Cybersecurity News - Noticias de Ciberseguridad

Latest News

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. ...

2026-03-03 - BleepingComputer

CISA CIO Robert Costello exits agency

His nearly five-year tenure had recently been marked by turmoil. The post CISA CIO Robert Costello exits agency appeared first on CyberScoop.

2026-03-03 - CyberScoop

Qualcomm Zero-Day Exploited in Targeted Android Attacks

The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat g...

2026-03-03 - Dark Reading

Vulnerability Management vs. Patch Management Explained

The post Vulnerability Management vs. Patch Management Explained appeared first on AI Security Automation. The post Vulnerability Management vs. Patch...

2026-03-03 - Security Boulevard

Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters

Two AWS data centers in the United Arab Emirates were “directly struck” and another facility in Bahrain was also damaged after a drone landed nearby. ...

2026-03-03 - SecurityWeek

The ‘Six-Day’ Security Week: AI Adoption Ignites Leadership Crisis

Enterprise security teams are sprinting toward an artificial intelligence (AI)-driven future, but the breakneck pace of adoption is pushing leadership...

2026-03-03 - Security Boulevard

Coruna: Spy-grade iOS exploit kit powering financial crime

A powerful iOS exploit kit has circulated among multiple threat actors over the past year, moving from a commercial surveillance operation to state-li...

2026-03-03 - Help Net Security

Ariomex, Iran-based crypto exchange, suffers data leak

Resecurity says Iran’s Ariomex crypto exchange suffered a data leak exposing user and transaction data from 2022 to 2025. Resecurity (USA) reports tha...

2026-03-03 - Security Affairs

Human vs. AI Identity: Why AI Agents Are Breaking Identity

4 min readTraditional IAM was built for predictable workloads. Learn why AI agents demand a new approach to identity, access control, and credential m...

2026-03-03 - Security Boulevard

Fairwinds Insights Release Notes: Kyverno Integration & GPU Metrics

Over the last several months, we’ve expanded Fairwinds Insights to give platform and operations teams deeper visibility into both policy posture and i...

2026-03-03 - Security Boulevard

Speakeasies to Shadow AI: Banning AI Browsers Will Fail

Lessons from history highlight why AI-enabled browsers require controlled enablement.

2026-03-03 - Dark Reading

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-con...

2026-03-03 - The Hacker News

Google Chrome shifts to two-week release cycle for increased stability

Google Chrome will shift from a four-week to a two-week release cycle to roll out new features, bug fixes, and performance improvements more frequentl...

2026-03-03 - BleepingComputer

Israel: RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App

Espionage campaign exploits Israel-Iran conflict, distributing a trojanized Red Alert app via SMS

2026-03-03 - Infosecurity Magazine

One Foothold, 25 Million Victims: The Risk Inside Modern Breaches

In last month’s reporting cycle, we saw one of the largest healthcare data breaches in U.S. history, ransomware groups tied to North Korea targeting h...

2026-03-03 - Security Boulevard

Pentagon ditches Anthropic AI over “security risk” and OpenAI takes over

At the center of the dispute is how far AI models should be allowed to go inside military systems.

2026-03-03 - Malwarebytes Labs

Fig Security Launches With $38 Million to Bolster SecOps Resilience

The company was founded in March 2025 and it has now emerged from stealth mode. The post Fig Security Launches With $38 Million to Bolster SecOps Resi...

2026-03-03 - SecurityWeek

Fig Security emerges from stealth with $38 million to resilience-proof enterprise security

Fig Security, a new platform that finds and fixes broken security flows across your entire SecOps infrastructure, has launched from stealth with $38 m...

2026-03-03 - Help Net Security

Threat actors weaponize OAuth redirection logic to deliver malware

An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Mi...

2026-03-03 - Help Net Security

Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked

Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it ...

2026-03-03 - Security Affairs

Cloudflare tracked 230 billion daily threats and here is what it found

Cloudflare’s network blocks over 230 billion threats per day. The volume indicates how routine and automated the attack cycle has become, and th...

2026-03-03 - Help Net Security

LexisNexis confirms data breach as hackers leak stolen files

American data analytics company LexisNexis Legal & Professional has confirmed to BleepingComputer that hackers breached its servers and accessed some ...

2026-03-03 - BleepingComputer

AI and Deepfakes Supercharge Sophisticated Cyber-Attacks, Says Cloudflare

Cloudflare Threat Report warns that AI tools enable attackers who lacked required skills to generate effective attacks rapidly and at scale

2026-03-03 - Infosecurity Magazine

Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability

The researcher says he has identified thousands of internet-exposed IQ4 building management controllers. The post Honeywell, Researcher Clash Over Imp...

2026-03-03 - SecurityWeek

Compromised Site Management Panels are a Hot Item in Cybercrime Markets

Compromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains ho...

2026-03-03 - BleepingComputer

Josys centralizes identity data to replace manual IT oversight with automated governance

Josys has transitioned into an autonomous identity governance platform, expanding beyond traditional SaaS management. The enhanced platform empowers I...

2026-03-03 - Help Net Security

Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow

Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the...

2026-03-03 - The Hacker News

Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion

Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors

2026-03-03 - Infosecurity Magazine

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an ope...

2026-03-03 - The Hacker News

Quantum Decryption of RSA is Much Closer than Expected

For decades, the quantum threat to RSA and ECC encryption has been tied to Shor’s algorithm and the assumption that we would need million-qubit quantu...

2026-03-03 - SecurityWeek

Half of US CISOs Work the Equivalent of a Six-Day Week

Seemplicity finds US security leaders work 11 or more extra hours per week

2026-03-03 - Infosecurity Magazine

New ‘AirSnitch’ Attack Shows Wi-Fi Client Isolation Could Be a False Sense of Security

Researchers have uncovered a Wi-Fi vulnerability that allows nearby attackers to intercept sensitive data and execute machine-in-the-middle attacks ag...

2026-03-03 - SecurityWeek

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links...

2026-03-03 - CSO Online

AI Agent Overload: How to Solve the Workload Identity Crisis

Workloads keep getting more complicated and organizations are struggling to keep up. So what's the play?

2026-03-03 - Dark Reading

Jetzt Staats-CISO werden – für unter 160.000 Euro

width="1600" height="900" sizes="auto, (max-width: 1600px) 100vw, 1600px">Das britische Government Communications Headquarters (GCHQ) in Cheltenham, E...

2026-03-03 - CSO Online

Chrome flaw let extensions hijack Gemini’s camera, mic, and file access

Researchers found a now-patched vulnerability in "Live in Chrome" that allowed a Chrome extension to inherit Gemini’s permissions.

2026-03-03 - Malwarebytes Labs

Phishing campaign exploits OAuth redirection to bypass defenses

Microsoft researchers warn that threat actors abuse OAuth redirects to target government users and deliver malware. Microsoft has warned of phishing c...

2026-03-03 - Security Affairs

Amazon: Drone strikes damaged AWS data centers in Middle East

Amazon has confirmed that three Amazon Web Services (AWS) data centers in the United Arab Emirates (UAE) and one in Bahrain have been damaged by drone...

2026-03-03 - BleepingComputer

As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks

Iran and its supporters have taken to cyberspace to retaliate for US-Israeli military action, with an aim to cause economic and physical disruption.

2026-03-03 - Dark Reading

AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged

The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By pr...

2026-03-03 - The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor ...

2026-03-03 - The Hacker News

Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks

Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches

2026-03-03 - Infosecurity Magazine

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385 (...

2026-03-03 - Security Affairs

Studie: Hacker legen Betrieb bei vielen Unternehmen lahm

Hacker hatten auch 2025 deutsche Unternehmen im Visier.Studio-M – shutterstock.com Hacker haben im vergangenen Jahr bei vielen Unternehmen in Deuts...

2026-03-03 - CSO Online

Epic Fury introduces new layer of enterprise risk

Operation Epic Fury — the US administration’s sustained kinetic pressure on core Iranian regime assets — introduces a new layer of operational risk fo...

2026-03-03 - CSO Online

Chrome security flaw enabled spying via Gemini Live assistant

A Google Chrome vulnerability lets malicious extensions hijack Gemini Live to spy on users and steal sensitive files. Researchers at Palo Alto Network...

2026-03-03 - Security Affairs

7 factors impacting the cyber skills gap

Individuals with strong cybersecurity skills are in high demand. That’s no secret. What’s most important is the fact that the shortage is preventing m...

2026-03-03 - CSO Online

Critical OpenClaw Vulnerability Exposes AI Agent Risks

The now-patched flaw is the latest in a growing string of security issues associated with the viral AI tool, which has seen rapid adoption among devel...

2026-03-02 - Dark Reading

Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities

The company’s latest security update contains the highest number of Android vulnerabilities patched in a single month since April 2018. The post Googl...

2026-03-02 - CyberScoop

The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing

Brett Leatherman is running the bureau's most public cyber campaign yet, pushing basic security hygiene while quietly preparing industry for stepped-u...

