AHQ-AGENCY Cybersecurity News

Noticias Destacadas

Latest News

Wave of Citrix NetScaler scans use thousands of residential proxies

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of residential proxies to di...

2026-02-03 - BleepingComputer

CISA flags critical SolarWinds RCE flaw as exploited in attacks

CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their system...

2026-02-03 - BleepingComputer

Sean Cairncross’ cybersecurity agenda: less regulation, more cooperation

Cut the regulatory burden, boost information sharing, and get Congress moving: that’s the pitch as the White House readies a new cyber strategy. The p...

2026-02-03 - CyberScoop

Adversarial Exposure Validation for Modern Environments

What is Adversarial Exposure Validation? Adversarial Exposure Validation is a structured approach that applies attacker-style actions to confirm how...

2026-02-03 - Security Boulevard

The ‘Invisible Risk’: 1.5 Million Unmonitored AI Agents Threaten Corporate Security

A massive “invisible workforce” of autonomous digital workers has arrived in the corporate world, but new research suggests it may be oper...

2026-02-03 - Security Boulevard

Security Is Shifting From Prevention to Resilience

Dan Cole, senior vice president of product management at Sophos, unpacks how cybersecurity strategy is shifting from a prevention-first mindset toward...

2026-02-03 - Security Boulevard

Microsoft SDL: Evolving security practices for an AI-powered world

Discover Microsoft’s holistic SDL for AI combining policy, research, and enablement to help leaders secure AI systems against evolving cyberthreats. T...

2026-02-03 - Microsoft Security Blog

An AI plush toy exposed thousands of private chats with children

Around 50,000 chat transcripts between children and Bondu’s AI dinosaur plushie were accessible to anyone with a Google account.

2026-02-03 - Malwarebytes Labs

Iron Mountain: Data breach mostly limited to marketing materials

Iron Mountain, a leading data storage and recovery services company, says that a recent breach claimed by the Everest extortion gang is limited to mos...

2026-02-03 - BleepingComputer

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built ...

2026-02-03 - The Hacker News

8-Minute Access: AI Accelerates Breach of AWS Environment

The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.

2026-02-03 - Dark Reading

Dark Patterns Undermine Security, One Click at a Time

People trust organizations to do the right thing, but some websites and apps have user interfaces that ultimately lead to inadequate security for user...

2026-02-03 - Dark Reading

Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project

2026-02-03 - Infosecurity Magazine

French Police Raid X Paris Office, Summon Musk Over Grok Deepfakes

French authorities raided the Paris office of X and summonsed Elon Musk to France for question regarding nonconsensual and sexually suggestive deepfak...

2026-02-03 - Security Boulevard

How deepfake scams are fueling a new wave of fraud

Scammers are using deepfake technology to replicate your child's voice in a kidnapping hoax, catfish with AI-generated video dates, and impersonate ex...

2026-02-03 - Security Boulevard

SQL Injection Flaw Affects 40,000 WordPress Sites

40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin

2026-02-03 - Infosecurity Magazine

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

Hackers exploit a critical React Native CLI flaw (CVE-2025-11953) to run remote commands and drop stealthy Rust malware, weeks before public disclosur...

2026-02-03 - Security Affairs

RADICL Raises $31 Million for vSOC

The company will use the investment to accelerate development of its autonomous virtual security operations center (vSOC). The post RADICL Raises $31 ...

2026-02-03 - SecurityWeek

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

2026-02-03 - Infosecurity Magazine

Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)

Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released a...

2026-02-03 - Help Net Security

AI Agent Identity Management: A New Security Control Plane for CISOs

Autonomous AI agents are creating a new identity blind spot as they operate outside traditional IAM controls. Token Security shows why managing the fu...

2026-02-03 - BleepingComputer

Cyberrisiko Ruhestand

Wenn OT-Fachkräfte in den Ruhestand gehen, droht ein massiver Wissensverlust. Das kann erhebliche Folgen für die Cybersicherheit haben. vectorfusionar...

2026-02-03 - CSO Online

Gremlin launches Disaster Recovery Testing for zone, region, and datacenter failovers

Gremlin, the proactive reliability platform, launched Disaster Recovery Testing: a new product built to safely and efficiently test zone, region, and ...

2026-02-03 - Help Net Security

From credentials to cloud admin in 8 minutes: AI supercharges AWS attack chain

Threat actors tore through an Amazon Web Services environment in under eight minutes, chaining together credential theft, privilege escalation, latera...

