Latest CyberSec News by @thecyberpicker

CTM360 has identified over 17,000 fake news sites mimicking reputable brands like CNN, BBC and CNBC, spreading investment fraud across 50 countries

Louis Vuitton data breach affects customers in the UK, South Korea, Turkey, and possibly more countries, with notifications underway.

As telecom networks embrace cloud-native to power 5G, the importance of Zero Trust has never been greater. A recent assessment of a 5G core network shows why.

From Bluetooth exploits in vehicles to macOS backdoors and GitHub phishing tricks—this week’s threats go deeper than they appear.

The NCSC has warned that there are still a significant number of organizations using Windows 10, which will soon be unsupported with security updates

This week in cybersecurity from the editors at Cybercrime Magazine

While most said XBOW’s capabilities fall short of an existential crisis for human bug hunters and red-team leaders, they also acknowledge that the balance between human and automation in cybersecurity is shifting rapidly underneath the industry’s feet.

Organizations must turn Cyber Governance, Risk, and Compliance (GRC) into executable pipelines, a Microsoft security product manager argues.

Experts devised a new hack targeting Kigen eSIM tech, used in over 2B devices, exposing smartphones and IoT users to serious security risks.

Britain's tax agency and Romanian police combined on an operation to break up a fraud ring that used phishing emails to capture U.K. taxpayer information.

Wondering what Security+ domains are on this certification exam? Look no further—read our article to learn everything you must know about them.

A Kaspersky GERT expert describes the UserAssist Windows artifact, including previously undocumented binary data structure, and shares a useful parsing tool.

Cybercriminals are using sponsored ads and fake news websites to lure victims to investment scams.

Sophos’ Ben Gelman and Sean Bergeron will present their research on enhancing command line classification with benign anomalous data at Las Vegas

Interlock ransomware continues to develop custom tooling and a new RAT has been detected by researchers

Louis Vuitton’s UK business has notified customers of a personal data breach

Spain gives Huawei wiretap contracts, sparking concerns over potential Chinese government access due to Huawei’s links to Beijing.

Operation Chakra-V scores success as a fraud syndicate is busted following the raid of a scam call center operating in Noida, Uttar Pradesh

CBI's Operation Chakra V dismantles a transnational tech support scam targeting UK, Australia. Over £390,000 lost in UK, two arrests made.

L’armée américaine vient de créer une nouvelle unité dédiée aux tech bros : le Detachment 201, alias l’Executive Innovation Corps. Son objectif ? Intégrer directement l'expertise de la Silicon Valley au cœur de ses forces, pour créer un pont entre la technologie civile et les besoins de modernisation militaire aux

A list of topics we covered in the week of July 7 to July 13 of 2025

New eSIM vulnerabilities in Kigen eUICC cards expose billions of IoT devices to potential cyberattacks.

Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware,…

PoC exploits released for critical Fortinet FortiWeb flaw allowing pre-auth RCE. Fortinet urges users to patch.

The search feature for the Windows 10 emoji panel is broken after installing the KB5062554 cumulative update released Tuesday, making it not possible to look up emojis by name or keyword.

Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30.

Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links.

Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs.

NVIDIA urges ECC activation to mitigate GPUHammer, a RowHammer exploit threatening AI accuracy and data integrity on GPUs.

Cybersecurity researchers discovered a vulnerability in McHire, McDonald's chatbot job application platform, that exposed the chats of more than 64 million job applicants across the United States.