Cybersecurity News - Noticias de Ciberseguridad

TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

This is the first update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 2...

Former NSA chiefs worry American offensive edge in cybersecurity is slipping

A systemic numbness to cyberattacks has exposed the U.S. economy and its institutions to ever-widening threats. Retired four-star military officials w...

Autonomous Development and AI: Speed vs. Security

AI-assisted development is changing how software gets built. What began as a productivity boost is quickly becoming something bigger. The post Autonom...

EULA

Constella Intelligence, Inc. End User License Agreement EULA Last Updated: April 21, 2023 Introduction. This End Used License Agreement (this “EULA”) ...

UK sanctions Xinbi marketplace linked to Asian scam centers

The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketpl...

The $25 Million Deepfake: Why Your Video Calls Can No Longer Be Trusted

An employee saw the CFO on video. Heard colleagues speaking. Authorized $25M in transfers. Every person was an AI-generated deepfake. Identity verific...

How Organizations Can Use Blunders to Level Up Their Security Programs

Organizations repeatedly expose ports, reuse passwords, and skip patches, creating security gaps that attackers exploit for breaches. An industry vete...

A $20 Billion Crypto Scam Market Faces a New Government Crackdown

The Telegram-based Xinbi Guarantee black market sells services that help prop up scam operations. British officials just hit the highly lucrative mark...

BSidesSLC 2025 – The Evolution of Auth – From Passwords To AI Agents

Author, Creator & Presenter: Maya Kaczorowski - Founder of Oblique, Former CPO at Tailscale And Security Lead At GitHub & Google Our thanks t...

Uncover prompt injection, insider threats with the Tenable One Model Refusal Detection

Tenable One's new Model Refusal Detection turns an LLM's refusal to execute a risky or suspicious prompt into a high-fidelity early warning signal. It...

AI-Powered Dependency Decisions Introduce, Ignore Security Bugs

AI models often hallucinate or make costly mistakes when tasked with recommending software versions, upgrade paths, and security fixes — leading to si...

TikTok for Business accounts targeted in new phishing campaign

Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages. [...]

Second RedLine infostealer operator ends up in US custody

Hambardzum Minasyan, an Armenian man extradited to the United States, is accused of conspiring with others to develop and operate the RedLine infostea...

Hightower Holding Data Breach Impacts 130,000

The holdings company says hackers stole names, Social Security numbers, and driver’s license numbers from its environment. The post Hightower Holding ...

WhatsApp rolls out more AI features, iOS multi-account support

WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support f...

Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers

Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and be...

Using a VPN May Subject You to NSA Spying

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surv...

BIND Updates Patch High-Severity Vulnerabilities

Specially crafted domains could be used to cause out-of-memory conditions, leading to memory leaks in the BIND resolvers. The post BIND Updates Patch ...

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under ...

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malic...

Coruna iOS exploit framework linked to Triangulation attacks

The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zer...

Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks

Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked APTs for many years now. To help them i...

Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure

The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Cau...

Databricks pitches Lakewatch as a cheaper SIEM — but is it really?

Databricks has previewed a new open agentic Security Information and Event Management software (SIEM) named Lakewatch that signals its first deliberat...

Cisco Patches Multiple Vulnerabilities in IOS Software

The high- and medium-severity flaws could lead to denial-of-service, secure boot bypass, information disclosure, and privilege escalation. The post Ci...

GitHub jumps on the bandwagon and will use your data to train AI

GitHub updated how it uses data to improve AI-powered coding assistance. Starting April 24, interaction data from Copilot Free, Pro, and Pro+ users ma...

Intermediaries Driving Global Spyware Market Expansion

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.

Mission to smuggle $170 million worth of AI tech to China collapsed for three men

Three individuals, Stanley Yi Zheng, Matthew Kelly, and Tommy Shad English, have been charged with conspiracy to commit smuggling and export control v...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33634 A...

PTC Windchill Product Lifecycle Management

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. The following versions of PT...

OpenCode Systems OC Messaging and USSD Gateway

View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outsid...

WAGO GmbH & Co. KG Industrial Managed Switches

View CSAF Summary An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to fu...

Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception

Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to...

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are gettin...

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Threat actors are actively exploiting OpenClaw’s viral popularity to run a phishing campaign that targets developers on GitHub with lures of free cryp...

Researchers uncover WebRTC skimmer bypassing traditional defenses

Researchers found a new skimmer using WebRTC to steal and send payment data, bypassing traditional security controls. Sansec researchers discovered a ...

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the ...

An AI gateway designed to steal your data

Dissecting the supply-chain attack on LiteLLM – a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how...

Reddit declares war on bad bot activity

Reddit is introducing changes to support interactions between people. The company is taking a bottom-up approach to help users understand when they ar...

Alleged RedLine Malware Administrator Extradited to US

Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged R...

Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound

From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as plann...

Russian authorities arrest alleged LeakBase admin behind stolen data marketplace

Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested...

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-3860...

10 essenzielle Maßnahmen für physische Sicherheit

Wenn physische Security nur immer so simpel umzusetzen wäre… Foto: Leremy | shutterstock.comObwohl CISOs im Allgemeinen eher selten mit dem gesamten S...

ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)

New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert

A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immedia...

Alleged RedLine infostealer conspirator extradited to US

The Armenian man faces three counts for his role for allegedly administering “one of the most prevalent infostealing malware variants in the world.” T...

At RSAC, the EU Leads While US Officials Are Sidelined

While US government sits out this year, EU officials are on the ground in San Francisco leading the conversations on today's top cybersecurity challen...

Google moves post-quantum encryption timeline up to 2029

The shift suggests the tech titan is worried that 2035 is too late to wait to protect their systems, devices and data for the quantum age. The post Go...

Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)

Apple released the next version of its operating system, patching 85 different vulnerabilities across all of them. None of the vulnerabilities are cur...

Russian national convicted for running botnet used in attacks on U.S. firms

A Russian hacker got 2 years in prison, $100K fine, and $1.6M judgment for running a botnet used in ransomware attacks on U.S. firms. Russian national...

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-o...

SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)

Introduction

Blame Game: Why Public Cyber Attribution Carries Risks

Publicly accusing an entity of a cyberattack could have negative consequences that organizations should consider before taking the plunge.

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmwa...

When Satellite Data Becomes a Weapon

As war reshapes the Gulf, the satellite infrastructure the world relies on to see conflict clearly is being delayed, spoofed, and privately controlled...

Recent Navia data breach impacts HackerOne employee data

A Navia breach exposed personal data of nearly 300 HackerOne employees after attackers compromised the benefits provider. HackerOne revealed that a da...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33017 L...

Anatomy of a Cyber World Global Report 2026

The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report ...

Iranians Don’t Have a Missile Alert System, So Volunteers Built Their Own Warning Map

The crowdsourced website and app Mahsa Alert provides citizens in Iran with crucial information amid the country’s ongoing war with the US and Israel—...

ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)

DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses

Cybersecurity researchers say the GitHub leak threatens to "democratize" iPhone exploits that were once reserved for nation-states, potentially puttin...

Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack

Attackers compromised the open-source security tool and published malicious versions of the software. Mandiant warns the fallout could impact up to 10...

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Kaspersky SOC uncovered and analyzed a complex Horabot campaign in Mexico. In this article we share insights into how it is unleashed and how to hunt ...

Free real estate: GoPix, the banking Trojan living off your memory

Kaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) ...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical te...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pre...

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any ...

Todo es eventual

Recuerdo que comencé en mi adolescencia con la lectura de las novelas de Stephen King, algo que sigo disfrutando hoy en día. Casi me muero de miedo co...

Agentic AI y ciberseguridad: cuando los agentes de IA se convierten en vector de ataque

La evolución de los Large Language Models (LLMs) hacia sistemas agénticos representa un cambio paradigmático en la arquitectura de las aplicaciones em...

Palo Alto Networks revoluciona la ciberseguridad con nuevas soluciones para la era de la IA

En un momento en que la adopción de inteligencia artificial, el uso de agentes autónomos y la dependencia del navegador como plataforma de trabajo est...

La IA dificulta atribuir ciberataques al borrar las huellas digitales de los ciberdelincuentes

El uso creciente de Inteligencia Artificial generativa en el cibercrimen está comenzando a borrar las “huellas digitales” que tradicionalmente permití...

Cloud Workload Security: atención a los puntos ciegos

A medida que la infraestructura de TI se expande, la visibilidad y el control suelen quedarse atrás hasta que un incidente obliga a enfrentar la reali...

“Las empresas siguen viendo la ciberseguridad como tecnología, no como negocio”

En un contexto marcado por el aumento de las ciberamenazas y la aceleración de la transformación digital, la ciberseguridad se ha convertido en un ele...

Cuánto dinero cuesta hacerte el juego de Light-Cycles de TRON en Workers de Cloudflare usando IA

Ayer os hablaba de la Deuda Técnica en la que incurrimos cuando hacemos uso de la Inteligencia Artificial para programar proyectos, y hoy quería ver c...

El 65% de las empresas en España planea crear su SOC con menos de 1M€

Para la mayoría de las empresas españolas que planean crear un Centro de Operaciones de Seguridad (SOC), la cuestión ya no es si invertir, sino qué se...

Mandiant publica M-Trends 2026 sobre tendencias en ciberamenazas

Mandiant ha presentado su 17.º informe anual M-Trends, una radiografía sobre las amenazas y tácticas utilizadas en las ciberamenazas basada en más de ...

La gestión de la "Deuda Cognitiva" en servicios programados con Inteligencia Artificial

El mundo del programación con Inteligencia Artificial ha entrado en una nueva fase desde finales del año pasado cuando comenzamos a ver que programar ...

Hackén 2026: La CON de hacking en Jaén el 17 y 18 de abril del 2026

Los días 17 y 18 de Abril tenéis también una cita con la ciberseguridad y el hacking en la CON Hackén, una conferencia de dos días...

Cuando mecanografiaba mis artículos de cine

Ayer os compartí cómo son los mini-libros que yo hacía de niño sobre las películas que iba viendo, como forma de conservarlas y hacerlas mías. Pero un...

N.O.M.A.D.: la infraestructura offline que querrás tener cuando Internet deje de existir

En un contexto donde la estabilidad geopolítica ya no se da por sentada, donde conflictos híbridos, ciberataques a gran escala y apagones de infraestr...

Initial Access Brokers (IAB): qué son y cómo operan para obtener y comercializar accesos a redes corporativas

Los Initial Access Brokers obtienen y comercializan accesos iniciales a redes corporativas mediante credenciales comprometidas, malware y explotación ...

EDR killers explicados: Más allá de los drivers

Los investigadores de ESET profundizan en el ecosistema de los EDR killer y revelan cómo los atacantes abusan de los controladores vulnerables

El impacto en la ciberseguridad de la guerra en Irán: riesgos clave que debe monitorear

Aunque el conflicto se desarrolla en Medio Oriente, las repercusiones en la ciberseguridad pueden afectar a organizaciones de todo el mundo. Estos son...

Mapa de actividad de malware en América Latina

Un análisis basado en telemetría ESET muestra cómo se distribuyen las amenazas en cinco de los países de la región y revela similitudes en las campaña...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

Zombie ZIP: cómo una simple manipulación del header permite ocultar malware a los antivirus

Los archivos ZIP son uno de los formatos más utilizados para distribuir software, documentos y archivos comprimidos. Precisamente por su ubiquidad, ta...

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...

La Comisión Europea investiga a TikTok en virtud de la Ley de Servicios Digitales

La Comisión Europea inicia procedimiento contra TikTok por posible infracción de la DSA, enfocándose en protección de menores, transparencia publicita...

El Garante dice que ChatGPT viola la normativa de la Unión Europea sobre protección de datos

La autoridad italiana de protección de datos ha notificado a OpenAI sobre una presunta infracción de ChatGPT en relación con el RGPD