Latest CyberSec News by @thecyberpicker

Three Android CVEs expose Ulefone, Krüger&Matz phones to factory resets, PIN leaks, and privilege abuse.

New JINX-0132 cryptojacking attacks hit Docker, Nomad, Gitea, and Consul servers using misconfigurations.

The fiscal 2026 budget proposal President Donald Trump unveiled last week would make deep cuts to the Cybersecurity and Infrastructure Security Agency workforce.

BO Team, also known as Black Owl, has been active since early 2024 and appears to operate independently, with its own arsenal of tools and tactics, researchers at Russian cybersecurity firm Kaspersky said.

Qualcomm addressed three zero-days that, according to the company, have been exploited in limited, targeted attacks in the wild.

The outage had major impacts on enterprise customers’ ability to manage security operations, although federal customers were not affected.

Pour lutter contre la cybercriminalité, le ministère de l'Intérieur vient de publier sa stratégie. Cette feuille de route, déclinée en 84...-Cybersécurité

Critical infrastructure organizations and small businesses would get less support under the president’s fiscal 2026 funding plan.

Two local information disclosure flaws in Linux crash-reporting tools have been identified exposing system data to attackers

Qualcomm fixes 3 zero-days in Adreno GPUs used in targeted Android attacks—OEMs urged to patch fast.

When the seamless logic of AI agents breaks down, humans are out of the loop. Let’s explore how we can implement agentic AI safely and effectively.

A new malware campaign targeting Windows and Linux systems has been identified, deploying tools for evasion and credential theft

The "Russian Market" cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware.

Wiz finds new threat group running cryptojacking campaign via exploited and misconfigured DevOps assets

Semperis will host an immersive ransomware simulation focused on water utilities during Infosecurity Europe 2025

As security leaders, it’s crucial to understand the risks of data sharing in SaaS applications to protect your organization’s most valuable assets.

Here’s what mattered in cybersecurity this week—summarized, sharpened, and signal-boosted.

This week in cybersecurity from the editors at Cybercrime Magazine

Depuis la mi-mai 2025, le Japon autorise officiellement ses forces à mener des cyber-opérations offensives préventives, y compris en l'absence d'attaque avérée. Une rupture stratégique majeure : le pays rejoint ainsi le cercle restreint des démocraties dotées d’une doctrine cyber offensive explicite, avec un niveau

A report on the dark web marketplace Russian Market showed Acreed has emerged as the leading infostealer

Microsoft has released an out-of-band update to address a known issue causing some Windows 11 systems to enter recovery and fail to start while trying to install the KB5058405 May 2025 security update.

A new Australian law requires larger companies to declare any ransomware payments they have made.

Explore key global AI regulations and how ISO 42001 helps ensure ethical, transparent, and compliant AI system deployment.

Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks.

NDR helps detect stealthy threats, protect legacy systems, and meet compliance in critical industries.

Une cyberattaque visant Susie Wiles, cheffe de cabinet de Trump, fait actuellement l'objet d'une enquête des autorités américaines. Des pirates...-Cybersécurité

Dutch, US and Finnish investigators have taken cybercrime service AVCheck offline

As enterprise adoption of generative AI accelerates, security teams face a new identity dilemma — not just more users and devices, but a growing swarm of non-human agents and autonomous systems requesting access to sensitive assets. Related: Top 10 Microsoft Copilot risks At the same time, traditional identity and access management (IAM) tools are buckling

Access your guide below and start your journey towards resilient, secure OT operations using the NIST framework.