Latest CyberSec News by @thecyberpicker

The Human Resources domain of the CCM helps organizations manage risks associated with insider threats by defining policies for the employee lifecycle.

The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense.

Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories.

This is a weird story: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. […] Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said. Reuters was unable to determine how many solar power inverters and batteries they have looked at...

The SOC has long been the enterprise’s first line of defense. But despite years of investment in threat feeds and automation platforms, the same question persists: why does intelligence still struggle to translate into timely action? Related: IBM makes the AI speed argument for SOCs The 2023 disclosure of Volt Typhoon was a case in

La justice commence à pousser les fournisseurs de VPN à agir pour empêcher l'accès des internautes à des sites bloqués en France. Avec comme objectif de contrer la possibilité de regarder du sport (comme des matchs de foot) sur des sites proposant du streaming pirate. C'est l'extension du domaine de la lutte, mais

The CFPB has decided to withdraw a 2024 rule that was aimed at limiting the sale of Americans’ personal information by data brokers.

In an open letter, NHS suppliers were warned that ransomware incidents have been getting more severe and frequent in recent months.

This week in cybersecurity from the editors at Cybercrime Magazine

Here’s why CIOs must lead post-quantum cryptography adoption in 2025 to secure digital assets and future-proof organizations.

A privacy advocacy group has clapped back at Meta over its plans to start training its AI model on European users' data.

Explore how the NIST Cybersecurity Framework (CSF) 2.0 offers organizations a structured path to building cyber resilience in the modern cyber-scape.

HTTPBot launched 200+ targeted DDoS attacks in April 2025 using browser-mimicking tactics to bypass defenses.

The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials

Meta plans to train AI on EU user data from May 27 without consent; privacy group noyb threatens lawsuit over lack of explicit opt-in.

Navigating the High Stakes of Escalation, Kashmir's Artisan Legacy, and Disrupted Global Commerce

An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions

AI classification, zero trust, and centralized DLP drive stronger data protection and compliance in dynamic environments.

In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim's webmail page

Coinbase, l’une des plus grandes plateformes de cryptomonnaies au monde, a été victime d’un piratage sophistiqué. Face à une demande de rançon de 20 millions de dollars et une fuite de données sensibles, l’entreprise a décidé de retourner la menace contre ses auteurs : elle propose la même somme à quiconque permettra

La plateforme d'échange de cryptomonnaies Coinbase a été victime d'une cyberattaque orchestrée par des agents de support corrompus, ayant...-Cybersécurité

Intel CPUs found vulnerable to multiple Spectre-style flaws, including BPI, leaking memory at 17 Kb/s.

Twelve more suspects were charged in a RICO conspiracy for their alleged involvement in the theft of over $230 million in cryptocurrency and laundering the funds using crypto exchanges and mixing services.

New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024

On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser.

Remcos RAT deployed via fileless PowerShell attacks using LNK files and MSHTA.exe, evades disk-based defenses.

Google released emergency security updates to fix a Chrome vulnerability that could lead to full account takeover.

80% of cloud exposures go undetected due to siloed security teams—learn how unifying tools cuts response time.

ChatGPT is testing support for Model Context Protocol (MCP), which will allow the AI to connect to third-party services and use them as context.

Proofpoint has entered into an agreement to acquire Hornetsecurity Group, a Germany-based provider of Microsoft 365 security services.