Latest CyberSec News by @thecyberpicker

The Brooklyn indie art-punk group, Two-Man Giant Squid, just released a new album. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

The bipartisan legislation would strengthen the agency’s authorities to investigate criminal activity tied to digital assets.

The organization that runs Seattle-Tacoma International Airport and several container terminals said it is sending breach notification letters to those affected by a ransomware attack, including about 71,000 people in Washington state.

La société de cybersécurité Mandiant a observé le déploiement de deux familles de malwares suite à l'exploitation d'une vulnérabilité sur des...-Cybersécurité

​Port of Seattle, the U.S. government agency overseeing Seattle's seaport and airport, is notifying roughly 90,000 individuals of a data breach after their personal information was stolen in an August 2024 ransomware attack.

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say…

A large-scale phishing campaign dubbed 'PoisonSeed' compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets.

Gen. Timothy D. Haugh served as the head of two government organizations that play integral roles for U.S. cybersecurity.

Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members' accounts.

A security researcher found a flaw in Verizon call record requests that may have put millions of Americans at risk

It was not immediately clear why Haugh was let go.

New York, NY, Apr. 3, 2025 — YRIKKA has released the first publicly available API for agentic red teaming of Visual AI assets. This release comes at the heels of YRIKKA successfully raising its pre-seed funding round of $1.5M led by Focal and Garuda Ventures. The company was founded by Dr. Kia Khezeli (CEO) and

Hackers over the weekend targeted Australian superannuation funds — investment accounts into which portions of employees’ wages are compulsorily placed.

Face à l'accroissement des menaces, la Cnil joue un rôle central, non seulement en tant qu'organisme de régulation, mais également en tant...-Cybersécurité

...-Club Data Protection

A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users.

President Trump fired Gen. Timothy Haugh as head of U.S. Cyber Command and NSA, a move that could impact national security.

ChatGPT Plus subscription is now free, but only if you're a student based out of the United States of America and Canada.

Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.

A Russian citizen has been sentenced to two years in a penal colony for launching a distributed denial-of-service (DDoS) attack against a local tech company.

Critical PCI DSS changes are approaching. Prepare now for these 7 future-dated controls to strengthen your security strategy before compliance deadlines hit.

This week in cybersecurity from the editors at Cybercrime Magazine

A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities

Two U.S. senators reintroduced legislation on Thursday that would address limits on the ability of the Secret Service to investigate efforts to launder money made through cybercrime.

In the recent wave, the new Triada variant already infected over 2600 customers via counterfeit Android phones.

Chainguard OS cuts container vulnerabilities by 94% by continuously updating upstream packages, enhancing security and efficiency.

The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks

In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.

Staff records must be cleared to avoid compliance issues & unauthorized access. Adopt a systematic method for erasing, archiving, or transferring all details.

Experts warn of a critical vulnerability impacting Apache Parquet's Java Library that could allow remote code execution.