Cyber threat intelligence: ecco perché il framework CERT-EU arriva nel momento giusto
L'intelligenza artificiale ha innescato un cambio di paradigma, dentro il quale il nuovo Cyber Threat Intelligence Framework di CERT-EU assume un valore particolarmente rilevante. Ecco come permette di classificare, valutare e prioritizzare le attività cyber malevole
In April 2026, education company McGraw Hill confirmed a data breach following an extortion attempt. Attributed to a Salesforce misconfiguration, the company stated the incident exposed "a limited set of data from a webpage hosted by Salesforce on its platform". More than 100GB of data was later publicly distributed, containing 13.5M unique email addresses across multiple files, with additional fields such as name, physical address and phone number appearing inconsistently across some records.
Critical Nginx UI auth bypass flaw now actively exploited in the wild
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication.
New AgingFly malware used in attacks on Ukraine govt, hospitals
A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger.
WordPress plugin suite hacked to push malware to thousands of sites
More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them.
Flashpoint Surpasses Cataloging 7,000 Known Exploited Vulnerabilities as Disclosure Volume Accelerates
Flashpoint’s KEV dataset surpasses 7,000 cataloged known exploited vulnerabilities. See how security teams can prioritize risk using real-world exploitation data and vulnerability intelligence.
Ukraine Warns of Surge in Cyberattacks on Hospitals, Local Governments by UAC-0247 Hackers
CERT-UA said the activity—linked to a threat cluster tracked as UAC-0247—spiked between March and April 2026, with clinical hospitals, emergency services, and municipal bodies bearing the brunt of the attacks.
Signed software abused to deploy antivirus-killing scripts
A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and healthcare sectors.
Hackerati i Pc di varie banche: ma è un problema di modello di sicurezza
Un criminale, arrestato dalla Polizia, è riuscito ad installare dispositivi sui computer di un istituto di credito, intercettando il traffico dati e rubando credenziali di accesso dei clienti ai sistemi bancari. Ecco come sono stati hackerati i Pc di più banche e come mitigare il rischio
Attività promozionali, l’Agenzia assicurativa è titolare del trattamento: la sanzione privacy
Il Garante privacy ha sanzionato un’agenzia assicurativa che, ritenendo erroneamente di agire quale responsabile del trattamento per conto della Compagnia mandante, ha inviato e-mail promozionali in assenza di una propria informativa e autonomo consenso. Ecco gli insegnamenti da trarre
QR code scam e ingegneria sociale: come evolvono le truffe digitali
Dai falsi avvisi di violazione stradale ai QR code malevoli: l’attacco si sposta sul mobile e sfrutta fiducia, urgenza e automatismi cognitivi. Ecco l'analisi tecnica, i modelli di attacco e le strategie di difesa
CISA flags Windows Task Host vulnerability as exploited in attacks
CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges.
OpenAI svela GPT-5.4-Cyber: ecco l’approccio graduale all’AI applicata alla sicurezza
Dopo l'anteprima di Anthropic Claude Mythos, arriva GPT-5.4-Cyber con cui OpenAI, usando un approccio dideployment iterativo e controllato che diventa punto di riferimento utile per l'intera industria, espande il proprio programma Trusted Access for Cyber (TAC)
LmCompatibilityLevel determines which NTLM and LM authentication protocols are accepted for inbound and outbound connections for Windows machines. On domain controllers, the minimum recommended set…
Rolling Networks: Securing the Transportation Sector
Modern trucks are rolling networks packed with sensors, connectivity, and attack surfaces, creating new cyber risks. NMFTA's Cybersecurity Conference brings industry leaders together to tackle emerging threats in transportation.
Threat landscape for industrial automation systems in Q4 2025
The report contains industrial threat statistics for Q4 2025. It covers various infection vectors and malware types, as well as regional statistics and statistics by industry.