Latest CyberSec News by @thecyberpicker

Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.

Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn.

Malware campaign hijacks expired Discord invite links to steal crypto wallets and infect users globally.

Paris, Jun. 3, 2025, CyberNewswire--Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced the release of its new Vishing Simulation module, a cutting-edge tool designed to train employees against one of the fastest-growing attack vectors: voice phishing (vishing). This new module uses AI-generated voices and adaptive dialogue systems to simulate

Video of the stubby squid (Rossia pacifica) from offshore Vancouver Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

C'était l'opération dans l'opération. En marge de la campagne Rising Lion lancée par Israël contre l'Iran dans la nuit du 12 au 13 juin 2025, pour attaquer son programme de nucléaire militaire, une action spéciale a aussi eu lieu proche de Téhéran. Elle impliquait une base clandestine et des drones explosifs. Un coup

Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on the dark web.

Google says an API management issue is behind Thursday's massive Google Cloud outage, which disrupted or brought down its services and many other online platforms.

Roundcube 1.6.10 - Remote Code Execution (RCE). CVE-2025-49113 . webapps exploit for Multiple platform

Windows File Explorer Windows 10 Pro x64 - TAR Extraction. CVE-2025-24071 . remote exploit for Windows platform

Coker spoke to Recorded Future News about his time as National Cyber Director, what he considers his biggest successes and what he would tell his replacement – who is currently going through the confirmation process.

C'était l'opération dans l'opération. En marge de la campagne Rising Lion lancée par Israël contre l'Iran dans la nuit du 12 au 13 juin 2025, pour attaquer son programme de nucléaire militaire, une action spéciale a aussi eu lieu proche de Téhéran. Elle impliquait une base clandestine et des drones explosifs. Un coup

Le « Pentagon Pizza Index », aussi appelé « Pentagon Pizza Meter », est une théorie aussi savoureuse qu’inattendue : le nombre de pizzas commandées autour du Pentagone serait un baromètre officieux des crises internationales et des opérations militaires américaines. Alors que les tensions entre l’Iran et Israël

Users of the Meta AI seem to be sharing their sensitive conversations with the entire world without being aware of it

Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware.

Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system

Freefloat FTP Server 1.0 - Remote Buffer Overflow. CVE-2025-5548 . remote exploit for Multiple platform

The latest confirmed cyber intrusion hit a utility billing software provider and its customers.

The city government of Thomasville, North Carolina, and a court district in eastern Georgia are responding to recent intrusions into their networks.

Many companies feel unprepared to comply with global privacy and security rules, according to the advisory firm’s annual business sentiment survey.

C'était l'opération dans l'opération. En marge de la campagne Rising Lion lancée par Israël contre l'Iran dans la nuit du 12 au 13 juin 2025, pour attaquer son programme de nucléaire militaire, une action spéciale a aussi eu lieu proche de Téhéran. Elle impliquait une base clandestine et des drones explosifs. Un coup

Des chercheurs en cybersécurité ont révélé une vulnérabilité majeure dans l’IA Microsoft 365 Copilot, permettant à des pirates de voler des données sensibles d'entreprises, sans le moindre clic d'utilisateur. Baptisée EchoLeak, cette faille exploitait l’IA générative intégrée aux outils Microsoft pour exfiltrer des

It’s been a whirlwind two months since AI-powered features landed in Burp Suite Professional. Thousands of security testers across the world have been using Burp AI to find vulnerabilities and secure

Ransomware gangs leveraged a vulnerability to access unpatched versions of SimpleHelp's remote monitoring and management tool to disrupt services in double extortion compromises.

Over 269K sites infected with JSFireTruck malware in one month, redirecting visitors to scams and malware.

Microsoft is investigating a known issue that triggers Secure Boot errors and prevents Surface Hub v1 devices from starting up.

A quelques jours de l'ouverture du Salon international de l'aéronautique qui se tiendra au Bourget du 16 au 22 juin, Thales tire la sonnette...-Cybersécurité

This week in cybersecurity from the editors at Cybercrime Magazine

Implement the 11th domain of CCM: Interoperability & Portability. Avoid vendor lock-in and ensure seamless data exchange across multiple platforms and CSPs.

Microsoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features.