Cybersecurity News - Noticias de Ciberseguridad

Menlo Security Adds Platform to Secure AI Agents

Menlo Security today launched a platform to secure artificial intelligence (AI) agents running in a browser that accesses a cloud-based environment wh...

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for their involvement in...

Randall Munroe’s XKCD ‘SNEWS’

via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘SNEWS’ appeared first on ...

Ransomware gang exploits Cisco flaw in zero-day attacks since January

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's Secure Firewall Management C...

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisc...

Observability for AI Systems: Strengthening visibility for proactive risk detection

As AI systems grow more autonomous, observability becomes essential. Learn how visibility into AI behavior helps detect risk and strengthen secure dev...

Cloud Security Startup Native Exits Stealth With $42 Million in Funding

Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors. The post Cloud Sec...

Everyone Is Deploying AI Agents. Almost Nobody Knows What They’re Doing.

One constant I hear from CISOs I speak with is that AI agents are not coming. They are already inside organizations, reasoning through goals, selectin...

Marquis: Ransomware gang stole data of 672K people in cyberattack

Marquis, a Texas-based financial services provider, revealed this week that a ransomware gang stole the data of over 670,000 individuals in an August ...

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance. The post ‘DarkSword’...

Technical Analysis of SnappyClient

IntroductionIn December 2025, Zscaler ThreatLabz identified a new command-and-control (C2) framework implant that we track as SnappyClient, which was ...

The New Insider Threat: Autonomous Systems With Excessive Permissions 

Explore how overprivileged AI agents are becoming the "new insider threat" in 2026. Learn about the rise of autonomous machine identities, the "superu...

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company...

Token Security advances AI agent protection with intent-based controls

Token Security has unveiled intent-based AI agent security, a new approach that governs autonomous agents in enterprise environments by aligning their...

'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could threaten enterprise networks.

Virtual Summit Today: Supply Chain & Third-Party Risk Summit

Cyber risk doesn’t stop at your perimeter. Today’s most dangerous threats could be hiding in your software supply chain. The post Virtual Summit Today...

EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations

The sanctions target two Chinese individuals, two Chinese companies, and one Iranian firm involved in hacking EU member states. The post EU Sanctions ...

Dropzone AI releases autonomous Threat Hunting agent for continuous SOC detection

Dropzone AI has released the AI Threat Hunter, its newest AI agent that enables security teams to proactively search for threats across their environm...

Backslash adds cross-product support to secure AI skills in developer environments

Backslash Security has revealed new cross-product support for agentic AI Skills within its platform, enabling organizations to discover, assess, and a...

The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms

Refund fraud is now a business, with methods and tutorials sold to exploit return policies for profit. Flare shows how fraudsters turn refunds and cha...

New “Darksword” iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including dat...

Menlo Security delivers unified governance and threat prevention for AI agents and humans

Menlo Security has unveiled the Browser Security Platform, purpose-built to secure the agentic enterprise, where autonomous AI agents will outnumber h...

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that sim...

Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches

From Chaos to Control examines the chaos that often comes from shadow AI hidden in SaaS apps and urges better visibility and control over agentic AI. ...

Second iOS exploit kit now in use by suspected Russian hackers

The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. The post Second iOS exploit ...

Nordstrom's email system abused to send crypto scams to customers

Customers of upscale department store chain Nordstrom received fraudulent messages from a legitimate company email address that promoted cryptocurrenc...

Graylog advances explainable AI and automated workflows for faster threat detection

Graylog has revealed advances in explainable AI and automated investigation workflows that help small-to-mid-sized security teams detect threats faste...

Scans for "adminer", (Wed, Mar 18th)

A very popular target of attackers scanning our honeypots is "phpmyadmin". phpMyAdmin is a script first released in the late 90s, before many security...

SideWinder Espionage Campaign Expands Across Southeast Asia

The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapid...

Meta, TikTok Steal Personal & Financial Info When Users Click Ads

Tracking pixels let social media companies spy on their users even after they click over to advertiser sites, gleaning credit card info, geolocations,...

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an un...

Reco targets AI agent blind spots with new security capability

SaaS security platform Reco has decided to address the “agent sprawl” challenge from the increased adoption of AI-driven tools by enterprises. It argu...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-66376 S...

Claude Code Security and Magecart: Getting the Threat Model Right

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the mali...

9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can gran...

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found...

ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Kaspersky SOC uncovered and analyzed a complex Horabot campaign in Mexico. In this article we share insights into how it is unleashed and how to hunt ...

BSI moniert Software-Sicherheit im Gesundheitswesen

Schwachstellen bei Praxisverwaltungssystemen hätten zu Cyberangriffen führen können.Khakimullin Aleksandr – shutterstock.com Das Bundesamt für Sich...

Join Our Next Livestream: The War Machine

On March 26, a panel of WIRED experts will dissect the defense tech industry’s impact on modern warfare. Submit your questions now.

Can you prove the person on the other side is real?

In my role, I spend a lot of time thinking about what “trust” means when money, grief and identity collide. By 2026, the real competition in our space...

ClickFix treibt neue Infostealer-Kampagnen an

ClickFix-Kampagnen werden immer raffinierter und zielen verstärkt auf WordPress-Webseiten.Gorodenkoff | shutterstock.com Cyberkriminelle kombiniere...

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company...

Cybersecurity and privacy priorities for 2026: The legal risk map

Escalating cybersecurity threats and growing privacy concerns lurk around every corner these days. Evolving technology and mounting regulations contin...

Tracking the Iran War: A Month of Escalation and Regional Impact

Iran war likely prolonged, increasing cyber threats, energy disruption, and instability, with companies in the Middle East facing higher risk. Follow ...

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states...

More Attackers Are Logging In, Not Breaking In

Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.

Less Lucrative Ransomware Market Makes Attackers Alter Methods

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors

Acting director Nick Andersen said relationships, not actor risk management agency designations, should guide which agency is at the forefront. The po...

Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says

Sean Cairncross said the idea rather is to collaborate with the private sector in a way that helps the U.S. government take the battle to its adversar...

Appeals court temporarily pauses order blocking Perplexity’s AI shopping agent on Amazon

The Ninth Circuit has paused a lower-court order as the companies dispute whether user-approved automation can access password-protected accounts with...

CODESYS in Festo Automation Suite

View CSAF Summary 3. TECHNICAL DETAILS The following versions of CODESYS in Festo Automation Suite are affected: FESTO Software Festo Automation Suit...

Siemens SICAM SIAPP SDK

View CSAF Summary The SICAM SIAPP SDK contains multiple vulnerabilities that could allow an attacker to disrupt the customer-developed SIAPP or its si...

Schneider Electric SCADAPack and RemoteConnect

View CSAF Summary Schneider Electric is aware of a vulnerability in its SCADAPack™ x70 RTU products. The SCADAPack™ 47xi, SCADAPack™ 47x and SCADAPack...

Schneider Electric EcoStruxure Data Center Expert

View CSAF Summary Schneider Electric is aware of a hard-coded credentials vulnerability in its EcoStruxure IT Data Center Expert (DCE) product that re...

IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)

Yesterday, in my diary about the scans for "/proxy/" URLs, I noted how attackers are using IPv4-mapped IPv6 addresses to possibly obfuscate their atta...

Sears Exposed AI Chatbot Phone Calls and Text Chats to Anyone on the Web

Customer conversations with chatbots can include contact information and personal details that make it easier for scammers to launch phishing attacks ...

It’s time to get serious about post-quantum security. Here’s where to start.

Quantum computing promises a revolution in science, but it also signals the end of current security standards. Here is why enterprises must transition...

ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)

New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation

As organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. The post New Microsoft Purview ...

