Latest CyberSec News by @thecyberpicker

A new probe, opened two months after a €530m fine to TikTok, will investigate the tech giant’s storage of EU users’ data in China

The UK's National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods.

The NCA has arrested four individuals on suspicion of involvement in the attacks on M&S, Co-op and Harrods

This week in cybersecurity from the editors at Cybercrime Magazine

Four individuals were arrested in connection with £440M cyber attacks on Marks & Spencer, Co-op, and Harrods, linked to the Scattered Spider group.

Model Context Protocol (MCP) allows AI agents to interface with external systems. It powers a new class of software with unique identity security challenges.

Britain's National Crime Agency said police arrested one woman and three men suspected in ransomware attacks against major U.K. retailers.

Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.

AMD reveals new Transient Scheduler vulnerabilities in CPUs, exposing sensitive data risks across multiple Ryzen and EPYC models.

New ZuRu malware infects macOS through trojanized Termius app, delivering remote access via Khepri.

95% of U.S. companies are using generative AI, raising concerns about data privacy, compliance, and operational risks.

Personal data of Nippon Steel Solutions’ customers, partners and employees may be compromised

Good tutorial by Micah Lee. It includes some nonobvious use cases.

The seventh month is always a big one for Microsoft, and this year is no exception

The UK ICO has welcomed a ruling in its favor in a long-running battle to issue a fine to TikTok

Qantas says nearly six million passengers were impacted by a recent data breach

Alors qu'en mars 2024, un tribunal californien avait jugé l'affaire d'espionnage opposant un média salvadorien au logiciel israélien Pegasus « entièrement étrangère », une cour d'appel fédérale a relancé ce dossier le 8 juillet 2025, au motif que les journalistes ont été espionnés via des serveurs américains. Pegasus

ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.

Microsoft is rolling out a new backup system in September for its Authenticator app on iOS, removing the requirement to use a Microsoft personal account to back up TOTP secrets and account names.

BOSTON, July 9, 2025, CyberNewswire -- Reflectiz, a leading cybersecurity company specializing in web exposure management, today announced a new integration with Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications. This integration combines advanced website security intelligence with enterprise-grade observability, empowering organizations with continuous visibility and control over their expanding attack

Microsoft has confirmed a widespread issue in Windows Server Update Services (WSUS) that prevents organizations from syncing with Microsoft Update and deploying the latest Windows updates.

Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers' data.

Witnesses at a Senate hearing Wednesday connected One Big Beautiful Bill provisions to potential cyber issues in the health care sector, much to GOP Sen. Bill Cassidy’s chagrin.

Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements.

Gold Melody uses ASP.NET vulnerabilities for long-term access, impacting various industries across Europe and the U.S.

U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers.

United States authorities have been warning of potential state-linked or hacktivist threats since the U.S. intervened in the Israel-Iran war.

Bitcoin Depot, which operates cryptocurrency ATMs across North America, says information belonging to more than 26,000 people was breached in an incident last year.