Latest CyberSec News by @thecyberpicker

The sanctions target 18 military intelligence officers and three divisions of the Russian military unit known as the GRU.

Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data.

The US CISA has issued advisories for Industrial Control Systems vulnerabilities affecting multiple vendors including Johnson Controls, ABB, Hitachi Energy, and Schneider Electric

SOC 1 reports verify internal controls for financial data, which is essential for trust, sales, and SOX compliance. Here's when and why you need one.

This week in cybersecurity from the editors at Cybercrime Magazine

Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK's NCSC reports

APT28 targets Ukrainian government officials with a phishing campaign delivering LAMEHUG malware, utilizing Alibaba Cloud’s LLM for data harvesting.

La Federal Communications Commission (FCC) s’apprête, lors d'un vote prévu début août 2025, à instaurer des mesures drastiques pour bannir toute technologie ou tout équipement chinois des câbles sous-marins reliant l’Amérique au reste du monde.  Les États-Unis s’apprêtent à franchir un cap inédit dans la guerre

The Chinese have a new tool called Massistant. Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico. The forensics tool works in tandem with a corresponding desktop software. Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services. Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel...

Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector

This article discusses why IT leaders must think beyond backup and embrace cyber resilience to survive and thrive in the ransomware age.

Critical NVIDIA vulnerability CVE-2025-23266 impacts 37% of cloud services, allowing privilege escalation and data tampering.

Google sues 25 Chinese entities over BADBOX 2.0 botnet infecting 10M Android devices, fueling ad fraud.

OpenAI's next foundational and state-of-the-art model, GPT-5, is still on its way after a delay. OpenAI won't tell us the release date for now.

Comparitech found that healthcare ransomware attacks rose 4% in H1 2025, a significantly lower rate than the cross-sector average of 50%

A cryptomining botnet active since 2019 has incorporated likely AI-generated Lcryx ransomware into its operations

VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them.

A modern AI-based SOC platform must adapt in real time to handle alert overloads and fast-moving threats, surpassing traditional SIEM tools.

Sur Instagram ou Facebook, Meta force désormais ses utilisateurs à faire un choix clair : payer pour naviguer sans publicité ou bien accepter le traitement de vos données personnelles pour continuer à utiliser les réseaux sociaux gratuitement. Depuis quelques jours, vous avez peut-être eu la surprise de voir une

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence…

Palo Alto, Calif., July 17, 2025, CyberNewswire — SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees in the browser, this comprehensive manual features industry perspectives from leading CISOs from multiple

A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed "CitrixBleed 2," was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks.

The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk.

VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025.

The food distributor and wholesaler completely shut down its systems upon discovering the attack last month, yet core systems were restored and normal operating capacity returned within three weeks.

Departures and restructuring will make it harder for the agency to pursue global policies that strengthen its own critical infrastructure, experts said.

Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company's advertising platforms.

This week, Martin shows how stepping away from the screen can make you a stronger defender, alongside an inside scoop on emerging malware threats.

A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems.

Malicious GitHub repositories used by threat actors to host Amadey payloads and steal data, impacting targeted entities.