Latest CyberSec News by @thecyberpicker

A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients

Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks to trick agents into changing passwords, disabling MFA, and granting access. Learn more from Specops Software on how to secure your service desk.

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack where hackers replaced a DLL in the distributed installer to drop the Bumblebee malware loader on users' machines.

La jeune pousse française, devenue indépendante d'Accenture en 2023, met au point une plateforme SaaS de gestion des authentifications et des...-Cybersécurité

Internet monitoring services showed ongoing disruptions to Russia's tax service, as well as services for managing secure digital keys and documents (Saby), among others.

Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities

When AI fails, it often fails fast and loud. Apply CSA’s AI Resilience Benchmarking Model to 4 real incidents to get a better understanding of AI failures.

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia.

This week in cybersecurity from the editors at Cybercrime Magazine

AWS default IAM roles with AmazonS3FullAccess exposed accounts to privilege escalation and lateral movement.

SideWinder exploited CVE-2017-0199 to deploy StealerBot malware in South Asian government networks.

Peter Green Chilled, which ships refrigerated food to supermarkets, is the latest company in the U.K.'s grocery sector to announce disruption from a cyberattack.

The bankrupt 23andMe, along with all of its genetic data, has been bought by US drugmaker Regeneron Pharmaceuticals.

Critics tell CyberScoop the U.S. federal government had many failings in the lead up to and the response to the Salt Typhoon breach.

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.

A DoorDash driver stole over $2.5 million over several months: The driver, Sayee Chaitainya Reddy Devagiri, placed expensive orders from a fraudulent customer account in the DoorDash app. Then, using DoorDash employee credentials, he manually assigned the orders to driver accounts he and the others involved had created. Devagiri would then mark the undelivered orders as complete and prompt DoorDash’s system to pay the driver accounts. Then he’d switch those same orders back to “in process” and do it all over again. Doing this “took less than five minutes, and was repeated hundreds of times for many of the orders,” writes the US Attorney’s Office...

Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises

Explore how consent phishing exploits OAuth to bypass MFA, granting attackers persistent access to SaaS apps. Learn strategies to defend against this threat.

Discover findings from Pentera's 2025 State of Pentesting Report, including breach rates, alert fatigue, budget trends & the rise of software testing.

La collectivité francilienne a annoncé avoir été victime d'une importante cyberattaque. En conséquence, “l'ensemble des systèmes d'information...-Cybersécurité

You'd hope that spending $6,000 on a printer would give you a secure experience, free from viruses and other malware. However, in the case of Procolored printers, you'd be wrong.

Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media

China-Linked Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority

A new cryptojacking campaign dubbed RedisRaider is hijacking publicly exposed Redis servers by injecting cron jobs using legitimate configuration comm

Cybersecurity Observatory of the Unipegaso's malware lab published a detailed analysis of the Sarcoma ransomware.

Malicious Open Source Packages Abused Social Media APIs and Implanted Backdoors Linked to Hacktivist Group

OpenAI is planning to combine multiple products (features or models) into its next foundational model, which is called GPT-5.

Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network.

A flaw in O2 UK's implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target.