Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31344 bookmarks
Custom sorting
Supply chain attack hits Gluestack NPM packages with 960K weekly downloads
Supply chain attack hits Gluestack NPM packages with 960K weekly downloads
A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT).
·bleepingcomputer.com·
Supply chain attack hits Gluestack NPM packages with 960K weekly downloads
MY TAKE: Are we ‘Super f**cked’ by agentic AI? — debate gets 10 million + views on YouTube
MY TAKE: Are we ‘Super f**cked’ by agentic AI? — debate gets 10 million + views on YouTube
The day after my column dissecting Chris Sacca's viral outburst went live—his now-notorious claim that we are "super f**ked" by artificial intelligence—I stumbled onto another AI conversation that had already amassed over 10 million views: a roundtable debate hosted by Steven Bartlett on his widely watched YouTube show, Diary of a CEO. Related: Ordinary folks
·lastwatchdog.com·
MY TAKE: Are we ‘Super f**cked’ by agentic AI? — debate gets 10 million + views on YouTube
Trump cyber executive order takes aim at prior orders, secure software, more | CyberScoop
Trump cyber executive order takes aim at prior orders, secure software, more | CyberScoop
President Donald Trump signed an executive order Friday that the White House says promotes developing secure software, adopting the latest encryption protocols, securing internet routing and rolling back parts of two executive orders.
·cyberscoop.com·
Trump cyber executive order takes aim at prior orders, secure software, more | CyberScoop
Hearing on the Federal Government and AI - Schneier on Security
Hearing on the Federal Government and AI - Schneier on Security
On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled “The Federal Government in the Age of Artificial Intelligence.” The other speakers mostly talked about how cool AI was—and sometimes about how cool their own company was—but I was asked by the Democrats to specifically talk about DOGE and the risks of exfiltrating our data from government agencies and feeding it into AIs. My written testimony is here. Video of the hearing is here.
·schneier.com·
Hearing on the Federal Government and AI - Schneier on Security
Arnaque mondiale au recrutement : les USA traquent de faux développeurs Nord-Coréens
Arnaque mondiale au recrutement : les USA traquent de faux développeurs Nord-Coréens
Le DĂ©partement de la Justice amĂ©ricain (DOJ) a dĂ©posĂ© une plainte pour geler plus de 7,7 millions de dollars sous la forme de cryptomonnaies, NFT et autres actifs numĂ©riques. Une somme relativement modeste, mais qui cache un plus vaste rĂ©seau international de blanchiment d’argent orchestrĂ© par la CorĂ©e du Nord. Le
·numerama.com·
Arnaque mondiale au recrutement : les USA traquent de faux développeurs Nord-Coréens
Microsoft shares script to restore inetpub folder you shouldn’t delete
Microsoft shares script to restore inetpub folder you shouldn’t delete
Microsoft has released a PowerShell script to help restore an empty 'inetpub' folder created by the April 2025 Windows security updates if deleted. As Microsoft previously warned, this folder helps mitigate a high-severity Windows Process Activation privilege escalation vulnerability.
·bleepingcomputer.com·
Microsoft shares script to restore inetpub folder you shouldn’t delete
OpenAI forced to preserve ChatGPT chats
OpenAI forced to preserve ChatGPT chats
ChatGPT developer Open AI has been ordered to maintain user chats as it battle a lawsuit from The New York Times and other publishers.
·malwarebytes.com·
OpenAI forced to preserve ChatGPT chats
Avec son nouveau "Cyber Blueprint", l’UE muscle sa gestion des crises cyber
Avec son nouveau "Cyber Blueprint", l’UE muscle sa gestion des crises cyber
Face à l'accroissement des menaces cyber, l'Union européenne révise son "Cyber Blueprint". Adopté par le Conseil de l'UE, ce cadre stratégique...-CybersĂ©curitĂ©
·usine-digitale.fr·
Avec son nouveau "Cyber Blueprint", l’UE muscle sa gestion des crises cyber
Kettering Health confirms Interlock ransomware behind cyberattack
Kettering Health confirms Interlock ransomware behind cyberattack
Healthcare giant Kettering Health, which manages 14 medical centers in Ohio, confirmed that the Interlock ransomware group breached its network and stole data in a May cyberattack.
·bleepingcomputer.com·
Kettering Health confirms Interlock ransomware behind cyberattack
In the Beginning, Before Zero Trust | CSA
In the Beginning, Before Zero Trust | CSA
Not all visions can predict the future. That future is now, and cybersecurity needs to reinvent itself. Zero Trust is the solution.
·cloudsecurityalliance.org·
In the Beginning, Before Zero Trust | CSA
Report on the Malicious Uses of AI - Schneier on Security
Report on the Malicious Uses of AI - Schneier on Security
OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations and scams. These operations originated in many parts of the world, acted in many different ways, and focused on many different targets. A significant number appeared to originate in China: Four of the 10 cases in this report, spanning social engineering, covert influence operations and cyber threats, likely had a Chinese origin. But we’ve disrupted abuses from many other countries too: this report includes case studies of a likely task scam from Cambodia, comment spamming apparently from the Philippines, covert influence attempts potentially linked with Russia and Iran, and deceptive employment schemes...
·schneier.com·
Report on the Malicious Uses of AI - Schneier on Security
La vĂ©ritĂ© derriĂšre l’autopen de Joe Biden qui affole les pro-Trump
La vĂ©ritĂ© derriĂšre l’autopen de Joe Biden qui affole les pro-Trump
La rĂ©cente enquĂȘte rĂ©clamĂ©e par Donald Trump sur l’utilisation de l’autopen par Joe Biden a relancĂ© les dĂ©bats autour de cette technologie ancienne, pourtant mĂ©connue. Alors que les partisans de Trump y voient une preuve de « dĂ©cadence cognitive », un rapide retour en arriĂšre sur le fonctionnement et l'histoire de
·numerama.com·
La vĂ©ritĂ© derriĂšre l’autopen de Joe Biden qui affole les pro-Trump
How to build a robust Windows service to block malware and ransomware
How to build a robust Windows service to block malware and ransomware
Designing a security-focused Windows Service? Learn more from ThreatLocker about the core components for real-time monitoring, threat detection, and system hardening to defend against malware and ransomware.
·bleepingcomputer.com·
How to build a robust Windows service to block malware and ransomware
Critical Fortinet flaws now exploited in Qilin ransomware attacks
Critical Fortinet flaws now exploited in Qilin ransomware attacks
The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely.
·bleepingcomputer.com·
Critical Fortinet flaws now exploited in Qilin ransomware attacks
How Zero Trust Can Save You from the Next Data Breach | CSA
How Zero Trust Can Save You from the Next Data Breach | CSA
Relying solely on perimeter defenses for data security is no longer sufficient against modern cyber threats. The Zero Trust model addresses this challenge.
·cloudsecurityalliance.org·
How Zero Trust Can Save You from the Next Data Breach | CSA