‘It reads like a spy novel’: $280 million theft from Drift involved North Korean fake companies, cutouts
UK government threatens tech bosses with jail time if they do not adequately fight nudification tools
The Phishing-as-a-Service Pipeline: How a Scalable Fraud Ecosystem Is Driving Global Attacks
What is phishing-as-a-service? Flashpoint breaks down how PhaaS platforms scale phishing attacks through coordinated infrastructure, delivery, and monetization.
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S. critical infrastructure networks includes thousands of Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation.
[Video] The TTP Ep. 22: The Collapse of the Patch Window
In this episode of The Talos Threat Perspective, we discuss how vulnerability exploitation is accelerating, and why attacker speed, AI, and exposed systems are affecting the patch window.
Apocalissi cyber in arrivo a causa dell’AI? Che dicono le mosse Anthropic e OpenAI
Anthropic e OpenAI stanno trattando le capacità cyber avanzate come una soglia da governare con accesso ristretto e rollout selettivi. Il nodo, però, non è solo la qualità dei modelli: è la velocità con cui scoperta, exploit e patch iniziano a muoversi su tempi sempre meno umani
Sintesi riepilogativa delle campagne malevole nella settimana del 4 – 10 aprile
Florida investigates OpenAI for role ChatGPT may have played in deadly shooting
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Analysis of 1 billion CISA KEV remediation records reveal a breaking point for human-scale security. Qualys shows most critical flaws are exploited before defenders can patch them.
Mirax: a new Android RAT turning infected devices into potential residential proxy nodes
Mirax, a new Android RAT and banking malware operating as a private MaaS is actively targeting Spanish-speaking countries via Meta ad campaigns.
Time mannaggement
Gestire il tempo nel corso di un incidente informatico non è questione di ispirazione né improvvisazione, ma deve seguire una strategia pianificata. Motivo per cui le organizzazioni devono prepararsi adeguatamente
Regole digitali, la UE apre al dialogo con gli USA: ecco i rischi di compiacere Trump
Secondo una dichiarazione pubblica di numerose organizzazioni della società civile europea, un confronto rischierebbe di offrire a Washington un canale privilegiato di influenza sull’applicazione delle principali normative europee in materia digitale, dal DMA al DSA, dall’AI Act al GDPR. Ecco il nodo ordinamentale vero
NIS2 e cyber security aziendale: le nuove sfide per Board e IT tra conformità e rischi reali
Analisi delle sfide della NIS2: responsabilità del Board, gestione della supply chain e impatto operativo per le imprese italiane.
UK says it exposed Russian submarine activity near undersea cables
Agenzia delle Entrate – campagna di phishing mirata alle Pubbliche Amministrazioni
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular CPU-Z and HWMonitor tools.
When Geopolitical Conflict Spills into Cyberspace — How US Organizations Should Respond
Cyber warfare attacks during 2026 Iran-US-Israel conflict show how cyber warfare attacks merge with kinetic strikes and disrupt infrastructure global.
The Cyber Express Weekly Roundup: Major State Threats, Crypto Attacks, and Legal Gaps
The Cyber Express weekly roundup shares the latest news in the cybersecurity domain, including the latest APT28 attacks, crypto hacks, and more.
Microsoft: Canadian employees targeted in payroll pirate attacks
A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees' salary payments after hijacking their accounts in payroll pirate attacks.
Dutch hospitals face disruptions after ransomware attack on software provider ChipSoft
Google rolls out Gmail end-to-end encryption on mobile devices
Google says Gmail end-to-end encryption (E2EE) is now available on all Android and iOS devices, allowing enterprise users to read and compose emails without additional tools.
LiteLLM: perché la workstation dello sviluppatore diventa l’obiettivo principale
L’incidente LiteLLM dimostra come le postazioni di sviluppo siano oggi il vero perimetro critico: credenziali disperse, supply chain esposta e sicurezza ancora ancorata a modelli superati. Dalla compromissione di un singolo endpoint alla violazione dell’intera infrastruttura: analisi tecnica, implicazioni strategiche e contromisure operative per affrontare il nuovo paradigma della cyber security developer-centrica
Not a Signal Flaw: iPhone Notifications Became a Backdoor for Deleted Messages
A recent FBI investigation has revealed that deleted messages from Signal can still be recovered from an iPhone—not a weakness in the app itself, but due to
Iran Crisis Highlights Rising Gulf Cybersecurity Risks to Critical Infrastructure
Iran crisis reshapes Gulf cybersecurity, exposing risks and elevating cybersecurity needs in Middle East defense, economy, and infrastructure systems.
Doppi agenti: vulnerabilità e rischi in Google Cloud Vertex AI
Una ricerca condotta da Palo Alto Networks su Google Cloud Platform Vertex AI ha rivelato come gli agenti AI mal configurati possono essere trasformati in doppi agenti per sottrarre dati. Tornano preponderanti le logiche del privilegio minimo
Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find
TotalRecall exposes flaws in Recall, showing how AES-256-GCM encryption and Windows Hello fail after decryption via AIXHost process gaps.
NIS2 e notifica degli incidenti informatici: cosa serve per essere pronti
L'incident reporting obbligatorio nelle sue varie declinazioni, tra cui quella della NIS2, è il banco di prova della maturità cyber aziendale. Le difficoltà più profonde non sono tecniche, ma di governance e per questo occorre sviluppare un sistema di risposta agli incidenti che tenga in considerazione le difficoltà di gestione e gli obblighi di compliance
FCC Proposes Tougher KYC Rules to Crack Down on Illegal Robocalls
The FCC is seeking public comment on several measures aimed at strengthening KYC rules for robocalls and improving telecom KYC compliance.
FCC Proposes Tougher KYC Rules to Crack Down on Illegal Robocalls
The FCC is seeking public comment on several measures aimed at strengthening KYC rules for robocalls and improving telecom KYC compliance.
GitLab Security Update Fixes High-Severity CVE-2026-5173, 11 Other Flaws
GitLab security update fixes CVE-2026-5173 and 11 flaws. Apply the GitLab security update security patch to prevent DoS and data risks.