EU leaders eye social media ban for children under age 13
Japan's largest taxi operator shuts systems after cyberattack
Japan's largest taxi operator, Nihon Kotsu, announced that its systems were compromised in a cyberattack, forcing the company to shut down part of its infrastructure.
Hackers backdoor Jscrambler npm package with infostealer malware
The Jscrambler client-side web security company disclosed that a threat actor published a malicious version of its npm package that has been downloaded almost 1,500 times.
New CrashStealer malware poses as Apple crash reporting tool
A new macOS information-stealing malware called CrashStealer pretends to be Apple's crash-reporting tool to steal credentials, keychain data, and crypto wallets.
VPN service favored by ransomware groups is sanctioned by US
Understanding Illicit Ecosystems: How Dark Web Forums Structure Cybercrime
We analyze how dark web forums operate, breaking down how specialized, hybrid platforms function together.
Russian celebrity journalist Ksenia Sobchak says hackers accessed Telegram channels via email breach
Spazio e cyber spazio non sono più separati: nasce il Polo Italiano che li unisce
Nasce il Polo Italiano per il Cyber e la Space Economy. Partnership strategica con gli Emirati Arabi per integrare cyber, intelligenza artificiale e sicurezza spaziale. Obiettivo: rafforzare autonomia tecnologica italiana e costruire un ecosistema innovativo, con una cooperazione internazionale su domini critici per la sicurezza nazionale
CISA warns of actively exploited RCE flaws in Joomla extensions
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda and Balbooa Forms extensions for Joomla to achieve remote code execution through arbitrary file uploads.
Lessons Learned from CISA’s Recent GitHub Leak
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys -- in a public GitHub repository for almost six months…
Lidl discloses online shop breach after service provider hack
German discount supermarket chain Lidl notified customers in Germany, Belgium, and the Netherlands that attackers stole their personal information in a breach at a service provider.
Oltre 15 anni di cyber attacchi russi contro l’Europa: arriva la sanzione UE
L'UE sanziona ufficiali dei servizi segreti russi per quindici anni di attacchi cyber contro gli Stati Membri: un'azione che non blocca le operazioni, ma crea un precedente giuridico e politico che rende più difficile negare l'attribuzione in futuro. Ecco il ruolo degli attacchi cyber russi nella guerra ibrida per destabilizzare l'UE
Breach at the Beach: Play the Ultimate Entra ID CTF
Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techniques using realistic scenarios.
GigaWiper, la piattaforma malware che spia e distrugge i sistemi compromessi
I laboratori di Threat Intelligence Microsoft hanno identificato il nuovo malware GigaWiper che, oltre alla capacità di cancellare dati, si caratterizza per la sua architettura modulare che combina funzionalità di accesso remoto, spionaggio e distruzione dei sistemi compromessi. Ecco tutti i dettagli e i consigli per difendersi
Russia's FSB blamed for Poland grid attack as UK and EU impose first joint cyber sanctions
UK charges suspects linked to Russian Coms call spoofing platform
UK authorities charged five people following a National Crime Agency (NCA) investigation into Russian Coms, a major caller ID spoofing platform used by criminals to make over 1.8 million scam calls.
VPN veloce: con NordVPN 75% di sconto e 3 mesi extra
NordVPN propone un'offerta per avere per 2 anni una VPN veloce e affidabile disponibile oggi con il 75% di sconto e 3 mesi extra.
Chat control: la deroga che mette alla prova il modello europeo di tutela dei diritti
Una riflessione critica sulla proroga della deroga al regime ePrivacy, sulle ragioni della sua approvazione e sulla sua apparente incompatibilità con lo stesso sistema normativo europeo e la giurisprudenza delle Corti
EU sanctions Russian GRU military hackers over cyberattacks
The European Union and the United Kingdom jointly sanctioned dozens of Russian individuals and entities and accused Russia of coordinating a network of hacking groups responsible for attacks across Europe.
US and allies warn of Russian critical infrastructure attacks
Cybersecurity agencies from the United States and eight other countries have issued a joint warning that Russian state hackers are targeting vulnerable and poorly configured routers to infiltrate critical infrastructure networks.
Le vulnerabilità delle periferiche wireless a cui (quasi) nessuno pensa
L'Istituto nazionale elvetico di test per la cibersicurezza NCT rivela come tastiere, mouse e cuffie senza fili possano diventare pericolose porte d'accesso per gli attaccanti. Cosa sapere e perché tenerne conto
How to get informed about the latest security updates in your WordPress plugins and themes.
CISA Warns of Actively Exploited Joomla Zero-Day Vulnerabilities
CISA adds CVE-2026-48939 and CVE-2026-56291 to KEV after zero-day attacks targeting Joomla iCagenda and Balbooa extensions emerge.
Prompt injection negli atti giudiziari: quando il documento processuale diventa vettore d’attacco
Il caso Galileu vede un atto processuale, destinato alla lettura umana, diventare materiale elaborabile da strumenti automatici. Se diventasse input computazionale, potrebbe diventare payload. Ecco le conseguenze tecniche, giuridiche e deontologiche per magistrati, PA, avvocati, consulenti tecnici e fornitori di soluzioni legal-tech
Inside the Matching Engine: How Distributed Tokenization Identifies Compromised Cards Without Exposing Them
Discover how Distributed Tokenization identifies compromised cards at pre-authorization without exposing raw card data — a technical deep-dive for fraud operations and risk teams.
South Korea Military Faces Highest Cyberattack Volume Since 2021
Cyberattacks on South Korea military reached a five-year high as phishing emails surged and the MND faced cyber talent shortages.
Vishing Call Becomes Key Lead in Massive Odido Cyberattack
The Odido cyberattack investigation has revealed possible involvement of Dutch nationals as police continue probing the ShinyHunters attack.
European Parliament Revives Controversial Chat Scanning Law
The Chat Control 1.0 rule has been revived after a European Parliament vote, restoring the legal basis for voluntary CSAM scanning.
OpenAI temporarily relaxes GPT-5.6 Sol usage limits
OpenAI is temporarily relaxing GPT-5.6 Sol usage after demand for the company's most powerful model surged over the past 48 hours.
Northeast Pediatrics enters negotiations with Anubis, then silence. SuspectFile reconstructs the negotiation that preceded the data publication