Latest CyberSec News by @thecyberpicker

The company, which supplies Whole Foods and other grocery stores nationwide, had to disable electronic ordering systems while responding to the attack earlier this month.

A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices.

A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices.

Mustang Panda malware targets Tibet and Taiwan, using spear-phishing emails and PUBLOAD for cyber espionage.

The Dutch conglomerate behind Hannaford, Stop & Shop and other major grocery brands informed state regulators of the scope of a November cyberattack that hampered online orders and leaked sensitive data.

The CCM includes Virtualization & Infrastructure Security controls about network security, virtualization technology, and the protection of other IT facilities.

A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors.

This week in cybersecurity from the editors at Cybercrime Magazine

The US airline said that incident was affecting some of its IT systems, but flights are continuing to operate safely and as scheduled

UNFI, the biggest supplier to Whole Foods stores, reported that its income will take a hit for the quarter that ends in August because of a recent cyberattack that disrupted operations.

As India becomes a global manufacturing anchor, cybersecurity is becoming the frontline of industrial continuity. Is India ready to protect what it builds?

Le National Health Service (NHS) britannique a confirmé, le lundi 26 juin 2025, un fait tragique et inédit : la mort d’un patient, officiellement liée à une cyberattaque. Retour sur une affaire qui illustre la réalité des cybermenaces sur les infrastructures critiques. Nous sommes en juin 2024 et le groupe de

We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical records are all integrity attacks. More broadly, integrity refers to ensuring that data is correct and accurate from the point it is collected, through all the ways it is used, modified, transformed, and eventually deleted. Integrity-related incidents include malicious actions, but also inadvertent mistakes...

Silver Fox hackers target Chinese-speaking users with fake sites delivering Sainbox RAT and Hidden rootkit

AI SOC Analysts reduce false positives by 90%, boost SOC productivity, and tackle the global analyst shortage.

Ahold Delhaize, one of the world's largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems.

This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest

Surge in scanning activity targets MOVEit Transfer systems, raising concerns over possible exploitation.

GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks

OneClik malware exploits Microsoft ClickOnce to attack energy companies with stealthy Golang backdoors.

​​Microsoft has released the KB5060829 preview cumulative update for Windows 11 24H2, which includes 38 changes, including improvements to the taskbar and a new PC-to-PC migration experience.

American grocery wholesale giant United Natural Foods (UNFI) reports that it has restored its core systems and brought online the electronic ordering and invoicing systems affected by a cyberattack.

Hawaiian Airlines, the tenth-largest commercial airline in the United States, is investigating a cyberattack that has disrupted access to some of its systems.

ShinyHunters threat group members were arrested in a coordinated law enforcement action for their association with BreachForums

The Federal Trade Commission (FTC) has approved $126,000,000 in refunds to be sent to 969,173 Fortnite players as part of a settlement over allegations that Epic Games tricked users into making unwanted purchases.

Amnesty International said it identified dozens of scam compounds in Cambodia, calling the government's response to the nexus of cybercrime and human trafficking "grossly inadequate."

British national Kai West, aka IntelBroker, was charged in the U.S. for a global hacking scheme that stole and sold data.

A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers.

A critical vulnerability in Open VSX Registry could allow attackers to control VS Code extensions, threatening millions of developers.

See an example of the Microsoft Durability Strategy in action, read the case study and learn more about the Microsoft Security Future Initiative.