Cybersecurity News - Noticias de Ciberseguridad

Latest News

Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads

A new malware campaign uses GitHub to deliver payloads via Amadey botnet, bypassing email distribution

2025-07-17 - Infosecurity Magazine

Adoption agency leaks over a million records

The database contained 1,115,061 records including the names of children, birth parents, adoptive parents, and other potentially sensitive information...

2025-07-17 - Malwarebytes Labs

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency ...

2025-07-17 - The Hacker News

Meta AI chatbot bug could have allowed anyone to see private conversations

A researcher has disclosed how he found a—now fixed—vulnerability in Meta AI that could have allowed others to see private questions and answers.

2025-07-17 - Malwarebytes Labs

Google Gemini AI Flaw Could Lead to Gmail Compromise, Phishing

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirec...

2025-07-17 - Security Boulevard

WeTransfer walks back clause that said it would train AI on your files

File sharing site WeTransfer has rolled back language that allowed it to train machine learning models on any files that its users uploaded.

2025-07-17 - Malwarebytes Labs

SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat

Palo Alto, California, 17th July 2025, CyberNewsWire The post SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Man...

2025-07-17 - Security Boulevard

China-Backed Salt Typhoon Hacks US National Guard for Nearly a Year

Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.

2025-07-17 - Dark Reading

AI Cloaking Tools Enable Harder-to-Detect Cyber-Attacks

Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites

2025-07-17 - Infosecurity Magazine

Chrome fixes 6 security vulnerabilities. Get the update now!

Google has released an update for its Chrome browser to patch six security vulnerabilities including one zero-day.

2025-07-17 - Malwarebytes Labs

Stellar Cyber enhances identity security with ITDR capabilities

At the upcoming Black Hat USA 2025 in Las Vegas, Stellar Cyber will debut its Identity Threat Detection & Response (ITDR) capabilities, fully emb...

2025-07-17 - Help Net Security

Oracle-Lücke birgt Gefahr für RCE-Attacken

Oracle hat das Sicherheitsproblem im Code Editor bereits gefixt.sdx15 – shutterstock.com Forscher von Tenable Research haben eine Sicherheitslücke ...

2025-07-17 - CSO Online

China-linked hackers target Taiwan chip firms in a coordinated espionage campaign

Chinese state-sponsored hackers have launched sophisticated espionage campaigns against Taiwan’s semiconductor industry, marking a dramatic escalation...

2025-07-17 - CSO Online

Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine

An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has b...

2025-07-17 - The Hacker News

United Natural Foods Expects $400M revenue impact from June cyber attack

United Natural Foods Projects (UNFI) expects a $350–$400M sales hit from a June cyberattack, with $50–$60M in net income impact. United Natural Foods,...

2025-07-17 - Security Affairs

Are We Truly Prepared for the Era of Quantum Computing?

Although there are many positives to new QC technology, we can’t ignore the fact that we’re entering an era of quantum computing that brings some seri...

2025-07-17 - Security Boulevard

CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025

The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive ...

2025-07-17 - The Hacker News

One in 12 US/UK Employees Uses Chinese GenAI Tools

Harmonic Security raises the alarm as one in 12 British and American employees uses Chinese GenAI tools

2025-07-17 - Infosecurity Magazine

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges. Cisco addressed a critical vulnerabi...

2025-07-17 - Security Affairs

Collaboration is Key: How to Make Threat Intelligence Work for Your Organization

Secure threat intelligence sharing reduces risk, accelerates response and builds resilience across entire ecosystems. The post Collaboration is Key: H...

2025-07-17 - Security Boulevard

Microsoft Exposes Scattered Spider’s Latest Tactics

Microsoft has reported Scattered Spider continues to evolve tactics to compromise both on-premises infrastructure and cloud environments

2025-07-17 - Infosecurity Magazine

Review: Passwork 7.0, self-hosted password manager for business

Over the years, the number of services we use has exploded, and so has the need to protect our credentials. Back in what I like to call “the age of in...

2025-07-17 - Help Net Security

I Hacked (Logged) In Through The Front Door

Identity-based attacks have become the path of least resistance and it is the responsibility of all organizations to shore up their defenses to mitiga...

2025-07-17 - Security Boulevard

US Data Breaches Head for Another Record Year After 11% Surge

There were 1732 publicly reported US data breaches in the first half of 2025, according to the latest ITRC report

2025-07-17 - Infosecurity Magazine

Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors

The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors. "Tar...

2025-07-17 - The Hacker News

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

UNC6148 targets SonicWall devices with Overstep malware, using a backdoor and rootkit for data theft, extortion, or ransomware. Google’s Threat Intell...

2025-07-17 - Security Affairs

Ermittlern gelingt Schlag gegen prorussische Hacker

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2337824495.jpg?quality=50&strip=all 6000w, https://b2b-contenthub.com/w...

2025-07-17 - CSO Online

Socure Workforce Verification detects manipulated or fabricated identities

Socure launched Workforce Verification solution to address the growing threat of employee fraud. Socure’s Workforce Verification adapts its ente...

2025-07-17 - Help Net Security

Legit Security delivers automated security reviews for AppSec and development teams

Legit Security announced enhanced capabilities for significant code change and workflow orchestration within its platform. These capabilities provide ...

2025-07-17 - Help Net Security

How AI is changing the GRC strategy

As businesses incorporate cybersecurity into governance, risk and compliance (GRC), it is important to revisit existing GRC programs to ensure that th...

2025-07-17 - CSO Online

Akeyless SecretlessAI protects machine-to-machine communication

Akeyless has launched Akeyless SecretlessAI, a solution purpose-built to secure AI agents and Model Context Protocol (MCP) servers. As enterprises acc...

2025-07-17 - Help Net Security

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (I...

2025-07-17 - The Hacker News

Auswirkungen auf IT-Fachkräfte: 10 Anzeichen für einen schlechten CSO

Sind IT-Mitarbeiter unzufrieden, kann das an schlechten Führungskräften oder an einer unzureichenden IT-Strategie liegen. Foto: fizkes – shutterstock....

2025-07-17 - CSO Online

AI Driving the Adoption of Confidential Computing

After years of hanging out in the wild, confidential computing is getting closer to an AI model near you.

2025-07-16 - Dark Reading

Co-op confirms data of 6.5 million members stolen in cyberattack

UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and ca...

2025-07-16 - BleepingComputer

ISC2 Finds Orgs Are Increasingly Leaning on AI

While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about p...

2025-07-16 - Dark Reading

Ryuk ransomware operator extradited to US, faces five years in federal prison

Karen Vardanyan and his co-conspirators allegedly deployed ransomware on hundreds of machines in 2019 and 2020, extorting more than $15 million from v...

2025-07-16 - CyberScoop

U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms

A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in ...

2025-07-16 - BleepingComputer

House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats

The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025...

2025-07-16 - CyberScoop

Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections

An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS...

2025-07-16 - Dark Reading

Oracle Fixes Critical Bug in Cloud Code Editor

The bug allowed an attacker an easy way to compromise full suite of developer tools in Oracle Cloud Infrastructure.

2025-07-16 - Dark Reading

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

International law enforcement operation disrupted the activities of the pro-Russia hacking group NoName057(16). European and U.S. authorities disrupte...

2025-07-16 - Security Affairs

Louis Vuitton says regional data breaches tied to same cyberattack

Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident...

2025-07-16 - BleepingComputer

SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices

Google Threat Intelligence Group said a financially motivated threat group is abusing the outdated remote access VPN devices, underscoring a continued...

2025-07-16 - CyberScoop

Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

We are honored to be recognized once again as a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms—our sixth consecutive ti...

2025-07-16 - Microsoft Security Blog

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack

To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem ...

2025-07-16 - BleepingComputer

Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters

The lawmakers say the potential is high for such a system to return false positives, blocking citizens from voting. The post Senate Democrats seek ans...

2025-07-16 - CyberScoop

Protecting customers from Octo Tempest attacks across multiple industries

To help protect and inform customers, Microsoft highlights protection coverage across the Microsoft Defender security ecosystem to protect against thr...

2025-07-16 - Microsoft Security Blog

Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation

Over a dozen law enforcement agencies took action earlier this week, resulting in multiple arrests. The post Pro-Russian DDoS group NoName057(16) disr...

2025-07-16 - CyberScoop

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported ...

2025-07-16 - BleepingComputer

Dating app scammer cons former US army colonel into leaking national secrets

A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

2025-07-16 - Malwarebytes Labs

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted communications with other units. A...

2025-07-16 - Security Affairs

DOGE Denizen Marko Elez Leaked API Key for xAI

Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U....

2025-07-15 - Krebs on Security

Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra

Announcing the general availability of Microsoft Security Copilot capabilities for IT with Microsoft Intune and Microsoft Entra, offering AI-powered e...

2025-07-14 - Microsoft Security Blog

UK Arrests Four in ‘Scattered Spider’ Ransom Group

Authorities in the United Kingdom this week arrested four alleged members of "Scattered Spider," a prolific data theft and extortion group whose recen...

2025-07-10 - Krebs on Security

Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report

Employing a Zero Trust strategy is an effective way to modernize security infrastructure to protect against ever evolving security challenges. The pos...

2025-07-10 - Microsoft Security Blog

Microsoft expands Zero Trust workshop to cover network, SecOps, and more

The Microsoft Zero Trust workshop has been expanded to cover all six pillars of Zero Trust security, providing a comprehensive guide for organizations...

2025-07-09 - Microsoft Security Blog

Microsoft Patch Tuesday, July 2025 Edition

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the wea...

2025-07-09 - Krebs on Security

Big Tech’s Mixed Response to U.S. Treasury Sanctions

In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment sc...

2025-07-03 - Krebs on Security

Senator Chides FBI for Weak Advice on Mobile Security

Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a c...

2025-06-30 - Krebs on Security

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

2022-08-31 - Threatpost

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

2022-08-30 - Threatpost

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

2022-08-29 - Threatpost

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

2022-08-26 - Threatpost

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

2022-08-25 - Threatpost

Noticias en Español

CISA enciende las alarmas: CitrixBleed 2 ya se explota para secuestrar sesiones en NetScaler ADC/Gateway

La Agencia de Seguridad de Infraestructura y Ciberseguridad de EE. UU. (CISA) ha incluido CVE-2025-5777, bautizada como CitrixBleed 2, en su catálogo ...

2025-07-17 - Una al Día

Hacking & Pentesting con Inteligencia Artificial. Nuestro nuevo libro en 0xWord

Siempre. que tenemos un nuevo libro en 0xWord que presentaros es un día bonito, así que hoy es un día feliz para todo el equipo, porque tene...

2025-07-17 - El Lado del Mal

Desenmarcarando AsyncRAT: análisis de su laberinto de versiones derivadas

Los investigadores de ESET trazan un mapa de las relaciones laberínticas entre la vasta jerarquía de variantes de AsyncRAT

2025-07-16 - WeLiveSecurity

Vulnerabilidad crítica en eSIMs de Kigen pone en riesgo a miles de millones de dispositivos IoT.

Nueva vulnerabilidad descubierta en las tarjetas eUICC de Kigen pone en riesgo a miles de millones de dispositivos IoT que utilizan tecnología eSIM, p...

2025-07-16 - Una al Día

Google Gemini para Gmail: Cross-Domain Prompt Injection Attack (XPIA) para hacer Phishing

El equipo de seguridad de Google Gemini for Gmail (G-Suite) ha corregido un bug de Cross-Domain Prompt Injection Attack (XPIA) que permite a un atacan...

2025-07-16 - El Lado del Mal

Código abierto de AsyncRAT desata una peligrosa ola mundial de variantes sigilosas

Una nueva investigación de ESET advierte que la publicación en GitHub del código fuente de AsyncRAT —un troyano de acceso remoto (RAT) liberado en 201...

2025-07-15 - Una al Día

Gobierno y Salud, los sectores más golpeados por el cibercrimen durante el 2025 en Latinoamérica

Cerrado el primer semestre del año y a través de casos reales, analizamos cuáles fueron las industrias predilectas por los actores maliciosos y qué co...

2025-07-15 - WeLiveSecurity

Ataques DDoS: técnicas y mitigación en infraestructuras empresariales

Ataques DDoS: técnicas y mitigación en infraestructuras empresariales Autor INCIBE (INCIBE) Mar, 15/07/2025 - 10:31 ...

2025-07-15 - INCIBE-CERT

Hasta mañana funciona el Código de Rebajas de Verano 2025 en 0xWord: Cupón VERANO2025

Hasta mañana está activo el Código de Rebajas de Verano: VERANO2025 en 0xWord. Funcionará hasta las 23:59:59 del 16/07/...

2025-07-15 - El Lado del Mal

UNE lanza en español el primer estándar global sobre gestión de la inteligencia artificial

La Asociación Española de Normalización (UNE) ha publicado en español la primera norma internacional sobre sistemas de gestión de inteligencia artific...

2025-07-14 - Una al Día

La brecha olvidada: ¿Tu seguridad física está en riesgo?

Hoy en día, cuando se habla de seguridad empresarial, la conversación gira siempre en torno a lo mismo: firewalls, ciberataques, contraseñas seguras, ...

2025-07-14 - Flu Project

Entrevista a Manuel S. Lemos: Hacking & Seguridad IA & OWASP GenAI Security Project

El mundo de la Inteligencia Artificial, y en concreto de la GenAI, ha traído un cambio brutal en el mundo empresarial, social y tecnológico. En concre...

2025-07-14 - El Lado del Mal

10.000 horas no son nada en una Inmersión Total

El músico Ed Sheeran, en muchas de sus intervenciones, defiende la teoría de las 10.000 horas. Son esas las horas aproximadas que se necesitan para do...

