Latest CyberSec News by @thecyberpicker

Nous avons eu l'opportunité de vivre de l'intérieur une crise cyber majeure, du moins en simulation, dans des conditions proches du réel. Une méthode d'entraînement inspirée des stratégies militaires, de plus en plus adoptée dans l'univers de la cybersécurité, jusqu'au ministère des Armées. Esplanade de la Défense,

Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements in vehicles from multiple vendors, including Mercedes-Benz AG, Volkswagen, and Skoda.

The arrests mark the first major break in a case linked to the Scattered Spider cybercrime group, although additional work continues with multiple agencies.

The company is still assessing the full impact of the ransomware attack, which has been linked to the SafePay hacker group.

A cryptocurrency social engineering campaign uses fake AI and gaming companies to deliver malware on Windows and macOS, draining digital assets.

45 excellent cloud security talks, how Figma rolled out the binary authorization tool Santa, AI bug finding tools and paper

Daniil Kasatkin, 26, was detained in June at Paris’s Charles de Gaulle Airport shortly after arriving in the country with his fiancée, according to local media reports.

Cary, North Carolina, 10th July 2025, CyberNewsWire

The four people allegedly have ties to the loose criminal collective known as Scattered Spider, which was responsible for the attack.

Daniil Kasatkin played briefly for Penn State University. It’s the second European arrest on cyber allegations at the request of the United States to be revealed this week.

Explore the effects of Zero Trust implementation on your compliance assessments. Understand what to expect upon your first audit cycle with Zero Trust.

In an updated advisory, Qantas broke down the categories of personal data breached in a recent cyberattack, saying frequent-flyer numbers were involved, but not in a way that would compromise accounts.

Deepfake attacks aren't just for recruitment and banking fraud; they've now reached the highest levels of government.

Forescout found that most LLMs are unreliable in vulnerability research and exploit tasks, with threat actors still skeptical about using tools for these purposes

FBI's Criminal Justice Information Services (CJIS) compliance isn't optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory.

The job applicants' personal information could be accessed by simply guessing a username and using the password “12345.”

A new probe, opened two months after a €530m fine to TikTok, will investigate the tech giant’s storage of EU users’ data in China

The UK's National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods.

The NCA has arrested four individuals on suspicion of involvement in the attacks on M&S, Co-op and Harrods

This week in cybersecurity from the editors at Cybercrime Magazine

Four individuals were arrested in connection with £440M cyber attacks on Marks & Spencer, Co-op, and Harrods, linked to the Scattered Spider group.

Model Context Protocol (MCP) allows AI agents to interface with external systems. It powers a new class of software with unique identity security challenges.

Britain's National Crime Agency said police arrested one woman and three men suspected in ransomware attacks against major U.K. retailers.

Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.

AMD reveals new Transient Scheduler vulnerabilities in CPUs, exposing sensitive data risks across multiple Ryzen and EPYC models.

New ZuRu malware infects macOS through trojanized Termius app, delivering remote access via Khepri.

95% of U.S. companies are using generative AI, raising concerns about data privacy, compliance, and operational risks.

Personal data of Nippon Steel Solutions’ customers, partners and employees may be compromised

Good tutorial by Micah Lee. It includes some nonobvious use cases.