Over Security

OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat.

In around 2011, the RuneScape Boards forum (also known as RSBoards) suffered a data breach that was later redistributed as part of a larger corpus of data. The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes.

Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December.

The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels.

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers.

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran.

Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people.

EDPB ed EDPS ha sollevato un dubbio tutt’altro che teorico in merito al Digital Omnibus: nel tentativo di rendere più snello il quadro regolatorio europeo, si rischia di incidere proprio sul pilastro che lo ha reso solido, cioè il GDPR. Ecco i punti salienti dell’opinione congiunta

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company's GitHub organization to tamper with dozens of repositories.

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have…

Hackers working for Iran’s government are using Telegram in hacking operations that use malware to target dissidents, opposition groups, and journalists who oppose its regime, according to the FBI.

L'European Data Protection Board ha lanciato la sua azione sul quadro coordinato di applicazione (CEF) per il 2026. A differenza dell’anno scorso, che era incentrato sul diritto alla cancellazione, l’attenzione quest’anno si sposta sul rispetto degli obblighi di trasparenza e di informazione previsti dal GDPR. I punti salienti

Lo smantellamento delle botnet Aisuru, KimWolf, JackSkid e Mossad, con i loro tre milioni di dispositivi infetti, è una vittoria delle forze dell’ordine internazionali. Ma la vera notizia è che queste reti criminali hanno potuto crescere indisturbate per anni sfruttando un ecosistema IoT strutturalmente insicuro. E finché non risolviamo questo problema, ne arriveranno altre

AI agents can access data directly, making data security the foundation of AI security. Learn more about how Varonis Atlas helps orgs see, secure, and control AI systems and the data they can reach.

The Beers with Talos team unpack the biggest cybersecurity threats of 2025, from React2Shell to ransomware and identity abuse, and what it all means for defenders going forward.

Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday.

At RSA 2026, Flashpoint explores how to connect adversary activity to assets, priorities, and decisions to support real security outcomes.

The 2025 Talos Year in Review is available now. Understand evolving adversary playbooks and how to strengthen your organization’s defenses.

Managed Detection & Response services (MDR) 24/7 for network, endpoint, cloud, SaaS and OT, against every type of cyber attack

Prima campagna di phishing in lingua italiana che sfrutta il brand ChatGPT per sottrarre dati di carte e codici OTP. Analisi della minaccia e dei tentativi di frode osservati.

The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks.

NIST updates DNS security guidance with SP 800-81r3, covering protective DNS, encryption, DNSSEC, and modern security practices.

AGCOM ha emanato due provvedimenti decisivi contro il CLI spoofing: una sanzione ad Agile Telecom per veicolazione di SMS fraudolenti e un’archiviazione per Telecom Italia Sparkle dopo l’implementazione di filtri e risoluzione di contratti irregolari. Un sistema multilivello contro spoofing e chiamate abusive che inizia a funzionare

A 35-year-old man operating from China ran the largest fraudulent dark web network ever dismantled and the most disturbing detail is not the scale of the