Ransomware payment rate drops to record low as attacks surge
The number of ransomware victims paying threat actors has dropped to 28% last year, an all-time low, despite a significant increase in the number of claimed attacks.
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
Microsoft expands Windows restore to more enterprise devices
Microsoft now allows more enterprise users to restore their personal settings and Microsoft Store apps from a previous Windows 11 device.
New York sues Valve for promoting illegal gambling via game loot boxes
New York Attorney General Letitia James sued video game developer and publisher Valve Corporation for using game loot boxes to facilitate illegal gambling activities among children and teenagers.
PromptSpy ushers in the era of Android threats using GenAI
ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow.
L’IA cinese è un rischio per l’Europa: ma le Pmi hanno 3 motivi per preferire questi modelli
L'IA cinese pone il Vecchio Continente di fronte a una scelta strategica: chiudersi per timore della dipendenza tecnologica da Pechino o sfruttare questa opportunità per rafforzare la propria competitività digitale, soprattutto considerando che gli Stati Uniti potrebbero non rivelarsi più un partner affidabile come in passato
ENISA’s Updated Cybersecurity Methodology Aligns with NIS2 and EU Cybersecurity Act
New Dohdoor malware campaign targets education and health care
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.”
Assalto al trono di Nvidia
Rivali che puntano a eroderne il dominio, startup innovative e la rincorsa cinese: il gigante fondato da Jensen Huang deve iniziare a guardarsi alle spalle
ANY.RUN & Splunk Enterprise: Stronger Detection, Faster Response in Your SOC
See how your SOC can accelerate monitoring, triage, and response with ANY.RUN by working inside Splunk Enterprise.
Samsung SDS Identifies Top Cybersecurity Threats of 2026 as AI Risks Escalate
Samsung SDS’s reveals the cybersecurity threats of 2026, highlighted by AI risks, ransomware, cloud misconfigurations, phishing, and data breaches.
Fiducia zero nell’AI: la convergenza tra verifica, sicurezza offensiva e disinformazione
Il nuovo numero della rivista IEEE Computer accende un faro sulla convergenza tra reti di agenti AI, la verifica dell'identità delle macchine e la resilienza dei sistemi cognitivi. Ecco tre risposte autorevoli e scientifiche alla domanda chiave del CISO, mentre la fiducia algoritmica non sarà più un attributo implicito, ma una metrica da verificare continuamente
L’ATP Russo che sfrutta una vulnerabilità di Office è la nuova normalità
Il collettivo filorusso ATP28 ha sfruttato una vulnerabilità di Office contestualmente alla sua divulgazione. Sono bastate una manciata di ore per diffondere documenti pericolosi tra ministeri della Difesa, rappresentanze diplomatiche e operatori di trasporto e logistica. Siamo davanti a tecniche estemporanee oppure a una nuova normalità?
GTFire Phishing Scheme: Avoiding Detection Using Google Services
Hackers Exploited Cisco SD-WAN Zero-Day for Three Years Before Detection
Hackers exploited Cisco SD-WAN zero-day for 3 years before detection.
FTC Clarifies COPPA Stance, Backs Age Verification Technologies for Platforms
As digital environments grow more difficult, age verification technologies are increasingly positioned as a foundational layer of online safety.
Australian Poultry Giant Hazeldenes Faces Operational Disruption After Cyberattack
Hazeldenes cyberattack disrupts Australia poultry production, prompting phased recovery after the February 19 cybersecurity incident.
Medical device maker UFP Technologies warns of data stolen in cyberattack
American manufacturer of medical devices, UFP Technologies, has disclosed that a cybersecurity incident has compromised its IT systems and data.
FTC says it won’t enforce COPPA against proper use of age verification tools
Apache-2.4.58 (Win64) - php56 - Error PHP Startup: Unable to load dynamic library
Error: PHP Startup: Unable to load dynamic library '../php56/ext\\gd2' -- When using apache 2.4.* the php extension php_*.dll seems to work...
Fake Next.js job interview tests backdoor developer's devices
The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests.
Understanding the DarkCloud Infostealer
Flashpoint analyzes the DarkCloud infostealer, its Visual Basic 6 evasion tactics, encryption methods, and enterprise credential theft risk.
Inside the story of the US defense contractor who leaked hacking tools to Russia
The former boss of a U.S. hacking tools maker was jailed for selling highly sensitive software exploits to a Russian broker. This is how we first learned of his arrest, reported the story, and some of the unanswered questions we still have.
Health insurance tech provider TriZetto says more than 3 million impacted by 2024 breach
What Windows Server 2025 Quietly Did to Your NTLM Relay
TL;DR This post is super short, nevertheless: The classic cross-DC coerce + relay to LDAPS technique, abusing a misconfigured LmCompatibilityLevel (0/1/2) to generate NTLMv1 + ESS and strip the MIC…
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks.
Password manager, tra promesse di inattaccabilità e lacune nella sicurezza
I ricercatori dell’ETH Zurich hanno dimostrato 25 attacchi concreti sui password manager Bitwarden, LastPass e Dashlane. Il modello zero-knowledge, presentato come garanzia assoluta, si rivela strutturalmente più fragile di quanto promesso. Ecco cosa significa per aziende e professionisti e come agire subito
Discord puts global age verification policy on hold after backlash
Five Eyes allies warn hackers are actively exploiting Cisco SD-WAN flaws
Kali & LLM: macOS with Claude Desktop GUI & Anthropic Sonnet LLM
This post will focus on an alternative method of using Kali Linux, moving beyond direct terminal command execution. Instead, we will leverage a Large Language Model (LLM) to translate “natural language” descriptions of desired actions into technical commands. Achieving this setup requires the integration of three distinct systems: