Cybersecurity News - Noticias de Ciberseguridad

Roses Are Red, AI Is Wild: A Guide to AI Regulation

AI regulation doesn’t have to be romanticized or feared. Understand what matters in AI governance, compliance, and SaaS risk management. The post Rose...

Odido confirms massive breach; 6.2 Million customers impacted

Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. H...

The Agentic Virus: How AI Agents Become Self-Spreading Malware

In my previous post, I walked through how disconnected MCP servers and AI agents create a growing blind spot in enterprise identity. The problem: thou...

NDSS 2025 – PBP: Post-Training Backdoor Purification For Malware Classifiers

Session 12B: Malware Authors, Creators & Presenters: Dung Thuy Nguyen (Vanderbilt University), Ngoc N. Tran (Vanderbilt University), Taylor T. Jo...

Romania's oil pipeline operator Conpet confirms data stolen in attack

Romania's national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. [...]

‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

A blind spot in Microsoft’s app and add-in marketplace security allowed an eagle-eyed hacker to hijack an abandoned Outlook add-in to carry out phishi...

MSP Strategic Defense: Where Prevention Meets Compliance

Imagine a modern office building. Not everyone who works there can go everywhere. Employees can access the building entrance, their own floor, and the...

Neue Warn-App für Cybervorfälle gestartet

Die neue CYROS-App verknüpft Sicherheitswarnungen von Behörden und Fachquellen, um über Cybersicherheitsvorfälle zu informieren.Rawat Yapathanasap – s...

4 Tools That Help Students Focus

Educators recognize the dual reality of educational technology (EdTech): its potential to sharpen student focus and detract from it. Schools must proa...

Odido data breach exposes personal info of 6.2 million customers

Dutch telecommunications provider Odido is warning that it suffered a cyberattack that reportedly exposed the personal data of 6.2 million customers. ...

ApolloMD data breach impacts 626,540 people

A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked to affiliated physicians and practices. ApolloMD is a US-...

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemin...

CISA to host industry feedback sessions on cyber incident reporting regulation

One industry official told CyberScoop the town halls are probably not what CIRCIA needs right now. The post CISA to host industry feedback sessions on...

WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve ...

Your complete guide to Microsoft experiences at RSAC™ 2026 Conference

Microsoft Security returns to RSAC Conference to show how Frontier Firms—organizations that are human-led and agent-operated—can stay ahead. The post ...

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake...

How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development

Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling...

LummaStealer activity spikes post-law enforcement disruption

Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observ...

Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)

Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Not...

Black Duck expands Polaris platform with unified, automated security across all major SCMs

Black Duck has announced the availability of a set of enhanced Black Duck Polaris Platform integrations across all major source code management (SCM) ...

Outlook add-in goes rogue and steals 4,000 credentials and payment data

The once popular Outlook add-in AgreeTo was turned into a powerful phishing kit after the developer abandoned the project.

AMOS infostealer targets macOS through a popular AI app

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operat...

1Password open sources a benchmark to stop AI agents from leaking credentials

Research has shown that some AI models can identify phishing websites with near-perfect accuracy when asked. When those same models are used as autono...

NowSecure AI-Navigator cuts mobile app testing time by automating authentication

NowSecure announced the launch of AI-Navigator, new functionality that streamlines and improves mobile application security testing. By automating aut...

Im Fokus: Emerging Technologies

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, em...

World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks

Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns

Nation-State Hackers Embrace Gemini AI for Malicious Campaigns, Google Finds

Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle

Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

Fortinet researchers have disclosed a new phishing campaign delivering the commercially available XWorm malware, chaining a years-old Microsoft Office...

Child exploitation, grooming, and social media addiction claims put Meta on trial

Landmark trials now underway allege Meta failed to protect children from sexual exploitation, grooming, and addiction-driven design.

ApolloMD Data Breach Impacts 626,000 Individuals

The company says hackers stole the personal information of patients of affiliated physicians and practices. The post ApolloMD Data Breach Impacts 626,...

Palo Alto closes privileged access gap with $25B CyberArk acquisition

Cybersecurity company Palo Alto Networks has completed its $25 billion acquisition of Israel-based identity security firm CyberArk, bringing privilege...

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many opera...

