Cybersecurity News - Noticias de Ciberseguridad

Latest News

7 Most Influential Women in Cybersecurity You Should Follow in 2026

On April 18, 2016, the US Department of Defense did something it had never done in its history. It invited hackers in. 13 minutes after […] The post 7...

2026-03-09 - Security Boulevard

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The...

2026-03-09 - The Hacker News

A week in security (March 2 – March 8)

A list of topics we covered in the week of March 2 to March 8 of 2026 The post A week in security (March 2 – March 8) appeared first on Security...

2026-03-09 - Security Boulevard

Anthropic Claude Opus AI model discovers 22 Firefox bugs

Anthropic used Claude Opus 4.6 to identify 22 Firefox vulnerabilities, most of which were high severity, all of which were fixed in Firefox 148, relea...

2026-03-09 - Security Affairs

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity

Stu Hirst was already a CISO when he started to go deaf. It was 2023, and the hearing loss crept in over months, enough for him to adapt, to lean on h...

2026-03-09 - Help Net Security

4 ways to prepare your SOC for agentic AI

a way to automate alert triage, threat investigation and eventually higher-level functions. According to IDC, agentic AI is on track to become main...

2026-03-09 - CSO Online

Turning expertise into opportunity for women in cybersecurity

Speaker diversity in cybersecurity has been a talking point for over a decade, with panels, pledges, and dedicated conference tracks failing to produc...

2026-03-09 - Help Net Security

PQC roadmap remains hazy as vendors race for early advantage

Post-quantum cryptography (PQC) has long sat on the periphery of enterprise security, with experts calling it inevitable but not urgent. That posture ...

2026-03-09 - CSO Online

Open-source tool Sage puts a security layer between AI agents and the OS

Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they a...

2026-03-09 - Help Net Security

Product Showcase: Fing Desktop puts network visibility on your screen

Phones, laptops, smart TVs, cameras, and smart home equipment all use the same network. Knowing what’s connected helps users manage performance and se...

2026-03-09 - Help Net Security

Submarine cables move to the center of critical infrastructure security debate

The cables running along the ocean floor carry the overwhelming majority of the world’s cross-border data traffic, and for most of their operati...

2026-03-09 - Help Net Security

Zero Tolerance for Malicious Intrusions—NSFOCUS’s Full-Chain WEB Security Protection System

As regional military conflicts escalate, cyberspace has become a critical battleground, with core WEB application systems frequently targeted by adver...

2026-03-09 - Security Boulevard

TikTok Says No to End-to-End Encryption: Here’s Why That’s a Big Deal

In a move that bucks the entire industry trend, TikTok has confirmed it will not implement end-to-end encryption (E2EE) for direct messages on its pla...

2026-03-09 - Security Boulevard

Tarnung als Taktik: Warum Ransomware-Angriffe raffinierter werden

Statt eines kurzen, aber sehr schmerzhaften Stiches setzen Cyberkrimelle zunehmend darauf, sich in ihren Opfern festzubeißen und beständig auszusaugen...

2026-03-09 - CSO Online

How Chinese Hackers Reached America’s Surveillance Infrastructure

Chinese government-linked hackers have breached a network used by the Federal Bureau of Investigation to manage court-authorized surveillance operatio...

2026-03-09 - Security Boulevard

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any ...

2026-03-08 - Krebs on Security

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management i...

2026-03-08 - Security Affairs

EU court adviser says banks must immediately refund phishing victims

Athanasios Rantos, the Advocate General of the Court of Justice of the EU (CJEU), has issued a formal opinion suggesting that banks must immediately r...

2026-03-08 - BleepingComputer

Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Threat actors are abusing the special-use ".arpa" domain and IPv6 reverse DNS in phishing campaigns that more easily evade domain reputation checks an...

2026-03-08 - BleepingComputer

Massive GitHub malware operation spreads BoryptGrab stealer

Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user f...

2026-03-08 - Security Affairs

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newslett...

2026-03-08 - Security Affairs

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses. The post Recent Cisco Catalyst SD-WAN Vulnerabili...

2026-03-08 - SecurityWeek

Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email...

2026-03-08 - Security Affairs

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that's designed to find, validate, and propo...

2026-03-07 - The Hacker News

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware...

2026-03-07 - BleepingComputer

US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies

Trump’s Cyber Strategy calls for stronger deterrence against cyber adversaries, modernization of federal networks, protection of critical infrastructu...

2026-03-07 - SecurityWeek

Microsoft: Hackers abusing AI at every stage of cyberattacks

Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and l...

2026-03-07 - BleepingComputer

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

The malware targets browser and cryptocurrency wallet data, along with system information and user files. The post Over 100 GitHub Repositories Distri...

2026-03-07 - SecurityWeek

Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare

Pentagon CTO Emil Michael said the military is developing procedures for enabling different levels of autonomy in warfare depending on the risk posed....

2026-03-07 - SecurityWeek

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of t...

2026-03-07 - The Hacker News

FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information

The bureau is working to determine the scope and impact of the problem, according to a notification sent to members of Congress. The post FBI Investig...

2026-03-07 - SecurityWeek

Trump’s cyber strategy emphasizes offensive operations, deregulation, AI

The White House released President Donald Trump’s long-awaited cybersecurity strategy, a lean seven-page blueprint that breaks from past approaches by...

2026-03-06 - CSO Online

The long-awaited Trump cyber strategy has arrived

The administration also released an executive order on cybercrime and fraud. The post The long-awaited Trump cyber strategy has arrived appeared first...

2026-03-06 - CyberScoop

ClickFix attackers using new tactic to evade detection, says Microsoft

Threat actors are trying a different tactic to sucker employees into falling for ClickFix phishing attacks that install malware, says Microsoft. Ra...

2026-03-06 - CSO Online

Cognizant TriZetto breach exposes health data of 3.4 million patients

TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffere...

2026-03-06 - BleepingComputer

Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI

Attackers have turned AI into a “force multiplier” for the country’s expansive scheme to get and keep operatives hired at global companies, researcher...

2026-03-06 - CyberScoop

Cylake Offers AI-Native Security Without Relying on Cloud Services

Cylake's platform will analyze security data locally and identify potential attacks for organizations concerned about data sovereignty.

2026-03-06 - Dark Reading

DHS CISO, deputy CISO exit amid reported IT leadership overhaul

Two sources tell FedScoop the personnel changes are part of a broader effort to consolidate IT and cybersecurity functions at DHS headquarters. The po...

2026-03-06 - CyberScoop

North Korean APTs Use AI to Enhance IT Worker Scams

DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.

2026-03-06 - Dark Reading

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrat...

2026-03-06 - Microsoft Security Blog

Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor

A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign

2026-03-06 - Infosecurity Magazine

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered codin...

2026-03-06 - The Hacker News

EU Auto Rules Shift Gears on Cybersecurity Standards

The European Union is taking new precautions as climate change and cybersecurity threats rise across the automotive industry.

2026-03-06 - Dark Reading

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted r...

2026-03-06 - The Hacker News

Congress looks to revive critical cyber program for rural electric utilities

A House committee reauthorized an Energy Department program that funnels hundreds of millions of dollars and cybersecurity assistance to rural electri...

2026-03-06 - CyberScoop

Iran's Cyber-Kinetic War Doctrine Takes Shape

Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kin...

2026-03-06 - Dark Reading

Cyberattack on Mexico's Gov't Agencies Highlight AI Threat

Using Anthropic's Claude, OpenAI's ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencie...

2026-03-06 - Dark Reading

Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns

Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances

2026-03-06 - Infosecurity Magazine

FBI targeted with ‘suspicious’ activity on its networks

The bureau didn’t provide any further details on the incident, which reportedly targeted a network for managing surveillance activity. The post FBI ta...

