Latest CyberSec News by @thecyberpicker

The Kaleidoscope ad fraud network uses a combination of legitimate and malicious apps, according to researchers.

The state of Texas reached a mammoth financial agreement with Google last week, securing $1.375 billion in payments to settle two lawsuits concerning the use of consumers' data.

The company halted production at various locations and took potentially affected systems offline.

Google is rolling out a change to Chromium that "de-elevates" Google Chrome so it does not run as an administrator to increase security in Windows.

An network intrusion at Nova Scotia Power in March led to a breach of sensitive customer data, the Canadian utility said in an update about the incident.

Rep. Bennie Thompson, D-Miss., leveled that charge at DHS Secretary Kristi Noem at a hearing Wednesday.

Read the new whitepaper from the Microsoft AI Red Team to better understand the taxonomy of failure mode in agentic AI.

Microsoft presents best practices for securing data and optimizing Microsoft Purview implementation, emphasizing the integration of people, processes, and technology.

Microsoft Intune offers secure, cloud-based endpoint management that helps healthcare providers empower frontline staff and improve patient care.

Congratulations to the winners of the Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond.

Hey friends! If you are a developer, you know that writing clean and efficient code is just the starting point. Now, with AI playing a bigger role, secure coding isn't just a 'nice-to-have'—it's a must. Whether you're building web apps, working on cloud services, or adding AI to your projects, keeping your code safe is just as important as getting it out the door.  At Microsoft Build 2025, we’re bringing together some of the most influential security engineers, researchers, and developers to share practical tips and modern best practices to help you ship secure code — faster. Here are 14 quick secure coding tips that will make you a better, more security-savvy developer — and the security sessions @Build where you can learn more from the experts:  🎯 1. Secure AI from the start  Discover how to deliver intelligent apps without sacrificing security. This session covers how to protect against threats across code, secrets, dependencies, and even LLMs. Learn how to use Threat Modeling early in the product lifecycle to identify, assess and address security risks. You’ll learn about developer-focused security tools to deploy with confidence without context switching.  Learn more:  Session: “Shift Left: Secure Your Code and AI from the Start”  With Mark Russinovich, CTO, Deputy CISO and Technical Fellow, Microsoft Azure; Marcelo Oliveira, VP, Product Management, GitHub; Neil Coles, Principal Security Engineer  🧪 2. Use the Wisdom from the Past   Michael Howard - author of the original secure coding book back in 2003 and now a senior director in the Microsoft Red Team - reflects on 25 years of secure code, how the practice has developed and current challenges in secure development. Get ready  for an end-to-end secure coding journey from Bill Gates anecdotes and tips for how you in 2025 can code securely to meet today's security threats.  Learn more:  Session: “Reflections on 25 years of writing secure code”  With Michael Howard, Senior Director, Red Team 📏3. Lock down the data   Microsoft is releasing a set of Purview APIs (+SDK) that will allow partners and customers to integrate their custom AI apps with the Microsoft Purview ecosystem for enterprise grade Data Security and Compliance outcomes. Join this demo session to get the latest.  Learn more:  Session: “Build secure and compliant AI applications with Microsoft Purview”  With Arpitha Dhanapathi, Principal Product Manager  🔚4. Think about security from start to finish   Security can be challenging at the best of times, especially when it’s not your full-time job. In this session, we walk you through the end-to-end deployment of a secure AI application, all the way from identities, VNETS, NSGs, key vault through to prompt shields and data labelling. If you’ve ever felt overwhelmed by trying to do the right thing by security but didn’t know where to start, this session is for you!  Learn more:  Session: “Deploying an end-to-end secure AI application”  With Sarah Young, Principal Security Advocate & Pamela Fox, Principal Cloud Advocate  🤖 5. Play dev-ils advocate    To keep pace with evolving AI risks, organizations need tools to effectively test their AI systems, simulate adversarial attacks, and uncover weaknesses before bad actors can exploit them. Learn how the AI Red Teaming Agent in Azure AI Foundry can help your organization run automated scans for safety risks so you can leverage Microsoft's deep expertise to scale and accelerate your AI development with Trustworthy AI at the forefront.  Learn more:  Session: “Accelerate AI red teaming for your GenAI apps with Azure AI Foundry”  With Minsoo Thigpen, Senior Product Manager & Nagkumar Arkalgud, Senior Software Engineer  🥷6. Skill up on agents   Agents—they’re all anyone is talking about. Join this demo session to learn how to extend security copilot to facilitate security and IT workflows across your environment.  In this demo you will see how to build an agent with supporting components - plugins and KQL queries - and architect it with triggers to automatically run.  Learn more:  Session: “Building Agents with Security Copilot”  With Vinod Jagannathan, Principal Product Manager  🔐7. Get the inside scoop first  One of the pillars of SFI is securing the engineering system. We will explore changes made to Azure DevOps to enable enhanced engineering system security at Microsoft and how customers can use them to better secure their own engineering systems as well.  Learn more:  Session: “Learn How Microsoft secured the Engineering System”  With Karl Piteira, Principal Group Program Manager & Rajesh Ramamurthy, Senior Director, Principal Group Product Management 🚩8. Automate what you can   You don’t have to wait to identify risks. The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems. In this hands-on lab, you will learn how to deploy PyRIT and test it against a variety of AI applications.  Learn more:  Session: “AI security testing with PyRIT”  With Roman Lutz, Responsible AI Engineer & Richard Lundeen, Principal Software Engineering Lead - AI Red Team  ⚙️ 9. Secure APIs    Join us for an engaging and informative session where we delve into the intricacies of API security in the context of AI. We'll examine the unique challenges posed by AI-driven applications and the sophisticated threats that target their APIs. From unauthorized access and data breaches to injection attacks and exploitation of vulnerabilities, the risks are manifold. However, with the right approach, these risks can be effectively mitigated.  Learn more:  Session: “Fortifying AI Frontiers - Securing APIs the path to your AI app”  With Abhi Singh, Director, Global Black Belt - Security & Preetham Anand Naik, Senior Product Manager  🆔 10. Verify explicitly, and automatically  We all know the saying, but we’ve got to put it into practice. Join this session to learn how to enable automated processes to securely onboard and grant resource access for high-privilege users with the Microsoft Entra Suite and MS Graph. Verify the identities of admins, C-level employees, or others who need access to sensitive internet or on-premises resources, and automatically reverify them at regular intervals. Work with a chosen identity verification partner for government ID-based verification that ensures your organization onboards and grants access to the right person.  Learn more:  Session: “Secure onboarding and access with the Microsoft Entra Suite” With Sri Ponnada, Senior Product Manager  ✅11. Apply best practices    Join us for an insightful session on best practices and enablement topics for developing and deploying secure solutions within Business Applications, as part of the Secure Future Initiative (SFI). We will look holistically at Power Platform features for Security under SFI pillars and explore Responsible AI with Purview and Copilot. We will further explore demos, design review checklists on product features under Secure by Design, Secure by Default, and Secure Operations for BizApps Solutions.  Learn more:  Session: “Building Secure Business Apps: Best Practices for Design to Deployment”  With Muhammad Aurangzeb, Senior Partner Solution Architect  🕶️ 12. Use agents for Zero Trust  In this session, you will learn how to build AI Agents using the OpenAI SDK with Assistants and Function Calling for APIs secured by Microsoft Entra ID. This ensures adherence to Zero Trust principles. We will cover the essential steps to set up and configure the OpenAI SDK in a C# environment and demonstrate how to leverage Microsoft Entra ID for secure authentication and authorization.  Learn more:  Session: “Building Secure AI Agents with Microsoft Entra ID”  With Fabian Alves, Senior Product Manager  😶‍🌫️ 13. Secure your apps, secure your people   Learn how to enable automated processes to securely onboard and grant resource access for high-privilege users with the Microsoft Entra Suite and MS Graph. Verify the identities of admins, C-level employees, or others who need access to sensitive internet or on-premises resources, and automatically reverify them at regular intervals. Work with a chosen identity verification partner for government ID-based verification that ensures your organization onboards and grants access to the right person.  Learn more:  Session: “Securing Applications with Microsoft Entra ID”  With Robert Stewart, Senior Specialist  📲 14. Keep it user-friendly for the best results   In the rapidly evolving landscape of mobile application development, achieving pixel-perfect design and robust security is paramount. This lab focuses on the creation of mobile applications integrated via Native Authentication in Microsoft Entra External ID. Participants will explore the intricacies of designing visually precise user interfaces that align seamlessly with their brand while implementing native authentication methods, ensuring secure and efficient user verification processes.  Learn more:  Session: “Creating pixel-perfect mobile apps with Native Authentication” With Joylynn Kirui, Senior Cloud Security Advocate  💬 Come Learn from the People Building the Future  Join these sessions and more at Microsoft Build 2025. Whether you're a junior dev or a senior architect, you'll walk away with real-world tactics to help you build apps that are secure, scalable, and resilient — by design.    👉 Register for Microsoft Build Security Sessions Now » 

