Latest CyberSec News by @thecyberpicker

The law’s expiration in September could jeopardize a wide range of information-sharing partnerships that have helped catch and thwart cyberattacks in the U.S.

Un pirate informatique affirme avoir récupéré plus de 89 millions de comptes Steam, soit deux tiers des comptes existants. Si elle s'avère véridique, il s'agirait d'une des plus grandes fuites de comptes du jeu vidéo. Ce pirate du nom de Machine1337 a-t-il réellement piraté Steam ? C'est en tout cas ce qu'il affirme

Une fuite pourrait avoir affecté la plateforme de jeux vidéo Steam. En raison du nombre de comptes potentiellement affectés, il est préférable de s'assurer que les bonnes pratiques de sécurisation sont appliquées pour protéger son profil. C'est une alerte à laquelle les internautes ayant un compte Steam devraient

New phishing tactics are abusing trusted domains, real CAPTCHAs, and server-side email validation to selectively target victims with customized fake login pages. Keep Aware's latest research breaks down the full attack chain and how these zero-day phish operate.

A cybersecurity incident on Nucor Corporation's systems forced the company to take offline parts of its networks and implement containment measures.

La maison de mode française a prévenu ses clients qu'un tiers non autorisé avait accédé à certaines données clients, parmi lesquelles des...-Cybersécurité

L'application "France Identité" a atteint les deux millions d'utilisateurs. Permettant de prouver son identité, elle offre un portefeuille de...-Identité numérique

CISA paused plans to overhaul its advisory system after backlash from the infosec community

Meta Mirage phishing attack exploits 14,000+ URLs via cloud hosts, stealing credentials and ad accounts.

A Russian military cadet reportedly developed an algorithm that could bypass the protective infrastructure of law enforcement software and gain access to restricted data.

A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018.

House of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information.

ISO 42001 mandates numerous requirements for the establishment, operation, monitoring, maintenance, and improvement of an organization’s AI management system.

Cary, North Carolina, 14th May 2025, CyberNewsWire

This week in cybersecurity from the editors at Cybercrime Magazine

Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond…

While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods

Google has extended its Advanced Protection features to Android devices. It’s not for everybody, but something to be considered by high-risk users. Wired article, behind a paywall.

This guide helps you assess the current state of your MFT security strategy. Build an unbreachable fortress around your MFT operations.

Horabot malware campaign hits Latin America via invoice lures, steals data from 8+ browsers, and spreads using Outlook.

18% breach increase in 2025 driven by 34% rise in exploited flaws, exposing cloud, infra sectors.

Earth Ammit breached drone supply chains in VENOM and TIDRONE campaigns (2023–2024), compromising military targets via ERP software.

The CVE program narrowly avoided shutdown after a funding crisis, prompting calls for alternative models and renewed debate about the future of global vulnerability management in cybersecurity.

Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang

Fortinet fixed a critical remote code execution zero-day actively exploited in attacks targeting FortiVoice enterprise phone systems.

Microsoft patched 78 flaws, including 5 exploited zero-days, prompting CISA mandates for June 3 fixes.

Over the past year, we’ve been hard at work making Burp Suite Professional faster, smarter, and more powerful than ever before. From the launch of Burp AI to major performance upgrades, there's never

Microsoft has patched seven zero-day bugs, five of which were exploited in the wild

Ivanti patched CVE-2025-4427 and CVE-2025-4428 in EPMM after limited exploitation + On-prem only risk.