2026-03-05 - CyberScoop

Women’s History Month: Encouraging women in cybersecurity at every career stage

This Women’s History Month, we explore ways to support the next generation of female defenders at every career stage. The post Women’s History Month: ...

2026-03-05 - Microsoft Security Blog

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly 900,000 instal...

2026-03-05 - Microsoft Security Blog

AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns

Malicious insiders are using misusing AI for nefarious gain, while employees cutting corners also creates risk, warns Mimecast

2026-03-05 - Infosecurity Magazine

ContextCrush Flaw Exposes AI Development Tools to Attacks

Critical flaw "ContextCrush" in Context7 MCP Server could allow malicious instructions into AI tools

2026-03-05 - Infosecurity Magazine

Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns

Exploit kit "Coruna" targets iPhones running iOS 13.0 to 17.2.1, focusing on financial data theft

2026-03-05 - Infosecurity Magazine

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Mi...

2026-03-04 - Microsoft Security Blog

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise environments. Organizations...

2026-03-03 - Microsoft Security Blog

Who is the Kimwolf Botmaster “Dort”?

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's lar...

2026-02-28 - Krebs on Security

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by ant...

2026-02-20 - Krebs on Security

Kimwolf Botnet Swamps Anonymity Network I2P

For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a dece...

2026-02-11 - Krebs on Security

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopp...

2026-02-10 - Krebs on Security

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

2022-08-31 - Threatpost

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

2022-08-30 - Threatpost

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

2022-08-29 - Threatpost

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

2022-08-26 - Threatpost

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

2022-08-25 - Threatpost

Noticias en Español

Fear of the Dark: DeepFakes, Sappo & Sentiment Analysis

En la primera parte del artículo os dejé la introducción pre GenAI, que una vez que llegó el mundo de la Inteligencia Artificial Generativa todo ha ca...

2026-03-09 - El Lado del Mal

Actores de amenazas utilizan la lógica de redirección de OAuth para distribuir malware

Investigadores de Microsoft han revelado una campaña de phishing activa que está abusando del mecanismo de redirección de autenticación OAuth. El obje...

2026-03-09 - Segu-Info

Fear of the Dark: Fear, Data & Fake News

Este año la charla de RooteddCON Madrid 2026 fue sobre el miedo, la explotación del miedo, y el uso de la tecnología para detectar qué miedos quieren ...

2026-03-08 - El Lado del Mal

USD 4,8 millones en criptomonedas robadas después de que la agencia tributaria coreana expusiera la semilla de la billetera

Alguien aprovechó la oportunidad para robar 4,4 millones de dólares en criptoactivos después de que el Servicio Nacional de Impuestos de Corea del ...

2026-03-07 - Segu-Info

RootedCON Madrid: Una vez más

Un evento de más de 5.000 personas del mundo de la ciberseguridad y el hacking, hacen de RootedCON Madrid sea el corazón de la comunidad más grande de...

2026-03-07 - El Lado del Mal

Fuga masiva expone datos de más de un millón de usuarios en plataforma de IA

La plataforma KomikoAI, especializada en generación de videos e imágenes mediante inteligencia artificial, ha experimentado una filtración que expone ...

2026-03-07 - Una al Día

7 tips para detectar apps móviles falsas

Estos son los 7 consejos que debes tener en cuenta para mantenerte alejado de amenazas para dispositivos móviles: cómo identificar una app maliciosa y...

2026-03-06 - Segu-Info

Podcast | Estafas digitales: el hackeo de las emociones

En este episodio, especialistas en ciberseguridad y salud mental revelan cómo las emociones pueden exponernos a estafas digitales y qué hacer para rec...

2026-03-06 - WeLiveSecurity

Google interrumpe infraestructura de hackers chinos UNC2814

Un presunto grupo de hackers vinculado al estado chino ha sido descubierto llevando a cabo una de las operaciones de ciberespionaje de mayor alcance...

2026-03-06 - Segu-Info

Europol desmantela LeakBase: cae uno de los mayores mercados de datos robados en Internet

Europol ha liderado el cierre de LeakBase, uno de los mayores mercados ilegales dedicados a la compraventa de datos robados en Internet, en una operac...

