Latest CyberSec News by @thecyberpicker

Semperis will host an immersive ransomware simulation focused on water utilities during Infosecurity Europe 2025

As security leaders, it’s crucial to understand the risks of data sharing in SaaS applications to protect your organization’s most valuable assets.

Here’s what mattered in cybersecurity this week—summarized, sharpened, and signal-boosted.

This week in cybersecurity from the editors at Cybercrime Magazine

Depuis la mi-mai 2025, le Japon autorise officiellement ses forces à mener des cyber-opérations offensives préventives, y compris en l'absence d'attaque avérée. Une rupture stratégique majeure : le pays rejoint ainsi le cercle restreint des démocraties dotées d’une doctrine cyber offensive explicite, avec un niveau

A report on the dark web marketplace Russian Market showed Acreed has emerged as the leading infostealer

Microsoft has released an out-of-band update to address a known issue causing some Windows 11 systems to enter recovery and fail to start while trying to install the KB5058405 May 2025 security update.

A new Australian law requires larger companies to declare any ransomware payments they have made.

Explore key global AI regulations and how ISO 42001 helps ensure ethical, transparent, and compliant AI system deployment.

Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks.

NDR helps detect stealthy threats, protect legacy systems, and meet compliance in critical industries.

Une cyberattaque visant Susie Wiles, cheffe de cabinet de Trump, fait actuellement l'objet d'une enquête des autorités américaines. Des pirates...-Cybersécurité

Dutch, US and Finnish investigators have taken cybercrime service AVCheck offline

As enterprise adoption of generative AI accelerates, security teams face a new identity dilemma — not just more users and devices, but a growing swarm of non-human agents and autonomous systems requesting access to sensitive assets. Related: Top 10 Microsoft Copilot risks At the same time, traditional identity and access management (IAM) tools are buckling

Access your guide below and start your journey towards resilient, secure OT operations using the NIST framework.

A list of topics we covered in the week of May 26 to June 1 of 2025

Technical details about a critical Cisco IOS XE WLC flaw (CVE-2025-20188) are now public, raising the risk of a working exploit emerging soon.

Plug-and-play phishing kits like Haozi drive global scams, bypass MFA, and lower attacker skill bar.

This week on the Lock and Code podcast, host David Ruiz digs into his own Facebook data to see what the social media giant knows about him.

Experts found two vulnerabilities in the vBulletin forum software, one of which is already being exploited in real-world attacks.

Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.

Qualys warns of two flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora distros.

Linux vulnerabilities CVE-2025-5054 and CVE-2025-4598 let local attackers extract sensitive data via SUID core dumps.

L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, une...-Cybersécurité

L'Usine Digitale vous propose un best-of des actualités de la semaine du 26 mai en matière de protection des données. Au menu :...-Data protection

DoJ seized 4 domains on May 27 tied to malware crypting tools, disrupting cybercriminal stealth operations.

AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said.

Three hospitals run by Catholic healthcare organization Covenant Health are dealing with a cyberattack that forced the facilities to shut off all access to data systems.

The 28-year-old, who’d been employed by the Defense Intelligence Agency since 2019, specialized in insider threats and had top secret security clearance, officials said.

Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild.