Cybersecurity News - Noticias de Ciberseguridad

Water utilities strengthen cybersecurity through cooperation

Water utilities are finding that letting information flow can flush out cybersecurity problems. The water industry has a security issue: Many utili...

Police take down 373,000 fake CSAM sites in Operation Alice

An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages. [...]

Ubiquiti defect poses account takeover risk for UniFi Networking Application users

The maximum-severity vulnerability, which hasn’t been exploited in the wild yet, affects software customers use to manage networking devices. The post...

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence...

Secure agentic AI end-to-end

In this agentic era, security must be woven into, and around, every layer of the AI estate. At RSAC 2026, we are delivering on that vision with new pu...

In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting

Other noteworthy stories that might have slipped under the radar: vulnerabilities found in KVM devices, Claudy Day Claude vulnerabilities, The Gentlem...

Kotlin vs Java in 2026: What Smart Businesses Are Choosing for Android Development

Most Android projects don’t fail because of bad developers. They fail because of bad technology decisions. If your mobile app development is taking to...

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which t...

CISA orders feds to patch max-severity Cisco flaw by Sunday

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in...

Chainguard Assemble 2026 and the Security Factory Mindset

From golden images to agent governance, Chainguard Assemble 2026 focused on how teams can reduce risk by embedding trust, compliance, and security int...

BSidesSLC 2025 – Getting Things Fixed – Keynote On Security Wins (And Fails)

Author, Creator & Presenter: Scott Piper - Principal Cloud Security Researcher at Wiz Our thanks to BSidesSLC for publishing their Creators, Aut...

3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China

The men violated U.S. export controls laws by scheming to divert massive quantities of the high-performance servers assembled in the United States to ...

Justice Department disrupts botnet networks that hijacked 3 million devices

The Aisuru, Kimwolf, JackSkid and Mossad botnets enabled cybercriminals to initiate thousands of attacks. A crackdown targeting large-scale botnets co...

How CISOs Can Survive the Era of Geopolitical Cyberattacks

Geopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and co...

Could your face change what you pay? NYC wants limits on biometric tracking

NYC lawmakers are pushing to rein in biometric tracking before it turns into real-world surveillance pricing and customer profiling. The post Could yo...

Eclypsium Raises $25 Million for Device Supply Chain Security

The company will use the investment to expand its platform’s capabilities and grow channel partnerships. The post Eclypsium Raises $25 Million for Dev...

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)

A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has be...

Cloud Security Posture Management in 2026 

By 2026, CSPM has evolved from a basic auditor into an AI-driven, context-aware pillar of CNAPP. Explore how modern Cloud Security Posture Management ...

Interlock Ransomware Targets Cisco Enterprise Firewalls

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed.

Google slows Android sideloading to trip up scammers

Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feat...

US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites

The US has seized several domains used by Handala in cyber-enabled psychological operations. The post US Confirms Handala Link to Iran Government Amid...

Terminated contract led to $2.5 million cyber extortion scheme

A federal jury convicted Cameron Curry, 27, a Charlotte resident, of carrying out an extensive cyber extortion scheme targeting a Washington, D.C.-bas...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-3127...

Russian Intelligence Services Target Commercial Messaging Application Accounts

CISA and the Federal Bureau of Investigation released a Public Service Announcement (PSA) warning about ongoing phishing campaigns cyber actors associ...

DDoS-Attacken: Schlag gegen internationale Cyberkriminelle

DDos bleibt ein Evergreen unter den Security-Bedrohungen.Karsten Kunert mit ChatGPT In einem großangelegten Schlag gegen ein internationales Hacker...

Cape Raises $100 Million for Protection Against Cellular Security Threats

Cape offers a privacy-focused mobile virtual network operator (MVNO) service for consumers, enterprises, and governments. The post Cape Raises $100 Mi...

Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge

Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones run...

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverifi...

Rapid7 enhances Exposure Command with runtime validation and DSPM for risk analysis

Rapid7 has unveiled new cloud security capabilities within Exposure Command. The introduction of runtime validation and Data Security Posture Manageme...

Authorities disrupt four IoT botnets behind record DDoS attacks

The U.S. Justice Department and international partners have disrupted four IoT botnets linked to DDoS attacks that reached 30 terabits per second, amo...

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disr...

The Danger Behind Meta Killing End-to-End Encryption for Instagram DMs

Meta blamed users for not opting into the privacy-protecting feature. Experts fear the move could be the first major domino to fall for end-to-end enc...

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out phishing at...

Musician admits to $10M streaming royalty fraud using AI bots

North Carolina musician Michael Smith has pleaded guilty to collecting over $10 million in royalty payments through a massive streaming royalty fraud ...

