Latest CyberSec News by @thecyberpicker

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell.

Stolen credentials remain the top attack vector + Google’s MFA and access controls reduce breach risk + Identity is now the true security perimeter.

Nation-state intrusions. Deepfake-ready malware. AI-powered influence ops. New CVEs, old threats reborn, and spyware with global reach.

Look at evolving compliance challenges and how secure Managed File Transfer (MFT) is helping organizations keep up with stringent standards.

Microsoft has silently fixed an issue that broke Start Menu jump lists for all apps on systems running Windows 10, version 22H2.

​Microsoft announced over the weekend that the Windows 11 24H2 update is ready to roll out to all compatible PCs, excluding those with safeguard holds.

Ireland’s data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users’ data to China

Drowning in spreadsheets for access reviews? There’s a smarter solution.

SAN FRANCISCO — The cybersecurity industry showed up here in force last week: 44,000 attendees, 730 speakers, 650 exhibitors and 400 members of the media flooding Moscone Convention Center in the City by the Bay. Related: RSAC 2025 by the numbers Beneath the cacophony of GenAI-powered product rollouts, the signal that stood out was subtler:

Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark”

Golden Chickens launch TerraStealerV2 and TerraLogger; both still developing but actively steal data via OCX payloads.

Fastest growing type of cybercrime is expected to attack a business, consumer, or device every 2 seconds by 2031

OpenAI admitted that it can be confusing for users to choose between all the different models, but the company has quietly published a document that makes it easier to understand ChatGPT.

The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

DEF CON Training 2025 will be located at: Las Vegas Convention Center.3150 Paradise Rd Las Vegas, NV 89109 Jeff Moss and Seeyew Mo will host an evening social mixer for trainers and students on August 11. This will be a great opportunity to network and discuss cybersecurity and policy. Please email for wire payment ins

Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025.

Google NotebookLM, which is a research and note-taking AI tool, is getting upgraded to Gemini 2.5 Flash.

Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State

Malicious Go and PyPI packages use Gmail and wget to exfiltrate data, wipe Linux disks, and hijack crypto credentials.

L’arme nucléaire, du fait des conséquences désastreuses qu’entraînerait son emploi, est vouée à rester un élément de dissuasion. Si la menace du recours à cette arme ultime est fréquemment brandie côté russe, il n’en demeure pas moins que les responsables au Kremlin ont pleinement conscience des coûts pratiquement

Iranian threat actor Lemon Sandstorm accessed Middle East CNI from 2023–2025 using VPN flaws, web shells, and 8 custom tools.

U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog.

DoJ charges Yemeni hacker over 1,500 ransomware hits via ProxyLogon + Global crackdown + Victim payments drop

L’Usine Digitale vous propose un récapitulatif des grandes actualités de la semaine en matière de cybersécurité. Au programme, un...-Cybersécurité

The small pyjama squid (Sepioloidea lineolata) produces toxic slime, “a rare example of a poisonous predatory mollusc.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes.

The Co-op cyberattack is far worse than initially reported, with the company now confirming that data was stolen for a significant number of current and past customers.

The U.S. Attorney's Office for the Central District of California announced charges against Rami Khaled Ahmed for allegedly helping to develop and deploy Black Kingdom, which infected “approximately 1,500 computer systems."