Le preoccupazioni relative alla sicurezza del nuovo strumento di Agentic AI, precedentemente noto come Clawdbot, permangono, nonostante il rebranding richiesto da Anthropic per motivi legati al marchio registrato. Ecco i principali rischi di un malware infostealer camuffato da assistente personale AI open source e come mitigarli

Pochi giorni fa OpenSSL ha rilasciato alcune patch per risolvere 12 vulnerabilità individuate, con l'aiuto dell'IA, dalla compagnia di sicurezza AISLE.

Seemingly harmless game mods can hide infostealer malware that quietly steals identities. Flare shows how Roblox mods can turn a home PC infection into corporate compromise.

On January 20, Kaspersky solutions detected malware used in eScan antivirus supply chain attack. In this article we provide available information on the threat: indicators of compromise, threat hunting and mitigating tips, etc.

Microsoft plans to introduce a call reporting feature in Teams by mid-March, allowing users to flag suspicious or unwanted calls as potential scams or phishing attempts.

The Aisuru/Kimwolf botnet launched a new massive distributed denial of service (DDoS) attack in December 2025, peaking at 31.4 Tbps and 200 million requests per second.

Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild.

Progettare sicurezza e resilienza anche per gli eventi a bassa probabilità e ad alto impatto è ora possibile a costi contenuti. Ecco come

Reversing.works is looking for technical beta testers. Help us test WebUSB Unpinner, a tool critical for worker susveillance.

The French data protection authority fined the national employment agency €5 million (nearly €6 million) for failing to secure job seekers' data, which allowed hackers to steal the personal information of 43 million people.

​Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves.

Con il provvedimento del 23 ottobre 2025, il Garante Privacy, intervenendo su un caso di videosorveglianza privata protrattasi per anni, in assenza di un reale presidio giuridico e tecnico, ha ribadito le regole per le telecamere private. Ecco cosa comporta la ripresa continuativa di aree condominiali e strade

Here’s a collection of the main mega breaches (that is data breaches with more than one million records compromised and possibly leaked) during 2026. The information is derived from the cyber attac…

A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever.

Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly in Thailand and Vietnam.

Da oggi rendiamo disponibile per tutti il Manualetto di sicurezza digitale per giornalisti e attivisti.

Discover how organizations improve SOC performance with ANY.RUN through faster triage, fewer escalations, and measurable business impact.

Al Richmond Cyber resilience forum, a cui hanno partecipato CISO, manager e professionisti della sicurezza, il report Cybersecurity Statistics 2025 ha delineato le principali tendenze cyber del 2026, a partire dalle figure professionali più richieste. Ecco cosa è emerso, mentre ransomware, supply chain e fattore umano si confermano come principali vettori di rischio

La certificazione SOC 2 offre una garanzia concreta e verificata da un revisore indipendente, non solo una semplice promessa. Ecco perché è diventato quasi obbligatorio per chiunque gestisca dati sensibili, soprattutto nel cloud

An Android trojan distributed via a Deutsche Bank phishing campaign pretends to be “Support Nexi,” prompts victims to tap their payment card and enter the PIN, then exfiltrates NFC data over a WebSocket. We attribute this cluster as NFCShare and provide technical details and IOCs.

Uncover IClickFix: a malicious framework exploiting the ClickFix tactic in widespread malware campaigns to deliver NetSupport RAT.

Non siamo affatto più sicuri, ma un po’ meno disordinati nella capacità di rilevazione e triage. Ecco i dati di Acn del secondo semestre del 2025 da cui si evince che gli eventi aumentano, mentre diminuiscono gli incidenti con impatto confermato

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access trojan to gain network access that could lead to ransomware attacks.

The coordinated attack on Poland's power grid in late December targeted multiple distributed energy resource (DER) sites across the country, including combined heat and power (CHP) facilities and wind and solar dispatch systems.

The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software…