Demystifying Integrations: APIs, Connectors, & Agents | CSA
Define the components of Data Security Posture Management (DSPM), including APIs, connectors, collectors, agents, & agent-less. Learn when to use each of them.
Latest CyberSec News by @thecyberpicker
EU Launches Free Entry-Level Cyber Training Program
She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry
Defense contractors get a head start on CMMC audits
Software investments, infrastructure upgrades and compliance documentation topped the list of Cybersecurity Maturity Model Certification (CMMC) implementation costs, a new survey shows.
Moldova arrests suspect in ransomware attacks targeting Dutch firms
A 45-year-old man arrested in Moldova is charged with a string of cybercrimes against Dutch entities in 2021.
Airline carrying out deportation flights confirms cyberattack to SEC
An airline involved in deportation flights on behalf of the Trump administration confirmed reports of a cybersecurity incident with the SEC on Friday.
Husband Hacks Scammers Who Targeted His Wife, Gave USPS Investigators Info
This week in cybersecurity from the editors at Cybercrime Magazine
⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
State hackers. Fake updates. Compromised software tools. Read the full recap.
Fears 'hackers still in the system' leave Co-op shelves running empty across UK
U.K. retailer Co-op is still having trouble with keeping grocery shelves stocked as it continues to respond to an attempted cyberattack that forced it to shut down some systems two weeks ago.
FreeDrain Phishing Scam Drains Crypto Hobbyists' Wallets
A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That
Most secrets exposed since 2022 remain valid in 2025, exposing cloud systems to long-term attacks.
Understanding Agentic AI Risks | CSA
Explore the risks and security challenges of agentic AI and its implications for modern organizations.
A week in security (May 4 – May 10)
A list of topics we covered in the week of May 4 to May 10 of 2025
Florida Backdoor Bill Fails - Schneier on Security
A Florida bill requiring encryption backdoors failed to pass.
Le Mexique traîne Google en justice à cause du « golfe d’Amérique » affiché sur Google Maps
Le Mexique attaque Google en justice : le pays reproche à l'entreprise d'avoir renommé le golfe du Mexique en golfe d'Amérique aux États-Unis. Un changement qui fait suite à un décret signé par Trump renommant le golfe. Dès son investiture le 20 janvier dernier, Donald Trump a signé tout un tas de décrets. Parmi eux,
Japanese Account Hijackers Make $2bn+ of Illegal Trades
Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market
Passwordless authentication: Where security meets productivity
Say goodbye to password fatigue. Say hello to a more secure, efficient future.
German Police Shutter “eXch” Money Laundering Service
Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
Noodlophile malware spreads via fake AI editing tools promoted on social media, hitting 62K+ users.
Bluetooth 6.1 enhances privacy with randomized RPA timing
The Bluetooth Special Interest Group (SIG) has announced Bluetooth Core Specification 6.1, bringing important improvements to the popular wireless communication protocol.
https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
ChatGPT is finally adding Download as PDF for Deep Research
ChatGPT's Deep Research, which allows you to conduct multi-step research for complex tasks, is finally getting an option to save the report as a PDF.
Fake AI video generators drop new Noodlophile infostealer malware
Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called 'Noodlophile,' under the guise of generated media content.
Microsoft Teams will soon block screen capture during meetings
Microsoft is working on adding a new Teams feature that will prevent users from capturing screenshots of sensitive information shared during meetings.
MY TAKE: Beyond agentic AI mediocrity — the real disruption is empowering the disenfranchised
Is agentic AI accelerating mediocrity? Plenty of folks on LinkedIn seem to think so. Related: The 400th journalist A growing chorus of academics, tech workers, and digital culture watchers are pointing out the obvious: the more we prompt, the more we flatten. Across marketing, B2B, and even journalism, GenAI is churning out clean, inoffensive, structurally
SAP NetWeaver exploitation enters second wave of threat activity
Researchers are tracking hundreds of cases around the world and warning that the risk is more serious than previously known.
NSO Group condamné, malware russe contre l'Europe… Les 5 actus cyber de la semaine
L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, la...-Cybersécurité
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data
German police seized eXch on April 30, confiscating €34M in crypto over $1.9B laundering links.
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
Google fined $1.375B by Texas for secretly tracking location and biometric data without user consent.
SonicWall customers confront resurgence of actively exploited vulnerabilities | CyberScoop
The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.
Friday Squid Blogging: Japanese Divers Video Giant Squid - Schneier on Security
The video is really amazing. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.