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and ach...

GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)

Yesterday, I discovered a malicious Bash script that installs a GSocket backdoor on the victim's computer. I don't know the source of the scri...

International joint action disrupts world’s largest DDoS botnets

Authorities from the United States, Germany, and Canada have taken down Command and Control (C2) infrastructure used by the Aisuru, KimWolf, JackSkid,...

The espionage reality: Your infrastructure is already in the collection path

Threat actors have always sought advantage over their targets. Recently we’ve seen two efforts designed for long-term intelligence gain. This activity...

DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control (C2) infrastructure used by several Internet of Thing...

Die besten IAM-Tools

Identity & Access Management ist für sicherheitsbewusste Unternehmen im Zero-Trust-Zeitalter Pflicht. Das sind die besten IAM-Anbieter und -Tools....

ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)

North Carolina tech worker found guilty of insider attack netting $2.5M ransom

Cameron Nicholas Curry, also known as “Loot,” stole a trove of corporate data from a D.C.-based tech company as his six-month contract gig came to a c...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets th...

French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure

A French aircraft carrier was tracked in real time via a sailor’s Strava activity, exposing a persistent operational security flaw. Le Monde revealed ...

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Ju...

CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group

The US is urging infosec leaders to harden their endpoint management system configurations after last week’s hack of American medical supplies provide...

AI Conundrum: Why MCP Security Can't Be Patched Away

RSAC Conference Preview: MCP introduces security risks into LLM environments that are architectural and not easily fixable, researcher says.

Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking

Ubiquiti fixed two UniFi vulnerabilities, including a critical flaw that could let attackers take over user accounts. Ubiquiti patched two vulnerabili...

Can Zero Trust survive the AI era?

As AI increases the speed of cyber attacks, governments and businesses must weigh the tradeoffs that come with deploying semi-autonomous AI agents to ...

With Government's Role Uncertain, Businesses Unite to Combat Fraud

Major industry leaders agree to share information and collaborate to boost defenses in the wake of distressing online scams.

Native Launches With Security Control Plane for Multicloud

The cloud security startup's platform translates and enforces security policies across AWS, Azure, Google Cloud, and Oracle using provider-native cont...

New tools and guidance: Announcing Zero Trust for AI

Microsoft introduces Zero Trust for AI, adding a new AI pillar to its workshop, enhanced reference architecture, updated guidance, and a new assessmen...

Post-Quantum Web Could be Safer, Faster

Major providers are testing a quantum-safe version of HTTPS that shrinks certificates to one-tenth their previous size, decreasing latency and adding ...

Feds keep eyes peeled for Iran cyberattacks, respond to Stryker breach

There’s been no visible surge, at least not yet, said DOD’s Terry Kalka and CISA’s Nick Andersen. The post Feds keep eyes peeled for Iran cyberattacks...

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vul...

When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including refund notices, payroll fo...

Signal’s Creator Is Helping Encrypt Meta AI

Moxie Marlinspike says the technology powering his encrypted AI chatbot, Confer, will be integrated into Meta AI. The move could help protect the AI c...

Schneider Electric EcoStruxure Automation Expert

View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure™ Automation Expert product. The EcoStruxure™ Automation Expert pro...

Mitsubishi Electric CNC Series

View CSAF Summary Successful exploitation of this vulnerability could allow a remote attacker to cause an out-of-bounds read, resulting in a denial-of...

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

View CSAF Summary Successful exploitation of this vulnerability may risk a Cross-site Scripting or an open redirect attack which could result in an ac...

ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)

Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)

This activity was found and reported by BACS student Adam Thorman as part of one of his assignments which I posted his final pape...

Observability for AI Systems: Strengthening visibility for proactive risk detection

As AI systems grow more autonomous, observability becomes essential. Learn how visibility into AI behavior helps detect risk and strengthen secure dev...

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that sim...

Scans for "adminer", (Wed, Mar 18th)

A very popular target of attackers scanning our honeypots is "phpmyadmin". phpMyAdmin is a script first released in the late 90s, before many security...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Kaspersky SOC uncovered and analyzed a complex Horabot campaign in Mexico. In this article we share insights into how it is unleashed and how to hunt ...

Join Our Next Livestream: The War Machine

On March 26, a panel of WIRED experts will dissect the defense tech industry’s impact on modern warfare. Submit your questions now.

Free real estate: GoPix, the banking Trojan living off your memory

Kaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) ...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical te...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pre...

BeatBanker: A dual‑mode Android Trojan

Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable...

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any ...

Exploits and vulnerabilities in Q4 2025

This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use...