2026-03-02 - CyberScoop

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in p...

2026-03-02 - Microsoft Security Blog

Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere

As Samsung settles a lawsuit over how its smart TVs collect and monetize viewing data using ACR, here's how the rest of us can limit the data we're s...

2026-03-02 - Malwarebytes Labs

A fake FileZilla site hosts a malicious download

A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring.

2026-03-02 - Malwarebytes Labs

From fake nudes to fake quotes: AI deepfakes plagued Olympic athletes

Trolls on 4chan generated sexualized images of female athletes, and the White House shared an AI-manipulated video of a hockey player—welcome to the n...

2026-03-02 - CyberScoop

How ‘silent probing’ can make your security playbook a liability

Silent probing uses AI to measure your team’s response patterns over time, building a behavioral profile that makes follow-on attacks harder to spot a...

2026-03-02 - CyberScoop

Purchase order attachment isn’t a PDF. It’s phishing for your password

A fake purchase order attachment turned out to be a phishing page designed to harvest your login details.

2026-03-02 - Malwarebytes Labs

Who is the Kimwolf Botmaster “Dort”?

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's lar...

2026-02-28 - Krebs on Security

Threat modeling AI applications

AI threat modeling helps teams identify misuse, emergent risk, and failure modes in probabilistic and agentic AI systems. The post Threat modeling AI ...

2026-02-26 - Microsoft Security Blog

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard build workflows. The acti...

2026-02-24 - Microsoft Security Blog

Scaling security operations with Microsoft Defender autonomous defense and expert-led services

AI-powered cyberattacks outpace aging SOC tools, and this new guide explains why manual defense fails and how autonomous, expert-led security transfor...

2026-02-24 - Microsoft Security Blog

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by ant...

2026-02-20 - Krebs on Security

New e-book: Establishing a proactive defense with Microsoft Security Exposure Management

Read the new maturity-based guide that helps organizations move from fragmented, reactive security practices to a unified exposure management approach...

2026-02-19 - Microsoft Security Blog

Kimwolf Botnet Swamps Anonymity Network I2P

For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a dece...

2026-02-11 - Krebs on Security

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopp...

2026-02-10 - Krebs on Security

Please Don’t Feed the Scattered Lapsus ShinyHunters

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from vic...

2026-02-02 - Krebs on Security

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

2022-08-31 - Threatpost

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

2022-08-30 - Threatpost

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

2022-08-29 - Threatpost

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

2022-08-26 - Threatpost

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

2022-08-25 - Threatpost

Noticias en Español

APT28 vinculada a la explotación real de un 0-day de MSHTML (CVE-2026-21513) antes del Patch Tuesday de febrero

Akamai ha relacionado a APT28 con la explotación en ataques reales de CVE-2026-21513, un 0-day de MSHTML corregido por Microsoft en el Patch Tuesday d...

2026-03-03 - Una al Día

Cómo migrar Arkanoid de C++ a TypeScript con OpenCode y desplegarlo en Workers de Cloudflare

Hola a todos los lectores de El lado del mal. Soy Carlos Luengo, recientemente he comenzado una nueva etapa profesional y acabo de aterrizar en Cloudf...

2026-03-03 - El Lado del Mal

Living off the Land 2.0 en Linux: Persistencia para pasar desapercibidos al SOC

Hay una regla no escrita en intrusiones modernas: El mejor malware es el que no parece malware. Pero hay una evolución aún más interesante q...

2026-03-02 - Hackplayers

ClawJacked: una web maliciosa puede secuestrar OpenClaw a través de WebSockets en localhost

La vulnerabilidad ClawJacked permite que una web maliciosa se conecte desde el navegador a un WebSocket expuesto en localhost por el gateway de OpenCl...

2026-03-02 - Una al Día

RootedCON Madrid 2026 - Mi charla y cómo conseguir tu entrada con Tempos

Un año más, RootedCON va a continuar haciéndose más grande. Y en esta edición 2026, un año más, yo voy a estar allí para dar una charla...

2026-03-02 - El Lado del Mal

Heretic o cómo eliminar fácilmente la censura en un LLM

Los modelos de lenguaje actuales (los conocidos LLM, Large Language Models) se han convertido en piezas clave de muchas aplicaciones: asistentes, anál...

2026-03-01 - Hackplayers

Cómo identificar perfiles anónimos de una plataforma online en Internet usando LLMs y Agentes IA

Descubrir quién se oculta detrás de una cuenta de Twitter/X anónima, o de quién es en realidad un usuario de un foro de la DeepWeb, o de cualquier red...

