4 milliard de dollars en Ethereum dérobés
La plateforme dubaĂŻote d'Ă©change de cryptomonnaies a subi un piratage d'ampleur, permettant aux hackers de mettre la main sur 1,4 milliard de...-Crypto monnaie
Cybersécurité : Dreadnode lÚve 14 millions de dollars pour sa plateforme de tests des systÚmes d'IA
La start-up américaine développe plusieurs outils permettant aux entreprises d'évaluer le niveau de protection des systèmes d'IA et la manière...-CybersĂ©curitĂ©
Have I Been Pwned a ajoutĂ© des listes de mots de passe volĂ©s, vĂ©rifiez si vous ĂȘtes concernĂ©s
La plateforme spécialisée dans les fuites Have I Been Pwned a ajouté une nouvelle base de données de mots de passe récupérés sur le marché noir. Vous pouvez vérifier si vos infos ont fuité depuis le site. Have I Been Pwned, le site de référence pour savoir si vos infos ont été dérobées, a ajouté une nouvelle base de
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
PolarEdge botnet exploits unpatched Cisco router flaw to infect 2,017 devices globally, using a TLS backdoor and FTP payloads tied to Huawei Cloud.
134 millions dâeuros de prime offerts pour des infos sur le piratage de lâannĂ©e : le hack de Bybit
La plateforme de crypto-monnaies Bybit, victime d'un piratage record de 1,4 milliard de dollars, cherche dĂ©sormais Ă retrouver ses crypto. L'entreprise offre une prime Ă ceux qui arriveraient Ă retrouver les fonds avant qu'ils soient convertis par des hackers nord-corĂ©ens. La plateforme dâĂ©change de crypto-monnaies
FBI Confirms North Koreaâs Lazarus Group as Bybit Crypto Hackers
FBI confirms North Koreaâs Lazarus Group responsible for Bybit crypto heist
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
FBI confirms North Koreaâs Lazarus Group stole $1.5B from Bybit, surpassing 2024âs total crypto heists. Investigations reveal a supply chain attack vi
It's not just Salt Typhoon: All China-backed attack groups are showcasing specialized offensive skills | CyberScoop
CrowdStrike observed significant growth in Chinaâs offensive cyber capabilities last year as more groups used sector-specific skills to target critical industries and technologies.
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist
FBI has confirmed that North Korean hackers stole $1.5 billion from cryptocurrency exchange Bybit on Friday in the largest crypto heist recorded until now.
U.S. Soldier Charged in AT&T Hack Searched âCan Hacking Be Treasonâ â Krebs on Security
Southern Water says Black Basta ransomware attack cost ÂŁ4.5M in expenses
United Kingdom water supplier Southern Water has disclosed that it incurred costs of £4.5 million ($5.7M) due to a cyberattack it suffered in February 2024.
GrassCall scam drains crypto wallets through fake web3 job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets.
GrassCall malware campaign drains crypto wallets via fake job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets.
Cyber workforce legislation vote gives rise to partisan rift on House Homeland Security Committee | CyberScoop
Democrats voted against a bill they once supported, citing President Trumpâs actions on cyber personnel.
Australian IVF provider Genea confirms hackers accessed patients' healthcare data
In an update, Australian fertility services company Genea said hackers had published stolen data. A ransomware group reportedly claimed responsibility for the attack.
âCyber incidentâ shuts down Cleveland Municipal Court for third straight day
The court said it has "shut down the affected systems while we focus on securing and restoring services safely."
Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads
Malicious Python package "automslc" (104K+ downloads) enables Deezer piracy, bypassing API restrictions and linking to a C2 server.
New Linux Malware âAuto-Colorâ Grants Hackers Full Remote Access to Compromised Systems
Auto-Color Linux malware targets governments and universities, using stealth tactics and encryption to evade detection and maintain persistence.
SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent
AI-driven SOC 3.0 automates 100% of alerts, cuts response time from days to minutes, and enables proactive threat detectionâreducing costs and analyst
Karen Evans steps into a leading federal cyber position: executive assistant director for cybersecurity at CISA | CyberScoop
The experienced cyber and IT government hand takes on a role leading the cybersecurity half of the agency.
VSCode extensions with 9 million installs pulled over security risks
Microsoft has removed two popular VSCode extensions, 'Material Theme - Free' and 'Material Theme Icons - Free,' from the Visual Studio Marketplace for allegedly containing malicious code.
Rethinking remote assistance security in a Zero Trust world
As organizations work toward a Zero Trust model, secure remote assistance must align with core security principles. Learn more.
Cette fois, promis, Google va en finir avec les SMS pour sécuriser Gmail
Adieu les SMS sur Gmail pour la double authentification. Google désire les remplacer par une autre méthode, moins exposée aux abus et aux pratiques de piratage : les QR codes. Le changement, selon l'entreprise américaine, sera positif pour la sécurité des internautes, mais il faudra encore attendre un peu avant de le
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
An XSS vulnerability in Krpano was exploited to hijack 350+ websites, manipulating search results for spam ads. The latest update mitigates the risk.