2026-02-03 - CSO Online

UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery

UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform

2026-02-03 - Infosecurity Magazine

RapidFort Raises $42M to Automate Software Supply Chain Security

The company will use the latest capital to scale its go-to-market efforts and expand its platform’s capabilities. The post RapidFort Raises $42M to Au...

2026-02-03 - SecurityWeek

UK privacy watchdog probes Grok over AI-generated sexual images

The United Kingdom's data protection authority launched a formal investigation into X and its Irish subsidiary over reports that the Grok AI assistant...

2026-02-03 - BleepingComputer

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor promises “complete cover...

2026-02-03 - The Hacker News

Download: Tines Voice of Security 2026 report

Security teams everywhere are adopting AI. Yet manual work persists, workloads are rising, and burnout continues to climb. To understand what’s really...

2026-02-03 - Help Net Security

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cl...

2026-02-03 - The Hacker News

Researchers Warn of New “Vect” RaaS Variant

A new ransomware-as-a-service operation dubbed “Vect” features custom malware

2026-02-03 - Infosecurity Magazine

Critical React Native Vulnerability Exploited in the Wild

Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware. The post Critical React Native Vu...

2026-02-03 - SecurityWeek

Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant

OpenClaw (aka Moltbot and Clawdbot) is vulnerable to one-click remote code execution attacks. The post Vulnerability Allows Hackers to Hijack OpenClaw...

2026-02-03 - SecurityWeek

Notepad++ supply chain attack: Researchers reveal details, IoCs, targets

Rapid7 researchers have attributed the recent hijacking of the Notepad++ update mechanism to Lotus Blossom (aka Billbug), a Chinese state-sponsored gr...

2026-02-03 - Help Net Security

Hackers Leak 5.1 Million Panera Bread Records

ShinyHunters has claimed the theft of 14 million records from the US bakery-cafe chain’s systems. The post Hackers Leak 5.1 Million Panera Bread Recor...

2026-02-03 - SecurityWeek

APT28 exploits Microsoft Office flaw in Operation Neusploit

Russia-linked APT28 is behind Operation Neusploit, exploiting a newly disclosed Microsoft Office vulnerability in targeted attacks. Russia-linked grou...

2026-02-03 - Security Affairs

Sandisk brings SPRandom to open source for large SSD testing

Enterprise storage environments already run long qualification cycles as solid-state drive capacities rise and validation teams try to mirror producti...

2026-02-03 - Help Net Security

AT&T breach data resurfaces with new risks for customers

As leaked datasets are merged and enriched, they become more useful to criminals. That makes recycled breach data a bigger risk for customers.

2026-02-03 - Malwarebytes Labs

Apple’s new iOS setting addresses a hidden layer of location tracking

Apple has introduced Limit Precise Location, a new setting that reduces how precisely cellular networks can locate your device, though support is curr...

2026-02-03 - Malwarebytes Labs

When Cloud Outages Ripple Across the Internet

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupte...

2026-02-03 - The Hacker News

A fake cloud storage alert that ends at Freecash

We followed a fake cloud storage payment alert through deceptive affiliate redirects, ending at a familiar destination: Freecash.

2026-02-03 - Malwarebytes Labs

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The popular open-source text editor Notepad++ was targeted in a sophisticated supply chain attack that allowed Chinese state-sponsored hackers to deli...

2026-02-03 - CSO Online

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

Rapid7 researchers say the Notepad++ hosting breach is likely linked to the China-nexus Lotus Blossom APT group. Recently, the Notepad++ maintainer re...

2026-02-03 - Security Affairs

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw...

2026-02-03 - The Hacker News

Think agentic AI is hard to secure today? Just wait a few months

Early experimentation with agentic AI has given CISOs a preview of the possible cybersecurity nightmares ahead. But with autonomous agent adoption exp...

2026-02-03 - CSO Online

Shai-Hulud & Co.: The software supply chain as Achilles’ heel

Today’s applications are based on numerous components, each of which, along with the development environments themselves, represents an attack surface...

2026-02-03 - CSO Online

As feds pull back, states look inward for election security support

Secretaries of State are scrambling to replace cybersecurity services once provided by CISA and other federal agencies. The post As feds pull back, st...

2026-02-02 - CyberScoop

Attackers Harvest Dropbox Logins Via Fake PDF Lures

A malware-free phishing campaign targets corporate inboxes and asks employees to view "request orders," ultimately leading to Dropbox creden...

2026-02-02 - Dark Reading

County Pays $600K to Wrongfully Jailed Pen Testers

Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.

2026-02-02 - Dark Reading

MoltBot Skills exploited to distribute 400+ malware packages in days

Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large ma...

2026-02-02 - Security Affairs

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑steal...

2026-02-02 - Microsoft Security Blog

China-based espionage group compromised Notepad++ for six months

The Chinese APT group Lotus Blossom intruded the tool’s internal systems to snoop on a limited set of users’ activities, according to researchers. The...

2026-02-02 - CyberScoop

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned...

2026-02-02 - Security Affairs

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious downloads.

2026-02-02 - Dark Reading

How Manifest v3 forced us to rethink Browser Guard, and why that’s a good thing

Browser Guard still blocks scams and phishing like it always has. But we had to rebuild the way it does that from the ground up.

2026-02-02 - Malwarebytes Labs

We moved fast and broke things. It’s time for a change.

For 20 years, tech has moved fast and broken things. The result: a cybersecurity crisis built on rushed code and vulnerable software. It's time to rep...

2026-02-02 - CyberScoop

Case study: Securing AI application supply chains

Securing AI-powered applications requires more than just safeguarding prompts. Organizations must adopt a holistic approach that includes monitoring t...

2026-01-30 - Microsoft Security Blog

DOJ seizes piracy sites, Italian police dismantle illegal IPTV operation

Officials took down three U.S.-registered domains that distributed copyrighted content and received tens of millions of visits a year. The post DOJ se...

2026-01-30 - CyberScoop

Turning threat reports into detection insights with AI

Security teams often spend days manually turning long incident reports and threat writeups into actionable detections by extracting TTPs. This blog po...

2026-01-29 - Microsoft Security Blog

New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data

The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we harness the power of generat...

2026-01-29 - Microsoft Security Blog

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

2022-08-31 - Threatpost

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

2022-08-30 - Threatpost

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

2022-08-29 - Threatpost

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

2022-08-26 - Threatpost

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

2022-08-25 - Threatpost

Noticias en Español

Detectada campaña en Windows que combina Pulsar RAT y Stealerv37 con interacción en tiempo real

Se ha detectado recientemente una campaña de malware para Windows que rompe con el esquema tradicional de «infección silenciosa». Se trata de un ataqu...

2026-02-03 - Una al Día

Quantum GPS: Navegación con GPS cuánticos para evitar ataques de Jamming & Spoofing

Todos damos por hecho el punto azul en el mapa de nuestro móvil. Desde pedir un taxi hasta guiar un misil, la civilización en nuestro tiempo ha delega...

2026-02-03 - El Lado del Mal

Vulnerabilidad crítica de bypass de autenticación en Fortinet FortiCloud SSO

El CVE-2026-24858 es una vulnerabilidad de bypass de autenticación (SSO) en múltiples productos de Fortinet. Un atacante remoto sin credenciales puede...

2026-02-02 - Una al Día

ChatGPT: Safety Policies, Jailbreaks, Guardarraíles y Bug Bounties

Dentro de los problemas de ciberseguridad de los LLMs se encuentra, como uno de los cuatro grandes, la técnica de Jailbreak, o lo que es lo mismo, est...

2026-02-02 - El Lado del Mal

Cyphering Prompts & Answers para evadir Guardarraíles

Los guardarraíles de los servicios digitales basados en MM-LLMs buscan proteger al modelo LLM de todos los Prompts Maliciosos que puedan llegar, todas...

2026-02-01 - El Lado del Mal

De Hacker a Hacker: Pablo González vs. Ricky Fúster CEO & Fouder de IronGate Security

Ya os conté el año pasado que me uní a IronGate Cybersecurity, una empresa a la que me uní como socio, ya que me encantó la idea de proteger a&nb...

2026-01-31 - El Lado del Mal

DynoWiper: actualización, análisis técnico y atribución

Los investigadores de ESET presentan detalles técnicos sobre un reciente incidente de destrucción de datos que afectó a una empresa del sector energét...

2026-01-30 - WeLiveSecurity

Un ciberataque masivo sacude al sector financiero tras una brecha en MySonicWall

Marquis Software Solutions, proveedor estadounidense de servicios tecnológicos para el sector financiero, ha sido víctima de un grave ataque de ransom...

2026-01-30 - Una al Día

Día internacional de la tecla ESCAPE. Hay dos tipo de informáticos: Los de tecla ESC ROJA y otros.

Después de las experiencias que os conté en el artículo de "La "shittización" en contra de hacer las cosas simples", que luego evolucioné y escribí en...

2026-01-30 - El Lado del Mal

¿Cómo utilizan los grupos de ransomware los data leak sites como herramienta de presión?

Conoce cómo los data leak sites encajan en el ecosistema de los grupos de ransomware.