2025-07-13 - El Lado del Mal

Cuidado con mensajes falsos sobre problemas en la entrega de paquetes o envíos

Este tipo de engaño es cada vez más utilizado por el cibercrimen para robar datos personales, haciendo creer a la víctima que tiene un envío pendiente...

2025-07-10 - WeLiveSecurity

Falsificación de localización GPS en Android usando la Mock Location API

En el ámbito de la seguridad ofensiva y el hacking, la manipulación de la localización GPS es una técnica con múltiples aplicaciones: desde el pentest...

2025-07-09 - Hackplayers

(1/3) - Situación actual del DDoS: evolución, tendencias, impacto y estrategias de respuesta

Esta es la primera de tres publicaciones en las que analizaremos cómo han evolucionado estas amenazas y cómo impactan en las estrategias modernas de c...

2025-07-07 - Flu Project

¡Otro agujero en Chrome! Google tapa su cuarto zero‑day crítico de 2025

Google ha publicado una actualización de emergencia para Chrome que corrige la vulnerabilidad CVE‑2025‑6554, la cuarta brecha zero‑day que los atacant...

2025-07-05 - Una al Día

5 historias de hackeos y ataques a dispositivos IoT muy comunes en el hogar

Los dispositivos conectados a internet pueden ser vulnerados, eso es una realidad, y aquí repasaremos 5 casos resonantes en los que los dispositivos h...

2025-07-03 - WeLiveSecurity

Gamaredon en 2024: análisis de campañas de spearphishing contra Ucrania

ESET Research analiza el conjunto de herramientas actualizadas de ciberespionaje de Gamaredon, las nuevas técnicas centradas en el sigilo y las agresi...

2025-07-03 - WeLiveSecurity

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

2025-07-01 - BlogThinkBig

Normativas y estándares para el ámbito forense digital (III de III)

Hoy se dará finalización a esta cadena de artículos analizando las últimas normas UNE relacionadas y tratando las diferentes leyes de aplicación.https...

2025-06-30 - Flu Project

Motores de búsqueda que usan los hackers (y profesionales de la ciberseguridad)

Cuando pensamos en buscadores, solemos imaginar Google o Bing. Sin embargo, en el mundo del hacking ético y la ciberseguridad, existen motores especia...

2025-06-29 - Hackplayers

CVE-2025-3699: la puerta trasera (no intencionada) en los HVAC de Mitsubishi Electric

Los sistemas de climatización suelen pasar desapercibidos en un pentest. No corren WordPress, no abren puertos raros, y en muchos casos ni siquiera re...

2025-06-29 - Hackplayers

Normativas y estándares para el ámbito forense digital (II de III)

Hoy se dará continuidad a la cadena Normativas y estándares para el ámbito forense digital, que dio comienzo el pasado lunes con su primera edici...

2025-06-23 - Flu Project

Inyección NoSQL: Cómo una entrada maliciosa puede comprometer tu aplicación

Inyección NoSQL: Cómo una entrada maliciosa puede comprometer tu aplicación Autor INCIBE (INCIBE) Vie, 20/06/2025 - 1...

2025-06-20 - INCIBE-CERT

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

2025-06-17 - BlogThinkBig

Normativas y estándares para el ámbito forense digital (I de III)

https://www.flu-project.com/2025/06/normativas-estandares-forense-1-de-3.htmlhttps://www.flu-project.com/2025/06/normativas-estandares-forense-2-de-3....

2025-06-16 - Flu Project

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

2025-06-13 - BlogThinkBig

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

2025-06-12 - BlogThinkBig

Hydroph0bia (CVE-2025-4275): otro golpe a Secure Boot

Y casi de la mano de CVE-2025-4275 cae otra vulnerabilidad que pone de nuevo patas arriba a Secure Boot. Le han bautizado como Hydroph0bia (sí, e...

2025-06-10 - Hackplayers

Secure Boot firmado... pero vulnerable (CVE-2025-3052)

Hoy os traemos CVE-2025-3052, un bug UEFI tan elegante que consigue desactivar Secure Boot desde dentro, sin romper nada, sin errores, y con firm...

2025-06-10 - Hackplayers

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

2025-06-06 - BlogThinkBig

Acceso inicial no autorizado a equipos SCI - Parte 2

Acceso inicial no autorizado a equipos SCI - Parte 2 Autor INCIBE (INCIBE) Vie, 16/05/2025 - 10:45 ...

2025-05-16 - INCIBE-CERT

Acceso inicial no autorizado a equipos SCI - Parte 1

Acceso inicial no autorizado a equipos SCI - Parte 1 Autor INCIBE (INCIBE) Jue, 24/04/2025 - 10:54 ...

2025-04-24 - INCIBE-CERT

Claves forenses en Windows: artefactos esenciales para la investigación digital

Claves forenses en Windows: artefactos esenciales para la investigación digital Autor INCIBE (INCIBE) Jue, 20/03/2025...

2025-03-20 - INCIBE-CERT

Cybersecurity News - Noticias de Ciberseguridad

Latest News

Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads

Adoption agency leaks over a million records

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Meta AI chatbot bug could have allowed anyone to see private conversations

Google Gemini AI Flaw Could Lead to Gmail Compromise, Phishing

WeTransfer walks back clause that said it would train AI on your files

SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat

China-Backed Salt Typhoon Hacks US National Guard for Nearly a Year

AI Cloaking Tools Enable Harder-to-Detect Cyber-Attacks

Chrome fixes 6 security vulnerabilities. Get the update now!

Stellar Cyber enhances identity security with ITDR capabilities

Oracle-Lücke birgt Gefahr für RCE-Attacken

China-linked hackers target Taiwan chip firms in a coordinated espionage campaign

Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine

United Natural Foods Expects $400M revenue impact from June cyber attack

Are We Truly Prepared for the Era of Quantum Computing?

CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025

One in 12 US/UK Employees Uses Chinese GenAI Tools

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Collaboration is Key: How to Make Threat Intelligence Work for Your Organization

Microsoft Exposes Scattered Spider’s Latest Tactics

Review: Passwork 7.0, self-hosted password manager for business

I Hacked (Logged) In Through The Front Door

US Data Breaches Head for Another Record Year After 11% Surge

Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

Ermittlern gelingt Schlag gegen prorussische Hacker

Socure Workforce Verification detects manipulated or fabricated identities

Legit Security delivers automated security reviews for AppSec and development teams

How AI is changing the GRC strategy

Akeyless SecretlessAI protects machine-to-machine communication

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

Auswirkungen auf IT-Fachkräfte: 10 Anzeichen für einen schlechten CSO

AI Driving the Adoption of Confidential Computing

Co-op confirms data of 6.5 million members stolen in cyberattack

ISC2 Finds Orgs Are Increasingly Leaning on AI

Ryuk ransomware operator extradited to US, faces five years in federal prison

U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms

House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats

Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections

Oracle Fixes Critical Bug in Cloud Code Editor

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Louis Vuitton says regional data breaches tied to same cyberattack

SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices

Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack

Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters

Protecting customers from Octo Tempest attacks across multiple industries

Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

Dating app scammer cons former US army colonel into leaking national secrets

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

DOGE Denizen Marko Elez Leaked API Key for xAI

Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra

UK Arrests Four in ‘Scattered Spider’ Ransom Group

​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report

Microsoft expands Zero Trust workshop to cover network, SecOps, and more

Microsoft Patch Tuesday, July 2025 Edition

Big Tech’s Mixed Response to U.S. Treasury Sanctions

Senator Chides FBI for Weak Advice on Mobile Security

Student Loan Breach Exposes 2.5M Records

Watering Hole Attacks Push ScanBox Keylogger

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Ransomware Attacks are on the Rise

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Noticias en Español

CISA enciende las alarmas: CitrixBleed 2 ya se explota para secuestrar sesiones en NetScaler ADC/Gateway

Hacking & Pentesting con Inteligencia Artificial. Nuestro nuevo libro en 0xWord

Desenmarcarando AsyncRAT: análisis de su laberinto de versiones derivadas

Vulnerabilidad crítica en eSIMs de Kigen pone en riesgo a miles de millones de dispositivos IoT.

Google Gemini para Gmail: Cross-Domain Prompt Injection Attack (XPIA) para hacer Phishing

Código abierto de AsyncRAT desata una peligrosa ola mundial de variantes sigilosas

Gobierno y Salud, los sectores más golpeados por el cibercrimen durante el 2025 en Latinoamérica

Ataques DDoS: técnicas y mitigación en infraestructuras empresariales

Hasta mañana funciona el Código de Rebajas de Verano 2025 en 0xWord: Cupón VERANO2025

UNE lanza en español el primer estándar global sobre gestión de la inteligencia artificial

La brecha olvidada: ¿Tu seguridad física está en riesgo?

Entrevista a Manuel S. Lemos: Hacking & Seguridad IA & OWASP GenAI Security Project

Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report

¡Otro agujero en Chrome! Google tapa su cuarto zero‑day crítico de 2025

Hydroph0bia (CVE-2025-4275): otro golpe a Secure Boot