Cybersecurity News - Noticias de Ciberseguridad

Microsoft removes Support and Recovery Assistant from Windows

Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates st...

The Value of Immutability with Object First

IT security teams today must have the feeling of a target on their back. It is not paranoia. Hackers target backup storage in nearly every single rans...

Protecting Your Data with Veeam

The days of using backup as a simple “set it and forget it” insurance policy are officially over. If you’re still treating your seco...

pcTattleTale stalkerware maker sentence includes fine, supervised release

Bryan Fleming won’t face prison time for a count to which he pled guilty in January, in a rare case of a successful U.S. stalkerware prosecution. The ...

Ten Great Cybersecurity Job Opportunities

Security Boulevard is now providing a weekly cybersecurity jobs report through which opportunities for cybersecurity professionals will be highlighted...

Randall Munroe’s XKCD ‘Little Red Dots’

via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Little Red Dots’ appeared...

Microsoft links Medusa ransomware affiliate to zero-day attacks

Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deplo...

Schema Confidence Gap: AI Data Quality Risks Explained

64% of orgs don't trust their schemas for AI. Learn why the schema confidence gap matters, what it costs, and how to close it with automated governanc...

Drift $280M crypto theft linked to 6-month in-person operation

The Drift Protocol says that the $280+ million hack it suffered last week was the result of a long-term, carefully planned operation that included bui...

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2)...

CISA orders feds to patch exploited Fortinet EMS flaw by Friday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) ins...

Google DeepMind Researchers Map Web Attacks Against AI Agents

A vulnerability named ‘AI Agent Traps’ allows attackers to manipulate, deceive, and exploit visiting agents via malicious web content. The post Google...

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credential...

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) ha...

Shadow AI in Healthcare Is Here to Stay

Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols ...

Why Simple Breach Monitoring is No Longer Enough

Infostealers are harvesting credentials and session cookies at scale, bypassing traditional defenses. Lunar explains why simple breach monitoring alon...

OWASP GenAI Security Project Gets Update, New Tools Matrix

In recognition of 21 generative AI risks, the standards groups recommends that companies take separate but linked approaches to defending GenAI and ag...

Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14...

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, att...

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks...

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

DPRK-linked threat actors are preferring stealth over sophistication in targeting South Korean organizations, as researchers report the use of weaponi...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-35616 -...

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created...

Guardarian Users Targeted With Malicious Strapi NPM Packages

Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials. The post Guardarian Users Ta...

North Korean Hackers Target High-Profile Node.js Maintainers

The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign. The post North Korean H...

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable drive...

Authentication is broken: Here’s how security leaders can actually fix it

Authentication keeps breaking where it matters most: On regulated front lines such as healthcare, government, aerospace and travel. The core issue is ...

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely. The post Fortinet Rushes Emerg...

6 ways attackers abuse AI services to hack your business

Attackers are starting to exploit AI systems to mount attacks in the same way they once relied on built-in enterprise tools such as PowerShell. Ins...

Escaping the COTS trap

Over the years, enterprise cybersecurity environments have accumulated staggering numbers of commercial tools. Industry research converges on a consis...

How often are redirects used in phishing in 2026?, (Mon, Apr 6th)

In one of his recent diaries, Johannes discussed how open redirects are actively being sought out by threat actors[1], which made me wonder ...

Residential proxies make a mockery of IP-based defenses

Attack traffic moved through ordinary home and mobile connections in ways that limited the usefulness of IP reputation on its own. GreyNoise observed ...

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band p...

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app

Proton Authenticator is a free and open-source two-factor authentication (2FA) app that generates time-based one-time passwords (TOTP) to help secure ...

IT talent looks the other way as wireless security incidents pile up

Enterprise wireless networks are supporting a growing mix of devices and applications, increasing operational demand and security exposure. The 2026 C...

CISOs grapple with AI demands within flat budgets

Security spending continues to edge upward across large organizations, though the changes remain gradual and tightly managed. The 2026 RH-ISAC CISO Be...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities ...

ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer...

The Hack That Exposed Syria’s Sweeping Security Failures

When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with t...

Image or Malware? Read until the end and answer in comments :)

A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I re...

Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity...

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information. The post European Commission Confirms Data Bre...

Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as part of an ongoing supply c...

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Major AI labs are investigating a security incident that impacted Mercor, a leading data vendor. The incident could have exposed key data about how th...

Inconsistent Privacy Labels Don't Tell Users What They Are Getting

Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.

Security lapse lets researchers view React2Shell hackers’ dashboard

An apparent security lapse has allowed researchers to peer into the work of a threat group currently exploiting unpatched servers open to the four-mon...

Apple Breaks Precedent, Patches DarkSword for iOS 18

Even organizations with users unwilling or unable to adopt iOS 26 can now protect themselves from a severe mobile OS-cracking tool.

Trump budget proposal would cut hundreds of millions more from CISA

A top congressional Democrat criticized both the scope and nature of the proposed reduction. The post Trump budget proposal would cut hundreds of mill...

Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’

The Senate Democrat said that the SSA following Trump’s executive order would indicate “willing participation” in the administration’s midterm electio...

TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)

This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;...

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate security at Customs and Bord...

ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)

‘Uncanny Valley’: Iran’s Threats on US Tech, Trump’s Plans for Midterms, and Polymarket’s Pop-up Flop

In this episode, we discuss Iran’s threats to target US tech firms, gear up for the midterm elections, and get a scene report from the Polymarket pop-...

House Dems decry confirmed ICE usage of Paragon spyware

The trio of Democrats weren’t satisfied with Immigration and Customs Enforcement answers, and criticized the spyware’s use. The post House Dems decry ...

