Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
In cybercrime markets, trust isn't assumed, it's verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data quality, reputation, and survivability.
Four Nationally Significant Cyberattacks Every Week — Is the UK Ready?
UK cyberattacks hit record levels, with NCSC reporting rising incidents, critical infrastructure risks, and evolving cyber resilience challenges nationwide.
Ricerca scientifica e privacy: le linee guida EDPB, tra esigenze di sistema e prospettive evolutive
Le linee guida 1/2026, appena pubblicate dall’EDPB, si collocano in un momento di progressiva evoluzione del diritto europeo della protezione dati, nel quale emerge con crescente evidenza l’esigenza di coniugare la tutela dei diritti fondamentali con la promozione dell’innovazione scientifica. I punti salienti
Chat Control scaduto: o prevale il diritto o comandano le piattaforme
Riguardo alla deroga scaduta su Chat Control, le piattaforme scelgono la scansione volontaria. Non stanno solo colmando un vuoto, ma stanno consolidando, e in qualche misura imponendo, una prassi. E lo fanno sul terreno del diritto europeo. Ecco cosa accade e la posizione delle istituzioni
In defeat for Trump, House extends electronic spying program for just 10 days
The Cyber Express Weekly Roundup: Crypto Breaches, State-Linked Schemes, and Platform Exploits
TCE weekly roundup covers crypto hacks, fraud schemes, dark web contests, and cyberattacks shaping global cybersecurity trends.
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today's cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity.
75,000 DDoS-for-Hire Users Reprimanded as Authorities Seize Dozens of Domains
Law enforcement agencies across Europe, the United States, and other partner nations cracked down on the commercial DDoS-for-hire ecosystem, targeting both
Kuwait Banks Deploy Real-Time War Room to Fight Growing Cyber Fraud Threats
As Kuwait cyber fraud threats continue to evolve, such coordination is becoming increasingly important.
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years.
Infedeltà dei dipendenti e cybercrime: quando la minaccia viene dall’interno
A volte i responsabili delle violazioni informatiche sono dipendenti, collaboratori o ex soci che abusano dei propri privilegi di accesso per sottrarre dati, danneggiare sistemi o favorire la concorrenza. Ecco l'evoluzione giurisprudenziale, i casi pratici d'infedeltà dei dipendenti e cybercrime e gli obblighi per le imprese
La sottile differenza tra hacking e scraping: quando la forma non cambia la sostanza
Per l’utente finale l’hacking e lo scraping hanno effetti simili. Tuttavia, lo scraping ha molto a che fare con le logiche di business e limitarlo dovrebbe essere uno standard. Qualche considerazione e qualche suggerimento
Critical nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Critical nginx-ui flaw CVE-2026-33032 allows full Nginx takeover. Active exploitation in the wild puts thousands of servers at risk.
Microsoft: Some Windows servers enter reboot loops after April patches
Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security updates.
GDPR, quella del giornalista non è una professione ma una funzione: la responsabilità che nessuno vede
Se si vuole affrontare il tema della difesa dell’informazione, bisogna partire dalla funzione. Ecco perché bisogna capire chi informa, in che senso fa informazione, con quali effetti e con quali responsabilità
Man gets 30 months for selling thousands of hacked DraftKings accounts
23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts.
Google Says Gemini Ad Safety Blocked 8.3 Billion Policy-Violating Ads in 2025
As Gemini ad safety systems continue to develop, the focus is likely to remain on faster detection, stronger verification, and tighter enforcement.
$15M Grinex Hack Forces Trading Halt After Major Crypto Wallet Breach
Grinex Cyberattack halts trading after a $15M wallet breach, exposing major crypto exchange risks and fund movement across blockchains.
Recently leaked Windows zero-days now exploited in attacks
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions.
Russian GRU Cyber Campaign Targets Western Logistics Firms Supporting Ukraine
The advisory concludes that the Russian GRU cyber campaign is likely to persist, with continued use of similar tactics and targeting patterns.
Amtrak - 2,147,679 breached accounts
In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak. The group typically compromises organisations' Salesforce instances before demanding a ransom and later, if not paid, dumping the data publicly. They subsequently published the alleged data which contained over 2M unique email addresses along with names, physical addresses and customer support records.
Recovery scam: quando la truffa colpisce due volte
Nel panorama delle minacce informatiche, esiste una categoria di attacchi particolarmente insidiosa di cui si parla poco, ma che gode di pessima fama perché colpisce le vittime nel momento di maggiore vulnerabilità: le recovery scam, ovvero le truffe che promettono di recuperare il denaro già sottratto. Secondo Eset, si tratta di una strategia sempre più …
Supply chain: il 69% delle aziende pronto a co-finanziare la sicurezza
Sembra che il mercato inizi a considerare una cosa sensata il concetto di “sicurezza come responsabilità condivisa”. Questa frase, spesso usata in passato senza una reale presa sulla realtà e forse più come metodo per “scaricare” parte delle proprie responsabilità su altri, adesso trova dei riscontri nella nuova ricerca di Kaspersky intitolata “Supply chain reaction: …
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
The latest wave of "Operation PowerOFF," on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries.
ZionSiphon malware designed to sabotage water treatment systems
A new malware called ZionSiphon, specifically designed for operational technology, is targeting water treatment and desalination environments to sabotage their operations.
Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors
Learn how attackers compromise Joomla sites with obfuscated PHP loaders to inject SEO spam, cloak pages, and damage search visibility.
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers.
European police email 75,000 people asking them to stop DDoS attacks
Europol coordinated an operation against for-hire distributed denial-of-service (DDoS) services, including the arrest of four people and the takedown of 53 domains.
Foxit, LibRaw vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed one Foxit Reader vulnerability, and six LibRaw file reader vulnerabilities.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always pos