The Week in Vulnerabilities: 2026 Starts with 100 PoCs and New Exploits
Cyble tracked 678 vulnerabilities last week, with nearly 100 PoCs and dozens of critical CVEs across IT and ICS, increasing real-world attack risk.
Trend Micro warns of critical Apex Central RCE vulnerability
Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges.
Exclusive – Ransomware attack against Copec: Anubis claims exfiltration of 6 TB of data
Anubis states that Copec had a highly developed security posture, including intrusion detection and prevention systems, advanced EDR solutions, and a dedicated Blue Team responsible for real-time threat monitoring.
DORA: così il CdA delle entità finanziarie entra nel nuovo dominio digitale
Un comandante militare può delegare molte funzioni, ma non può delegare l’esito dell’operazione che gli è stata affidata. Il DORA introduce questo concetto nel governo d’impresa. Ecco cosa definiscono gli articoli 5 e 6, per trasformare il Cda nel centro di gravità dell’intera resilienza operativa
CISA retires 10 emergency cyber orders in rare bulk closure
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has retired 10 Emergency Directives issued between 2019 and 2024, saying that the required actions have been completed or are now covered by Binding Operational Directive 22-01.
Google Sees Spam, You See Your Site: A Cloaked SEO Spam Attack
Learn how to identify and combat an SEO spam attack that can harm your brand and deceive search engine crawlers.
Gmail's new AI Inbox uses Gemini, but Google says it won’t train AI on user emails
Google says it's rolling out a new feature called 'AI Inbox,' which summarizes all your emails, but the company promises it won't train its models on your emails.
New China-linked hackers breach telcos using edge device exploits
A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its operations to include organizations in Southeastern Europe.
Who Benefited from the Aisuru and Kimwolf Botnets?
Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we'll dig through digital clues left…
FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs
The North Korean state-sponsored hacker group Kimsuki is using malicious QR codes in spearphishing campaigns that target U.S. organizations, the Federal Bureau of Investigation warns in a flash alert.
xAI teases major Grok upgrade, hints at Grok Code CLI
Elon Musk-backed xAI has been missing in action for a while now, but today, Musk teased a major upgrade for Grok alongside new products.
CISA sunsets 10 emergency directives thanks to evolution of exploited vulnerabilities catalog
CPPA fines data broker selling lists of Alzheimer's patients
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted vulnerabilities became publicly known.
Texas court blocks Samsung from tracking TV viewing, then vacates order
The State of Texas obtained a short-lived, temporary restraining order (TRO) against Samsung that prohibited the South Korean company from collecting audio and visual data about what Texas consumers are watching on their TVs.
Cisco switches hit by reboot loops due to DNS client bug
Multiple Cisco switch models are suddenly experiencing reboot loops after logging fatal DNS client errors, according to reports seen by BleepingComputer.
Critics pan spyware maker NSO’s transparency claims amid its push to enter US market
The infamous spyware maker released a new transparency report claiming to be a responsible spyware maker, without providing insight into how the company dealt with problematic customers in the past.
Internet collapses in Iran amid protests over economic crisis
Internet monitoring firms and experts say Iran’s internet has almost completely shut down, as protests spread through major cities.
Resolutions, shmesolutions (and what’s actually worked for me)
Talos' editor ditches the pressure of traditional New Year’s resolutions in favor of practical, in-the-moment changes, and finds more success by letting go of perfection. Plus, we break down the latest on UAT-7290, a newly disclosed threat actor targeting critical infrastructure.
ChatGPT Health feature draws concern from privacy critics over sensitive medical data
Texas court blocks Samsung from collecting smart TV viewing data
The State of Texas has obtained a temporary restraining order (TRO) against Samsung that prohibits the South Korean company from collecting audio and visual data about what Texas consumers are watching on their TVs.
Data poisoning: cos’è e come proteggersi dall’avvelenamento dei modelli di AI generativa
Secondo uno studio, condotto da Anthropic, in collaborazione con il UK AI Security Institute e l'Alan Turing Institute, meno dello 0,0002% del dataset complessivo di addestramento pre-training è sufficiente per il data poisoning: bastano 250 documenti malevoli per avvelenare un modello di AI generativa. Ecco le misure di mitigazione
Crif, il borseggio digitale colpisce un Under30 su 5: come proteggersi
Il ritorno su importi medio-bassi è una scelta strategica razionale da parte dei frodatori. Operazioni che attirano meno attenzione, bypassano i controlli automatici e, su larga scala, generano comunque volumi economici importanti. Ecco nei dettagli l'osservatorio Crif per la prima metà del 2025
AI nelle telecomunicazioni: agenti intelligenti per gestire gli incidenti di rete, il caso Eutelsat
L’AI nelle telecomunicazioni trasforma la gestione degli incidenti: agenti intelligenti rendono il supporto tecnico più rapido e scalabile.
Gestione degli incidenti informatici: adesso serve avere un piano
La normativa NIS 2 impone, dal 31 dicembre 2025, di predisporre i piani di risposta agli attacchi informatici. Ecco come strutturarli e perché è fondamentale dotarsene anche se non si è sottoposti direttamente alla direttiva europea
NSA cyber directorate gets new acting leadership
Six for 2026: The cyber threats you can’t ignore
Cybersecurity threats in 2026 are accelerating, driven by AI, automation, and more effective social engineering. Corelight outlines six emerging attack trends and explains how network visibility can help defenders respond faster.
Nuova ondata di attacchi GoBruteforcer, l’IA sfruttata per il brute-force
I ricercatori di Check Point Research hanno individuato una nuova ondata di attacchi GoBruteforcer, una botnet modulare scritta in Go.
US announces withdrawal from dozens of international treaties
Initial Access Sales Accelerated Across Australia and New Zealand in 2025
Cyble’s 2025 report examines Initial Access activity, ransomware trends, and major data breaches impacting Australia and New Zealand firms.