Latest CyberSec News by @thecyberpicker

The same group is believed to be behind a wave of attacks against retailers in the UK, the US and elsewhere.

Sensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack.

Reconnaissance and cyberattacks from July 2024 to March 2025 hit 70+ firms, including SentinelOne, linked to Chinese threat actors.

The statement said the Rhode Island-based company identified unauthorized activity on its systems on Thursday, prompting officials to take systems offline. The action “has temporarily impacted the Company’s ability to fulfill and distribute customer orders.”

Unit 221B’s Allison Nixon said crackdowns have effectively shown the group that their actions carry real consequences.

New PathWiper malware targeted Ukrainian critical infrastructure, using legitimate tools for cyber-attacks

Vulnerability in PayU CommercePro plugin allows account hijacking on thousands of WordPress sites

Mirai botnets exploit Wazuh Server flaw CVE-2025-24016 to conduct DDoS and infect IoT devices worldwide.

In its latest campaign this spring, DarkGaboon was observed deploying LockBit 3.0 ransomware against victims in Russia, Positive Technologies said in a report last week.

Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response.

Cyber threats to the U.S. electric grid are mounting. Attackers—from nation-state actors to ransomware gangs—are growing more creative and persistent in probing utility networks and operational technology systems that underpin modern life. Related: The evolution of OT security And yet, many utility companies remain trapped in a compliance-first model that often obscures real risks rather

United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack.

This week in cybersecurity from the editors at Cybercrime Magazine

Authorities said they busted a ring responsible for illegally extracting citizens' data from Kazakhstan's government networks and distributing it through Telegram and other ways.

A string of cyberattacks have targeted retailers like Adidas and North Face. Incidents like these can weaken customer trust and lead to lost business, experts say.

OpenAI banned ChatGPT accounts tied to Russian, Chinese, and Iranian hackers using AI for malware and influence campaigns.

The Football Australia 2024 breach resulted from developers misconfiguring their AWS S3 buckets (an example of Misconfiguration and Inadequate Change Control).

OpenAI annonce avoir identifié et fermé les comptes ChatGPT de plusieurs groupes liés à des puissances étrangères. L’outil d’IA générative servait à orchestrer des opérations d’influence et de désinformation sur les réseaux sociaux. Leur objectif est clair : polariser les débats publics, diffuser des contenus

A cyberattack on London hospitals last year led to the depletion of stocks of crucial O-type blood, and the U.K.'s National Health Service is calling for a nationwide effort to shore up supplies.

In 2024, dormant accounts, unmanaged SaaS access, and GenAI permissions expose enterprises to data breaches and insider threats.

This week’s recap tracks how trust is being quietly exploited at scale.

Congress and federal agencies can take some simple steps to better protect open-source software, writes Chainguard CEO Dan Lorenc.

Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: >Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it’s investigating the abuse, which allows Meta and Yandex to convert ephemeral web identifiers into persistent mobile app user identities...

A new Trump Executive Order limits the use of cybersecurity-related sanctions only against foreign malicious actors

Agentic AI is transforming automation and identity. Learn how to secure these autonomous systems before they reshape your attack surface.

The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.

A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

The Justice Department has filed a civil forfeiture complaint alleging North Korean IT workers amassed $7m+

The FBI says mainly Chinese-made IoT devices pose a threat from Badbox 2.0 malware