2026-01-29 - WeLiveSecurity

WhatsApp refuerza la seguridad, llega el modo «bloqueo estricto» para blindar cuentas ante spyware

WhatsApp presenta un nuevo “modo estricto” de bloqueo que refuerza la protección frente a spyware avanzado. Esta función restringe mensajes y archivos...

2026-01-29 - Una al Día

¿Es realmente amor? Una campaña de espionaje utiliza una aplicación de citas falsa como señuelo

Investigadores de ESET descubrieron una campaña de spyware para Android que apunta a usuarios en Pakistán y forma parte de una operación de espionaje ...

2026-01-28 - WeLiveSecurity

De la filtración al fraude: qué hacen los cibercriminales con los datos personales robados

Cuando los datos personales se filtran, el problema recién empieza: los actores maliciosos inician un proceso bien organizado que culmina en nuevos fr...

2026-01-28 - WeLiveSecurity

Grave Incidente En GitHub De ClawdBot Acaba En Estafa Crypto De $16M

El fundador de ClawdBot, Peter Steinberger, enfrenta una crisis triple tras un rebrand forzado, su cuenta de GitHub fue secuestrada en 10 segundos por...

2026-01-28 - Una al Día

Páginas falsas de Spotify se ocultan en dominios legítimos de empresas latinoamericanas para robar información

Se han detectado dos casos en Latinoamérica donde ciberdelincuentes explotan vulnerabilidades en sitios de empresas de la región para alojar páginas f...

2026-01-27 - WeLiveSecurity

Cinco libros imprescindibles sobre Inteligencia Artificial y Ciberseguridad para aspirantes a hackers éticos

La inteligencia artificial (IA) ya no es solo una moda técnica: es una herramienta clave tanto para defender como para atacar en el terreno de la cibe...

2026-01-24 - Hackplayers

Configuración de seguridad de un endpoint Windows

Configuración de seguridad de un endpoint Windows Autor INCIBE (INCIBE) Vie, 23/01/2026 - 10:00 ...

2026-01-23 - INCIBE-CERT

VoxCPM: cuando el TTS deja de sonar a TTS

Durante años hemos aceptado una idea casi como dogma en text-to-speech: para generar audio hay que discretizarlo. Da igual si hablamos de unidades fon...

2026-01-18 - Hackplayers

NoDPI: cuando “engañar” a la inspección profunda de paquetes se vuelve un arte

No todas las herramientas de evasión y network tampering tienen nombres pegadizos como Obfsproxy o Shadowsocks. A veces basta con un acrónimo directo ...

2026-01-17 - Hackplayers

Lab para jugar con servidores MCP vulnerables

El Model Context Protocol (MCP) es un estándar de protocolo diseñado para permitir que modelos de IA (LLMs) interactúen con herramientas, datos y serv...

2026-01-09 - Hackplayers

40 años del Manifiesto Hacker: un clásico que aún late en la cultura digital

Hoy se cumplen 40 años desde que un pequeño texto publicado en la ezine Phrack encendió una chispa que sigue viva en toda la comunidad tecnológica. El...

2026-01-07 - Hackplayers

Redes privadas 5G: Guía de buenas prácticas en ciberseguridad

Redes privadas 5G: Guía de buenas prácticas en ciberseguridad Autor INCIBE (INCIBE) Jue, 18/12/2025 - 17:30 ...

2025-12-18 - INCIBE-CERT

Seguridad de las API

Seguridad de las API Autor INCIBE (INCIBE) Lun, 24/11/2025 - 11:06 En sus inici...

2025-11-24 - INCIBE-CERT

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

2025-10-27 - Flu Project

Adoptando DevSecOps: Seguridad integrada desde el código hasta la producción

Adoptando DevSecOps: Seguridad integrada desde el código hasta la producción Autor INCIBE (INCIBE) Lun, 20/10/2025 - ...

2025-10-20 - INCIBE-CERT

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

2025-10-13 - Flu Project

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

2025-10-06 - Flu Project

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

2025-09-29 - Flu Project

Supercomputación y computación cuántica en ciberseguridad

Supercomputación y computación cuántica en ciberseguridad Autor INCIBE (INCIBE) Jue, 18/09/2025 - 13:02 ...

2025-09-18 - INCIBE-CERT

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

2025-09-15 - Flu Project

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

2025-07-01 - BlogThinkBig

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

2025-06-17 - BlogThinkBig

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

2025-06-13 - BlogThinkBig

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

2025-06-12 - BlogThinkBig

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

2025-06-06 - BlogThinkBig