2026-03-06 - Una al Día

Un simple typo provoca un 0-day de ejecución remota de código en Firefox

Investigadores de seguridad han revelado recientemente un 0-day en Firefox que demuestra cómo un error aparentemente trivial puede convertirse en una ...

2026-03-06 - Una al Día

RootedCON Madrid 2026: Firma de libros, Podcast, Charla y más

Hoy os dejo un post muy rápido, sólo por si vas a estar en RootedCON hoy. Voy a intentar hacer varias cosas, a ver si soy capaz, que la mañana la teng...

2026-03-06 - El Lado del Mal

Cómo las PyMEs utilizan la investigación de amenazas y los servicios MDR para fortalecer su ciberdefensa

Hablamos con Jean‑Ian Boutin, director de ESET Threat Research, sobre cómo las soluciones de ciberseguridad que combinan tecnología avanzada y experie...

2026-03-05 - WeLiveSecurity

Hugging Face: qué es y cómo el cibercrimen explota la cadena de suministro de IA

Descubre cómo funcionan los ataques a través de Hugging Face, los riesgos asociados a la deserialización de modelos y las estrategias de gobernanza ne...

2026-03-05 - WeLiveSecurity

CyberStrikeAI: La nueva herramienta de IA que los hackers están adoptando para ataques automatizados

Vínculos entre CyberStrikeAI y ataques a FortinetLos investigadores advierten que una plataforma de pruebas de seguridad de IA de código abierto recie...

2026-03-05 - Segu-Info

CyberStrikeAI desata una ola de ciberataques automatizados contra firewalls Fortinet mediante inteligencia artificial

La automatización de ciberataques alcanza un nuevo nivel: CyberStrikeAI, una plataforma de código abierto impulsada por inteligencia artificial, ha si...

2026-03-05 - Una al Día

Cloudforce ONE: Cloudflare Threat Report 2026

Cloudflare tiene una visibilidad de lo que está sucediendo en Internet muy especial. El 20% del tráfico mundial HTTP pasa por el Edge de Cloudflare, l...

2026-03-05 - El Lado del Mal

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

2026-03-04 - Hackplayers

Estafas por WhatsApp: 5 errores de seguridad que facilitan el robo de cuentas

¿Por qué la seguridad de las aplicaciones no es suficiente? Descubre cómo los ciberdelincuentes aprovechan simples fallos de privacidad para clonar cu...

2026-03-04 - WeLiveSecurity

Incidente físico provoca apagón y caída masiva en centro de datos AWS en Oriente Medio

Un incidente físico en un centro de datos de AWS en Oriente Medio provocó fuego y dejó fuera de servicio recursos críticos como EC2 y RDS, cuestionand...

2026-03-04 - Una al Día

7 tips para detectar apps móviles falsas

Estos son los 7 consejos que debes tener en cuenta para mantenerte alejado de amenazas para dispositivos móviles: cómo identificar una app maliciosa y...

2026-03-03 - WeLiveSecurity

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

2026-03-02 - Hackplayers

Heretic o cómo eliminar fácilmente la censura en un LLM

Los modelos de lenguaje actuales (los conocidos LLM, Large Language Models) se han convertido en piezas clave de muchas aplicaciones: asistentes, anál...

2026-03-01 - Hackplayers

PentAGI: Automatización avanzada de penetration testing con agentes AI autónomos

En los últimos años, el pentesting ha evolucionado desde procesos manuales altamente especializados hacia flujos híbridos donde la automatización y la...

2026-02-22 - Hackplayers

Writeups CTF Hardware Hacking h-c0n 2026

Desde que fundamos la conferencia h-c0n uno de nuestros “sueños” era tener nuestro propio badge electrónico, al más puro estilo DEF CON. No ha sido ha...

