Latest CyberSec News by @thecyberpicker

Boston, MA, Jun. 4, 2025, – The Healey-Driscoll administration and Massachusetts Technology Collaborative’s (MassTech) MassCyberCenter awarded $198,542 to four Massachusetts-based programs focused on preparing professionals for the cybersecurity workforce. MassTech provided the funds through the Alternative Cyber Career Education (ACE) Grant Program, a statewide effort to support young adults and retrain existing professionals with alternative options to

Moving to cloud-native architecture and modern platforms is allowing enterprises to automate operations and improve security

The FBI is warning about a new scam where cybercriminals exploit NFT airdrops on the Hedera Hashgraph network to steal crypto from cryptocurrency wallets.

Microsoft a dévoilé le European Security Program, une initiative gratuite visant à renforcer la cybersécurité des Etats européens en combinant...-Cybersécurité

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.

The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.

Google has uncovered a vishing campaign by UNC6040 targeting Salesforce users through fake Data Loader apps.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les

Les arnaques au faux livreur Mondial Relay franchissent un nouveau cap : désormais, les escrocs personnalisent leurs SMS avec le nom et le prénom de la victime, rendant la supercherie d’autant plus crédible. Un piège redoutable, alors que les fuites de données se multiplient et que les usurpations d’identité

The agency has lost roughly 1,000 staffers in the wake of the Trump administration’s workforce cuts, losses that could imperil its ability to protect government computer systems and critical infrastructure.

Experts argue the case for “communities of support” to boost SMB cyber-resilience

Google has released an important update for Chrome, patching one actively exploited zero-day and two other security flaws

Attacks on local governments in the last week caused disruptions in the capital of the Choctaw Nation and Puerto Rico, as well as others.

Researchers at Google said the current campaign involving versions of the Salesforce Data Loader tool has targeted about 20 organizations and is ongoing.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les

Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack.

Experts argue that CISOs should avoid product duplication and simplify their language to ensure budget is spent wisely

Hewlett Packard Enterprise (HPE) addressed multiple flaws in its StoreOnce data backup and deduplication solution.

Chaos RAT malware targets Linux and Windows users via phishing and fake tools, enabling remote control.

UNC6040 uses vishing to impersonate IT support, deceiving victims into granting access to their Salesforce instances.

Details on the voice phishing (vishing) threat, and strategic recommendations and best practices to stay ahead of it.

A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to give the threat actor remote access to infected devices.

Think your passwords are strong enough? AS-REP Roasting is back in the spotlight — and it's targeting weak spots in Active Directory. Learn more from Specops Software how attackers exploit missing Kerberos pre-auth and how to stop them with strong password policies.

Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization's SalesForce platforms.

Agentic AI systems could threaten security and data privacy, unless organizations test each model and component

The parent company of apparel brand The North Face sent data breach notification letters to about 3,000 customer accounts, saying attackers used the technique known as credential stuffing.

Explore event-driven identity systems that enable real-time access decisions, improve security posture, and support zero trust strategies.

This week in cybersecurity from the editors at Cybercrime Magazine

Legacy DLP tools miss 70% of data leaks now happening in-browser across SaaS and AI apps. Learn why this matters.

A phishing campaign spoofing Booking.com has been observed targeting hospitality sector, using ClickFix to install malware