Over Security

Cyble’s 2025 report examines Initial Access activity, ransomware trends, and major data breaches impacting Australia and New Zealand firms.

Microsoft is working to fix an Exchange Online service outage that intermittently prevents users from accessing their mailboxes via the Internet Mailbox Access Protocol 4 (IMAP4).

Microsoft will start enforcing multi-factor authentication (MFA) for all users accessing the Microsoft 365 admin center starting next month.

Huntress outlines a complex, multi-step attack designed to break out of guest VMs and target the ESXi hypervisor, using potential zero-day vulnerabilities and sneaky VSOCK communication.

Talos assesses with high confidence that UAT-7290 is a sophisticated threat actor falling under the China-nexus of Advanced Persistent Threat actors (APTs). UAT-7290 primarily targets telecommunications providers in South Asia.

La capacità di calcolo ha implicazioni innovative in numerosi ambiti scientifici, ma rappresenta anche una minaccia esistenziale per i sistemi crittografici che proteggono le infrastrutture digitali globali. Ecco quando è previsto il Q-Day e cosa implica la rivoluzione della computazione quantistica per la sicurezza crittografica

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin privileges.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a maximum-severity HPE OneView vulnerability as actively exploited in attacks.

Learn about the dangers of fake browser update alerts and how a malicious plugin targeted WordPress site owners.

A new wave of GoBruteforcer botnet malware attacks is targeting databases of cryptocurrency and blockchain projects on exposed servers believed to be configured using AI-generated examples.

OpenAI is rolling out ChatGPT Health, which is a dedicated space for health conversations. Amidst privacy concerns, OpenAI said it won't use your health data.

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by including it in generated files.

New data suggests that ChatGPT is losing its market share to Gemini on the web. It's unclear if Gemini is also gaining ground in the mobile space.

Logitech's Options+ and G Hub apps on macOS stopped working after their code-signing certificate expired, leaving users unable to launch them on Apple systems.

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform.

OX Security ha individuato due estensioni Chrome in grado di esfiltrare dati dalle chat IA di ChatGPT e DeepSeek e token di sessione.

Cybercriminals are increasingly using AI to lower the barrier to entry for fraud and hacking, shifting from skill-based to AI-assisted attacks known as "vibe hacking." Flare examines how underground forums promote AI tools, jailbreak techniques, and so-called "Hacking-GPT" services that promise ease rather than technical mastery.

Microsoft has confirmed a known issue that prevents recipients from opening encrypted emails in classic Outlook.

Quando le organizzazioni sanitarie finiscono nel mirino degli hacker, l’incolumità del paziente è la prima a essere compromessa. Non si tratta di un’ipotesi remota, ma di una realtà documentata da eventi drammatici. Ecco i rischi

La gestione degli incidenti di sicurezza informatica assume un ruolo centrale, perché gli eventi cyber possono determinare impatti significativi sotto diversi profili, tra cui quello operativo, finanziario o reputazionale. Ecco il ruolo delle Linee guida NIS dell'ACN per tradurre le specifiche di base in processi operativi concreti

File-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using compromised credentials from stealing their data.

Over the years, VStarcam cameras added various mechanisms meant to leak the authentication password. While the purpose is unclear, these cameras cannot be trusted to restrict access.