Cybersecurity News - Noticias de Ciberseguridad

Signed software abused to deploy antivirus-killing scripts

A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, som...

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophist...

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

In what was Sweden’s first public mention of the attack, the country’s minister for civil defense said it targeted a heating plant in western Sweden. ...

Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest

Microsoft has awarded $2.3 million to security researchers after receiving nearly 700 submissions during this year's Zero Day Quest hacking contest. [...

Incident response for AI: Same fire, different fuel

AI changes how incidents unfold and how we respond. Learn which IR practices still apply and where new telemetry, tools, and skills are needed. The po...

The Anthropic Mythos, Project Glasswing, and the Illusion of Patch-Based Security

Project Glasswing is a reminder of something many in the federal cybersecurity community already know but don’t always say out loud: We are never goin...

Securing Today’s Cloud-Native Workloads

Introduction: Why Cloud Microsegmentation Must Evolve Cloud-native architectures built on auto-scaling virtual machines, platform-as-a-service (PaaS),...

Cloud PAM for AI Agents: Why Traditional PAM Can’t Protect Agentic Workloads

AI agents are cloud identities. They receive IAM roles at deployment, hold credentials, and access cloud resources to execute tasks. But unlike human ...

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure. The post GitHub Actions Su...

Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now

Quantum computers are coming and may impact systems in unexpected ways, and it will "take years to be fully quantum-safe, if ever," cryptogr...

[un]prompted 2026 – Detecting GenAI Threats at Scale With YARA-Like Semantic Rules

Author, Creator & Presenter: Mohamed Nabeel, Senior Principal Researcher, Palo Alto Networks Our thanks to [un]prompted for publishing their Crea...

CISA flags Windows Task Host vulnerability as exploited in attacks

CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers...

Exploited Vulnerability Exposes Nginx Servers to Hacking

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool.  The post Exploited Vulnerability Exp...

Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests

Google, Meta, and Microsoft about half the time don't comply with requests to opt out of online tracking per a California law mandate, privacy watchdo...

U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited...

Rolling Networks: Securing the Transportation Sector

Modern trucks are rolling networks packed with sensors, connectivity, and attack surfaces, creating new cyber risks. NMFTA's Cybersecurity Conference ...

Capsule Security debuts with $7 million funding to secure AI agent behavior

Capsule Security has launched from stealth with a $7 million seed round led by Lama Partners and Forgepoint Capital International. It prevents AI agen...

OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model 

A new cybersecurity-focused variant of ChatGPT and an expanded access program put OpenAI in direct competition with Anthropic's Project Glasswing — an...

Capsule Security Emerges From Stealth With $7 Million in Funding

The Israeli startup aims to secure AI agents at runtime, continuously monitoring their behavior to prevent unsafe actions. The post Capsule Security E...

Broadcom introduces zero-trust runtime for scalable AI agents

Broadcom has announced VMware Tanzu Platform agent foundations, introducing a secure-by-default agentic runtime designed to accelerate the delivery of...

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise ac...

Bitdefender extends GravityZone with continuous email threat protection

Bitdefender has launched GravityZone Extended Email Security, unifying email and endpoint protection in one platform. Built for organizations and MSPs...

100 Chrome Extensions Steal User Data, Create Backdoor

Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure. The post 100 Chrome Ext...

Tenable unveils OT discovery engine to expose cyber-physical risks

Tenable unveiled a new OT asset discovery engine that enables security teams to bring risks associated with cyber-physical systems (OT, IoT, and shado...

Webinar: The IT Leader’s Guide to AI Governance

Generative AI is moving from experimentation to everyday enterprise use, often faster than governance models were designed to support. As adoption acc...

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in...

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday...

Threat landscape for industrial automation systems in Q4 2025

The report contains industrial threat statistics for Q4 2025. It covers various infection vectors and malware types, as well as regional statistics an...

Copilot and Agentforce fall to form-based prompt injection tricks

Enterprise AI agents are supposed to streamline workflows. Instead, two fresh findings show they can just as easily streamline data exfiltration. S...

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

Microsoft: April updates trigger BitLocker key prompts on some servers

Microsoft confirmed on Tuesday that some Windows Server 2025 devices will boot into BitLocker recovery after installing the April 2026 KB5082063 Windo...

Mirax malware campaign hits 220K accounts, enables full remote control

Mirax, a new Android RAT, spread via Meta ads, infected 220,000 users and turns devices into SOCKS5 proxies, giving attackers full remote control. Mir...

Deterministic + Agentic AI: The Architecture Exposure Validation Requires

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its bro...

The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought

An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the pro...

The deepfake dilemma: From financial fraud to reputational crisis

Deepfake technology has crossed a critical threshold. What was impossible 10 years ago and required specific expertise only a few years ago is now che...

We’re only seeing the tip of the chip-smuggling iceberg

A string of federal indictments has exposed a pervasive shadow network of data centers and fake products spanning Southeast Asia. To secure national s...

7 biggest healthcare security threats

Cyberattacks targeting the healthcare sector have surged since the COVID-19 pandemic and the resulting rush to enable remote delivery of healthcare se...

The need for a board-level definition of cyber resilience

Cyber resilience has become a critical governance concern as organizations face increasingly complex and costly cyber threats. However, recent researc...

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that&...

PHP Composer flaws enable remote command execution via Perforce VCS

Two high-severity flaws in PHP Composer could let attackers run arbitrary commands via malicious repository configs and crafted inputs affecting Perfo...

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action

Built by a veteran security team and led by a former Google and Mandiant executive, Mallory delivers intelligence that drives action for enterprise se...

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day. Microsoft Patc...

ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)

Scanning for AI Models, (Tue, Apr 14th)

Starting March 10, 2026, my DShield sensor started getting probe for various AI models such as claude, openclaw, huggingface, etc. Reviewing the data ...

Microsoft Bets $10B to Boost Japan's AI, Cybersecurity

The deal aims to accelerate AI adoption, train workers, and develop cybersecurity partnerships — the latest move by a hyperscaler to compete for sover...

CISA cancels summer internships for cyber scholarship students amid DHS funding lapse

The move adds to mounting pressure on a scholarship program already strained by hiring freezes, proposed budget cuts and a growing backlog of unplaced...

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, includ...

Privilege Elevation Dominates Massive Microsoft Patch Update

Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.

Microsoft drops its second-largest monthly batch of defects on record

The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make c...

Space Force official touts AI’s impact on cyber compliance

The acting CISO said that AI is reshaping how the service measures and tracks cyber compliance, moving it from a box-checking exercise to something ni...

In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy

OpenAI says its safeguards “sufficiently reduce cyber risk” for now, while GPT-5.4-Cyber is a new cybersecurity-focused model.

Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market

The UK designated Xinbi Guarantee as an enabler of crypto scammers and human trafficking weeks ago. Telegram is still hosting it in plain sight.

Personal data of 1 million gym members compromised in Basic-Fit security incident

A breach at Basic-Fit exposed data of 1M members, including names, birth dates and bank details after unauthorized access. Basic-Fit, Europe’s largest...

Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)

This month&#;x26;#;39;s Microsoft Patch Tuesday looks like a record one, but let&#;x26;#;39;s ...

The FCC Has a Fast Lane for Complaints About Trump’s Media Critics

Internal emails obtained by WIRED reveal how a conservative legal group with a direct line into FCC chairman Brendan Carr’s office built the case agai...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2009-0238 ...

ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)

Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators

More than 70 organizations, including the ACLU, EPIC, and Fight for the Future, say the AI smart glasses feature would endanger abuse victims, immigra...

Scans for EncystPHP Webshell, (Mon, Apr 13th)

Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-know...

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2012-185...

JanelaRAT: a financial threat targeting users in Latin America

Kaspersky GReAT experts describe the latest JanelaRAT campaign detailing infection chain and malware functionality updates.

The agentic SOC—Rethinking SecOps for the next decade

In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outc...

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Stor...

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers ...

Contemporary Controls BASC 20T

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated wi...

GPL Odorizers GPL750

View CSAF Summary Successful exploitation of this vulnerability could allow a low privileged remote attacker to manipulate register values, which woul...

The long road to your crypto: ClipBanker and its marathon infection chain

Threat actors are distributing a Trojan disguised as Proxifier software; through a multi-stage infection chain, it delivers ClipBanker – malware that ...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-1340 Iv...

Financial cyberthreats in 2025 and the outlook for 2026

In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing,...

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Micr...

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and small-office internet equipm...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities ...

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities.

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

Más de 100 extensiones de Chrome Web Store roban cuentas de usuario y datos (incluido Telegram)

Más de 100 extensiones maliciosas en la Chrome Web Store oficial intentan robar tokens Bearer de Google OAuth2, desplegar puertas traseras y cometer...

Actualizaciones de seguridad de ABRIL para todas las empresas

El martes parches de abril de 2026 de Microsoft ha dejado actualizaciones de seguridad para 169 vulnerabilidades, incluyendo 2 Zero-Days. Este Patch...

Basic-Fit y Booking.com sufren brechas de datos en el mismo fin de semana

La cadena de gimnasios Basic-Fit y la plataforma de reservas Booking.com han confirmado en cuestión de horas que han sufrido accesos no autorizados a ...

Una entrevista en el Foco de Maria Zabay

Hoy, que esta semana estoy de muchos viajes, os traigo por aquí la entrevista que me hizo Maria Zabay en su espacio de El Foco, por el que hemos pasad...

(otras) Vulnerabilidades críticas RCE en FortiClient EMS (agregada a KEV)

La Agencia de Seguridad de Infraestructura y Ciberseguridad de EE.UU. (CISA) añadió las vulnerabilidades CVE-2026-35616 (control de acceso in...

Una de cada tres empresas españolas comparte los costes de ciberseguridad con sus proveedores

Un nuevo estudio de Kaspersky, “Supply chain reaction: securing the global digital ecosystem in an age of interdependence”, revela que más del 66% de ...

