Latest CyberSec News by @thecyberpicker

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years.

How do attackers exploit authority bias to manipulate victims? Martin shares proactive strategies to protect yourself and others in this must-read edition of the Threat Source newsletter.

After paying the hacker a ransom, PowerSchool previously said it believed the incident had been “contained” because the hacker turned over a video showing the data being deleted.

As per a recent FBI warning, criminals are phishing users of payroll, and similar platforms to not only steal their credentials but also their funds.

The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector

The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector

We're rolling out a brand new feature in Malwarebytes for iOS: the ability to block Google sponsored ads directly on Safari.

FreeDrain exploited SEO and free hosting to run 38,000+ phishing pages stealing crypto wallets since 2022.

Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims' activity, and harvesting credentials after breaching their networks.

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks

Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack.

People and organizations across Japan are being inundated with phishing messages from cybercriminals who are using CoGUI, a sophisticated toolkit that lets them avoid detection.

Qilin ransomware led April 2025 with 45 data leaks, driven by NETXLOADER’s stealthy malware delivery method.

SonicWall fixes 3 critical SMA 100 flaws enabling root-level remote code execution via SSL-VPN access.

Several posts on DPRK IT workers infiltrating companies, Sentinel One on fighting off threat actors, Anthropic shares how attackers were using Claude

Federal authorities, including the EPA and the U.S. Department of Energy, urged network defenders to secure remote access and use stronger passwords.

The age of AI guessing our passwords is upon us and we need to change the ways we authenticate and use passwords where we have no alternatives.

Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations.

Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files.

Qilin ransomware led April 2025 with 45 data leaks, driven by NETXLOADER’s stealthy malware delivery method.

Discover key findings from VikingCloud's 2025 SMB Threat Landscape Report, highlighting the cybersecurity challenges and risks faced by small businesses.

This week in cybersecurity from the editors at Cybercrime Magazine

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions

With escalating tariffs and trade tensions reshaping global supply chains, interos.ai breaks down the new threats to financial markets, shipping and geopolitics.

DigiCert survey finds only 5% of global businesses are using post-quantum cryptography

MirrorFace deployed ROAMINGMOUSE and updated ANEL malware in March 2025 to target Japan and Taiwan's government systems

61% of orgs suffered breaches despite 43 tools; misconfigured controls + lack of validation fuel failure.

Explore key insights from auditing and implementing ISO 42001, the international standard guiding responsible AI development and risk management.

Meta has won almost $170m in damages from Israel-based NSO Group, maker of the Pegasus spyware.

SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks