Latest CyberSec News by @thecyberpicker

Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI.

A sting involving law enforcement and private sector companies disrupted the Lumma infostealer — malware sold around the globe to cybercriminals and credited for millions of infections.

APT28, a Russian state-linked hacking group, is targeting Western logistics and tech firms supporting Ukraine.

The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region.

APT28 targets NATO-aligned logistics and tech firms via malware, phishing, and 7 CVEs to spy on Ukraine aid routes.

In documents filed with regulators in Maine on Tuesday, Coinbase said the information leaked included details like photos of passports and government IDs, as well as account information such as balances and transaction history.

Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE).. remote exploit for Windows platform

A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems.

Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold.

The 19-year-old Assumption College student, Matthew Lane, also was charged Tuesday with hacking and demanding a ransom payment from an unnamed telecommunications company, according to Massachusetts federal prosecutors.

Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains, part of its infrastructure backbone worldwide.

Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law enforcement, facilitated the disruption of Lumma infrastructure.

A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer

Basic vulnerabilities account for most cyberattacks, but security leaders say they’re more concerned about the risks of AI, new research shows.

One of Moscow’s most infamous hacker teams is targeting logistics and technology companies supporting Kyiv’s war effort.

The U.K. department store chain warns online transactions will be disrupted through July and says food, fashion and home goods have experienced disruptions.

Patching is basic cyber hygiene — but executing it at scale, securely, and fast? That's the real challenge. ThreatLocker's Patch Management flips the script with control, visibility, and Zero Trust workflows built for today's threat landscape.

Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns

A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI assistants, and crypto utilities, to steal browser cookies and execute remote scripts secretly.

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware loader on users' machines.

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals.

PureRAT attacks on Russian firms surged 4x in 2025, using email lures and dual malware payloads.

Dover, Del., May 21, 2025, CyberNewswire -- Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration of the European Vulnerability Database (EUVD) into its platform. Operated by the European Union Agency for Cybersecurity (ENISA), the EUVD is a publicly accessible vulnerability repository developed in response to the NIS2 Directive.

Palo Alto, Calif., May 21, 2025 – DataHub, by Acryl Data, the leading open source metadata platform, today announced it has raised $35 million in Series B funding led by Bessemer Venture Partners. This latest round brings the company's total funding to $65 million, enabling accelerated development of its context management platform that provides discovery,

The European Union has imposed strict sanctions against web-hosting provider Stark Industries and the two individuals running it, CEO Iurie Neculiti and owner Ivan Neculiti, for enabling "destabilising activities" against the Union.

Identity plays a vital role in keeping cloud platforms operating smoothly. Organizations require an identity framework that can adapt to a wide range of events.

Google tente une nouvelle approche pour accompagner les internautes à avoir une hygiène numérique de meilleure qualité. Avec Chrome, le géant du net proposera un mécanisme permettant de renouveler automatiquement un mot de passe à risque, sans avoir à se rendre sur le site. Tout se fera en quelques instants en

This week in cybersecurity from the editors at Cybercrime Magazine

Not content with attacking retailers, this aggressive group is fighting a turf war with other ransomware operators

The head of the cybercrime unit at the National Crime Agency says the investigation into cyberattacks on British retail companies is not focused on a specific group, for now.