Latest CyberSec News by @thecyberpicker

Oxford City Council warns it suffered a data breach where attackers accessed personally identifiable information from legacy systems.

CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors' crypto.

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Iran confirmed Internet shutdown to counter Israeli cyberattacks,citing threats to critical infrastructure, interference with drone control

U.K. retailers M&S and Co-op targeted by Scattered Spider cyber attack, with losses up to £440M.

The breach marks the latest in a series of recent attacks linked to cybercrime group Scattered Spider.

This is the first ever video of the Antarctic Gonate Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

New legislation seeks the creation of a Treasury-led task force to examine and combat AI-fueled scams that trick Americans out of their money.

Cloudflare blocked a record 7.3 Tbps DDoS attack in May 2025, +12% than its previous peak and 1 Tbps greater than attack reported by Krebs

24/7 SOCs are essential for off-hours breach protection. Discover how to build one with AI and efficient staffing.

The Taiwanese cryptocurrency exchange BitoPro claims the North Korean hacking group Lazarus is behind a cyberattack that led to the theft of $11,000,000 worth of cryptocurrency on May 8, 2025.

Qilin ransomware intensifies, offering legal counsel to affiliates, rising as a top cybercrime platform with 304 victims in 2025.

Minister of Health Ana ‘Akau’ola then told parliament on Thursday that an unnamed ransomware gang attacked the National Health Information System, demanding millions in ransom to restore the system.

​Microsoft is investigating a known OneDrive issue that is causing searches to appear blank for some users or return no results even when searching for files they know they've already uploaded.

Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack in May 2025 that peaked at 7.3 Tbps, targeting a hosting provider.

Three insurance companies have publicly disclosed cyberattacks in the past week. Scattered Spider, an amorphous band of cybercriminals, has been actively targeting the sector.

La presse mondiale s’est enflammée, le 19 juin 2025 : « 16 milliards de mots de passe en fuite ! » Apple, Google, Facebook, tous concernés. Les titres alarmistes se sont multipliés, évoquant la « plus grande fuite de l'Histoire » et appelant à la vigilance extrême. Mais que s’est-il vraiment passé ? Numerama a

On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen personal and health information.

Android malware AntiDot and GodFather target mobile users with phishing, NFC attacks, and app virtualization.

Self-service password resets (SSPR) reduce helpdesk strain—but without strong security, they can open the door to attackers. Learn why phishing-resistant MFA, context-aware verification, and risk-based detection are critical to secure SSPR implementation.

AI's rapid development underscores the need for secure foundations, Amy Herzog said Tuesday during the company's annual cybersecurity conference.

The UK’s Cyber Monitoring Centre (CMC) assessed the incident as a Category 2 systemic event, based on the significant economic impact

Humans are a weak spot that cybersecurity must compensate for. Email security tools can ensure that employees are not responsible for stopping attacks.

A Krispy Kreme spokesperson said the “vast majority of those affected are Krispy Kreme employees, members of their families, and former employees.”

Microsoft has announced plans to periodically remove legacy drivers from the Windows Update catalog to mitigate security and compatibility risks.

Insurance industry giant Aflac said it disrupted a cyberattack within hours of discovering it and is now working to determine how much data was potentially breached in the incident.

Iran TV, crypto exchange hack escalate cyber conflict with Israel. Hacktivist groups target critical infrastructure.

Oxford City Council revealed that attackers accessed data of individuals who worked on Council-administered elections between 2001 and 2022

Le Salon du Bourget ouvre ses portes au grand public ce vendredi 20 juin 2025 : l’occasion idéale de revenir sur quelques affaires d’espionnage industriel survenues lors de la précédente édition. Entre clés USB piégées, vols d'ordinateurs et espions infiltrés en agents d'entretien, les coulisses du plus grand

This week in cybersecurity from the editors at Cybercrime Magazine