Latest CyberSec News by @thecyberpicker

An affidavit unsealed in Washington, D.C., alleges that the two “targeted vulnerable children online, coercing them into producing degrading and explicit content under threat and manipulation."

Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn't gain access to customer backup data.

Kristi Noem said the agency should be focused on securing critical infrastructure.

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment

The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024.

Microsoft has announced plans to expand cloud and AI infrastructure in the EU, increasing data center capacity by 40% by 2027

C'est une première. La France a décidé de désigner la Russie comme responsable de plusieurs attaques informatiques. Paris en profite pour dénoncer l'hostilité de la Russie dans le cyberespace, et cela depuis au moins dix ans. C'est une prise de parole forte, mais qui traduit bien la lassitude et l'agacement des

Frankfurt, Apr.30, 2025, CyberNewswire – Link11, DOSarrest, and Reblaze have combined their strengths into a single, integrated platform with a new brand identity. The result: a consistent user experience, maximum efficiency, and seamless security. As a European provider, Link11 addresses the current business risks associated with geopolitical uncertainties and growing compliance requirements. At the same

Microsoft multiplie les signaux d’apaisement à destination de l’Europe. En marge d’une visite à Bruxelles, son président Brad Smith a présenté...-Cloud

A financially motivated group tracked as Hive0117 recently attacked multiple Russian industries with a retooled version of DarkWatchman malware, researchers said.

MAESTRO, an AI-centric threat modeling approach, can be used to identify potential risks in implementations of Google's A2A (Agent-to-Agent) protocol.

France blames Russia-linked APT28 for cyberattacks targeting or compromising a dozen French government bodies and other entities.

RomCom RAT uses bulletproof hosting and encrypted C2 for stealth; PRODAFT links it to Russian-speaking APT Nebulous Mantis.

Fake emails pretending to come from the US Social Security Administration try to get targets to install ScreenConnect for remote access.

British supermarket chain Co-op Food has confirmed to BleepingComputer via a statement that it has suffered limited operational disruption as it responds to a cyberattack.

Polish authorities accused the gang of defrauding dozens of victims out of nearly $665,000.

The Co-op stores, quick commerce operations and funeral homes are trading as usual

According to a Co-op spokesperson, the firm detected “attempts to gain unauthorised access to some of our systems” and as such had “taken proactive steps to keep our systems safe."

Kristi Noem said the Trump administration is introducing reforms to ensure CISA is focusing on the core security functions it was created for

​Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner.

Learn how understanding the difference between technical debt and technical challenges can lead to smarter, faster decision-making for your organization.

1000s of pentesters are currently using Burp AI features to hack smarter by eliminating tedious tasks and delivering instant insights, right inside Burp Suite. Security Researcher John Hammond took Bu

Tokyo-based Kintetsu World Express, which specializes in freight forwarding, said a ransomware attack had disrupted some systems.

Recorded Future News sat down with the deputy assistant director of the FBI’s cyber division at the RSA Conference to talk about the latest updates in countering China-linked hackers.

Spellbinder used since 2022 to hijack Chinese software updates via IPv6 spoofing, enabling AitM attacks.

AI-powered impersonation is exploiting weak identity recovery and enrollment processes—learn how to secure them.

The legislation mandates a probe into foreign-made routers to identify risks for US national security

4chan confirms service restoration after a 2-week outage following a cyberattack that leaked its source code, email IDs, and other details.

Meta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. We have a procedural ruling: Under the order, NSO Group is prohibited from presenting evidence about its customers’ identities, implying the targeted WhatsApp users are suspected or actual criminals, or alleging that WhatsApp had insufficient security protections. […] In making her ruling, Northern District of California Judge Phyllis Hamilton said NSO Group undercut its arguments to use evidence about its customers with contradictory statements...

While CNAPPs continue to evolve, application security teams don’t need to wait for vendors to catch up. Here’s what you can do today to bridge the security gap.