Over Security

Aleksei Volkov, of St. Petersburg, Russia, was sentenced for his role of access broker assisting major cybercrime groups, including the Yanluowang ransomware group.

In uno scenario in cui gli attacchi cyber sono sempre più frequenti, la vera differenza non è tra chi viene colpito e chi no, ma tra chi riesce a ripartire rapidamente e chi rimane fermo giorni o settimane. È nella capacità di conoscere e testare i tempi di ripartenza che si misura la maturità cyber

Insights into how Health Shared Services improved SOC investigations, reduced alert fatigue, and accelerated threat analysis with ANY.RUN.

Oracle releases emergency patch for CVE‑2026‑21992 affecting Identity Manager and Web Services Manager; critical remote code execution risk.

La documentazione richiesta dalla NIS 2 non può essere vista come il fine ma come il mezzo attraverso cui si consolida una cultura del rischio. Ecco come un'azienda, che sta costruendo resilienza, dimostra la capacità di apprendere, adattare e aver governato l’incertezza

Track the 2025-2026 shift of China-based Silver Fox from financial crime to APT espionage. Discover how they exploit tax-themed phishing and RMM tools to target South Asian entities.

Una sentenza della Cassazione stabilisce la responsabilità dei dipendenti, in base alla quale i lavoratori che cadono in una cyber truffa, come quella del Ceo o una di Business Email Compromise, in grado di provocare danni patrimoniali all'azienda, può essere licenziato. Ecco i gli aspetti positivi e problematici della sentenza

In an exclusive Dr Sheeba Armoogum Interview, the Associate Professor unpacks AI, cyberpsychology, and digital legacy.

Crunchyroll data breach linked to a security incident may expose user data, including emails, IPs, and payment details via third-party systems.

The Iran Telegram malware campaign is a reminder that cyber threats are no longer confined to obscure or easily identifiable channels.

India cyber threat landscape 2026 reveals rising state sponsored cyber attacks India, hacktivism, and evolving cyber risks.

Man mano che il tempo passa, i ricercatori di sicurezza prendono sempre le meglio le misure con i sistemi LLM che forniscono i servizi AI a livello  aziendale. Purtroppo, questo significa per il momento rendersi conto  che le vulnerabilità sono davvero molte e articolate. Questo articolo analizza in dettaglio le vulnerabilità emergenti nella piattaforma Amazon …

The Woundtech data breach does not merely reflect a typical case of data exfiltration followed by extortion; it also raises significant questions regarding

OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat.

In around 2011, the RuneScape Boards forum (also known as RSBoards) suffered a data breach that was later redistributed as part of a larger corpus of data. The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes.

Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December.

The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels.

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers.

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran.

Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people.

EDPB ed EDPS ha sollevato un dubbio tutt’altro che teorico in merito al Digital Omnibus: nel tentativo di rendere più snello il quadro regolatorio europeo, si rischia di incidere proprio sul pilastro che lo ha reso solido, cioè il GDPR. Ecco i punti salienti dell’opinione congiunta

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company's GitHub organization to tamper with dozens of repositories.

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have…

Hackers working for Iran’s government are using Telegram in hacking operations that use malware to target dissidents, opposition groups, and journalists who oppose its regime, according to the FBI.