Over Security

A new fraud campaign based on the Android malware "SuperCard X" and innovative NFC relay techniques is impacting Italian's banking. Read our latest report to learn more.

The Cleafy Threat Intelligence Team has uncovered a large-scale Malware-as-a-Service (MaaS) operation orchestrated by Chinese-speaking Threat Actors. The operation has globally infected over 11,000 Android devices by deploying the PlayPraetor Remote Access Trojan (RAT). Read the full report here.

In late August 2025, Cleafy's Threat Intelligence team discovered Klopatra, a new, highly sophisticated Android malware currently targeting banking users primarily in Spain and Italy. The number of compromised devices has already exceeded 1,000. Read the report to learn more.

Albiriox is a newly identified Android malware family offered as a Malware-as-a-Service, and enabling TAs to perform On-Device Fraud through remote control, screen manipulation, and real-time interaction with the infected device. Read more in this report.

A dual Chinese and St. Kitts and Nevis national was sentenced to 20 years in prison in absentia for his role in an international cryptocurrency investment scheme (also known as pig butchering or romance baiting) that defrauded victims of more than $73 million.

La catena di custodia è un processo strutturale, operativo e normativo. Ecco le fasi, gli strumenti, il valore probatorio e l’inquadramento internazionale, in riferimento alla Convenzione di Budapest

Oggi il rischio non è più Internet, ma social, messaggistica, AI generativa e Agentic AI. Tuttavia l'appello a condividere dati in modo consapevole significa proteggere noi stessi e gli altri. Ecco cosa rappresenta oggi la giornata che la Commissione Europea diffonde come promemoria concreto di responsabilità collettiva

In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.

In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum. The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-submitted the data to HIBP and advised the incident was traced back to a legacy system and did not impact health data, financial information or passwords.

The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year.

Hackers are now exploiting SolarWinds Web Help Desk (WHD) vulnerabilities to gain code execution rights on exposed systems and deploy legitimate tools, including the Velociraptor forensics tools, for persistence and remote control.

SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but did not impact business applications or account data.

According to TechCrunch’s ongoing tally, including the most recent data spill involving uMobix, there have been at least 27 stalkerware companies since 2017 that are known to have been hacked, or leaked customer and victims’ data online.

L'Electronic System for Travel Authorization, sostitutivo del visto per entrare negli USA per i cittadini dei Paesi inclusi nel Visa Waiver Program, si trasforma da strumento di pre-autorizzazione amministrativa a infrastruttura avanzata di raccolta e correlazione di dati personali. Cosa significa per la privacy un sistema di valutazione preventiva del rischio basato su profili complessi

More than half-a-million people who bought access to phone surveillance and social media snooping apps had their email address and partial payment card numbers published online.

Il panorama delle minacce informatiche è in continuo cambiamento e recentemente si sta assistendo a  una metamorfosi del phishing dove la tecnica del mascheramento cede il passo all’abuso deliberato delle infrastrutture cloud legittime. Check Point Software Technologies ha recentemente portato alla luce una campagna di phishing massiva che, invece di creare domini fraudolenti, utilizza le …

Criminalità digitale, tensioni geopolitiche e intelligenza artificiale stanno innescando un'evoluzione delle minacce online. Ecco cosa riporta l'indagine di Tinexta Cyber che fotografa la frequenza degli attacchi hacker in Italia

Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password guesses and why complexity rules alone fall short.

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely.

Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities of approximately 3,000 victims.

Nei primi giorni delle Olimpiadi Invernali Milano-Cortina 2026 si è registrata un’intensa attività cyber tra campagne DDoS, propaganda hacktivista e rivendicazioni su sistemi esposti. Un’analisi della settimana inaugurale e dei principali threat actor coinvolti.

After the cyber attacks timelines (part I and part II), it’s time to publish the statistics for January 2026 where I collected and analyzed 178 events. In January 2026, Cyber Crime continued to lea…