Over Security

Hackers part of APT28, a state-backed threat group linked to Russia's military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukrainian government entities.

Microsoft ha rilasciato un aggiornamento urgente e “silenzioso” per correggere una vulnerabilità critica nell'interfaccia di gestione Bluetooth di Windows 11. Ma al di là del fix puntuale, il caso apre una riflessione più ampia: la superficie d’attacco Bluetooth nelle reti aziendali è ancora sistematicamente sottovalutata

The University of Mississippi Medical Center (UMMC) is the primary academic healthcare system in the state of Mississippi. Based in Jackson, it serves as a

Password resets are often weaker than login security, making them a prime target for privilege escalation. Specops Software explains how attackers abuse reset workflows and how to secure them.

Le Faraday bag, sacchetti, borselli, zaini, servono a schermare le emissioni elettromagnetiche, impedendo quindi agli oggetti che ci sono dentro di comunicare con l’esterno. Sono usate a scopi professionali, ma anche da persone molto attente alla propria privacy e alla sicurezza dei loro dispositivi. Ecco utilità e limiti

macOS threats are targeting enterprise environments. See how SOC teams can investigate cross-platform malware faster with interactive sandbox.

Ubiquiti has patched two vulnerabilities in the UniFi Network Application, including a maximum-severity flaw that may allow attackers to take over user accounts.

WordPress plugin "Profile Builder Pro" (versions before 3.14.5) is susceptible to Unauthenticated PHP Object Injection. In this blog post, we discuss how we discovered and exploited the vulnerability using a novel POP chain, how AI helped in the process, taking a final look at targets in the wild.

Apple patches WebKit Vulnerability CVE-2026-20643 via background updates across iOS, iPadOS, and macOS.

Amazon MadPot uncovers Interlock ransomware exploiting FMC CVE-2026-20131 pre-disclosure, using zero-day access and advanced attack tools.

CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker's systems.

Nei sistemi cyber-fisici e IoT la protezione del dato non può più fermarsi al canale o al repository: la vera frontiera è difenderlo anche mentre viene elaborato, su edge e cloud che non possono essere considerati affidabili per definizione, grazie agli acceleratori crittografici

Inside Russia credential-based intrusions, identity-based cyber attacks, and account takeover attacks reshaping OT risk for CISOs in 2026.

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned.

A new Android malware called Perseus is checking user-curated notes to steal  sensitive information, like passwords, recovery phrases, or financial data.

The IC's assessment reserves its sharpest language for China. Beijing is the most active and persistent cyber threat to U.S. government, private-sector, and

Attackers use trusted tools for data theft, making traditional detection unreliable. The Exfiltration Framework enables defenders to spot exfiltration by focusing on behavioral signals across endpoints, networks, and cloud environments rather than static tool indicators.

I modelli di IA generativa utilizzati in ambienti riservati sono in grado di rispondere alle domande, ma al momento non imparano dai dati che analizzano. La situazione potrebbe cambiare presto. Ecco perché il Pentagono sta pianificando di consentire alle aziende specializzate in AI di addestrare i propri modelli utilizzando dati riservati

Researchers disclose a new iOS full-chain exploit kit dubbed DarkSword — a name taken directly from a variable buried inside the malware's own code.

CISA confirmed it is actively monitoring malicious cyber activity targeting endpoint management systems across U.S. organizations.

Google Threat Intelligence Group, un’unità specializzata di Google Cloud dedicata alla cybersicurezza, ha appena rilasciato un blogpost quantomeno preoccupante. Il toolkit noto come DarkSword propone una catena di exploit completa capace di compromettere interamente dispositivi iOS sfruttando vulnerabilità multiple, inclusi zero-day, e viene sfruttata sia in operazioni di cyberspionaggio sia in attività criminali orientate al …

Identity protection company Aura has confirmed that an authorized party gained access to nearly 900,000 customer records containing names and email addresses.

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).