Analysis of cifrat: could this be an evolution of a mobile RAT?
CERT Polska analyzed a Booking themed Android malware chain delivered through phishing and a fake update website. The sample is a multistage dropper that installs a hidden accessibility controlled RAT with WebSocket C2.
IA Agentica & cyber security: a che punto siamo e cosa ci attende
L’IA agentica sta ridefinendo il panorama della cyber security introducendo nuove opportunità che richiedono di ripensare come proteggere la stessa intelligenza artificiale, offrendo al contempo le chiavi per affrontare queste sfide
Researchers Find a Zero-Day Attack Targeting Adobe Reader Users
A newly uncovered zero-day attack targeting Adobe Reader has raised alarms across enterprise security teams, as researchers identified an exploit chain that
In April 2026, the NSFW AI girlfriend platform My Lovely AI suffered a data breach that exposed over 100k users. The data included user-created prompts and links to the resulting AI-generated images, along with a small number of Discord and X usernames.
Hackers exploit critical flaw in Ninja Forms WordPress plugin
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.
FBI: Americans lost a record $21 billion to cybercrime last year
U.S. victims lost nearly $21 billion to cyber-enabled crimes last year, driven primarily by investment scams, business email compromise, tech support fraud, and data breaches, the Federal Bureau of Investigation says.
US warns of Iranian hackers targeting critical infrastructure
Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations.
APT28 colpisce i router per dirottare il DNS e rubare credenziali
Secondo un’analisi pubblicata dal National Cyber Security Centre britannico e supportata da dati di Microsoft Threat Intelligence, il gruppo APT28 continua a compromettere router domestici e per piccoli uffici per manipolare il DNS e intercettare credenziali sensibili, utilizzando infrastrutture di rete apparentemente innocue come trampolino verso obiettivi più rilevanti. La campagna, attribuita al collettivo noto …
Russian government hackers broke into thousands of home routers to steal passwords
Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication tokens in a wide-ranging espionage operation.
Max severity Flowise RCE vulnerability now exploited in attacks
Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code.
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens…
Iran recluta cyber criminali russi: nuova escalation nella guerra cibernetica globale
Secondo un report di intelligence, Teheran starebbe integrando attori criminali nelle proprie operazioni offensive per colpire obiettivi USA. Torna Pay2Key in versione “pseudo-ransomware” e cresce l’ambiguità tra cybercrime e attività statali. Ecco quali nuovi rischi introduce la convergenza tra stato e criminalità
Dall’app virale ai mal di testa globali: quando il successo diventa un problema legale
Chiunque fornisca un servizio ha la responsabilità di apprendere i requisiti legali si applicano alla propria situazione e soddisfare tutti quelli di conformità. Ecco una guida pratica per navigare la complessità normativa globale e trasformarla in vantaggio competitivo
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials.
Why Your Automated Pentesting Tool Just Hit a Wall
Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap.
Aggiornamenti Android aprile 2026: corrette solo due vulnerabilità, ma “meno” non significa “meglio”
Google pubblica l’Android Security Bulletin di aprile 2026 che corregge solo due vulnerabilità contro le 129 del mese scorso, ma una delle due riguarda StrongBox, il sottosistema di sicurezza hardware che custodisce chiavi crittografiche, credenziali e dati biometrici nei dispositivi Android più recenti. Ecco i dettagli