Latest CyberSec News by @thecyberpicker

Learn how to adopt the NIST AI Risk Management Framework to build trustworthy AI systems and streamline compliance with automation tools.

Reddit has announced more Artificial Intelligence powered tools to help advertisers. But do users care for it?

interos.ai launches itariffs to help supply chain and finance leaders identify and act on tariff risk faster.

Microsoft’s Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe

Langflow’s RCE flaw is under active attack, infecting servers with Flodrix botnet malware via public PoC. Unpatched AI apps remain at risk.

TP-Link and Zyxel router flaws are under active attack, affecting global users and federal systems. Urgent updates needed.

New City of London Police data reveals British men and women lost over £100m to romance fraudsters in 2024

Archetyp, immense plateforme de vente de drogue en ligne, active depuis 2020, a été démantelée lors d’une vaste opération internationale baptisée Deep Sentinel, coordonnée par l’Office fédéral de la police criminelle allemande et Europol. 600 000 utilisateurs, 3 200 vendeurs et près de 17 000 annonces : ce sont les

State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post.

Meta rolls out ads on WhatsApp Status using limited data like location and language, raising privacy questions.

At interos.ai, we’re passionate about driving innovation and resiliency in the global supply chain. That’s why we were proud to honor the achievements of wo

Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant.

The U.S. State Department said it is looking for information on hackers linked to Iran's Islamic Revolutionary Guard Corps.

Researchers warn that Iran-aligned threat groups could soon target U.S. companies and individuals in cyber espionage or sabotage attacks.

The warning from Google researchers follows a recent incident at Erie Insurance, although the perpetrators of that attack have not been identified.

Threat intelligence researchers are warning of hackers breaching multiple U.S. companies in the insurance industry using all the tactics observed with Scattered Spider activity.

U.S. DoJ seizes $7.74M in crypto linked to North Korean IT worker scheme exploiting AI, fake IDs, and BYOD loopholes.

A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines.

This week on the Lock and Code podcast, we revisit a 2024 interview with Dr. Jean Twenge about smartphones and the teen mental health crisis.

The SEC is pulling back cybersecurity regulations for investment companies and investment advisers proposed under the Biden administration.

A burst of global law enforcement actions during the past few weeks marked by a flurry of successful takedowns gives cybercrime experts a jolt of hope.

Archetyp Market facilitated high-volume sales of fentanyl, cocaine, MDMA, amphetamines and synthetic opioids since 2020, according to authorities.

Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix

Operation DEEP Sentinel has shut down Archetyp Market, the longest-running dark web drug marketplace

Kali Linux 2025.2, the second release of the year, is now available for download with 13 new tools and an expanded car hacking toolkit.

Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government.

The commission offered no rationale for removing rules that would have imposed security requirements on financial services providers.

Malware-laced PyPI and npm packages steal developer credentials, CI/CD data, and crypto wallets. Attacks target macOS, AI workflows, and cloud setups

Anubis ransomware encrypts and erases data, leaving no recovery options for targeted industries.

The Bengaluru-based company told investors that it initially became aware of the breach on June 9.