Over Security

Citrix has patched two NetScaler ADC and NetScaler Gateway vulnerabilities, one of which is very similar to the CitrixBleed and CitrixBleed2 flaws exploited in zero-day attacks in recent years.

LiSA, il framework di Ca’ Foscari per la verifica del software, conquista il terzo posto a SVCOMP 2026 nella categoria Java. Progetto co-finanziato da SERICS, si basa su interpretazione astratta. Integrato dalla NSA in Ghidra, si candida come tecnologia italiana per l’analisi statica del codice

AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale.

Learn how prompt injection attacks expose agentic AI systems to risk, alongside memory poisoning, and how to secure autonomous decision-making.

Kali Linux 2026.1, the first release of the year, is now available for download, featuring 8 new tools, a theme refresh, and a new BackTrack mode for Kali-Undercover.

FlexPLM vulnerability and Windchill flaw (CVE-2026-4681) allow Remote Code Execution. Learn impacted versions, risks, and fixes now.

Le commissioni IMCO e LIBE del Parlamento UE hanno adottato il mandato negoziale sul cosiddetto “omnibus digitale” che modifica l’AI Act: tra le proposte il rinvio delle scadenze per i sistemi ad alto rischio, più flessibilità per le imprese e un nuovo divieto per le applicazioni di “nudificazione”. Voto in plenaria atteso il 26 marzo

TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.

The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report also includes Incident Response findings based on real-world cases identified and mitigated in 2025.

As of March 23, no new model of router can receive U.S. market authorization unless it clears a security review by the Department of War or the Department of Homeland Security first, the FCC said.

See how the Kamasers botnet can disrupt business operations through multi-vector DDoS attacks, resilient infrastructure, and broad attack capabilities.

MSSQLand enables red teams to interact with MS-SQL servers and linked instances in restricted environments without complex T-SQL queries. Assembly-ready tool for lateral movement.

A Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to launch BitPaymer ransomware attacks against 72 U.S. companies.

The most striking aspect of this phishing campaign targeting messaging apps is that it does not rely on exploiting software vulnerabilities.

A federal court sentenced Russian national Illya Angelov, on Tuesday, for running a 'Mario Kart' botnet operation that infected thousands of computers daily, sold backdoor access to ransomware groups and victimized 72 companies across 31 U.S. states.

Un documento pubblicato da OpenAI fuga ogni eventuale dubbio residuo: il rischio prompt injection è un problema strutturale dei LLM e non un bug. Ci sono diversi modi per mitigarne sia le cause sia gli effetti

NCSC warns AI-generated code could increase cyber risks and calls for vibe coding safeguards to ensure software is secure by design.

The Ministry of Finance cyberattack came to light after a third party flagged suspicious activity, prompting an internal investigation.

PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack.

The Federal Communications Commission has updated its Covered List to include all consumer routers made in foreign countries, banning the sale of new models in the U.S.

New year, new release - Kali 2026.1 is here! There is everything from a fresh coat of paint to a nod to our roots, with normal ongoing improvements. Building on from December’s 2025.4, the summary of the changelog: 2026 Theme Refresh - Our yearly theme refresh BackTrack Mode For Kali-Undercover - New mode celebrating BackTrack’s 20th anniversary Kali’s 13th Birthday Event - A little community event New Tools - 8 new programs 2026 Theme Refresh As with previous 20xx.1 releases, this major update brings our annual theme refresh, a long-standing tradition that keeps the Kali Linux interface as modern and innovative. This year’s release unveils a brand-new theme from the moment you boot. Everything from the boot menu, installer to the login display, and a fresh set of desktop wallpapers.