Cybersecurity News - Noticias de Ciberseguridad

Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026

AI-driven threats, global leadership shifts, and the future of cybersecurity in a rapidly evolving landscape were among the discussions at RSAC 2026 C...

US Bans All Foreign-Made Consumer Routers

This is for new routers; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) ...

Cisco fixed critical and high-severity flaws

Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches fo...

Akira ransomware group can achieve initial access to data encryption in less than an hour

A new report from Halcyon finds that the group also puts more effort than usual into developing working decryptors, likely to incentivize businesses t...

Apple Rolls Out DarkSword Exploit Protection to More Devices

The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors. The post Apple Rolls Out DarkSword Exploit Pro...

Lawmakers renew push for Labor Department-backed cyber apprenticeship grants

The bipartisan, bicameral Cyber Ready Workforce Act aims to cut into the country’s deficit of cybersecurity professionals. The post Lawmakers renew pu...

Threat actor abuse of AI accelerates from tool to cyberattack surface

Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. The post Threat actor abuse of AI...

How Do I Make Kubernetes Self‑Service Without Losing Control?

Platform teams are under pressure to move faster, but handing full Kubernetes access to every developer is risky. Self‑service and control are not opp...

RSAC 2026: AI Dominates, But Community Remains Key to Security

As AI took center stage at this year's conference, experts debated automation, oversight and the evolving role of human intelligence in cybersecurity ...

How Treating AI Agents as Identities Can Reduce Enterprise AI Risk

AI agents are no longer experimental. They’re running production workloads, calling APIs, querying databases, provisioning infrastructure, and making ...

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post ...

Proactive Threat Hunting

A proactive threat hunting platform enables organizations to actively search for hidden threats within their environment before they can cause damage....

Residential proxies evaded IP reputation checks in 78% of 4B sessions

Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinctio...

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, cou...

Medtech giant Stryker says it’s back up after Iranian cyberattack

The Handala group claimed responsibility for hitting the company with a wiper attack last month. The post Medtech giant Stryker says it’s back up afte...

Software supply chain hacks trigger wave of intrusions, data theft

After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets...

Security Operations Platform

A security operations platform is designed to unify visibility, detection, investigation, and response across an organization’s entire IT environment....

Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)

From its GitHub repo: "Vite (French word for "quick", pronounced /vi?t/, like "veet") is a new breed of frontend build tooling that significantly...

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support

OpenSSH 10.3 shipped carrying five security fixes alongside feature additions and a set of behavior changes that will break compatibility with older S...

Cybersecurity M&A Roundup: 38 Deals Announced in March 2026

Significant cybersecurity M&A deals announced by Airbus, Cellebrite, Databricks, Quantum eMotion, Rapid7, and OpenAI. The post Cybersecurity M�...

Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing

Threat actors impersonated CERT-UA to send phishing emails with AGEWHEEZE malware, tricking victims into installing a fake “security tool.” A threat a...

Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime

Threat actors are exploiting vacant homes as "drop addresses" to intercept mail and enable fraud. Flare shows how postal services and fake identities ...

New Progress ShareFile flaws can be chained in pre-auth RCE attacks

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltrati...

Medtech giant Stryker fully operational after data-wiping attack

Stryker Corporation, one of the world's leading medical technology companies, says it's fully operational three weeks after many of its systems were w...

New Red Hat subscription simplifies long-term enterprise Linux support

Red Hat has announced Red Hat Enterprise Linux Extended Life Cycle Premium, a new subscription that provides a predictable 14-year life cycle for majo...

Bank Trojan 'Casbaneiro' Worms Through Latin America

Augmented Marauder's multipronged banking-Trojan cyber campaigns are targeting Spanish speakers, evading detection, and replicating rapidly.

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring le...

EvilTokens abuses Microsoft device code flow for account takeovers

A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. S...

Cisco Patches Critical and High-Severity Vulnerabilities

The bugs could lead to authentication bypass, remote code execution, information disclosure, and privilege escalation. The post Cisco Patches Critical...

Siemens SICAM 8 Products

View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Devic...

Yokogawa CENTUM VP

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. The followin...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploi...

