Latest CyberSec News by @thecyberpicker

Discover how exposure management helps equip teams to anticipate adversarial tactics and neutralize risks before they escalate. Read the latest eBook.

The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists.

A cyber-attack by pro-Iranian group Cyber Fattah has leaked personal information from the Saudi Games online

The Trump administration is expanding the SAVE database to verify voter citizenship, sparking debate over disenfranchising eligible voters despite evidence that noncitizen voting is extremely rare.

DHS warns of rising cyber threats from pro-Iranian hackers after U.S. airstrikes on Iran’s nuclear facilities.

New Echo Chamber jailbreak manipulates LLMs like OpenAI and Google, bypassing safety systems to generate harmful content

Un ancien sergent du renseignement militaire américain a tenté de vendre des secrets à la Chine. Joseph Daniel Schmidt a plaidé coupable, le 18 juin 2025, devant la justice fédérale de son pays. Mais ce qui frappe dans cette affaire d'espionnage, c’est la maladresse presque naïve de son exécution. Confronté au juge

The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.

Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.

A cyber-attack on CoinMarketCap exposed users to a fake Web3 wallet prompt, draining $43,266 from wallets

Enterprises plan to expand their portfolios by the end of the year, according to a Rackspace Technology survey.

Four REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges.

McLaren Health Care is warning 743,000 patients that the health system suffered a data breach caused by a July 2024 attack by the INC ransomware gang.

McLaren Health Care told regulators that a ransomware attack initially reported in August 2024 breached the data of hundreds of thousands of people.

A new Go-based malware, XDigo, targets Eastern European governments and organizations, exploiting Windows LNK vulnerability

Walk through how to build a complete system using the Model Context Protocol (MCP), a framework designed to bridge the gap between LLMs and external tools.

The DHS warned of a heightened risk of cyber and physical attacks on US targets by Iran in retaliation for strikes on Iranian nuclear facilities over the weekend

Russian hackers convinced targets to share their app passwords in very sophisticated and targeted social engineering attacks

AI-driven automation is transforming SOCs by reducing burnout, improving workflows, and boosting team performance.

Nucor, North America's largest steel producer and recycler, has confirmed that attackers behind a recent cybersecurity incident have also stolen data from the company's network.

This week in cybersecurity from the editors at Cybercrime Magazine

It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by not formally establishing a connection before data is transferred. Unlike the more common Transmission Control Protocol, UDP doesn’t wait for a connection between two computers to be established through a handshake and doesn’t check whether data is properly received by the other party. Instead, it immediately sends data from one machine to another...

Explore how cloud, DevOps, SOC teams share security roles, combat alert fatigue, and work with AI-powered purple teaming for effective threat response.

Google strengthens GenAI defenses with new safeguards against indirect prompt injections and evolving attack vectors.

Des hackers russes, soupçonnés d’appartenir au groupe APT29 (alias Cozy Bear), ont réussi à contourner la double authentification de Gmail sans exploiter de faille technique, mais en visant le maillon faible de la chaîne : l'humain. On fait le point sur cette opération de social engineering d’une rare sophistication

The UK government’s Cyber Essentials scheme hits 10,000 certifications for the first time in a quarter but challenges persist

This week reminded us: real threats don’t make noise—they blend in.

SecurityScorecard has discovered a covert cyber-espionage botnet dubbed “LapDogs” linked to China

A list of topics we covered in the week of June 15 to June 21 of 2025