Join us in embracing passkeys for secure, passwordless sign-ins. Learn more about our commitment to a safer digital future.

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared our findings with Apple and a fix was released for this vulnerability, now identified as CVE-2025-31191. We encourage macOS users to apply security updates as soon as possible.

Microsoft announces that it will be joining GASA as a Foundation Member. Read about how Microsoft and the other members of GASA hope to stem losses from cyber scams.

Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy chief information security officers share their experiences in cybersecurity and how they are redefining protection.

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. These exploits have resulted in collection of related user data from targets in Iraq. Microsoft […]

Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States.

"US retailers should take note" of recent cyberattacks on British companies, according to Google's Threat Intelligence Group, as the financially motivated collective known as Scattered Spider appears to be connected.

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

Samsung patched CVE-2025-4632, a 9.8 CVSS flaw exploited to deploy Mirai botnet after PoC release.

Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers.

In an 8-K filing with federal regulators, Nucor said the incident involved “unauthorized third party access to certain information technology systems” but did not explain further.

The Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines.

Xinbi enabled $8.4B in Telegram-based transactions since 2022, fueling cybercrime, scams, and crypto laundering.

A cyberattack first detected over Easter weekend has reportedly already cost Marks & Spencer more than £60 million.

Cary, NC, May 14, 2025, CyberNewswire -- INE Security, a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security teams from reactive to proactive defenders. With over 26,000 new CVEs documented in the past year, security teams

This is a current list of where and when I am scheduled to speak: I’m speaking (remotely) at the Sektor 3.0 Festival in Warsaw, Poland, May 21-22, 2025. The list is maintained on this page.

Android Enterprise introduced Device Trust to enhance mobile security on Android devices

The company is carefully ramping up systems and is boosting deliveries to its 2,300 food stores after stock issues.

Five issues actively exploited in the wild, but the real excitement may have been handled in advance