Latest CyberSec News by @thecyberpicker

Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers' encrypted cloud data.

ISO 42001 is a new flagship artificial intelligence (AI) standard. Here are 5 steps to take to prepare your organization to succeed in your ISO 42001 endeavors.

Every organization should be exploring a layered approach in which artificial and human intelligences come together to form a rich, dynamic, and multifaceted deepfake defense strategy tailored to its needs.

A pro-Ukraine hacking group claimed that it was behind an attack on CarMoney, a Russian microfinance company with reported connections to Vladimir Putin's ex-wife.

This week in cybersecurity from the editors at Cybercrime Magazine

Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider

Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting

Darcula v3 automates phishing kit creation, allowing attackers to clone any website in minutes. Netcraft has blocked 95,000 domains, yet threats persi

Cybersecurity researchers are analyzing about 200,000 messages from inside the high-profile Black Basta ransomware operation that were leaked recently.

Excessive privileges and visibility gaps create a breeding ground for cyber threats.

Weak identity security can lead to breaches and downtime. Learn expert strategies to reduce security debt and future-proof your defenses.

AI is revolutionizing SOCs by automating threat detection, enhancing incident response, and enabling proactive security strategies to stay ahead of evolving cyber threats.

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog.

CISA adds CVE-2025-23209 to its KEV list as Craft CMS faces active exploitation, urging agencies to patch by March 13, 2025.

Salt Typhoon exploited CVE-2018-0171 and stolen credentials to infiltrate U.S. telecom networks, persisting undetected for over three years.

BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak

Kaspersky experts analyze the Angry Likho APT group's attacks, which use obfuscated AutoIt scripts and the Lumma stealer for data theft.

Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption

Australian software firm Atlassian patched 12 critical and high-severity flaws in Bamboo, Bitbucket, Confluence, Crowd, and Jira.

Les chercheurs d'Orange Cyberdefense ont observé une campagne de ransomware rendue possible par l'exploitation d'une faille de sécurité...-Cybersécurité

A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said.

The Chinese nation-state threat group primarily gained access to Cisco devices with legitimate login credentials, according to Cisco Talos.

The agency is rebranding a tech-focused unit in a move that some critics worry may be part of a larger shift away from regulating the crypto space.

Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks.

William discusses what happens when security is an afterthought rather than baked into processes and highlights the latest of Talos' security research.

To address the ever-evolving cybersecurity landscape and equip organizations with information and resources to more q

Beware before downloading Google Chrome from a Google search, you might get more than you expected.

An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation.

The China-backed threat group often acts swiftly, going from initial access to compromise in just one day, a behavior atypical of cybercriminal groups.

Cybercriminals are sneaking the cryptominer XMRig into pirated versions of popular games, and Russians appear to be the most frequent victims, according to researchers at Kaspersky.