Latest CyberSec News by @thecyberpicker

The Skype video call and messaging service is shutting down today, 14 years after replacing Microsoft's Windows Live Messenger.

Le gouvernement américain a fait appel à la société israélienne TeleMessage pour utiliser une version détournée de l'application Signal, qui...-Cybersécurité

Deepfakes are now mimicking heartbeats In a nutshell Recent research reveals that high-quality deepfakes unintentionally retain the heartbeat patterns from their source videos, undermining traditional detection methods that relied on detecting subtle skin color changes linked to heartbeats. The assumption that deepfakes lack physiological signals, such as heart rate, is no longer valid. This challenges many existing detection tools, which may need significant redesigns to keep up with the evolving technology. To effectively identify high-quality deepfakes, researchers suggest shifting focus from just detecting heart rate signals to analyzing how blood flow is distributed across different facial regions, providing a more accurate detection strategy...

Following three high-profile cyberattacks impacting major UK retailers, the country's National Cyber Security Centre (NCSC) has published guidance that all companies are advised to follow to strengthen their cybersecurity defenses.

This week on the Lock and Code podcast, we speak with Emanuel Maiberg and Jason Koebler about Overwatch, an AI chatbot tool sold to US police.

The generative AI early adopter has worked to improve data management as it aims for better model accuracy and performance to bolster decision-making.

Pour les French Days, NordVPN propose des promotions sur l'ensemble de ses abonnements. Comme à son habitude, le fournisseur de VPN frappe fort et propose jusqu’à –73 % et surtout, quatre mois offerts. Les VPN sont de plus en plus appréciés pour surfer l'esprit tranquille sur la plupart de vos appareils connectés.

This week in cybersecurity from the editors at Cybercrime Magazine

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell.

Stolen credentials remain the top attack vector + Google’s MFA and access controls reduce breach risk + Identity is now the true security perimeter.

Nation-state intrusions. Deepfake-ready malware. AI-powered influence ops. New CVEs, old threats reborn, and spyware with global reach.

Look at evolving compliance challenges and how secure Managed File Transfer (MFT) is helping organizations keep up with stringent standards.

Microsoft has silently fixed an issue that broke Start Menu jump lists for all apps on systems running Windows 10, version 22H2.

​Microsoft announced over the weekend that the Windows 11 24H2 update is ready to roll out to all compatible PCs, excluding those with safeguard holds.

Ireland’s data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users’ data to China

Drowning in spreadsheets for access reviews? There’s a smarter solution.

SAN FRANCISCO — The cybersecurity industry showed up here in force last week: 44,000 attendees, 730 speakers, 650 exhibitors and 400 members of the media flooding Moscone Convention Center in the City by the Bay. Related: RSAC 2025 by the numbers Beneath the cacophony of GenAI-powered product rollouts, the signal that stood out was subtler:

Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark”

Golden Chickens launch TerraStealerV2 and TerraLogger; both still developing but actively steal data via OCX payloads.

Fastest growing type of cybercrime is expected to attack a business, consumer, or device every 2 seconds by 2031

OpenAI admitted that it can be confusing for users to choose between all the different models, but the company has quietly published a document that makes it easier to understand ChatGPT.

The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

DEF CON Training 2025 will be located at: Las Vegas Convention Center.3150 Paradise Rd Las Vegas, NV 89109 Jeff Moss and Seeyew Mo will host an evening social mixer for trainers and students on August 11. This will be a great opportunity to network and discuss cybersecurity and policy. Please email for wire payment ins

Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025.

Google NotebookLM, which is a research and note-taking AI tool, is getting upgraded to Gemini 2.5 Flash.

Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State

Malicious Go and PyPI packages use Gmail and wget to exfiltrate data, wipe Linux disks, and hijack crypto credentials.

L’arme nucléaire, du fait des conséquences désastreuses qu’entraînerait son emploi, est vouée à rester un élément de dissuasion. Si la menace du recours à cette arme ultime est fréquemment brandie côté russe, il n’en demeure pas moins que les responsables au Kremlin ont pleinement conscience des coûts pratiquement