Webinar: The hidden bottlenecks in network incident response
IT teams are increasingly overwhelmed by alerts from disconnected systems, forcing responders to manually coordinate investigations during network incidents. This webinar explores how automation and AI-assisted workflows can help reduce response delays and improve operational coordination.
Microsoft confirms patching issues in restricted Windows networks
Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates.
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
Cisco Talos has uncovered a BadIIS variant — identifiable by its embedded "demo.pdb" strings — that functions as commodity malware, likely sold or shared among multiple Chinese-speaking cyber crime groups operating under a malware-as-a-service (MaaS) model for continuous monetization.
L’Iran minaccia dazi sui cavi sottomarini: a rischio la connettività digitale mondiale
I cavi sottomarini rappresentano la spina dorsale dell'economia digitale. La minaccia dell'Iran a mettere dazi sui cavi sottomarini che attraversano lo Stretto di Hormuz significa mettere in pericolo l'integrità di infrastrutture critiche per la connettività digitale mondiale
We sat with Sarah Psaila (Group-IB Europe) to discuss why iGaming operators are measuring the wrong fraud signals and seeing bloated success metrics and what intelligence-driven protection against fraud looks like in 2026.
FAQ ACN NIS2 sui fornitori rilevanti: cosa cambia con le nuove FRN.8 e FRN.9
Le nuove FAQ ACN sui fornitori rilevanti NIS (FRN.8 e FRN.9) chiariscono i casi di subfornitore e fornitore infragruppo. Ecco come cambiano le regole e cosa devono fare concretamente le aziende per la compliance NIS2 entro il 31 maggio 2026
Dal vincolo alla discrezionalità: come procedure e linee guida indirizzano l’azione aziendale
La differenza fra procedure e linee guida ha peso strategico, capace di influenzare il modo in cui si lavora, il grado di adattabilità concesso a chi opera e la coerenza complessiva del sistema. Ecco la doppia natura di due strumenti diversi per tradurre obiettivi in azioni concrete
In April 2026, data allegedly obtained from CTT, Portugal's national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking numbers which can be used to retrieve the tracking history of the parcel.
In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that "it is possible that your personal information may have been compromised". The "pay or leak" extortion group ShinyHunters subsequently claimed responsibility and published a large trove of personal data allegedly obtained from Addi. The data included 34M unique email addresses from credit scoring requests, credit bureau records, customer identity records and email validation logs. It also contained government issued IDs (Cédula de Ciudadanía), estimated income, socioeconomic levels, purchases and other credit-related data points.
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said…
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
Many employees already use shadow AI tools at work without security review. Adaptive Security breaks down how teams can build practical AI governance without adding friction for employees.
Leaked Shai-Hulud malware fuels new npm infostealer campaign
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend.