Cybersecurity News - Noticias de Ciberseguridad

Belgium’s NIS2 Audit Window Opens April 18, 2026. The Rest of the EU Is Right Behind.

Belgium's NIS2 conformity assessment deadline hits April 18, 2026, and other EU member states are ramping enforcement close behind. See what auditors ...

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

Maintainers of Thymeleaf, a widely used template engine for Java web applications, fixed a rare critical vulnerability that allows unauthenticated att...

Flawed Cisco update threatens to stop APs from getting further patches

Cisco admins are scrambling to patch a critical flash memory overflow vulnerability in over 200 Cisco Systems IOS XE-based models of wireless access p...

Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence

Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz cr...

How NIST's Cutback of CVE Handling Impacts Cyber Teams

Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment.

We Need a Shared Responsibility Model for AI

Over the past 6-8 months, researchers at my company discovered vulnerabilities across multiple AI tools that allowed external bad actors to steal data...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endp...

Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate new-device login flow.

White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology

A White House official said the administration is engaging with advanced AI labs about their models and the security of software. The post White House...

[un]prompted 2026 – Kinetic Risk: Securing And Governing Physical Al In The Wild

Author, Creator & Presenter: Padma Apparao, Architecting Al Solutions, Govt Agencies Our thanks to [un]prompted for publishing their Creators, Au...

When Geopolitics Writes Your Compliance Roadmap

Cyber policy has always lagged cyber reality. Regulations arrive after breaches, frameworks emerge after failures, and accountability structures mater...

NIST, Overrun by Massive Numbers of Submitted CVEs, Limits Analysis Work

NIST said it overwhelmed by the surge in the number of CVEs submissions in recent years, so it is paring back the analysis work it does on the dangero...

The surveillance law Congress can’t quit — and can’t explain

Congress overhauled Section 702 in 2024 with 56 changes. Now, as the law nears expiration, supporters and critics can’t even agree on what the numbers...

Grinex exchange blames "Western intelligence" for $13.7M crypto hack

Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence a...

CoChat Launches AI Collaboration Platform to Combat Shadow AI

CoChat is fundamentally an AI collaboration platform designed for teamwork and to bring visibility and governance into enterprise AI shadows. The post...

Containing a domain compromise: How predictive shielding shut down lateral movement

Domain compromise accelerates fast. Predictive shielding slowed it down. This real-world attack shows how exposure-based containment stopped credentia...

Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones.

DraftKings hacker sentenced to prison, ordered to pay $1.4 Million

A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23...

Republican Mutiny Sinks Trump's Push to Extend Warrantless Surveillance

A post-midnight revolt in the House sank the White House's efforts to extend Section 702—a spy program the FBI has used to look into members of Congre...

Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops

In cybercrime markets, trust isn't assumed, it's verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data q...

Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered

Operation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation Po...

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in com...

Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs

The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security ro...

White House moves to give federal agencies access to Anthropic’s Claude Mythos

The US government is preparing to authorize a version of Anthropic’s Claude Mythos model for use by major US federal agencies, amid concerns that the ...

Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery

Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today's cybercrime. Join our upcoming...

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, an...

Another Microsoft Defender privilege escalation bug emerges days after patch

Days after Microsoft patched a high-severity issue affecting its Windows Defender antivirus tool through April’s Patch Tuesday, researchers warn of an...

Google wipes out 602 million scam ads with Gemini on duty

Google claims that its security teams work around the clock using its Gemini AI models to detect and stop harmful ads. “Bad actors are using gen...

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it bl...

Another DraftKings Hacker Sentenced to Prison

Kamerin Stokes sold stolen credentials through an online marketplace even after pleading guilty to his role in the DraftKings attack.  The post Anothe...

Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed

Thursday’s discussion comes as leaders on Capitol Hill grapple with the dizzying pace of global developments in which technology plays a central role....

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microso...

Palo Alto’s Helmut Reisinger sees a cyber sea change ahead as AI advances

In two decades, Palo Alto Networks has evolved from a next-generation niche player to one of the largest global cybersecurity giants today. Under its ...

The Shocking Secrets of Madison Square Garden’s Surveillance Machine

Famously vengeful Knicks owner Jim Dolan has long spied on people at his iconic arenas. WIRED goes deep inside the operation that allegedly tracked a ...

GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics

GitLab has released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and del...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetect...

Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery

Liongard has announced the expansion of LiongardIQ with new capabilities spanning programmatic AI integration, conversational querying, enhanced netwo...

Inside ZionSiphon: politically driven malware aims at Israeli water systems

New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktra...

Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control

For organizations that want to keep company data within their own systems and have more control over how AI is deployed, Mozilla is offering an altern...

U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S...

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVE...

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-serv...

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersec...

ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)

Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)

Introduction

US nationals sentenced for aiding North Korea’s tech worker scheme

Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies. The p...

NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities

The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws.

[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)

&#;x26;#;x5b;This is a Guest Diary by Alec Jaffe, an ISC intern as part of the SANS.edu Bachelor&#;x26;#...

Europe’s Online Age Verification App Is Here

Available for free to any company that wants to use it, the “completely anonymous” app puts the pressure on porn sites and social media platforms to s...

Officials seize 53 DDoS-for-hire domains in ongoing crackdown

Operation PowerOFF’s latest globally coordinated action identified more than 75,000 alleged cybercriminals. Officials warned each of them to stop jamm...

Building your cryptographic inventory: A customer strategy for cryptographic posture management

Learn how to build a comprehensive cryptographic inventory and strengthen quantum‑safe readiness using Microsoft Security tools, best‑practice lifecyc...

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North Korean threat actor Sapphire ...

AVEVA Pipeline Simulation

View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training conf...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-34197 A...

Horner Automation Cscape and XL4, XL7 PLC

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. The follo...

Delta Electronics ASDA-Soft

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. The following versions of Delta Ele...

Anviz Multiple Products

View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data,...

Ghost breaches: How AI-mediated narratives have become a new threat vector

Three incidents. No actual breaches. Full-scale crisis response. AI hallucinations are creating a new threat vector that most organizations have yet t...

ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities

The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under...

Incident response for AI: Same fire, different fuel

AI changes how incidents unfold and how we respond. Learn which IR practices still apply and where new telemetry, tools, and skills are needed. The po...

Threat landscape for industrial automation systems in Q4 2025

The report contains industrial threat statistics for Q4 2025. It covers various infection vectors and malware types, as well as regional statistics an...

The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought

An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the pro...

ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, includ...

In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy

OpenAI says its safeguards “sufficiently reduce cyber risk” for now, while GPT-5.4-Cyber is a new cybersecurity-focused model.

JanelaRAT: a financial threat targeting users in Latin America

Kaspersky GReAT experts describe the latest JanelaRAT campaign detailing infection chain and malware functionality updates.

The agentic SOC—Rethinking SecOps for the next decade

In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outc...

The long road to your crypto: ClipBanker and its marathon infection chain

Threat actors are distributing a Trojan disguised as Proxifier software; through a multi-stage infection chain, it delivers ClipBanker – malware that ...

Financial cyberthreats in 2025 and the outlook for 2026

In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing,...

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Micr...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities ...

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities.

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

RedSun: anatomía de un 0-day que convierte Defender en SYSTEM

El repositorio https://github.com/Nightmare-Eclipse/RedSun no es un proyecto académico ni una PoC incompleta. Es la materialización funciona...

Operación PowerOFF: así ha desmantelado Europol la mayor red de DDoS de alquiler hasta la fecha

Europol y 21 países han desmantelado 53 plataformas de DDoS de alquiler, detenido a cuatro personas y enviado avisos a más de 75.000 usuarios identifi...

Cómo solucionar tres "Big Problems" del "Agentic AI Coding" usando Neo

El avance de la IA Generativa y Agéntica no es nada menos que espectacular y, casi indudablemente, la mayor y más rápida revolución tecnológica de la ...

La IA agéntica abre una nueva era en ciberseguridad

La evolución de la inteligencia artificial hacia modelos agénticos marcará uno de los principales puntos de inflexión en la ciberseguridad en los próx...

El sector manufacturero es el mayor objetivo del ransomware: los ataques crecen un 56% en 2025

El sector industrial global se enfrenta a uno de los entornos de amenaza más agresivos de su historia, situándose como el objetivo número uno del cibe...

Solo el 1% de las pymes españolas lograron contener ciberataques en los últimos 12 meses

Las pequeñas y medianas empresas continúan enfrentándose a un entorno de riesgo, cada vez más alto, en materia de ciberseguridad. En los últimos meses...

La UE tiene lista su app para verificar la edad en redes sociales.

La Comisión Europea ha presentado su app de verificación de edad para redes sociales. El objetivo declarado es proteger a los menores. El problema es ...

¿Qué se necesita para tener seguras las identidades digitales en la empresa?

La semana pasada un amiguete y compañero de profesión me hizo esta pregunta: "¿Que necesitaría para tener seguras las identidades digitales en mi empr...

La era cuántica marca un nuevo capítulo en la ciberseguridad empresarial

Check Point® Software Technologies Ltd., empresa global en soluciones de ciberseguridad, asegura, en el marco del  World Quantum Day 2026, que gran pa...

Detectan más fraudes en la renta con ataques más sofisticados

El inicio de la campaña de la declaración de la renta vuelve a situar a los contribuyentes en el centro de la actividad delictiva digital. Según la Ag...

Basic-Fit y Booking.com sufren brechas de datos en el mismo fin de semana

La cadena de gimnasios Basic-Fit y la plataforma de reservas Booking.com han confirmado en cuestión de horas que han sufrido accesos no autorizados a ...

Una entrevista en el Foco de Maria Zabay

Hoy, que esta semana estoy de muchos viajes, os traigo por aquí la entrevista que me hizo Maria Zabay en su espacio de El Foco, por el que hemos pasad...

Datos de usuarios de Booking.com expuestos: qué ocurrió y cómo protegerse

Un incidente de seguridad enciende las alertas sobre estafas de ingeniería social y refuerza la necesidad de mayor vigilancia en plataformas de viajes...

Francia anuncia que sustituirá Windows por Linux en todos sus ordenadores gubernamentales

Francia ha anunciado oficialmente que sustituirá Windows por Linux en los equipos de escritorio de toda su administración pública, dentro de una estra...

Arrogante: Bases de la 1ª Edición de los premios MIRA (10.000 €)

Si te digo que, por grabar un vídeo con tu móvil, o cualquier otra cosa que se te ocurra... hay un premio en metálico de 10.000 €, ser entrevistado en...

El tiempo para detener un ataque se achica: por qué la prevención es clave

Los atacantes están usando IA para potenciar técnicas ya conocidas. Con amenazas que avanzan cada vez más rápido, los equipos de ciberseguridad deben ...

Máster Online de Inteligencia Artificial Aplicada a la Ciberseguridad: 4a Edición - 15 de Octubre 2026

Si has seguido mis publicaciones en este blog durante los últimos años, o si has seguido las noticias del mundo en los últimos meses, verás ...

RVBBIT: anatomía de un rootkit LKM moderno basado en stealth, DKOM y anti-eBPF

En el ecosistema Linux actual, los rootkits han evolucionado de forma notable. Ya no dependen únicamente de explotación o técnicas rudimentarias de oc...

El inicio de los ordenadores neuronales

En abril de 2026 apareció en arXiv un paper titulado “Neural Computers”, firmado por investigadores que proponen una idea tan simple de formular como ...

BoxPwnr: resuelve máquinas de Hackthebox (y otros) con IA

Durante los últimos años nos hemos acostumbrado a una narrativa bastante cómoda: la inteligencia artificial como asistente. Un copiloto dócil, más o m...

Recovery scams: falsos servicios de recupero de dinero tras haber sufrido una estafa

Si ya fuiste víctima de fraude, probablemente ya estés en una lista especial para los ciberdelincuentes —y si no tienes cuidado, tu situación podría e...

Claude Mythos Preview: una mirada al potencial de la IA en el descubrimiento de vulnerabilidades

Un modelo de IA que, según reportes, muestra capacidades avanzadas para identificar vulnerabilidades complejas y plantea nuevos desafíos para las estr...

Cómo suplantaron a una telefónica mexicana para robar datos financieros

Una estafa por SMS muestra cómo los cibercriminales roban datos financieros y por qué reconocer estos engaños sigue siendo fundamental.

Agentic AI y ciberseguridad: cuando los agentes de IA se convierten en vector de ataque

La evolución de los Large Language Models (LLMs) hacia sistemas agénticos representa un cambio paradigmático en la arquitectura de las aplicaciones em...

N.O.M.A.D.: la infraestructura offline que querrás tener cuando Internet deje de existir

En un contexto donde la estabilidad geopolítica ya no se da por sentada, donde conflictos híbridos, ciberataques a gran escala y apagones de infraestr...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...