BreachForums Data Leaks: Technical Analysis and Timeline Attribution (2022–2026)
Technical analysis of BreachForums data leaks from 2022 to 2026, correlating publication dates with actual dataset timelines using the lastactive field to clarify attribution and infrastructure evolution.
Congress Wants a GPS Tracker on Every Advanced AI Chip America Exports
The core mechanism the Chip Security Act puts forward is location verification — the requirement that advanced AI chips exported from the United States carry a technical security mechanism.
Condanna di Meta e Google in California: anatomia di un processo che cambia le regole
Una giuria di Los Angeles riconosce che il design di Instagram e YouTube può causare danni diretti alla salute mentale. Meta e Google condannate a 3 milioni di dollari, ma il vero impatto è giuridico: spostamento della responsabilità dalle scelte editoriali alle scelte progettuali. I punti salienti della sentenza
La cyber sicurezza del settore sanitario in Italia: cosa sapere e su cosa riflettere
Il recente attacco al settore sanitario francese spinge a chiedersi quali rischi ci sono che scenari simili si verifichino anche in Italia, Paese già preso di mira dal criminal hacking. Il parere dell’esperto
Ransomware a Esprinet, compromessi 1,2 TB di dati: cosa sappiamo
Il gruppo ALP-001 ha rivendicato un attacco di tipo ransomware a Esprinet sostenendo di averne esfiltrato una importante quantità di dati interni. Ecco una breve analisi di quello che sappiamo finora
Windows 11 KB5079391 update rolls out Smart App Control improvements
Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements.
Dutch Police discloses security breach after phishing attack
The Dutch National Police (Politie) says a security breach resulting from a successful phishing attack has had a limited impact and hasn't affected citizens' data.
ACN: a febbraio 2026 bisogna sommare il contesto geopolitico al combinato NIS2–Olimpiadi
L'operational summary dell'Acn a febbraio si focalizza su DDoS a basso impatto e sull’allargamento della platea di soggetti NIS2 notificanti. Ma, in realtà, secondo i nostri esperti, il rischio cyber sta peggiorando, guardando al contesto geopolitico della guerra in Iran e ai trend emersi negli ultimi rapporti europei, a partire da quello del Clusit 2026
In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with usernames and argon2 password hashes.
What is a web shell? Learn about the most common types, along with examples. We explain how shells work, what they do, and how to protect your site and clean up this malware from a hacked server.
Ajax football club hack exposed fan data, enabled ticket hijack
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people.
CISA: New Langflow flaw actively exploited to hijack AI workflows
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents.
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on
A puppet made me cry and all I got was this t-shirt
In this week's newsletter, Amy draws parallels between the collaborative themes of "Project Hail Mary" and the massive team effort behind the newly released Talos Year in Review report.
Diventare resilienti by design: proteggere il perimetro non basta più
Le organizzazioni si concentrano ancora troppo sulla sicurezza perimetrale, trascurando le minacce informatiche legate alle interconnessioni con le supply chain e le terze parti,come fornitori e partner: lo indicano i risultati dell’ultimo rapporto presentato da Zscaler, che pone l’attenzione anche sui rischi emergenti, tra cui intelligenza artificiale e sviluppi del quantum computing
Gemini sul Dark Web: strumento di difesa o nuova frontiera del controllo?
Google ha integrato Gemini in Google Threat Intelligence per monitorare automaticamente il Dark Web: fino a 10 milioni di post al giorno analizzati con una precisione dichiarata del 98%. Un salto tecnologico reale che pone domande scomode su cosa significhi affidare la nostra superficie di rischio a un’unica piattaforma commerciale
UK sanctions Xinbi marketplace linked to Asian scam centers
The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia.
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know
Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online.
Discover how darknet Telegram channels operate, which channel types matter most for cyber defense, and what separates useful threat intelligence from noise.