Over Security

​Microsoft has resolved a known issue that rendered the classic Outlook email client unusable for users who enabled the Microsoft Teams Meeting Add-in.

Exposing the rise in Olympic-themed domain abuse for 2026 & 2028. Learn to identify ticket scams, phishing, and fake merchandise infrastructure.

March updates in ANY.RUN bring stronger phishing detection, broader sandbox coverage with macOS and Windows Server, new detections, and fresh TI reports.

Meet Sekoia Reveal: Turn fragmented asset data into unified SOC context

Google ha aggiornato il Q-Day, il momento in cui i computer quantistici potrebbero spezzare la crittografia attuale. Migrare verso la crittografia post-quantistica è sempre meno un’opzione

A summary of the top ransomware trends from the Talos 2025 Year in Review, with a focus on identity, attacker tactics, and practical defenses.

In this Jennifer Cox Interview, the Tines leader explains why security automation fails — and how to fix it.

U.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto exchange twice and laundering the proceeds through a cryptocurrency mixer.

Compromised Axios maintainer npm Account delivers cross-platform RAT via poisoned axios@1.14.1 and 0.30.4, increasing chances of Axios supply chain attack.

Il riepilogo delle ultime settimane di quanto uscito su Guerre di Rete.

The Dutch Ministry of Finance took some of its systems offline, including the digital portal for treasury banking, while investigating a cyberattack detected two weeks ago.

Il provvedimento del Garante privacy non è solo una sanzione record per il settore bancario italiano: 31, 8 milioni di euro. È una lezione sistemica su insider threat, accountability e gestione delle violazioni. Ecco cosa devono imparare i titolari del trattamento dati

CERT Polska has analyzed an SGB-branded Android malware sample from the FvncBot campaign targeting Poland. The app installs a second-stage implant, coerces the victim into enabling accessibility, and registers the device to a backend that issues per-device credentials.

In March 2026, the NSFW AI companion platform Cuties AI suffered a data breach that was subsequently published to a public hacking forum. The incident exposed 144k unique email addresses along with display names, avatars, prompts and descriptions used to generate AI adult images, as well as URLs to the generated content. The data also included the account that created the content and a stated "preference" of either female or trans.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an actively exploited vulnerability by Thursday.

A violent extremist network member pleads guilty to exploiting minors and cyberstalking, exposing how such networks target teens online.

Until that is confirmed, the CareCloud data breach will remain a developing story for both regulators and the healthcare industry.

La giornata internazionale dedicata al backup dei dati è un'occasione per effettuare la verifica delle proprie strategie di protezione dati in uno scenario di assedio cyber. Ecco i consigli pratici per le aziende che devono imparare che l’affidabilità del backup non è più solo uno strumento di recupero, ma la base per la resilienza operativa

The Intesa Sanpaolo data breach, first reported by the bank in July 2024, turned out to be far more extensive than initially disclosed.

Learn about the risks of using nulled WordPress plugins and find out why they're a threat to your site's security and performance.

Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours.

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network.

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix  NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data.

È stata identificata una campagna di attacco particolarmente sofisticata e strutturata basata su phishing il cui vero obiettivo strategico sono i token di accesso alle piattaforme Microsoft 365 di oltre 340 organizzazioni in tutto il mondo. Ecco tutti i dettagli

Cyble dissects a LinkedIn job‑lure campaign, exposing its multi‑stage PXA Stealer tactic that hijacks accounts and steals sensitive data.