2026-03-01 - El Lado del Mal

Una investigación revela cómo el consentimiento OAuth a ChatGPT en Entra ID puede exponer el correo corporativo

Una investigación reciente basada en un caso real muestra que autorizar permisos a ChatGPT en entornos empresariales con Entra ID puede derivar en un ...

2026-03-01 - Una al Día

Alerta de Ciberseguridad: Claves de API de Google «Inofensivas» ahora Exponen Datos Críticos de Gemini AI

Lo que ayer era una práctica común y segura, hoy se ha convertido en una vulnerabilidad crítica que compromete la privacidad de datos corporativos y l...

2026-02-28 - Una al Día

ORCA Benchmark Version 2: Algunas mejoras, pero sólo una IA llega al Notable.

En el mes de Noviembre del año pasado os hablé de "El Benchmark de la ORCA que suspende en cálculo a ChatGPT-5 y Claude Sonnet, y aprueba por los pelo...

2026-02-28 - El Lado del Mal

Los permisos de las aplicaciones móviles (aún) importan más de lo que crees

Al empezar a utilizar una nueva aplicación es probable que te pida aceptar permisos, pero hacerlo sin pensar puede exponerte a graves riesgos de priva...

2026-02-27 - WeLiveSecurity

Cuáles fueron los malware más activos en Latinoamérica durante 2025

Un análisis de los tres tipos de malware con mayores detecciones en la telemetría de ESET durante el año pasado, con detalles sobre a qué sistemas afe...

2026-02-27 - WeLiveSecurity

ServiceNow corrige un RCE crítico en AI Platform (CVE-2026-0542) y detalla los parches afectados

ServiceNow ha divulgado una vulnerabilidad crítica de remote code execution (RCE) sin autenticación en ServiceNow AI Platform identificada como CVE-20...

2026-02-27 - Una al Día

LLM-Guardian v3.0 "SENTINEL": Monitorización Continua de LLMs Corporativos

Todo transcurre con normalidad. Un día cualquiera durante el uso de un sistema corporativo en el que se incluye un LLM. Este responde de forma correct...

2026-02-27 - El Lado del Mal

Un cibercriminal manipula al chatbot Claude para infiltrarse en agencias del gobierno mexicano

Un atacante usó IA para robar 150 GB de datos del gobierno mexicano, exponiendo cómo la automatización potencia tanto el cibercrimen como las defensas...

2026-02-26 - WeLiveSecurity

Cómo reconocer llamadas falsas con IA: una amenaza creciente para las empresas

Cada vez es más difícil distinguir lo real de lo generado por inteligencia artificial, y la suplantación de voz ya se usa para atacar a empresas. ¿Cóm...

2026-02-25 - WeLiveSecurity

Qué pasa si nuestras conversaciones con los chatbots de IA quedan expuestas

ChatGPT y otros chatbots se volvieron confidentes digitales. Pero esa confianza puede jugar en contra: desde robos de identidad hasta extorsión y espi...

2026-02-24 - WeLiveSecurity

PentAGI: Automatización avanzada de penetration testing con agentes AI autónomos

En los últimos años, el pentesting ha evolucionado desde procesos manuales altamente especializados hacia flujos híbridos donde la automatización y la...

2026-02-22 - Hackplayers

Writeups CTF Hardware Hacking h-c0n 2026

Desde que fundamos la conferencia h-c0n uno de nuestros “sueños” era tener nuestro propio badge electrónico, al más puro estilo DEF CON. No ha sido ha...

2026-02-17 - Hackplayers

Técnicas de evasión de seguridad en endpoints: evolución (2020–2025)

El surcoreano Hyeongkwan Lee aka WindShock analizaba recientemente en un post cómo, entre 2020 y 2025, las técnicas de evasión de EDR y anti...

2026-02-15 - Hackplayers

(2/3) Ataques DDoS en capas 3 y 4: vectores, funcionamiento y defensa

Esta es la segunda entrega sobre amenazas DDoS, en esta ocasión nos adentramos en las capas de red y transporte para analizar los vectores más comunes...

2025-10-27 - Flu Project

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

2025-10-13 - Flu Project

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

2025-10-06 - Flu Project

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

2025-09-29 - Flu Project

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

2025-09-15 - Flu Project

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

2025-07-01 - BlogThinkBig

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

2025-06-17 - BlogThinkBig

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

2025-06-13 - BlogThinkBig

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

2025-06-12 - BlogThinkBig

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

2025-06-06 - BlogThinkBig