Help on the line: How a Microsoft Teams support call led to compromise

A DART investigation into a Microsoft Teams voice phishing attack shows how deception and trusted tools can enable identity-led intrusions and how to ...

/proxy/ URL scans with IP addresses, (Mon, Mar 16th)

Attempts to find proxy servers are among the most common scans our honeypots detect. Most of the time, the attacker attempts to use a host header or i...

Free real estate: GoPix, the banking Trojan living off your memory

Kaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) ...

Models Are Applying to Be the Face of AI Scams

Dozens of Telegram channels reviewed by WIRED include job listings for “AI face models.” The (mostly) women who land these gigs are likely being used ...

A Hacker Accidentally Broke Into the FBI’s Epstein Files

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal a...

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics t...

From transparency to action: What the latest Microsoft email security benchmark reveals

The latest Microsoft benchmarking data reveals how Microsoft Defender mitigates modern email threats compared to SEG and ICES vendors. The post From t...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical te...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pre...

BeatBanker: A dual‑mode Android Trojan

Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable...

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any ...

Exploits and vulnerabilities in Q4 2025

This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use...

Mobile malware evolution in 2025

Statistics on Android malware and the most notable mobile threats of 2025: preinstalled backdoors Keenadu and Triada, spyware Trojans, the Kimwolf IoT...

Who is the Kimwolf Botmaster “Dort”?

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's lar...

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by ant...

The Show Must Go On: MyPublicInbox adquiere la plataforma Linkmusic (LnkMsc.com)

Hace tiempo que MyPublicInbox crece a buen ritmo, expandiendo el número de usuarios, el número de servicios y, sobre todo, las interacciones...

La ciberresiliencia, prioridad estratégica en la era de la IA

La ciberresiliencia se ha convertido en una prioridad estratégica para las organizaciones en un contexto marcado por la adopción masiva de la intelige...

Phishing y ransomware: por qué la resiliencia de la infraestructura es la base de la seguridad digital

Las estafas online representan hoy una amenaza seria tanto para los usuarios individuales como para las organizaciones. Desde correos que imitan alert...

El 98% de las empresas españolas planea usar IA en sus SOC

Casi todas las empresas que planean crear un Centro de Operaciones de Seguridad (SOC) consideran la Inteligencia Artificial (IA) como un componente im...

El impacto en la ciberseguridad de la guerra en Irán: riesgos clave que debe monitorear

Aunque el conflicto se desarrolla en Medio Oriente, las repercusiones en la ciberseguridad pueden afectar a organizaciones de todo el mundo. Estos son...

Mapa de actividad de malware en América Latina

Un análisis basado en telemetría ESET muestra cómo se distribuyen las amenazas en cinco de los países de la región y revela similitudes en las campaña...

Alcolea Party 10 a 12 de Abril en Alcolea del Río

Una vez el gran Sorian se embarca en mantener vivo el sueño de tener en Alcolea del Río (Sevilla), la Alcolea Party, donde comencé a ir hace ya muchos...

MiroFish: cuando los LLM empiezan a simular el mundo

Durante años hemos hablado de modelos predictivos, de machine learning aplicado a forecasting, de simulaciones multi-agente y de modelos basados en gr...

El 90% de los ciberataques explota vulnerabilidades en Active Directory

Las amenazas de ciberseguridad que enfrentan las empresas no paran de crecer, y de hecho, según el último informe del Instituto Nacional de Cibersegur...

El conflicto en Irán intensifica las operaciones de ciberespionaje

En medio del conflicto en Irán, los investigadores de amenazas de Proofpoint, empresa de ciberseguridad y cumplimiento normativo, están detectando un ...

Pon a prueba la calidad de tu conexión a Internet con Cloudflare

El equipo de Radar en Cloudflare acaba de incorporar el Test de Velocidad para tu conexión a Internet que puedes probar gratuitamente desde las herram...

