Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30533 bookmarks
Custom sorting
Man pleads guilty to swatting spree impacting scores of government officials
Man pleads guilty to swatting spree impacting scores of government officials
A man pleaded guilty to his involvement in a string of swatting and bomb threat incidents that allegedly impacted at least 25 members of Congress or their family members, as well as law enforcement officials and members of the federal judiciary.
·therecord.media·
Man pleads guilty to swatting spree impacting scores of government officials
AWS détaille sa stratégie de cloud "souverain" en Europe
AWS détaille sa stratégie de cloud "souverain" en Europe
Amazon Web Services précise les contours de son futur cloud européen, qualifié de "souverain", attendu pour fin 2025. Le fournisseur américain...-Cloud
·usine-digitale.fr·
AWS détaille sa stratégie de cloud "souverain" en Europe
#Infosec2025: Channel Bridges Security Skills Gap
#Infosec2025: Channel Bridges Security Skills Gap
Resellers and channel partners can add value, fill gaps in security teams and offer expertise in niche markets
·infosecurity-magazine.com·
#Infosec2025: Channel Bridges Security Skills Gap
News alert: Aembit brings ‘Workload IAM’ to Microsoft stack, secures hybrid AI and app access
News alert: Aembit brings ‘Workload IAM’ to Microsoft stack, secures hybrid AI and app access
Silver Spring, MD, June 3, 2025, CyberNewswire -- Aembit, the workload identity and access management (IAM) company, today announced a major expansion of its platform to support Microsoft environments. With this launch, enterprises can now enforce secure, policy-based access for software workloads and agentic AI running on Windows Server, Active Directory, Microsoft Entra ID, and
·lastwatchdog.com·
News alert: Aembit brings ‘Workload IAM’ to Microsoft stack, secures hybrid AI and app access
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server.
·bleepingcomputer.com·
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
Un lanceur d’alerte expose le train de vie luxueux du groupe de cybercriminels Conti
Un lanceur d’alerte expose le train de vie luxueux du groupe de cybercriminels Conti
Un lanceur d’alerte anonyme, « GangExposed », publie une fuite inédite sur les chefs du groupe de ransomware Conti/Trickbot. Pour la première fois, des preuves visuelles, des documents financiers et des détails sur leur vie quotidienne à Dubaï viennent appuyer des identités déjà connues des autorités, bouleversant la
·numerama.com·
Un lanceur d’alerte expose le train de vie luxueux du groupe de cybercriminels Conti
Scattered Spider: Three things the news doesn’t tell you
Scattered Spider: Three things the news doesn’t tell you
Scattered Spider isn't one group — it's an identity-first threat model evolving fast. From vishing to AiTM phishing, they're exploiting MFA gaps to hijack the cloud. Watch the Push Security webinar to learn how their identity-based tactics work — and how to stop them.
·bleepingcomputer.com·
Scattered Spider: Three things the news doesn’t tell you
Juice jacking warnings are back, with a new twist
Juice jacking warnings are back, with a new twist
This spring has seen another spate of stories about juice jacking, including a new, more sophisticated form of attack. But how much of a threat is it, really?
·malwarebytes.com·
Juice jacking warnings are back, with a new twist
Victoria’s Secret delays earnings release after security incident
Victoria’s Secret delays earnings release after security incident
Fashion retail giant Victoria's Secret has delayed its first quarter 2025 earnings release because of ongoing corporate system restoration efforts following a May 24 security incident.
·bleepingcomputer.com·
Victoria’s Secret delays earnings release after security incident
LLMs Writing Code? Cool. LLMs Executing It? Dangerous | CSA
LLMs Writing Code? Cool. LLMs Executing It? Dangerous | CSA
Large Language Models are great for software development. But letting them run code is a step too far. Giving LLMs execution rights is a major security risk.
·cloudsecurityalliance.org·
LLMs Writing Code? Cool. LLMs Executing It? Dangerous | CSA
New Linux Vulnerabilities - Schneier on Security
New Linux Vulnerabilities - Schneier on Security
They’re interesting: Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. […] “This means that if a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace.”...
·schneier.com·
New Linux Vulnerabilities - Schneier on Security
Top Security Tools for Startups in 2025 | CSA
Top Security Tools for Startups in 2025 | CSA
Discover essential security tools for startups in 2025. Learn how to streamline compliance and protect your business with expert insights.
·cloudsecurityalliance.org·
Top Security Tools for Startups in 2025 | CSA
Google patches new Chrome zero-day bug exploited in attacks
Google patches new Chrome zero-day bug exploited in attacks
Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year.
·bleepingcomputer.com·
Google patches new Chrome zero-day bug exploited in attacks