Latest CyberSec News by @thecyberpicker

Microsoft a dévoilé le European Security Program, une initiative gratuite visant à renforcer la cybersécurité des Etats européens en combinant...-Cybersécurité

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.

The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.

Google has uncovered a vishing campaign by UNC6040 targeting Salesforce users through fake Data Loader apps.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les

Les arnaques au faux livreur Mondial Relay franchissent un nouveau cap : désormais, les escrocs personnalisent leurs SMS avec le nom et le prénom de la victime, rendant la supercherie d’autant plus crédible. Un piège redoutable, alors que les fuites de données se multiplient et que les usurpations d’identité

The agency has lost roughly 1,000 staffers in the wake of the Trump administration’s workforce cuts, losses that could imperil its ability to protect government computer systems and critical infrastructure.

Experts argue the case for “communities of support” to boost SMB cyber-resilience

Google has released an important update for Chrome, patching one actively exploited zero-day and two other security flaws

Attacks on local governments in the last week caused disruptions in the capital of the Choctaw Nation and Puerto Rico, as well as others.

Researchers at Google said the current campaign involving versions of the Salesforce Data Loader tool has targeted about 20 organizations and is ongoing.

Les fournisseurs de VPN seront vraisemblablement les grands gagnants de la décision de trois gros sites pornographiques (Pornhub, RedTube et YouPorn) de quitter le marché français. Ces sites protestent ainsi contre les règles françaises de contrôle obligatoire de l'âge sous peine de blocage. D'ores et déjà, les

Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack.

Experts argue that CISOs should avoid product duplication and simplify their language to ensure budget is spent wisely

Hewlett Packard Enterprise (HPE) addressed multiple flaws in its StoreOnce data backup and deduplication solution.

Chaos RAT malware targets Linux and Windows users via phishing and fake tools, enabling remote control.

UNC6040 uses vishing to impersonate IT support, deceiving victims into granting access to their Salesforce instances.

Details on the voice phishing (vishing) threat, and strategic recommendations and best practices to stay ahead of it.

A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to give the threat actor remote access to infected devices.

Think your passwords are strong enough? AS-REP Roasting is back in the spotlight — and it's targeting weak spots in Active Directory. Learn more from Specops Software how attackers exploit missing Kerberos pre-auth and how to stop them with strong password policies.

Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization's SalesForce platforms.

Agentic AI systems could threaten security and data privacy, unless organizations test each model and component

The parent company of apparel brand The North Face sent data breach notification letters to about 3,000 customer accounts, saying attackers used the technique known as credential stuffing.

Explore event-driven identity systems that enable real-time access decisions, improve security posture, and support zero trust strategies.

This week in cybersecurity from the editors at Cybercrime Magazine

Legacy DLP tools miss 70% of data leaks now happening in-browser across SaaS and AI apps. Learn why this matters.

A phishing campaign spoofing Booking.com has been observed targeting hospitality sector, using ClickFix to install malware

The attacks on UK retailers are “a wake-up call” for the industry, said River Island’s Information Security Officer

Lors du salon Computex 2025 qui se tenait à Taïwan il y a quelques jours, Synology a dévoilé une solution de surveillance, C2 Backup for Surveillance, à destination des entreprises. Ses points forts : elle est très simple à mettre en place, peu coûteuse et s’appuie sur l’expertise de Synology dans le stockage de

Sophos has uncovered a scheme planting malicious code in 130+ GitHub repositories, targeting hackers and gamers