Latest CyberSec News by @thecyberpicker

L’Airbus A400M, connu depuis ses débuts comme une référence mondiale du transport militaire, s’apprête à endosser de nouveaux rôles. Parmi eux ? Celui de « vaisseau mère » pour les drones de combat. Initialement conçu pour l’emport de charges lourdes et le soutien logistique, l’A400M voit ses missions s’élargir au

The Higher School of Economics (HSE), a leading Russian institution, said the two-year course will focus on international corporate compliance and business ethics, and will be taught in both Russian and English.

A former National Crime Agency investigator who worked on the Silk Road case was sentenced to more than five years in prison for stealing 50 bitcoin seized in that operation.

A new attack uses CVE-2021-41773 in Apache HTTP Server to install a cryptocurrency miner via compromised websites.

A researcher has disclosed how he found a—now fixed—vulnerability in Meta AI that could have allowed others to see private questions and answers.

The database contained 1,115,061 records including the names of children, birth parents, adoptive parents, and other potentially sensitive information like case notes.

Every major compliance framework, including PCI DSS, GDPR, and ISO 27001, requires strong access controls. Yet Non-Human Identities (NHIs) are often overlooked.

Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites

File sharing site WeTransfer has rolled back language that allowed it to train machine learning models on any files that its users uploaded.

This week in cybersecurity from the editors at Cybercrime Magazine

United Natural Foods Projects (UNFI) expects a $350–$400M sales hit from a June cyberattack, with $50–$60M in net income impact.

Google has released an update for its Chrome browser to patch six security vulnerabilities including one zero-day.

The value of losses to crypto thefts has soared this year to more than $2 billion over the first six months, the blockchain analytics company Chainalysis found.

The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being “misguided” about the privacy offered by iOS, and of being an Apple fanboy. The issue isn’t what ICEBlock stores. It’s about what it could accidentally reveal through its tight integration with iOS...

Discover how CTEM, VM, and ASM work together to enhance cybersecurity, providing real-time visibility and proactive threat management.

Europol dismantles NoName057(16), a Russian group behind DDoS attacks, arresting two and targeting over 1,000 supporters.

Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges.

Une unité de la Garde nationale américaine a été « massivement » compromise par le groupe de cyberespionnage chinois « Salt Typhoon ». Survenue entre mars et décembre 2024, l'opération aurait permis aux pirates d’accéder à des informations sensibles, compromettant potentiellement la sécurité de multiples

Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses.

Harmonic Security raises the alarm as one in 12 British and American employees uses Chinese GenAI tools

Microsoft has reported Scattered Spider continues to evolve tactics to compromise both on-premises infrastructure and cloud environments

Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

There were 1732 publicly reported US data breaches in the first half of 2025, according to the latest ITRC report

A Veeam survey found that 96% of financial services organizations believe their current levels of data resilience falls short of DORA compliance, citing major challenges

Cisco's CVE-2025-20337 flaw exposes ISE to root access via API exploit. Affects releases 3.3 & 3.4.

UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and caused food shortages in its grocery stores.

The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025.

Karen Vardanyan and his co-conspirators allegedly deployed ransomware on hundreds of machines in 2019 and 2020, extorting more than $15 million from victims at the time.

A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in the country.