Latest CyberSec News by @thecyberpicker

Mozilla addressed two critical Firefox flaws that could be potentially exploited to access sensitive data or achieve code execution.

Arla Foods has confirmed to BleepingComputer that it was targeted by a cyberattack that has disrupted its production operations.

Microsoft has released out-of-band updates to fix a known issue causing Windows 10 systems to boot into BitLocker recovery after installing the May 2025 security updates.

We are excited to introduce Microsoft Entra Agent ID, which extends identity management and access capabilities to AI agents. Learn more.

RVTools site served Bumblebee malware via official installer; Procolored software hid BTC-stealing clipper.

Microsoft is replacing 'Copilot Runtime' with Windows AI Foundry to help developers build, experiment, and reach users with AI experiences in their apps.

Stephen Klein didn’t just stir the pot. He lit a fire. Related: Klein's LinkedIn debate In a sharply worded post that quickly went viral on LinkedIn, the technologist and academic took direct aim at what he called the “hype-as-a-service” business model behind so-called agentic AI. His critique was blunt: what the industry is selling as

This week on the Lock and Code podcast, we speak with Nick Melvoin about the Los Angeles Unified School District smartphone ban for students.

The legislation comes amid DOGE-fueled cuts to CISA and warnings from lawmakers that Trump administration policies will cripple federal cyber recruiting.

Malicious dbgpkg package on PyPI poses as a debugging utility but acts as a delivery mechanism for a stealthy backdoor

Microsoft has open-sourced the Windows Subsystem for Linux (WSL), making its source code available on GitHub, except for a few components that are part of Windows.

At the Build 2025 developer conference, Microsoft announced a new 'Advanced Settings' feature to help users and developers personalize the OS experience.

The company said additional CVEs may be necessary for flaws in related open-source libraries, but researchers are raising questions.

Skitnet malware used in 2025 ransomware attacks uses Rust and Nim to evade detection and exfiltrate data.

RomethemeKit for Elementor has released a patch addressing an RCE vulnerability exposing 30,000 sites

The United Kingdom's Legal Aid Agency (LAA) has confirmed that a recent cyberattack is more serious than first believed, with hackers stealing a large trove of sensitive applicant data in a data breach.

The research highlights a “trust gap between the untested promise of AI and the wariness of security and privacy risks,” finance software company Kyriba said.

Make sure your Chrome is on the latest version, to patch against an actively exploited vulnerability that can be used to steal sensitive information from websites.

Une arnaque sur Instagram, particulièrement sophistiquée, cible les jeunes parents. Son but ? Leur voler de très grosses sommes d'argent grâce à un phishing en deux étapes. Vous vous sentez solides face aux arnaques en ligne ? Celle que nous avons découverte en ce mois de mai 2025 (une de plus) pourrait vous faire

The Pwn2Own Berlin 2025 hacking competition has concluded, with security researchers earning $1,078,750 after exploiting 29 zero-day vulnerabilities and encountering some bug collisions.

Mozilla released emergency security updates to address two Firefox zero-day vulnerabilities demonstrated in the recent Pwn2Own Berlin 2025 hacking competition.

At the RSA Conference in San Francisco this year, Tim Brown talked about the protection CISOs need, Russia’s continued attempts to launch attacks and how companies can navigate the treacherous waters of cyber incidents.

Explore the pros, cons, and business uses of open vs. closed-source AI models. Learn how to choose the best option—or combine both—for your needs.

Civil society groups and academics are calling for the EU's GDPR to remain unchanged following the EU Commission's plans to revisit it

Data obtained by Recorded Future News from the U.K.'s National Health Service show that two incidents last year put patients at risk of clinical harm.

This week in cybersecurity from the editors at Cybercrime Magazine

A large cache of sensitive data about people who applied for legal aid in the U.K. is potentially in the possession of cybercriminals, the government said.

Discover 24 expert strategies for CISOs to combat the top 8 cyber threats of 2025, including AI-driven attacks and insider risks.

Elon Musk’s DOGE isn’t about efficiency — it’s about destruction. We should not let this administration tear down our best defenses against those trying to attack us in cyberspace.

Five zero-days. Nation-state attacks. Supply chain breaches. This week’s cyber recap isn’t just another alert—it’s a red flag.