2026-02-17 - Hackplayers

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

2025-10-27 - Flu Project

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

2025-10-13 - Flu Project

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

2025-10-06 - Flu Project

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

2025-09-29 - Flu Project

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

2025-09-15 - Flu Project

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

2025-07-01 - BlogThinkBig

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

2025-06-17 - BlogThinkBig

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

2025-06-13 - BlogThinkBig

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

2025-06-12 - BlogThinkBig

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

2025-06-06 - BlogThinkBig

Cybersecurity News - Noticias de Ciberseguridad

Latest News

7 Most Influential Women in Cybersecurity You Should Follow in 2026

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

A week in security (March 2 – March 8)

Anthropic Claude Opus AI model discovers 22 Firefox bugs

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity

4 ways to prepare your SOC for agentic AI

Turning expertise into opportunity for women in cybersecurity

PQC roadmap remains hazy as vendors race for early advantage

Open-source tool Sage puts a security layer between AI agents and the OS

Product Showcase: Fing Desktop puts network visibility on your screen

Submarine cables move to the center of critical infrastructure security debate

Zero Tolerance for Malicious Intrusions—NSFOCUS’s Full-Chain WEB Security Protection System

TikTok Says No to End-to-End Encryption: Here’s Why That’s a Big Deal

Tarnung als Taktik: Warum Ransomware-Angriffe raffinierter werden

​​How Chinese Hackers Reached America’s Surveillance Infrastructure

How AI Assistants are Moving the Security Goalposts

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

EU court adviser says banks must immediately refund phishing victims

Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Massive GitHub malware operation spreads BoryptGrab stealer

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

Termite ransomware breaches linked to ClickFix CastleRAT attacks

US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies

Microsoft: Hackers abusing AI at every stage of cyberattacks

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information

Trump’s cyber strategy emphasizes offensive operations, deregulation, AI

The long-awaited Trump cyber strategy has arrived

ClickFix attackers using new tactic to evade detection, says Microsoft

Cognizant TriZetto breach exposes health data of 3.4 million patients

Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI

Cylake Offers AI-Native Security Without Relying on Cloud Services

DHS CISO, deputy CISO exit amid reported IT leadership overhaul

North Korean APTs Use AI to Enhance IT Worker Scams

AI as tradecraft: How threat actors operationalize AI

Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

EU Auto Rules Shift Gears on Cybersecurity Standards

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Congress looks to revive critical cyber program for rural electric utilities

Iran's Cyber-Kinetic War Doctrine Takes Shape

Cyberattack on Mexico's Gov't Agencies Highlight AI Threat

Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns

FBI targeted with ‘suspicious’ activity on its networks

Women’s History Month: Encouraging women in cybersecurity at every career stage

Malicious AI Assistant Extensions Harvest LLM Chat Histories

AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns

ContextCrush Flaw Exposes AI Development Tools to Attacks

Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Signed malware impersonating workplace apps deploys RMM backdoors

Who is the Kimwolf Botmaster “Dort”?

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

Kimwolf Botnet Swamps Anonymity Network I2P

Patch Tuesday, February 2026 Edition

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Noticias en Español

Fear of the Dark: DeepFakes, Sappo & Sentiment Analysis

Actores de amenazas utilizan la lógica de redirección de OAuth para distribuir malware

Fear of the Dark: Fear, Data & Fake News

USD 4,8 millones en criptomonedas robadas después de que la agencia tributaria coreana expusiera la semilla de la billetera

RootedCON Madrid: Una vez más

Fuga masiva expone datos de más de un millón de usuarios en plataforma de IA

7 tips para detectar apps móviles falsas

Podcast | Estafas digitales: el hackeo de las emociones

Google interrumpe infraestructura de hackers chinos UNC2814

Europol desmantela LeakBase: cae uno de los mayores mercados de datos robados en Internet

Un simple typo provoca un 0-day de ejecución remota de código en Firefox

RootedCON Madrid 2026: Firma de libros, Podcast, Charla y más

How Chinese Hackers Reached America’s Surveillance Infrastructure