Healthtech firm Xolis suffers data breach impacting 1.4 million people
Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network.
New macOS ClickFix attack silently mounts DMGs to push infostealer
A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files.
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were…
Sicurezza data center: requisiti e standard per l’outsourcing hardware
Sicurezza fisica e logica dei data center per l'outsourcing di risorse hardware: classificazione, convergenza IT/OT e checklist operativa per il sopralluogo
LastPass confirms data breach in Klue supply chain attack
LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month.
The Exploit Doesn't Exist. You Can Still Prove It Works Against You
Attackers can now weaponize newly disclosed vulnerabilities far faster than most organizations can patch them. Picus Security explains how security teams can validate exploitability before a public exploit even exists.
Ghost Stories: investigating an undocumented ClickFix C2 in Ghost CMS
Read-only research into an active campaign that exploits CVE-2026-26980 in Ghost CMS. Every result below comes from public GET requests. We did not exploit the flaw, did not authenticate, and did not write anything. The main scan ran on 2026-06-11.
Key findings
* An active campaign is exploiting CVE-2026-26980, a SQL injection in the public Content API of Ghost CMS (versions 3.24.0 to 6.19.0, fixed in 6.19.1, released February 2026). The attackers use it to plant a JavaScript loader t
Fortibleed: Anatomy of the FortiBleed campaign based on the server that the attackers themselves left exposed.
Executive Summary: In June 19 2026 we received access to the contents of an internet-exposed directory, left open by the operators themselves of a campaign the press named FortiBleed. It was not a victim leak. It was the attacker command post:...
Attacchi crittografici: la mappa completa delle minacce che ogni CISO deve conoscere
Ogni algoritmo crittografico ha i suoi punti deboli e con le tecniche giuste qualsiasi implementazione può essere compromessa. Conoscere le principali tipologie di attacchi crittografici è quindi utile per adottare le giuste contromisure. Ecco tutto quello che c’è da sapere
Webinar: Why email security teams are drowning in alerts
Phishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can help automate detection and response workflows, reducing alert fatigue and improving operational efficiency.
EvilTokens: How “Ghost” Code Threatens US and European Businesses
See how EvilTokens hides Microsoft 365 account takeover activity behind browser-side decryption and how in-browser data inspection reveals the full attack flow.
700+ Lookalike Domains Targeting Oil and Gas Companies
PreCrime Labs tracked 701+ suspicious domains impersonating Chevron, ExxonMobil & Shell. See how attackers stage energy sector phishing before it launches.
MITRE ATT&CK v19: ecco le novità strutturali della nuova versione
Il rilascio della nuova release introduce modifiche strutturali. Il focus è sulla deprecation della tattica Defense Evasion (TA0005) e sulla sua sostituzione con due nuove tattiche: Stealthee e Impair Defenses. Ecco alcuni suggerimenti operativi e una guida alla migrazione
Disaster recovery: quando l’organizzazione scopre se è in grado di sopravvivere
Il Disaster recovery, che è governo della crisi, deve cambiare prospettiva. Non basta più progettare il ripristino dei sistemi interni, occorre chiedersi da quali soggetti esterni dipende la capacità di recovery. Ecco perché serve un cambio di paradigma che sposta il tema dalla tecnologia alla governance delle dipendenze
Brace Before The Impact: 7 Signals Your Organization Needs A Cybersecurity Services Retainer
Incident response plans aren't enough if the response can't activate when it matters. Discover seven signs your organization may need a cybersecurity services retainer to strengthen readiness, resilience, and incident response capabilities.
WhatsApp phishing attack uses fake business docs to hack PCs
An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access.
JaredFromSubway MEV bot hacked in $15 million crypto theft
The JaredFromSubway Ethereum MEV (Maximal Extractable Value) bot suffered a $15 million loss after an attacker manipulated the opportunity-detection logic by creating fake cryptocurrency trading opportunities.
FFmpeg fixes PixelSmash flaw in widely used video decoder
A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio.