TCE weekly roundup covers crypto hacks, fraud schemes, dark web contests, and cyberattacks shaping global cybersecurity trends.

Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today's cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity.

Law enforcement agencies across Europe, the United States, and other partner nations cracked down on the commercial DDoS-for-hire ecosystem, targeting both

As Kuwait cyber fraud threats continue to evolve, such coordination is becoming increasingly important.

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years.

A volte i responsabili delle violazioni informatiche sono dipendenti, collaboratori o ex soci che abusano dei propri privilegi di accesso per sottrarre dati, danneggiare sistemi o favorire la concorrenza. Ecco l'evoluzione giurisprudenziale, i casi pratici d'infedeltà dei dipendenti e cybercrime e gli obblighi per le imprese

Per l’utente finale l’hacking e lo scraping hanno effetti simili. Tuttavia, lo scraping ha molto a che fare con le logiche di business e limitarlo dovrebbe essere uno standard. Qualche considerazione e qualche suggerimento

Critical nginx-ui flaw CVE-2026-33032 allows full Nginx takeover. Active exploitation in the wild puts thousands of servers at risk.

Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security updates.

Se si vuole affrontare il tema della difesa dell’informazione, bisogna partire dalla funzione. Ecco perché bisogna capire chi informa, in che senso fa informazione, con quali effetti e con quali responsabilità

23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts.

As Gemini ad safety systems continue to develop, the focus is likely to remain on faster detection, stronger verification, and tighter enforcement.

Grinex Cyberattack halts trading after a $15M wallet breach, exposing major crypto exchange risks and fund movement across blockchains.

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions.

The advisory concludes that the Russian GRU cyber campaign is likely to persist, with continued use of similar tactics and targeting patterns.

In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak. The group typically compromises organisations' Salesforce instances before demanding a ransom and later, if not paid, dumping the data publicly. They subsequently published the alleged data which contained over 2M unique email addresses along with names, physical addresses and customer support records.

Nel panorama delle minacce informatiche, esiste una categoria di attacchi particolarmente insidiosa di cui si parla poco, ma che gode di pessima fama perché colpisce le vittime nel momento di maggiore vulnerabilità: le recovery scam, ovvero le truffe che promettono di recuperare il denaro già sottratto. Secondo Eset, si tratta di una strategia sempre più …

Sembra che il mercato inizi a considerare una cosa sensata il concetto di “sicurezza come responsabilità condivisa”. Questa frase, spesso usata in passato senza una reale presa sulla realtà e forse più come metodo per “scaricare” parte delle proprie responsabilità su altri, adesso trova dei riscontri nella nuova ricerca di Kaspersky intitolata “Supply chain reaction: …

The latest wave of "Operation PowerOFF," on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries.

A new malware called ZionSiphon, specifically designed for operational technology, is targeting water treatment and desalination environments to sabotage their operations.

Learn how attackers compromise Joomla sites with obfuscated PHP loaders to inject SEO spam, cloak pages, and damage search visibility.

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers.

Europol coordinated an operation against for-hire distributed denial-of-service (DDoS) services, including the arrest of four people and the takedown of 53 domains.

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed one Foxit Reader vulnerability, and six LibRaw file reader vulnerabilities. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.     For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always pos

Thor provides an overview of the Q1 2026 vulnerability statistics, highlighting key trends in legacy CVEs and the evolving impact of AI on the threat landscape.

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces.

The U.S. Department of Justice announced that two Americans were sentenced to years in prison for helping the North Korean government place fake IT workers in U.S. companies.

Google says it is increasingly using its Gemini AI models to detect and block harmful ads on its advertising platforms, as scammers and threat actors continue to evolve their tactics to evade detection.

L'intervento di Google, che ha rimosso decine di domini riconducibili a Ipidea, società cinese operante nel settore dei servizi proxy residenziali, si fonda su elementi tecnici e legali specifici. Il nodo centrale della questione riguarda le modalità attraverso cui i dispositivi vengono inclusi nelle reti proxy