Latest CyberSec News by @thecyberpicker

Microsoft Intune offers secure, cloud-based endpoint management that helps healthcare providers empower frontline staff and improve patient care.

​Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures.

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers.

From zero-click iOS exploits to NTLM credential leaks and the 4Chan breach — this week’s cyber threats hit where trust runs deepest.

In an open letter, Patrick Opet said third-party vendors need to embrace secure development practices over speed to market.

The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

Microsoft is working on fully mitigating issues causing Outlook on the web and SharePoint Online users to experience delays or failures when searching.

A Ukrainian cloud provider said it had restored services after a power outage disrupted operations for customers including government agencies and major companies over the weekend.

Microsoft avait créé la controverse l'année dernière en présentant sa fonctionnalité d'IA Recall pour PC Copilot+, qui consistait à prendre...-Intelligence artificielle

Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase.

Members of the World Uyghur Congress living in exile were targeted with a spear phishing campaign deploying surveillance malware, according to the Citizen Lab

50% of mobile devices run outdated operating systems, increasing vulnerability to cyber-attacks, according to the latest report from Zimperium

According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second

Ransomware, phishing, supply chain hits — this week’s threats show no signs of slowing down.

WorkComposer, an employee monitoring app, has leaked millions of screenshots through an unprotected AWS S3 bucket.

This week in cybersecurity from the editors at Cybercrime Magazine

About 20 percent of the logistics workers for U.K. retail giant M&S were told they could stay home as the company responded to a cyberattack.

​SAQ A and A-EP offer streamlined PCI DSS compliance for merchants outsourcing payment processing, reducing scope, risk, and audit complexity.

Real-world exploits show how overlooked bugs, like SSRF and IDOR, can trigger massive data breaches.

This quarter, phishing attacks surged as the primary method for initial access. Learn how you can detect and prevent pre-ransomware attacks.

Une étude menée par le cabinet d'études économiques Asterès, commandée par le Cigref, montre à quel point l'Europe dépend des Etats-Unis dans...-Cybersécurité

ASUS advises updating routers with the latest firmware releases to receive the vulnerability fix, or disable AiCloud as mitigation.

An ISACA survey found that just 5% of organizations have a defined strategy to defend against quantum-enabled threats

Researchers created a PoC rootkit called Curing that uses Linux’s io_uring feature to evade traditional system call monitoring.

Earth Kurma APT Targets Southeast Asia Governments With Rootkits and Cloud-Based Data Theft Tools

The US authorities have asked the public to help them unmask China’s Salt Typhoon threat actors

Orange Cyberdefense's CSIRT reported that threat actors exploited two vulnerabilities in Craft CMS to breach servers and steal data.

Le sulfureux site 4chan est de retour sur le web, deux semaines après une panne causée par une cyberattaque. La plateforme a expliqué les causes de son indisponibilité et détaillé les mesures prises pour ne plus se faire avoir à l'avenir. La « poubelle du web », comme est parfois surnommé 4chan, est de retour. Quasi