Latest CyberSec News by @thecyberpicker

These 3 cybersecurity threats may not be the most sophisticated, but they're the most effective—and serious—threats for small businesses.

​AI enables attackers to craft convincing scams at scale, using deepfakes and typosquatting to bypass traditional defenses. Proactive AI security is essential.​

NDR solutions uncover hidden threats missed by legacy tools by analyzing encrypted traffic, lateral movement, and blind spots.

Claude AI orchestrated 100 fake personas in global influence campaigns + enabled malware, scams, and brute-force attacks.

Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google's security team this week.

AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too.

Phishing attacks deliver DarkWatchman and Sheriff malware; targets span Russia, Ukraine, Baltics, with stealth and persistence tactics.

95–98% of AppSec alerts are noise — wasting time, straining dev teams, and weakening real threat response

The ICO has decided not to fine the British Library for a 2023 ransomware breach

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances.

Commvault confirms Azure breach via CVE-2025-3928 zero-day + no data loss + CISA mandates patch by May 19.

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community

The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event

SonicWall confirms wild exploitation of CVE-2023-44221 and CVE-2024-38475 in SMA100 devices, risking file access and session hijacking.

A China-aligned APT threat actor named "TheWizards" abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware.

Security leaders at Mandiant and Google Cloud say nearly every major company has hired or received applications from North Korean nationals working on behalf of the country’s regime.

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors…

A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it.

The remarks came at a House subcommittee hearing where the Salt Typhoon breaches were fresh on lawmakers’ minds.

Staffers on the House Committee on Homeland Security indicate that workforce challenges, both within government and the private sector, demand immediate attention.

