Latest CyberSec News by @thecyberpicker

The open technology tackles disinformation by verifying whether the image is real or has been modified. The standard, created to document the provenance of photos and other media, has gained steam in the past year, surpassing 500 corporate members and releasing open-source tools for developers.

Microsoft found that Russian state actor Seashell Blizzard has deployed an initial access subgroup to gain persistent access in a range of high-value global targets

In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the US Treasury computer system, giving them the ability to collect data on and potentially control the department’s roughly ...

REF7707 deployed FINALDRAFT malware, using Microsoft Graph API for stealthy command-and-control in a global espionage campaign.

Palo Alto Networks patches CVE-2025-0108, a PAN-OS flaw (CVSS 7.8) allowing authentication bypass. Update now.

The Electronic Frontier Foundation has requested a US federal court to block Elon Musk’s DOGE access to US Office of Personnel Management Data

SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware

Les équipes de cybersécurité chez Microsoft ont remarqué l'émergence d'un nouveau groupe de pirates lié au renseignement militaire russe. Ces pirates sont proches d'une unité connue pour ses attaques destructrices. Depuis plus d'une décennie, Sandworm, l'unité de cyber-guerre la plus agressive du Kremlin, mène des

Critical (CVSS 9.4) release enables attackers to take control of customer accounts.

Tokyo's new legislation is a bold measure aimed at stopping escalating Chinese cyber espionage efforts, experts say.

The president will tap the former RNC insider to lead the White House office that oversees nation’s cybersecurity strategy.

Microsoft introduces Scareware Blocker tool with Edge browser version 133 in preview mode, seeking users' feedback.

Increased hacker activity has been observed in attempts to compromise poorly maintained devices that are vulnerable to older security issues from 2022 and 2023.

Sean Cairncross will be one of the primary advisers to the administration on national cybersecurity matters.

Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time.

“The vast cybercriminal ecosystem has acted as an accelerant for state-sponsored hacking, providing malware, vulnerabilities, and in some cases full-spectrum operations to states,” said Ben Read of Google Threat Intelligence Group.

The attack has impacted casinos, health services, tribal administration and credit card payments at stores in the area.

A relatively new ransomware operation named 'Sarcoma' has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan.

US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang.

Alexander Vinnik, who ran the defunct cryptocurrency exchange BTC-e and pleaded guilty last year to participating in a money laundering scheme, is heading back to Russia as part of a prisoner swap that freed an American teacher, reports said.

North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired from the now widespread ClickFix campaigns.

La société de livraison Chronopost a subi une cyberattaque. Des infos personnelles de clients ont été dérobés. Chronopost, la branche de livraison express du Groupe La Post, a subi une cyberattaque. Des captures de mails partagées sur les réseaux sociaux révèlent que l'entreprise a commencé à informer ses clients

A subgroup of Seashell Blizzard exploited public vulnerabilities in internet-facing systems, Microsoft researchers said.

Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations.

CVE-2025-23359 (CVSS 8.3) lets attackers bypass NVIDIA’s container security, gaining host access via a TOCTOU flaw. Fix available in v1.17.4.

Sandworm’s BadPilot campaign exploits eight security flaws to infiltrate global critical sectors, enabling persistent access for cyber espionage opera

Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously.

Cloud-based RDP Remote Desktop Protocol solutions offer a centralized dashboard to manage user access, security policies, and monitor usage from one location. Learn more from TruGrid about how their SecureRDP platform provides a secure, scalable, and cost-efficient alternative to VPN-based RDP implementations.

A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been targeting critical organizations and governments in a multi-year campaign dubbed 'BadPilot.'