Apple patches zero-day flaw that could let attackers take control of devices

Apple issued security updates for all devices which include a patch for an actively exploited zero-day—tracked as CVE-2026-20700.

Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards

Windows will have runtime safeguards enabled by default, ensuring that only properly signed software runs. The post Microsoft to Enable ‘Windows...

Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns

Threat actors from Russia, China, North Korea and Iran have been observed launching attacks. The post Hacktivists, State Actors, Cybercriminals Target...

Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)

Apple has released fixes for a zero-day vulnerability (CVE-2026-20700) exploited in targeted attacks last year. CVE-2026-20700 is a memory corruption ...

Apple fixed first actively exploited zero-day in 2026

Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iO...

AI Skills Represent Dangerous New Attack Surface, Says TrendAI

New TrendAI report warns that most security tools can’t protect against attacks on AI skills artifacts

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations ...

Time to Exploit Plummets as N-Day Flaws Dominate

Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation

Nucleus Raises $20 Million for Exposure Management

The company will use the investment to scale operations and deepen intelligence and automation. The post Nucleus Raises $20 Million for Exposure Manag...

Senegalese Data Breaches Expose Lack of 'Security Maturity'

Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents.

Criminals are using AI website builders to clone major brands

AI-assisted website builders are making it far easier for scammers to impersonate well-known and trusted brands, including Malwarebytes.

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back...

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti releas...

0APT ransomware group rises swiftly with bluster, along with genuine threat of attack

Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded...

Acting CISA chief says DHS funding lapse would limit, halt some agency work

Acting Director Madhu Gottumukkala said it could affect everything from responding to threats to finalizing CIRCIA regulations. The post Acting CISA c...

North Korea's UNC1069 Hammers Crypto Firms With AI

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.

How to Stay on Top of Future Threats With a Cutting-Edge SOC

CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security.

Your AI doctor doesn’t have to follow the same privacy rules as your real one

AI apps are making their way into healthcare. It’s not clear that rigorous data security or privacy practices will be part of the package. The post Yo...

Automaker Secures the Supply Chain With Developer-Friendly Platform

How a platform engineering team embeds supply chain security into infrastructure without slowing developers.

The strategic SIEM buyer’s guide: Choosing an AI-ready platform for the agentic era

New guide details how a unified, AI ready SIEM platform empowers security leaders to operate at the speed of AI, strengthen resilience, accelerate det...

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware

Kimwolf Botnet Swamps Anonymity Network I2P

For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a dece...

AI Rising: Do We Know Enough About the Data Populating It?

Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data.

GOP Congress moves to shape election law in Trump’s image

The MEGA Act and SAVE Act would dramatically transform U.S. election laws in a quest to curb election fraud. Audits and experts say improprieties are ...

February 2026 Patch Tuesday includes six actively exploited zero-days

Microsoft’s February Patch Tuesday fixes 59 flaws—including six zero-days already under active attack. How bad are they?

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopp...

80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier

Read Microsoft's new Cyber Pulse report for straightforward, practical insights and guidance on new cybersecurity risks. The post 80% of Fortune 500 u...

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends.  Microsoft security research...

A one-prompt attack that breaks LLM safety alignment

As LLMs and diffusion models power more applications, their safety alignment becomes critical. The post A one-prompt attack that breaks LLM safety ali...

Please Don’t Feed the Scattered Lapsus ShinyHunters

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from vic...

Who Operates the Badbox 2.0 Botnet?

The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicati...

Kimwolf Botnet Lurking in Corporate, Govt. Networks

A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distribut...

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

CVE-2026-22906: Vulnerabilidad Crítica en Almacenamiento de Credenciales

CVE-2026-22906 es una vulnerabilidad de alta criticidad (CVSS 9.8/10) que afecta a ciertos productos que almacenan credenciales de usuario utilizando ...

GRP-Obliteration: Fine-Tunnig de (in)seguridad para LLMs y que sean más inseguros frente a Jailbreak

Hoy os quería hablar de un artículo publicado el equipo de Microsoft Security, liderado por el mítico Mark Russinovich, donde hablan de la técnica de ...

CISA advierte sobre seis nuevos 0-Day críticos en Microsoft tras explotación activa

Seis nuevas vulnerabilidades 0-Day en productos Microsoft han sido añadidas al catálogo KEV de CISA tras pruebas de explotación activa. Esta alerta, d...

Cloudflare for Startups: Hasta 250.000 USD en servicios para tu proyecto

No sé si lo conocéis, pero aprovecho hoy para dejaros información del programa de Cloudflare for Startups, que te ayuda para que construyas sobre la p...

Spear-phishing y exploits, el cóctel que compromete servidores y bases de datos

Una campaña reciente evidencia cómo el spear-phishing combinado con software vulnerable permite acceder y controlar elementos críticos de la infraestr...

Cómo asegurar con WARP & One Agent tu conexión a Internet usando Post Quantum Cryptography para evitar ataques o bloqueos de webs

Los usuarios tenemos derecho de conectarnos libremente a Internet y de hacerlo con seguridad. Este es uno de los motivos por lo que Cloudflare creó el...

Crónica de #hc0n2026, la sexta Con de Hackplayers

h-c0n 2026 volvió y lo hizo para ser lo que siempre ha sido: un punto de encuentro real para gente que quiere entender cómo funcionan las cosas, inclu...

OpenClaw integra el escaneo de VirusTotal para detectar skills maliciosas en ClawHub

OpenClaw, el popular asistente de IA de código abierto (anteriormente conocido como Moltbot y Clawdbot), ha anunciado una alianza con VirusTotal para ...

Me hackearon la cuenta: ¿qué hacer en los primeros 15 minutos?

Cuando una de nuestras cuentas es vulnerada, saber qué hacer de manera rápida es vital para mitigar el impacto. Conoce las acciones clave para que un ...

LLM-Guardian: Sistema Multi-Agente de Defensa LLM con Red Team Adversarial Inteligente

Hace unos días me hice una pregunta que parecía sencilla tras leer el artículo de Chema Alonso ‘ChatGPT: Safety Policies Jailbreaks, Guardarraíles y B...

TechArena en Stockholm, Immerse en Madrid, Readem en Lisboa para Febrero

Este mes de Febrero, después de pasar por Austria la semana pasada, me lleva la semana que viene al TechArena el día 11 y 12 de Febrero en Stockholm, ...

Niños, niñas y chatbots: riesgos principales a los que prestar atención

A medida que los niños recurren a los chatbots de inteligencia artificial en busca de respuestas, consejos y compañía, surgen preguntas sobre su segur...

Exposición masiva de datos en clúster de Elasticsearch en China

Recientemente, se descubrió una brecha de datos significativa en un clúster no seguro de Elasticsearch, exponiendo la asombrosa cifra de 8.7 mil ...

Robo de credenciales: métodos más frecuentes y recomendaciones para reducir el riesgo

El compromiso de contraseñas sigue siendo un problema recurrente en Latinoamérica, impulsado por técnicas de ingeniería social, malware especializado ...

OpenClaw (antes Clawdbot y Moltbot): qué es el asistente de IA que automatiza tu PC y cuáles son sus riesgos de seguridad

OpenClaw, antes Clawdbot y Moltbot, automatiza tareas mediante IA local. Su popularidad crece, pero también las dudas: repasamos los principales riesg...

DynoWiper: actualización, análisis técnico y atribución

Los investigadores de ESET presentan detalles técnicos sobre un reciente incidente de destrucción de datos que afectó a una empresa del sector energét...

Cinco libros imprescindibles sobre Inteligencia Artificial y Ciberseguridad para aspirantes a hackers éticos

La inteligencia artificial (IA) ya no es solo una moda técnica: es una herramienta clave tanto para defender como para atacar en el terreno de la cibe...

VoxCPM: cuando el TTS deja de sonar a TTS

Durante años hemos aceptado una idea casi como dogma en text-to-speech: para generar audio hay que discretizarlo. Da igual si hablamos de unidades fon...

NoDPI: cuando “engañar” a la inspección profunda de paquetes se vuelve un arte

No todas las herramientas de evasión y network tampering tienen nombres pegadizos como Obfsproxy o Shadowsocks. A veces basta con un acrónimo directo ...

Lab para jugar con servidores MCP vulnerables

El Model Context Protocol (MCP) es un estándar de protocolo diseñado para permitir que modelos de IA (LLMs) interactúen con herramientas, datos y serv...

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...