Hitachi Energy Ellipse

View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below....

250,000 Affected by Data Breach at Nacogdoches Memorial Hospital

In January 2026, a threat actor hacked the hospital’s internal network and stole personal and health information. The post 250,000 Affected by Data Br...

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (...

The State of Trusted Open Source Report

In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer ba...

DarkSword exploit forces Apple to loosen its patching policy

Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is ...

Critical Cisco IMC auth bypass gives attackers Admin access

Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass that e...

Mercor Hit by LiteLLM Supply Chain Attack

The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor Hit by LiteLLM Supply Chain A...

Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown

A WIRED analysis of DHS records identified dozens of specialized federal agents who used force against US civilians during the largest known deploymen...

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infect...

Cybersecurity in the age of instant software

AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “...

TrueConf zero-day vulnerability exploited to target government networks

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware withi...

Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

WhatsApp blocked a fake app by Italian firm SIO/Asigint that targeted 200 users with spyware, urging them to reinstall the official app. WhatsApp has ...

Tools, um MCP-Server abzusichern

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/11/Gorodenkoff_shutterstock_2324952347_16z9.jpg?quality=50&strip=all 7200w, https://b2b...

ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog. The U.S. C...

Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense

A chief medical information officer describes what hospitals face when they inevitably suffer a ransomware attack—whether it leads to short- or long-t...

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates to do...

Google fixes fourth actively exploited Chrome zero-day of 2026

Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chro...

Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)

Today, most malware are called “fileless” because they try to reduce their footprint on the infected computer filesy...

LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut

A newly released study exclusively shared with Dark Reading details the unique circumstances that make up Latin America's labor pool, and why organiza...

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

Developers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in...

European-Chinese geopolitical issues drive renewed cyberespionage campaign

Proofpoint researchers say the group behind the surge, TA416, had turned away from Europe for a few years. The post European-Chinese geopolitical issu...

TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 2...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-5281 Go...

WhatsApp malware campaign uses malicious VBS files to gain persistent access

Microsoft is warning WhatsApp users of a new malware campaign that tricks them into executing malicious Visual Basic Script (VBS) files, ultimately en...

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities.

ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that iOS version rather than ...

White House executive order purports to limit mail-in voting, mandate federal voter lists 

The order is expected to be quickly challenged in court, where the Trump administration’s previous efforts have been struck down as unconstitutional. ...

Iran Threatens to Start Attacking Major US Tech Firms on April 1

Tech giants like Apple, Google, and Microsoft are among those on a target list released by Iran’s Islamic Revolutionary Guard Corps.

The US Military’s GPS Software Is an $8 Billion Mess

The GPS Next-Generation Operational Control System was due for completion in 2016. Ten years later, the software for controlling the military’s GPS sa...

The threat to critical infrastructure has changed. Has your readiness?

Five facts critical infrastructure (CI) leaders need to act on in 2026, grounded in what Microsoft Threat Intelligence is observing across sectors rig...

Applying security fundamentals to AI: Practical advice for CISOs

Read actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered environment. The post Appl...

The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz

Vessels are increasingly being abandoned during the war on Iran, revealing a hidden failure in the global systems that keep goods—and people—moving.

An AI gateway designed to steal your data

Dissecting the supply chain attack on LiteLLM, a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how ...

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-3860...

Anatomy of a Cyber World Global Report 2026

The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report ...

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Kaspersky SOC uncovered and analyzed a complex Horabot campaign in Mexico. In this article we share insights into how it is unleashed and how to hunt ...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical te...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pre...

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any ...

Cómo lograr el Check de Verified en LinkedIn con una Identidad Pública que no coincide con la Identidad Legal

Durante los últimos años, las redes sociales han ido incorporando sistemas de verificación con el objetivo de reforzar la confianza entre los usuarios...

Fuga de código fuente de Claude Code: los riesgos detrás del error que expuso a Anthropic

Un descuido en el proceso de publicación expuso la arquitectura de la herramienta de Anthropic y habilitó escenarios de jailbreak, clones malicosos y ...

Máquinas virtuales por todas partes y brechas de seguridad muy reales

Las máquinas virtuales en la nube ofrecen una velocidad, una escala y una flexibilidad inigualables, pero todo ello podría no servir de mucho si se ab...

Cortical Labs CL1: Ordenadores con Redes Neuronales Biológicas para ejecutar algoritmos de Inteligencia

No podía no escribir sobre esta noticia - a pesar de ser hoy el April's Fool -, pero el día a día es el que es. El caso es que quería hablaros del ord...

Detectan nuevas campañas del troyano bancario GoPix con técnicas avanzada

Los analistas del equipo Global Research and Analysis Team (GReAT) de Kaspersky han identificado nuevas campañas del troyano bancario brasileño GoPix,...

Suplantan al Correo Argentino en anuncios patrocinados de Gmail para robar datos

Una campaña de phishing usa anuncios en Gmail para suplantar al Correo Argentino y dirigir a usuarios a sitios falsos que capturan información sensibl...

This Week in Net: Chema Alonso & João Tomé en Cloudflare Lisboa

Esta semana se ha publicado la entrevista que me hizo mi querido compañero João Tomé, con el que comparto oficina en Cloudflare Lisboa, para hablar de...

El 80% de los usuarios españoles almacena datos sensibles en formato digital

Con motivo del World Backup Day (31 de marzo), Kaspersky analiza las formas más habituales de almacenar información personal importante y ofrece recom...

El 40% de las empresas en España están críticamente expuestas a riesgos en la cadena de suministro

Los ciberataques a la cadena de suministro se han convertido en la ciberamenaza más común para las empresasdurante el último año.Según elnuevo estudio...

Qué tan fácil puede engañarse a los sistemas de reconocimiento facial

Jake Moore, de ESET, ha utilizado gafas inteligentes, imitaciones y cambios de caras para "hackear" sistemas de reconocimiento facial muy extendidos.

FrontierMath: Inteligencia Artificial resolviendo problemas de matemáticas aún no resueltos.

La organización de Epoch AI es un centro de investigación que está dedicado a monitorizar el avance de la Inteligencia Artificial en la ciencia, y en ...

Los ciberataques aumentan un 130% tras la escalada del conflicto en Oriente Medio

Bitdefender, empresa global de ciberseguridad, ha publicado una nueva investigación que revela un fuerte incremento en las campañas de phishing y malw...

Cloud, IA y ciberseguridad avanzan, pero la pyme española sigue en modo prueba

La digitalización sigue ganando terreno en las pymes españolas, que son responsables de dos tercios del empleo y del PIB del país. Aunque aún tienen p...

Una charla en Lisboa, una entrevista en RNE y fotos en Spatial con iPhone

Para hoy domingo, aprovecho para dejaros rápidamente tres cosas rápidas, dos de ellas porque a mí me gusta conservar todas las charlas y entrevistas q...

Riesgos en LLM corporativos: guía para el primer diagnóstico

La adopción de LLM avanza más rápido que los controles. Esta guía propone un primer diagnóstico para entender riesgos reales y ordenar su implementaci...

Agentic AI y ciberseguridad: cuando los agentes de IA se convierten en vector de ataque

La evolución de los Large Language Models (LLMs) hacia sistemas agénticos representa un cambio paradigmático en la arquitectura de las aplicaciones em...

N.O.M.A.D.: la infraestructura offline que querrás tener cuando Internet deje de existir

En un contexto donde la estabilidad geopolítica ya no se da por sentada, donde conflictos híbridos, ciberataques a gran escala y apagones de infraestr...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

Zombie ZIP: cómo una simple manipulación del header permite ocultar malware a los antivirus

Los archivos ZIP son uno de los formatos más utilizados para distribuir software, documentos y archivos comprimidos. Precisamente por su ubiquidad, ta...

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...

La Comisión Europea investiga a TikTok en virtud de la Ley de Servicios Digitales

La Comisión Europea inicia procedimiento contra TikTok por posible infracción de la DSA, enfocándose en protección de menores, transparencia publicita...

El Garante dice que ChatGPT viola la normativa de la Unión Europea sobre protección de datos

La autoridad italiana de protección de datos ha notificado a OpenAI sobre una presunta infracción de ChatGPT en relación con el RGPD