ShinyHunters extortion gang claims Odido breach affecting millions
The ShinyHunters extortion gang has claimed responsibility for breaching Dutch telecommunications provider Odido and stealing millions of user records from its compromised systems.
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
North Korean Lazarus group linked to Medusa ransomware attacks
North Korean state-backed hackers associated with the Lazarus threat group are targeting U.S. healthcare organizations in extortion attack using the Medusa ransomware.
Commercial Airline Industry Sees Sustained Scam and Impersonation Activity in 2026
2026 Commercial Airline Threat Report: Uncover sustained security threats. Details on 11,600+ malicious domains, key phishing tactics, crypto abuse, and vital brand protection strategies.
Moonrise RAT: A New Low-Detection Threat with High-Cost Consequences
Moonrise RAT is a Go-based remote trojan that maintains active C2 without early detection. Learn how to detect it before costly consequences.
Whaling e CEO Fraud: perché il pesce grosso è il più facile da pescare
Il C-Level è il bersaglio più facile, più esposto e tecnicamente più vulnerabile dell'organigramma aziendale. È dunque necessario fornire strategie di difesa specifiche, attraverso la combinazione di tecniche di controspionaggio digitale e procedure operative che blindano i processi decisionali critici senza rallentare il business
La NIS 2 non necessita di documenti: richiede governo
Con la NIS 2, la sicurezza informatica diventa materia di governo societario. Ecco perché il rischio digitale deve essere assunto, deliberato e tracciato dal vertice organizzativo
AI Content Generation Systems Face Global Pressure Over Privacy and Deepfake Risks
The regulators emphasized that AI content generation systems capable of producing realistic images, videos pose serious risks if used irresponsibly.
SURXRAT: Android RAT Downloads Large LLM Module from Hugging Face to Impact Device Performance
Cyble uncovers SURXRAT’s evolution across versions, built on ArsinkRAT code, and now downloading large LLM modules signaling an expansion of its operational capabilities.
Ransomware Attack on Langley Twigg Law: Updates, Official Statements and Reconstruction of Events According to Anubis
The New Zealand law firm Langley Twigg Law has confirmed that it was the victim of a cyberattack detected on 11 January 2026, announcing the incident through
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users' sensitive medical information.
Spain arrests suspected hacktivists for DDoSing govt sites
Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutions.
UK regulator fines porn company $1.8 million for failing to verify user ages
Microsoft says bug in classic Outlook hides the mouse pointer
Microsoft is investigating a known issue that causes the mouse pointer to disappear in the classic Outlook desktop email client for some users.
Ad tech firm Optimizely confirms data breach after vishing attack
New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its systems in a voice phishing attack.
Russian-speaking hackers used gen AI tools to compromise 600 firewalls, Amazon says
Global data protection authorities warn generative AI companies against replicating real people
Air Côte d'Ivoire confirms cyberattack following ransomware claims
Ring: una taglia a 4 zeri per forzare l’esecuzione in locale
Per chi vuole spezzare il legame tra le videocamere Ring e i server di Amazon, ora c’è un incentivo economico concreto: una taglia da 10.000 dollari per trovare un modo di far girare il sistema in locale e inviare lo streaming solo verso i computer del proprietario, senza che i flussi video o la telemetria …
VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report
Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN product, which allowed the hackers to gain access to 119 other unnamed organizations.
EDPB, diritto alla cancellazione: tra risultati positivi e sfide molteplici
L’EDPB fa il punto sulla piena applicazione del diritto alla cancellazione previsto dall’art. 17 del GDPR. È il frutto del lavoro svolto su uno dei diritti più esercitati e maggiormente “reclamati”, da più Authority Privacy, compreso il nostro Garante, all’interno del Coordinated Enforcement Framework (CEF). Ecco le principali sfide
Shadowleak, l’attacco senza permesso: nel Cybercrime 5.0 l’IA minaccia l’IA
La minaccia silente Shadowleak evidenzia quanto sottile e fragile possa essere il confine tra progresso tecnologico e rischio cibernetico. Come proteggere le Pmi nel mirino dell’invisibile
When identity isn’t the weak link, access still is
Stolen tokens and compromised devices let attackers reuse trust without breaking authentication. Specops Software explains why identity alone isn't enough and how continuous device verification strengthens Zero Trust.
CISA: Recently patched RoundCube flaws now exploited in attacks
CISA flagged two Roundcube Webmail vulnerabilities as actively exploited in attacks and ordered U.S. federal agencies to patch them within three weeks.
Ransomware gangs advancing Moscow’s geopolitical aims, Romanian cyber chief warns
Ukraine says cyberattacks on energy grid now used to guide missile strikes
The First Mobile Hacking Conference Is Coming This March
The world of mobile security is getting its very first dedicated online conference - and you’re invited! Get ready for summit dedicated entirely to mobile hacking, organized by Mobile Hacking Lab - a one of leading platform for offensive mobile security training and hands‑on exploitation labs. This free, online, two‑day event will be held on
Il cyber sabotaggio russo diventa più audace: il Cremlino sfrutta le divisioni fra Usa e Ue
Si sta verificando un’importante escalation nella strategia di sabotaggio digitale della Russia contro le infrastrutture critiche europee. Ecco cosa sappiamo del cyber attacco contro la Polonia
Attenti a quell’sms, è una truffa: 25 casi reale e come difendersi
Gli sms truffa, o smishing, sfruttano messaggi credibili e urgenza per rubare credenziali e dati di pagamento. Tra finte consegne, pedaggi, banche, identità digitali e supporti tecnici, le esche si moltiplicano. Ecco esempi ricorrenti, segnali per riconoscerli e azioni rapide per ridurre i rischi
ATM Jackpotting Losses Cross $20M as Malware Targets U.S. Cash Machines
The increase in ATM jackpotting incidents reflects a broader shift in cybercrime strategy.