Akira ransomware group can achieve initial access to data encryption in less than an hour

A new report from Halcyon finds that the group also puts more effort than usual into developing working decryptors, likely to incentivize businesses t...

Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)

From its GitHub repo: "Vite (French word for "quick", pronounced /vi?t/, like "veet") is a new breed of frontend build tooling that significantly...

Siemens SICAM 8 Products

View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Devic...

Yokogawa CENTUM VP

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. The followin...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploi...

Hitachi Energy Ellipse

View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below....

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities.

An AI gateway designed to steal your data

Dissecting the supply chain attack on LiteLLM, a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how ...

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-3860...

Anatomy of a Cyber World Global Report 2026

The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report ...

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Kaspersky SOC uncovered and analyzed a complex Horabot campaign in Mexico. In this article we share insights into how it is unleashed and how to hunt ...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical te...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pre...

Máster en IA Aplicada & Optimización de Procesos Productivos

El mundo cambió para no volver a lo que era antes. Lo estamos viendo constantemente. Las grandes empresas se están re-estructurando para meter en el c...

Los 10 ciberengaños más frecuentes de la declaración de la renta de 2025

Cada año, el inicio de la campaña de la Renta marca una cita clave para millones de contribuyentes… Y, no solo de contribuyentes, sino de ciberdelincu...

La lentitud de las pruebas le cuesta a los equipos de IA 13 000 millones de dólares al año

Galtea, proveedor de una plataforma de evaluación de agentes de IA, anuncia una ronda de financiación inicial de 3,2 millones de dólares para seguir d...

Vibe Coding en BASIC para AMSTRAD CPC sale (un poco) más caro

¿Qué otra cosa mejor que estar probando Vibe Coding en un sábado por la tarde en las oficinas de Cloudflare en Lisboa para comprobar cuánto de bueno e...

Uno de esos días cualquiera

Hoy es un día cualquiera. Vale, seguro que no para todos. No, no, no, no me malinterpretéis. No tiene nada que ver con el día que es hoy. Éste post lo...

The Wave 2026: ‘Hacking & Cybersecurity in the age of AI Revolution’ - 15 Abril en Zaragoza

Los próximos días 14, 15 y 16 de Abril tendrá lugar en Zaragoza el Congreso The Wave 2026, con una amplia participación de empresas tecnológicas, pone...

De la pared al clic: El arte de captar miradas con Pósteres y Anuncios de Canva

En el ruido visual de 2026, la atención es la moneda más valiosa. Si no logras que alguien se detenga frente a un cartel en la calle o que deje de hac...

Cómo lograr el Check de Verified en LinkedIn con una Identidad Pública que no coincide con la Identidad Legal

Durante los últimos años, las redes sociales han ido incorporando sistemas de verificación con el objetivo de reforzar la confianza entre los usuarios...

Fuga de código fuente de Claude Code: los riesgos detrás del error que expuso a Anthropic

Un descuido en el proceso de publicación expuso la arquitectura de la herramienta de Anthropic y habilitó escenarios de jailbreak, clones malicosos y ...

Máquinas virtuales por todas partes y brechas de seguridad muy reales

Las máquinas virtuales en la nube ofrecen una velocidad, una escala y una flexibilidad inigualables, pero todo ello podría no servir de mucho si se ab...

Detectan nuevas campañas del troyano bancario GoPix con técnicas avanzada

Los analistas del equipo Global Research and Analysis Team (GReAT) de Kaspersky han identificado nuevas campañas del troyano bancario brasileño GoPix,...

Suplantan al Correo Argentino en anuncios patrocinados de Gmail para robar datos

Una campaña de phishing usa anuncios en Gmail para suplantar al Correo Argentino y dirigir a usuarios a sitios falsos que capturan información sensibl...

El 80% de los usuarios españoles almacena datos sensibles en formato digital

Con motivo del World Backup Day (31 de marzo), Kaspersky analiza las formas más habituales de almacenar información personal importante y ofrece recom...

Qué tan fácil puede engañarse a los sistemas de reconocimiento facial

Jake Moore, de ESET, ha utilizado gafas inteligentes, imitaciones y cambios de caras para "hackear" sistemas de reconocimiento facial muy extendidos.

Riesgos en LLM corporativos: guía para el primer diagnóstico

La adopción de LLM avanza más rápido que los controles. Esta guía propone un primer diagnóstico para entender riesgos reales y ordenar su implementaci...

Agentic AI y ciberseguridad: cuando los agentes de IA se convierten en vector de ataque

La evolución de los Large Language Models (LLMs) hacia sistemas agénticos representa un cambio paradigmático en la arquitectura de las aplicaciones em...

N.O.M.A.D.: la infraestructura offline que querrás tener cuando Internet deje de existir

En un contexto donde la estabilidad geopolítica ya no se da por sentada, donde conflictos híbridos, ciberataques a gran escala y apagones de infraestr...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

Zombie ZIP: cómo una simple manipulación del header permite ocultar malware a los antivirus

Los archivos ZIP son uno de los formatos más utilizados para distribuir software, documentos y archivos comprimidos. Precisamente por su ubiquidad, ta...

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...

La Comisión Europea investiga a TikTok en virtud de la Ley de Servicios Digitales

La Comisión Europea inicia procedimiento contra TikTok por posible infracción de la DSA, enfocándose en protección de menores, transparencia publicita...

El Garante dice que ChatGPT viola la normativa de la Unión Europea sobre protección de datos

La autoridad italiana de protección de datos ha notificado a OpenAI sobre una presunta infracción de ChatGPT en relación con el RGPD