Spain arrests suspected member of pro-Russian hacktivist groups
The National Police in Spain have arrested a man who is suspected of being an active member of the CyberArmy of Russia Reborn (CARR) and Z-Pentest, both pro-Russian hacktivist groups.
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't guarantee a secure pipeline, and how organizations can better govern their CI/CD workflows.
JADEPUFFER, il ransomware agentico che cambia le regole della cyber security: come difendersi
JADEPUFFER è la prima operazione ransomware pilotata end-to-end da un agente IA: violazione di un'istanza Langflow, furto massivo di credenziali e attacco automatizzato a database Nacos/MySQL. Tecniche, indicatori di compromissione e contromisure per CISO e aziende
Webinar tomorrow: Why modern email attacks require a new approach to defense
Tomorrow's webinar explores how behavioral AI can help organizations detect sophisticated phishing, business email compromise, and account takeover attacks while reducing alert fatigue through automated investigation and response workflows.
Microsoft to enable Windows settings backup by default for orgs
Microsoft says the Windows settings backup and restore tool will be enabled by default on Microsoft Entra-joined or Microsoft Entra hybrid-joined enterprise systems after upgrading to Windows 11 26H2.
Connecting Scattered Spider: Defining A Cybercrime Collective Through Shared TTPs
This blog covers Group-IB’s overview of Scattered Spider, backed by Group-IB’s proprietary intelligence, providing additional information to what has already been reported publicly, with added clarification on 0ktapus and how it is related to Scattered Spider.
BeyondTrust warns of critical flaws in remote access software
BeyondTrust warned customers to patch two critical security flaws in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow attackers to bypass authentication.
Microsoft testing new Cloud Rebuild Windows 11 recovery feature
Microsoft has begun testing the Cloud Rebuild recovery feature in the latest Windows 11 Insider Preview builds released for users in the Experimental channel.
La resilienza non si scrive una volta sola: il vero problema è il riesame continuo
La resilienza, infatti, non è uno stato stabile ma una capacità dinamica che deve evolvere insieme ad altri fattori. Ecco il ruolo strategico del riesame continuo, degli aggiornamenti periodici, delle esercitazioni e degli audit, per evitare che un piano non aggiornato si trasformi in fattore di rischio
Fake IT support calls on Microsoft Teams push EtherRAT malware
Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks.
Phishing poses as big-brand job interview to steal Google accounts
A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing professionals.
Vietnam arrests suspects behind HiAnime anime piracy service
Vietnamese authorities have arrested and are prosecuting seven suspects believed to have run HiAnime, the largest anime piracy streaming service before its shutdown in June.
Fable, Claude, and Mythos Ban: 117 Malicious Domains Registered in Brand Impersonation Campaign
117 domains were registered exploiting the Fable 5 and Mythos 5 ban – targeting Claude, Fable, and Mythos brands via phishing, crypto scams, and fake legal recruitment. See BforeAI's full threat breakdown.
I cyber criminali non cercano più solo vulnerabilità: cercano chi autorizza un bonifico
Le PMI investono sempre di più in firewall, antivirus e protezione degli accessi, ma trascurano i processi che regolano i pagamenti. Tra Business Email Compromise, deepfake e AI generativa, la cyber security si sposta dall’infrastruttura IT alla governance finanziaria
Gestione del fattore umano nel SOC: dinamiche di lavoro e prevenzione dello stress operativo
Prevenzione dello stress e dinamiche di burnout nei Security Operations Center: strategie organizzative, tecnologia SOAR, KPI di benessere e cultura della resilienza psicologica