Hey friends! If you are a developer, you know that writing clean and efficient code is just the starting point. Now, with AI playing a bigger role, secure coding isn't just a 'nice-to-have'—it's a must. Whether you're building web apps, working on cloud services, or adding AI to your projects, keeping your code safe is just as important as getting it out the door.  At Microsoft Build 2025, we’re bringing together some of the most influential security engineers, researchers, and developers to share practical tips and modern best practices to help you ship secure code — faster. Here are 14 quick secure coding tips that will make you a better, more security-savvy developer — and the security sessions @Build where you can learn more from the experts:  🎯 1. Secure AI from the start  Discover how to deliver intelligent apps without sacrificing security. This session covers how to protect against threats across code, secrets, dependencies, and even LLMs. Learn how to use Threat Modeling early in the product lifecycle to identify, assess and address security risks. You’ll learn about developer-focused security tools to deploy with confidence without context switching.  Learn more:  Session: “Shift Left: Secure Your Code and AI from the Start”  With Mark Russinovich, CTO, Deputy CISO and Technical Fellow, Microsoft Azure; Marcelo Oliveira, VP, Product Management, GitHub; Neil Coles, Principal Security Engineer  🧪 2. Use the Wisdom from the Past   Michael Howard - author of the original secure coding book back in 2003 and now a senior director in the Microsoft Red Team - reflects on 25 years of secure code, how the practice has developed and current challenges in secure development. Get ready  for an end-to-end secure coding journey from Bill Gates anecdotes and tips for how you in 2025 can code securely to meet today's security threats.  Learn more:  Session: “Reflections on 25 years of writing secure code”  With Michael Howard, Senior Director, Red Team 📏3. Lock down the data   Microsoft is releasing a set of Purview APIs (+SDK) that will allow partners and customers to integrate their custom AI apps with the Microsoft Purview ecosystem for enterprise grade Data Security and Compliance outcomes. Join this demo session to get the latest.  Learn more:  Session: “Build secure and compliant AI applications with Microsoft Purview”  With Arpitha Dhanapathi, Principal Product Manager  🔚4. Think about security from start to finish   Security can be challenging at the best of times, especially when it’s not your full-time job. In this session, we walk you through the end-to-end deployment of a secure AI application, all the way from identities, VNETS, NSGs, key vault through to prompt shields and data labelling. If you’ve ever felt overwhelmed by trying to do the right thing by security but didn’t know where to start, this session is for you!  Learn more:  Session: “Deploying an end-to-end secure AI application”  With Sarah Young, Principal Security Advocate & Pamela Fox, Principal Cloud Advocate  🤖 5. Play dev-ils advocate    To keep pace with evolving AI risks, organizations need tools to effectively test their AI systems, simulate adversarial attacks, and uncover weaknesses before bad actors can exploit them. Learn how the AI Red Teaming Agent in Azure AI Foundry can help your organization run automated scans for safety risks so you can leverage Microsoft's deep expertise to scale and accelerate your AI development with Trustworthy AI at the forefront.  Learn more:  Session: “Accelerate AI red teaming for your GenAI apps with Azure AI Foundry”  With Minsoo Thigpen, Senior Product Manager & Nagkumar Arkalgud, Senior Software Engineer  🥷6. Skill up on agents   Agents—they’re all anyone is talking about. Join this demo session to learn how to extend security copilot to facilitate security and IT workflows across your environment.  In this demo you will see how to build an agent with supporting components - plugins and KQL queries - and architect it with triggers to automatically run.  Learn more:  Session: “Building Agents with Security Copilot”  With Vinod Jagannathan, Principal Product Manager  🔐7. Get the inside scoop first  One of the pillars of SFI is securing the engineering system. We will explore changes made to Azure DevOps to enable enhanced engineering system security at Microsoft and how customers can use them to better secure their own engineering systems as well.  Learn more:  Session: “Learn How Microsoft secured the Engineering System”  With Karl Piteira, Principal Group Program Manager & Rajesh Ramamurthy, Senior Director, Principal Group Product Management 🚩8. Automate what you can   You don’t have to wait to identify risks. The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems. In this hands-on lab, you will learn how to deploy PyRIT and test it against a variety of AI applications.  Learn more:  Session: “AI security testing with PyRIT”  With Roman Lutz, Responsible AI Engineer & Richard Lundeen, Principal Software Engineering Lead - AI Red Team  ⚙️ 9. Secure APIs    Join us for an engaging and informative session where we delve into the intricacies of API security in the context of AI. We'll examine the unique challenges posed by AI-driven applications and the sophisticated threats that target their APIs. From unauthorized access and data breaches to injection attacks and exploitation of vulnerabilities, the risks are manifold. However, with the right approach, these risks can be effectively mitigated.  Learn more:  Session: “Fortifying AI Frontiers - Securing APIs the path to your AI app”  With Abhi Singh, Director, Global Black Belt - Security & Preetham Anand Naik, Senior Product Manager  🆔 10. Verify explicitly, and automatically  We all know the saying, but we’ve got to put it into practice. Join this session to learn how to enable automated processes to securely onboard and grant resource access for high-privilege users with the Microsoft Entra Suite and MS Graph. Verify the identities of admins, C-level employees, or others who need access to sensitive internet or on-premises resources, and automatically reverify them at regular intervals. Work with a chosen identity verification partner for government ID-based verification that ensures your organization onboards and grants access to the right person.  Learn more:  Session: “Secure onboarding and access with the Microsoft Entra Suite” With Sri Ponnada, Senior Product Manager  ✅11. Apply best practices    Join us for an insightful session on best practices and enablement topics for developing and deploying secure solutions within Business Applications, as part of the Secure Future Initiative (SFI). We will look holistically at Power Platform features for Security under SFI pillars and explore Responsible AI with Purview and Copilot. We will further explore demos, design review checklists on product features under Secure by Design, Secure by Default, and Secure Operations for BizApps Solutions.  Learn more:  Session: “Building Secure Business Apps: Best Practices for Design to Deployment”  With Muhammad Aurangzeb, Senior Partner Solution Architect  🕶️ 12. Use agents for Zero Trust  In this session, you will learn how to build AI Agents using the OpenAI SDK with Assistants and Function Calling for APIs secured by Microsoft Entra ID. This ensures adherence to Zero Trust principles. We will cover the essential steps to set up and configure the OpenAI SDK in a C# environment and demonstrate how to leverage Microsoft Entra ID for secure authentication and authorization.  Learn more:  Session: “Building Secure AI Agents with Microsoft Entra ID”  With Fabian Alves, Senior Product Manager  😶‍🌫️ 13. Secure your apps, secure your people   Learn how to enable automated processes to securely onboard and grant resource access for high-privilege users with the Microsoft Entra Suite and MS Graph. Verify the identities of admins, C-level employees, or others who need access to sensitive internet or on-premises resources, and automatically reverify them at regular intervals. Work with a chosen identity verification partner for government ID-based verification that ensures your organization onboards and grants access to the right person.  Learn more:  Session: “Securing Applications with Microsoft Entra ID”  With Robert Stewart, Senior Specialist  📲 14. Keep it user-friendly for the best results   In the rapidly evolving landscape of mobile application development, achieving pixel-perfect design and robust security is paramount. This lab focuses on the creation of mobile applications integrated via Native Authentication in Microsoft Entra External ID. Participants will explore the intricacies of designing visually precise user interfaces that align seamlessly with their brand while implementing native authentication methods, ensuring secure and efficient user verification processes.  Learn more:  Session: “Creating pixel-perfect mobile apps with Native Authentication” With Joylynn Kirui, Senior Cloud Security Advocate  💬 Come Learn from the People Building the Future  Join these sessions and more at Microsoft Build 2025. Whether you're a junior dev or a senior architect, you'll walk away with real-world tactics to help you build apps that are secure, scalable, and resilient — by design.    👉 Register for Microsoft Build Security Sessions Now » 

WhatsApp has announced the introduction of 'Private Processing,' a new technology that enables users to utilize advanced AI features by offloading tasks to privacy-preserving cloud servers.

Prompt injection flaws in Anthropic’s MCP and Google’s A2A protocols enable covert data exfiltration and AI manipulation.

According to a Justice Department indictment, a 36-year-old Tehran native launched Nemesis Market in March 2021 and allegedly processed more than 400,000 orders through 2024 that included fentanyl, methamphetamine, cocaine and more.

Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks.

An affidavit unsealed in Washington, D.C., alleges that the two “targeted vulnerable children online, coercing them into producing degrading and explicit content under threat and manipulation."

Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn't gain access to customer backup data.

Kristi Noem said the agency should be focused on securing critical infrastructure.

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment

The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024.