Cybersecurity News - Noticias de Ciberseguridad

Iranian hackers, Handala, claim to compromise FBI Director Kash Patel’s personal data

The FBI said it was aware of hackers targeting Patel’s personal email, and that no government information was taken. The post Iranian hackers, Handala...

Lloyds Bank reveals how IT bug exposed transaction data

Lloyds Banking Group has identified the glitch that led to some of its customers being able to see details of other customers’ transactions on March 1...

Iran-Linked Threat Group Hacks FBI Director Kash Patel’s Personal Email

Iran-linked threat group Handala hacked into the personal email account of FBI Director Kash Patel, posting photos of him and links to documents found...

Security leaders say the next two years are going to be ‘insane’

Kevin Mandia, Morgan Adamski, and Alex Stamos tell CyberScoop that AI is finding bugs faster than anyone can fix them, exploit development is accelera...

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of v...

China Upgrades the Backdoor It Uses to Spy on Telcos Globally

Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it d...

Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account

The group that it was making available for download emails and other documents from Patel’s account. The post Pro-Iranian Hacking Group Claims Credit...

Apple’s Email Privacy Tool Tested in FBI Threat Case, Exposing Limits of Anonymity

Apple’s Hide My Email feature, long promoted as a privacy safeguard for consumers, has come under scrutiny following a federal investigation that reve...

When Your Best Friend Is a Bot Who Never Says No

In 1966, an MIT computer scientist named Joseph Weizenbaum built a chatbot called ELIZA. It was extremely simple by today’s standards which simply rep...

New AITM phishing wave hijacks TikTok Business accounts

A new AITM phishing campaign targets TikTok Business accounts to hijack them for malvertising, continuing tactics seen in earlier Google-themed scams....

What Is CIAM? A Complete Guide to Customer Identity and Access Management in 2026

CIAM is the technology layer that decides how your customers log in, what they can access, and how their data is protected. Here's a complete breakdow...

AO-labs

LEADING SAAS and AI SECURITY RESEARCH AppOmni Labs An elite team of security researchers dedicated to uncovering and neutralizing SaaS and AI vulnerab...

CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw

CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an ...

Wartime Usage of Compromised IP Cameras Highlight Their Danger

The list of countries exploiting internet-connected cameras to give them eye's inside their adversaries' borders continues to expand, with Russia, Ira...

TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

This is the second update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March ...

In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline

Other noteworthy stories that might have slipped under the radar: Heritage Bank data breach, new State Department unit tackles cyber threats, LA Metro...

Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.

Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from ...

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a ...

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware

TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a wi...

OpenAI Launches Bug Bounty Program for Abuse and Safety Risks

Through the new program, OpenAI will reward reports covering design or implementation issues leading to material harm. The post OpenAI Launches Bug Bo...

Infrastructure Attacks With Physical Consequences Down 25%

Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers' rela...

Google Sets 2029 Deadline for Quantum-Safe Cryptography

The post-quantum future may be coming sooner than you think, as Google plans to have PQC migration in place by 2029.

European Commission investigating breach after Amazon cloud account hack

The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to the Commis...

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers have exploited a critical Langflow RCE within hours of disclosure, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) ...

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to...

TP-Link Patches High-Severity Router Vulnerabilities

The security defects could be used to bypass authentication, execute arbitrary commands, and decrypt configuration files. The post TP-Link Patches Hig...

We Are At War

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admi...

Cyberangriff auf die Linke

Die Hackergruppe “Qilin” steht möglicherweise hinter dem Angriff.Studio-M – shutterstock.com Die Linke ist nach eigenen Angaben Opfer einer schwere...

RSAC 2026 Conference Announcements Summary (Days 3-4)

A summary of the announcements made by vendors on the third and fourth days of the RSAC 2026 Conference. The post RSAC 2026 Conference Announcements S...

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2...

Anti-piracy coalition takes down AnimePlay app with 5 million users

The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. [...

Ajax data breach exposed season tickets, supporter bans open to tampering

AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email add...

U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog. The U...

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the thr...

8 steps CISOs can take to empower their teams

Many leaders know empowered teams deliver better results, but not all leaders understand how to get there. It all starts with knowing what empowerment...

Windows 11 KB5079391 update rolls out Smart App Control improvements

​Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and...

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-link...

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure

Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28...

Was ist Social Engineering?

Mit Social-Engineering-Techniken manipulieren Cyberkriminelle die menschliche Psyche. Lesen Sie, wie das funktioniert und wie Sie sich schützen können...

ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)

Make OpenAI’s models misbehave and earn a reward

OpenAI’s public Safety Bug Bounty program focuses on AI abuse and safety risks across its products. The goal is to support safe and secure systems and...

ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review

It’s the first significant cybersecurity-related announcement under Director of National Intelligence Tulsi Gabbard. The post ODNI tackles AI, threat ...

How Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually Work

Experts say that an American ground operation targeting nuclear sites in Iran would be incredibly complicated, put troops’ lives at great risk—and mig...

U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Langflow to its Known Exploited Vulnerabilities catalog. The U.S. Cybe...

Coruna, DarkSword & Democratizing Nation-State Exploit Kits

Nation-state malware is being sold on the Dark Web and leaked to GitHub; and ordinary organizations might not stand much of a chance of defending them...

FCC pushes new rules to crack down on robocallers, foreign call centers

Two measures aim to make it harder for robocallers to obtain valid U.S. phone numbers and pressure companies to onshore call center services.  The pos...

TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

This is the first update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 2...

Former NSA chiefs worry American offensive edge in cybersecurity is slipping

A systemic numbness to cyberattacks has exposed the U.S. economy and its institutions to ever-widening threats. Retired four-star military officials w...

A $20 Billion Crypto Scam Market Faces a New Government Crackdown

The Telegram-based Xinbi Guarantee black market sells services that help prop up scam operations. British officials just hit the highly lucrative mark...

Using a VPN May Subject You to NSA Spying

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surv...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33634 A...

PTC Windchill Product Lifecycle Management

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. The following versions of PT...

OpenCode Systems OC Messaging and USSD Gateway

View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outsid...

WAGO GmbH & Co. KG Industrial Managed Switches

View CSAF Summary An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to fu...

An AI gateway designed to steal your data

Dissecting the supply chain attack on LiteLLM, a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how ...

Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound

From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as plann...

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-3860...

ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)

Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)

Apple released the next version of its operating system, patching 85 different vulnerabilities across all of them. None of the vulnerabilities are cur...

Identity security is the new pressure point for modern cyberattacks

Read the latest Microsoft Secure Access report for insights into why a unified identity and access strategy offers strong modern protection. The post ...

When Satellite Data Becomes a Weapon

As war reshapes the Gulf, the satellite infrastructure the world relies on to see conflict clearly is being delayed, spoofed, and privately controlled...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33017 L...

Anatomy of a Cyber World Global Report 2026

The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report ...

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks thr...

Governing AI agent behavior: Aligning user, developer, role, and organizational intent

This research report explores the layers of agent intent and how to align them for secure enterprise AI adoption. The post Governing AI agent behavior...

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

Microsoft Defender stopped a human-operated ransomware attack that abused Group Policy Objects (GPOs) to disable defenses and push encryption at scale...

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly...

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Kaspersky SOC uncovered and analyzed a complex Horabot campaign in Mexico. In this article we share insights into how it is unleashed and how to hunt ...

Free real estate: GoPix, the banking Trojan living off your memory

Kaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) ...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical te...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pre...

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any ...

Cómo configurar y Monitorizar un Cloud Web Application Firewall para proteger tu Web en un Internet muy peligroso

Puede que en tu empresa el problema sea que casi nadie lo esté mirando, pero la web está siendo atacada constantemente. Este fenómeno suele pasar desa...

Nueva ola de phishing usa el nombre de Movistar para propagar troyanos

Una nueva campaña de phishing utiliza el nombre de la empresa de telecomunicaciones Movistar, intentando convencer a sus víctimas para que pulsen en u...