Mobile malware evolution in 2025

Statistics on Android malware and the most notable mobile threats of 2025: preinstalled backdoors Keenadu and Triada, spyware Trojans, the Kimwolf IoT...

Who is the Kimwolf Botmaster “Dort”?

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's lar...

Presentación del libro "Todo Llega...cuidado con lo que deseas". Mañana a las 19:00 en Espacio Ronda

Mi compañero y amigo David de Santiago presenta mañana, Sábado 21 de Abril, a las 19:00 horas de la tarde, en el Espacio Ronda - sito en la Ronda Sego...

El 70% de las organizaciones señalan la IA como su principal riesgo para la seguridad de los datos

Thales Cybersecurity Productos, distribuido por Exclusive Networks, analiza la última edición del informe Thales 2026 Data Threat Report, el estudio d...

Telegram no logra frenar la ciberdelincuencia pese a un récord histórico de moderación

Check Point® Software Technologies Ltd., empresa global en soluciones de ciberseguridad, ha publicado un nuevo análisis detallado sobre el estado de l...

Descubren una campaña de malware dirigida a desarrolladores de software

Bitdefender, empresa global de ciberseguridad, acaba de publicar una investigación que alerta de la existencia de una campaña de malware que se lleva ...

EDR killers explicados: Más allá de los drivers

Los investigadores de ESET profundizan en el ecosistema de los EDR killer y revelan cómo los atacantes abusan de los controladores vulnerables

Quantum y Post-Quantum Computing para Ciberseguridad: Últimas plazas. Comienzo 14 de Abril (Online)

Ya os había contando que el año pasado ya os anuncié que comenzamos con la idea  Pablo García Bringas y yo nos metimos en un nuevo proy...

Proofpoint lanza AI Security para proteger agentes de IA

Proofpoint, Inc., empresa de ciberseguridad y cumplimiento normativo, ha anunciado Proofpoint AI Security, la solución de seguridad más reciente de la...

Aumentan un 81% las filtraciones de IA: 29 millones de credenciales expuestas

GitGuardian, empresa seguridad y app nº1 en GitHub Marketplace, ha publicado hoy la quinta edición de su informe “State of Secrets Sprawl” (“Estado de...

The Show Must Go On: MyPublicInbox adquiere la plataforma Linkmusic (LnkMsc.com)

Hace tiempo que MyPublicInbox crece a buen ritmo, expandiendo el número de usuarios, el número de servicios y, sobre todo, las interacciones...

El impacto en la ciberseguridad de la guerra en Irán: riesgos clave que debe monitorear

Aunque el conflicto se desarrolla en Medio Oriente, las repercusiones en la ciberseguridad pueden afectar a organizaciones de todo el mundo. Estos son...

Mapa de actividad de malware en América Latina

Un análisis basado en telemetría ESET muestra cómo se distribuyen las amenazas en cinco de los países de la región y revela similitudes en las campaña...

Alcolea Party 10 a 12 de Abril en Alcolea del Río

Una vez el gran Sorian se embarca en mantener vivo el sueño de tener en Alcolea del Río (Sevilla), la Alcolea Party, donde comencé a ir hace ya muchos...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

Pon a prueba la calidad de tu conexión a Internet con Cloudflare

El equipo de Radar en Cloudflare acaba de incorporar el Test de Velocidad para tu conexión a Internet que puedes probar gratuitamente desde las herram...

¿Está bien permitir que tus hijos publiquen selfies en línea?

Cuando se trata de la vida digital de nuestros hijos, la prohibición rara vez funciona. Es nuestra responsabilidad ayudar a que construyan una relació...

Zombie ZIP: cómo una simple manipulación del header permite ocultar malware a los antivirus

Los archivos ZIP son uno de los formatos más utilizados para distribuir software, documentos y archivos comprimidos. Precisamente por su ubiquidad, ta...

Cursos para usar ChatGPT en ciberseguridad

ChatGPT es un aliado clave en ciberseguridad: usado estratégicamente, potencia tareas de defensa, análisis y hacking ético. Aquí encontrarás cursos pa...

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

Heretic o cómo eliminar fácilmente la censura en un LLM

Los modelos de lenguaje actuales (los conocidos LLM, Large Language Models) se han convertido en piezas clave de muchas aplicaciones: asistentes, anál...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...

La Comisión Europea investiga a TikTok en virtud de la Ley de Servicios Digitales

La Comisión Europea inicia procedimiento contra TikTok por posible infracción de la DSA, enfocándose en protección de menores, transparencia publicita...

El Garante dice que ChatGPT viola la normativa de la Unión Europea sobre protección de datos

La autoridad italiana de protección de datos ha notificado a OpenAI sobre una presunta infracción de ChatGPT en relación con el RGPD