Latest CyberSec News by @thecyberpicker

A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect dev's devices with infostealers and backdoors.

  The cloud-native application protection platform (CNAPP) market continues to evolve rapidly as organizations look to secure increasingly complex cloud environments. In the recently published IDC MarketScape: Worldwide CNAPP 2025 Vendor Assessment, Microsoft has been recognized as a Leader. We believe this recognition reaffirms Microsoft’s commitment to delivering comprehensive, AI-powered, and integrated security solutions for multicloud environments.     IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of technology and suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each supplier’s position within a given market. The Capabilities score measures supplier product, go-to-market and business execution in the short-term. The Strategy score measures alignment of supplier strategies with customer requirements in a 3-5-year timeframe. Supplier market share is represented by the size of the icons. Why Microsoft was recognized The IDC MarketScape noted the following strengths for Microsoft: “Defender for Cloud provides visibility into cloud attacks across the entire environment, from enterprise endpoints and exposed identities to on-premises secrets. This holistic approach examines attack vectors inside and outside the cloud. Prebreach posture graphs are integrated with live incidents, offering exposure risk assessment through blast radius analysis.” “Microsoft Defender for Cloud was also recognized for providing detailed threat analytics, combining information from various sources to create comprehensive attack paths, helping understand the severity of alerts in context, and making it easier to prioritize and respond to threats. Additional commentary addressed Security Explorer and automatic detection of sensitive data without additional configuration, enhancing the security posture by providing valuable insights and automating critical security tasks.” “Customers also highlighted the strong partnership with Microsoft, which includes dedicated support and consulting, ensuring quick resolution of issues and access to experts for optimal product use.” Key Advice for CNAPP Buyers As cloud security needs grow, selecting the right CNAPP solution means looking beyond vendor consolidation. Here are some of the key areas the IDC MarketScape advises buyers to prioritize: “Integration and enrichment of existing security data: Choose a CNAPP vendor that can easily integrate with your current deployments. The value lies in how the solution enriches your existing security data, providing deeper insights and more comprehensive protection.” “Comprehensive capabilities: Look for a solution that offers robust monitoring and reporting on cloud security posture, runtime, and application security. The goal is to select a platform based on its aggregate capabilities rather than merely reducing the vendor footprint.” “Ease of setup and support: Note that many vendors provide extensive support and make the initial setup straightforward with minimal technical effort required. However, the real value comes from planning and strategizing with stakeholders to ensure that the implementation aligns with your organizational goals.” In conclusion Defender for Cloud’s comprehensive approach blends proactive risk management, real-time monitoring, and integrated threat protection. This makes it a strong CNAPP solution for organizations seeking to future-proof their cloud security investments. For buyers navigating this dynamic market, aligning platform capabilities with operational needs, compliance demands, and long-term cloud strategies is essential. Microsoft’s CNAPP strategy, backed by a powerful ecosystem and customer-centric support model, offers a compelling path forward. Learn more Download the report excerpt here.  Visit our solution webpage to learn more about Microsoft’s CNAPP solution.    

Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks.

Google has released Gemini 2.5 Pro-powered Gemini CLI, which allows you to use Gemini inside your terminal, including Windows Terminal.

Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition.

WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive.

New research shows 9% of Microsoft Entra SaaS apps are vulnerable to nOAuth abuse, allowing full account takeovers.

La scène cyber française vient de connaître un séisme : 4 jeunes hackers sont soupçonnés d’avoir administré le célèbre site cybercriminel Breach Forums. Ils ont été interpellés, le 25 juin 2025, par la Brigade de lutte contre la cybercriminalité (BL2C) de la préfecture de police de Paris.  La chute de Breach Forums

A Deeper Look at The Strait of Hormuz and Future Conflict Assessment

Threat researchers warn the flaw could open up a flood of attacks that rival the 2023 CitrixBleed crisis.

Data management company Rubrik announced plans Wednesday to acquire artificial intelligence startup Predibase.

Citrix releases urgent patches for CVE-2025-6543 in NetScaler ADC, a critical flaw affecting multiple versions. CVSS score 9.2.

A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed "CitrixBleed 2," after its similarity to an older exploited flaw that allowed unauthenticated attackers to hijack authentication session cookies from vulnerable devices.

Recent federal cuts, reorganizations and other disruptions have alarmed industry leaders, who say the government is a less reliable partner even as cyber threats increase.

The settlement, which has received preliminary clearance, now awaits a December hearing for final approval.

The threat actor used a combination of open-source and publicly available tools to establish their attack framework

A cybercrime group's attack against a London-based pathology service last year was one of the "contributing factors" in the death of a patient, U.K. officials said.

Several suspects tied to the cybercrime site BreachForums have been arrested in France, according to a local news report, including alleged administrators known as ShinyHunters and Intelbroker.

NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software

The number of devices infected by LapDogs is smaller than other ORBs, but that is likely by design, according to SecurityScorecard researchers.

The Glasgow City Council announced that it was affected by an incident “disrupting a number of online services and which may have involved the theft of customer data.”

The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions.

Answers to additional audience questions from this BSidesSF 2025 panel on scaling security impact by building essential partnerships across teams

Ni tout à fait aérienne, ni pleinement spatiale, la Très Haute Altitude (THA) est désormais au cœur des stratégies militaires françaises. Une ambition concrétisée le 23 juin 2025, par un exercice militaire de grande ampleur. Mais où en est réellement la France dans la course à la THA ? Les images de Rafale et de

Semperis estimates that at least 15,000 enterprise SaaS applications are still vulnerable to a flaw discovered in 2023

Two critical flaws in SAP GUI expose sensitive data. Patches now available for Windows and Java versions.

The challenge of identity management for AI agents centers on the question: What kind of identity should your AI agent possess?

Two SAP GUI vulnerabilities have been identified exposing sensitive data due to weak encryption in input history features

Data brokers that have registered in one state are failing to register in other states. What could be behind this?

This week in cybersecurity from the editors at Cybercrime Magazine