Advierten sobre las brechas de seguridad en el desarrollo nativo de IA

Armis, compañía de seguridad y gestión de exposición cibernética, advierte que la rápida adopción del desarrollo nativo de IA entre las empresas está ...

The Gentlemen: la nueva generación de ransomware que ataca a medida

Este grupo de RaaS representa una nueva era: deja atrás los ataques masivos para dar paso a operaciones a medida. Un modelo silencioso y mucho más pel...

Todo es eventual

Recuerdo que comencé en mi adolescencia con la lectura de las novelas de Stephen King, algo que sigo disfrutando hoy en día. Casi me muero de miedo co...

Agentic AI y ciberseguridad: cuando los agentes de IA se convierten en vector de ataque

La evolución de los Large Language Models (LLMs) hacia sistemas agénticos representa un cambio paradigmático en la arquitectura de las aplicaciones em...

Palo Alto Networks revoluciona la ciberseguridad con nuevas soluciones para la era de la IA

En un momento en que la adopción de inteligencia artificial, el uso de agentes autónomos y la dependencia del navegador como plataforma de trabajo est...

La IA dificulta atribuir ciberataques al borrar las huellas digitales de los ciberdelincuentes

El uso creciente de Inteligencia Artificial generativa en el cibercrimen está comenzando a borrar las “huellas digitales” que tradicionalmente permití...

Protección de cargas de trabajo en la nube: cómo eliminar puntos ciegos

A medida que la infraestructura de TI se expande, la visibilidad y el control suelen quedarse atrás hasta que un incidente obliga a enfrentar la reali...

“Las empresas siguen viendo la ciberseguridad como tecnología, no como negocio”

En un contexto marcado por el aumento de las ciberamenazas y la aceleración de la transformación digital, la ciberseguridad se ha convertido en un ele...

Cuánto dinero cuesta hacerte el juego de Light-Cycles de TRON en Workers de Cloudflare usando IA

Ayer os hablaba de la Deuda Técnica en la que incurrimos cuando hacemos uso de la Inteligencia Artificial para programar proyectos, y hoy quería ver c...

La gestión de la "Deuda Cognitiva" en servicios programados con Inteligencia Artificial

El mundo del programación con Inteligencia Artificial ha entrado en una nueva fase desde finales del año pasado cuando comenzamos a ver que programar ...

Hackén 2026: La CON de hacking en Jaén el 17 y 18 de abril del 2026

Los días 17 y 18 de Abril tenéis también una cita con la ciberseguridad y el hacking en la CON Hackén, una conferencia de dos días...

N.O.M.A.D.: la infraestructura offline que querrás tener cuando Internet deje de existir

En un contexto donde la estabilidad geopolítica ya no se da por sentada, donde conflictos híbridos, ciberataques a gran escala y apagones de infraestr...

Initial Access Brokers (IAB): qué son y cómo operan para obtener y comercializar accesos a redes corporativas

Los Initial Access Brokers obtienen y comercializan accesos iniciales a redes corporativas mediante credenciales comprometidas, malware y explotación ...

EDR killers explicados: Más allá de los drivers

Los investigadores de ESET profundizan en el ecosistema de los EDR killer y revelan cómo los atacantes abusan de los controladores vulnerables

El impacto en la ciberseguridad de la guerra en Irán: riesgos clave que debe monitorear

Aunque el conflicto se desarrolla en Medio Oriente, las repercusiones en la ciberseguridad pueden afectar a organizaciones de todo el mundo. Estos son...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

Zombie ZIP: cómo una simple manipulación del header permite ocultar malware a los antivirus

Los archivos ZIP son uno de los formatos más utilizados para distribuir software, documentos y archivos comprimidos. Precisamente por su ubiquidad, ta...

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...

La Comisión Europea investiga a TikTok en virtud de la Ley de Servicios Digitales

La Comisión Europea inicia procedimiento contra TikTok por posible infracción de la DSA, enfocándose en protección de menores, transparencia publicita...

El Garante dice que ChatGPT viola la normativa de la Unión Europea sobre protección de datos

La autoridad italiana de protección de datos ha notificado a OpenAI sobre una presunta infracción de ChatGPT en relación con el RGPD