Alaniz Cipher: Un Cifrado Simétrico Quantum Resistant

En el mundo post-cuántico llevamos años hablando de siempre lo mismo: cifrados basados en retículas, en códigos, en funciones hash gordas y en esquema...

Trinetra: Datos y Conocimiento Sobre el uso de IPv6 en Organizaciones en España

Siempre me ha gustado el dicho de “Dato mata Relato” para entender con precisión el estado del arte y poder extraer conclusiones y acciones fructífera...

¿Está bien permitir que tus hijos publiquen selfies en línea?

Cuando se trata de la vida digital de nuestros hijos, la prohibición rara vez funciona. Es nuestra responsabilidad ayudar a que construyan una relació...

Zombie ZIP: cómo una simple manipulación del header permite ocultar malware a los antivirus

Los archivos ZIP son uno de los formatos más utilizados para distribuir software, documentos y archivos comprimidos. Precisamente por su ubiquidad, ta...

Cursos para usar ChatGPT en ciberseguridad

ChatGPT es un aliado clave en ciberseguridad: usado estratégicamente, potencia tareas de defensa, análisis y hacking ético. Aquí encontrarás cursos pa...

Sednit recargado: un APT histórico reactiva su arsenal

La actividad reciente revela que Sednit ha retomado operaciones con nuevos implants y tácticas de espionaje de largo plazo.

Living off the Land 2.5: persistencia que vive dentro de contenedores y casi nadie está mirando

Cuando empecé a investigar intrusiones recientes en infraestructuras Linux modernas, hubo algo que empezó a repetirse: no era malware clásico, no eran...

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

Heretic o cómo eliminar fácilmente la censura en un LLM

Los modelos de lenguaje actuales (los conocidos LLM, Large Language Models) se han convertido en piezas clave de muchas aplicaciones: asistentes, anál...

Las peores contraseñas de todos los tiempos

Las peores contraseñas de todos los tiempos Las peores contraseñas de todos los tiempos son aquellas que, por pereza o previsibilidad, se repiten mill...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Prueba de Penetración en Costa Rica

Prueba de Penetración en Costa Rica Prueba de Penetración en Costa Rica: Un Servicio Esencial para la Seguridad Empresarial Introducción En un mundo c...

Prueba de Penetración en Quito

Prueba de Penetración en Quito La Prueba de Penetración en Quito, también conocida como Pentesting, se ha convertido en una herramienta fundamental pa...

Prueba de Penetración en El Salvador

Prueba de Penetración en El Salvador En la era digital actual, la seguridad informática es un aspecto crucial para cualquier empresa. El Salvador, com...

Prueba de penetración en Barranquilla

Prueba de penetración en Barranquilla La prueba de penetración en Barranquilla es un proceso esencial para garantizar la seguridad informática en cual...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

Chat Control: el plan europeo para escanear tus mensajes

La Unión Europea está en pleno debate sobre una de las propuestas más polémicas de los últimos años: el Reglamento para prevenir y combatir el abuso s...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

OpenAI lanza cursos gratuitos sobre IA.

OpenAI ha lanzado su propia academia online gratuita con cursos para aprender inteligencia artificial. Desde productividad con ChatGPT hasta ética de ...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

CodeStrike, el videojuego gratuito que te enseña Python mientras salvas el mundo

Aprender a programar puede ser entretenido, sobre todo si te conviertes en un héroe del futuro mientras lo haces. Esa es precisamente la propuesta de ...

La Comisión Europea investiga a TikTok en virtud de la Ley de Servicios Digitales

La Comisión Europea inicia procedimiento contra TikTok por posible infracción de la DSA, enfocándose en protección de menores, transparencia publicita...

El Garante dice que ChatGPT viola la normativa de la Unión Europea sobre protección de datos

La autoridad italiana de protección de datos ha notificado a OpenAI sobre una presunta infracción de ChatGPT en relación con el RGPD