Las multas en ciberseguridad disparan el riesgo financiero empresarial

Aon plc, empresa de servicios profesionales a nivel global, ha publicado el informe “Asegurabilidad de las multas cibernéticas”, elaborado conjuntamen...

Datos de usuarios de Booking.com expuestos: qué ocurrió y cómo protegerse

Un incidente de seguridad enciende las alertas sobre estafas de ingeniería social y refuerza la necesidad de mayor vigilancia en plataformas de viajes...

Francia anuncia que sustituirá Windows por Linux en todos sus ordenadores gubernamentales

Francia ha anunciado oficialmente que sustituirá Windows por Linux en los equipos de escritorio de toda su administración pública, dentro de una estra...

El cibercrimen en 2026 se impulsa por la inteligencia artificial y la inestabilidad global

SonicWall, compañía global de ciberseguridad con más de 30 años de experiencia, basándose en el Global Cybersecurity Outlook 2026 del World Economic F...

¿Qué vulnerabilidades del código se solucionan realmente?

Una nueva investigación de seguridad revela qué categorías de vulnerabilidades se solucionan rápidamente, cuáles no y qué marca la diferencia.La mayor...

Arrogante: Bases de la 1ª Edición de los premios MIRA (10.000 €)

Si te digo que, por grabar un vídeo con tu móvil, o cualquier otra cosa que se te ocurra... hay un premio en metálico de 10.000 €, ser entrevistado en...

La IA, cada vez más clave en la lucha contra el fraude

La inteligencia artificial se posiciona como protagonista indiscutible en el futuro de la tesorería de grandes y medianas empresas. Según un estudio r...

España registra 1.823 ciberataques semanales de media en marzo

Check Point Research, la división de Inteligencia de Amenazas de Check Point® Software Technologies Ltd., empresa global en soluciones de cibersegurid...

El tiempo para detener un ataque se achica: por qué la prevención es clave

Los atacantes están usando IA para potenciar técnicas ya conocidas. Con amenazas que avanzan cada vez más rápido, los equipos de ciberseguridad deben ...

Linus Torvalds y los responsables del kernel de Linux establecen normas sobre el código generado por IA

La inteligencia artificial ya forma parte del día a día de muchos programadores. Es de gran ayuda, actúa en muchas ocasiones como una mano derecha...

Máster Online de Inteligencia Artificial Aplicada a la Ciberseguridad: 4a Edición - 15 de Octubre 2026

Si has seguido mis publicaciones en este blog durante los últimos años, o si has seguido las noticias del mundo en los últimos meses, verás ...

RVBBIT: anatomía de un rootkit LKM moderno basado en stealth, DKOM y anti-eBPF

En el ecosistema Linux actual, los rootkits han evolucionado de forma notable. Ya no dependen únicamente de explotación o técnicas rudimentarias de oc...

El inicio de los ordenadores neuronales

En abril de 2026 apareció en arXiv un paper titulado “Neural Computers”, firmado por investigadores que proponen una idea tan simple de formular como ...

Captchas Cognitivos: Más fácil con IA que con ojos

Ya os he contado muchas veces que los Catpchas Cogntivos se están convirtiendo  en una molestia para el usuario más que en una protección real co...

BoxPwnr: resuelve máquinas de Hackthebox (y otros) con IA

Durante los últimos años nos hemos acostumbrado a una narrativa bastante cómoda: la inteligencia artificial como asistente. Un copiloto dócil, más o m...

Cloudflare Talks en Londres: The Intelligent Network, Connect on Tour & Futurenet World en Abril.

Esta semana que viene, el día 15 de Abril, voy a estar en The Wave, en Zaragoza, dando una conferencia con Cloudflare y Nunsys, pero también subiré el...

Recovery scams: falsos servicios de recupero de dinero tras haber sufrido una estafa

Si ya fuiste víctima de fraude, probablemente ya estés en una lista especial para los ciberdelincuentes —y si no tienes cuidado, tu situación podría e...

Claude Mythos Preview: una mirada al potencial de la IA en el descubrimiento de vulnerabilidades

Un modelo de IA que, según reportes, muestra capacidades avanzadas para identificar vulnerabilidades complejas y plantea nuevos desafíos para las estr...

Cómo suplantaron a una telefónica mexicana para robar datos financieros

Una estafa por SMS muestra cómo los cibercriminales roban datos financieros y por qué reconocer estos engaños sigue siendo fundamental.

Agentic AI y ciberseguridad: cuando los agentes de IA se convierten en vector de ataque

La evolución de los Large Language Models (LLMs) hacia sistemas agénticos representa un cambio paradigmático en la arquitectura de las aplicaciones em...

N.O.M.A.D.: la infraestructura offline que querrás tener cuando Internet deje de existir

En un contexto donde la estabilidad geopolítica ya no se da por sentada, donde conflictos híbridos, ciberataques a gran escala y apagones de infraestr...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...