Latest CyberSec News by @thecyberpicker

Semperis claims 62% of water and electricity providers were hit by cyber-attacks in the past year

Vite 6.2.2 - Arbitrary File Read. CVE-2025-30208 . remote exploit for Multiple platform

PortSwigger's Vision In March, PortSwigger hosted its biggest webinar to date and the turnout spoke volumes. With over 7,500 registrants, it’s clear that the future of application security is top of m

Quick Share flaw CVE-2024-10668 bypasses earlier fixes, enabling DoS or unauthorized file delivery.

BforeAI researchers discover 596 suspicious Bybit-themed domains designed to defraud visitors

Triada malware infected 2,600+ Android devices via counterfeit phones in March 2025, enabling remote access and crypto theft.

A new Triada trojan variant comes preinstalled on Android devices, stealing data on setup, warn researchers from Kaspersky.

Kidflix had 1.8M users and 91K CSAM videos; Europol's 38-country probe seized 3K+ devices.

Sophisticated skimmer uses legacy Stripe API to validate and steal card data from 49 sites since Aug 2024.

Executive Director Morgan Adamski said the agency’s use of generative AI tools has reduced the timeframe for analyzing malicious traffic from days and weeks to hours and minutes.

Reps. Andrew Garbarino and Eric Swalwell said legislative priorities include an expiring information-sharing law and making a threat information-sharing organization permanent.

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems.

The openSNP project, a platform for sharing genetic and phenotypic data, will shut down on April 30, 2025, and delete all user submissions over privacy concerns and the risk of misuse by authoritarian governments.

The Lower Sioux Indian Community warned residents on Wednesday that a cyberattack caused disruptions for the local healthcare facility, government center and casino.

A vulnerability in Verizon's Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request.

This week in cybersecurity from the editors at Cybercrime Magazine

Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today.

Over 39 million secrets like API keys and account credentials were leaked on GitHub throughout 2024, exposing organizations and users to significant security risks.

A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages

​Royal Mail is investigating claims of a security breach after a threat actor leaked over 144GB of data allegedly stolen from the company's systems.

A l'occasion du Forum InCyber, qui se tient actuellement à Lille, Docaposte a annoncé l'intégration de Wimi, qui propose une suite...-Cybersécurité

A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users

A malicious hacker recently offered to sell the security firm’s sensitive customer information.

Nearly 24K unique IP addresses have attempted to access portals in the last 30 days, raising concerns of imminent attacks over the past 30 days.

Gray bots surge as generative AI scraper activity increases, impacting web applications with millions of requests daily

À l'occasion du Forum InCyber, la grande messe européenne de la cybersécurité, Numerama a rencontré le directeur général de l'ANSSI, l'agence chargé de la cybersécurité en France, pour avoir son analyse sur les fuites de données qui ont marqué l'actualité des derniers mois. Les alertes « fuite de données » dans les

A multi-year operation against the child sexual abuse material (CSAM) platform Kidflix has led to dozens of arrests and the seizure of tens of thousands of illegal videos, Europol said Wednesday.

As the war between Russian and Ukraine continues, Western cyber support is waning, raising growing concerns about the long-term effectiveness of these efforts.

ChatGPT, the famous artificial intelligence chatbot that allows users to converse with various personalities and topics, has connectivity issues worldwide.

A generative AI nudify service has been found storing explicit deepfakes in an unprotected cloud database.