Over Security

Over Security

33577 bookmarks
Custom sorting
Scuf Gaming - 128,683 breached accounts
Scuf Gaming - 128,683 breached accounts
In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach. The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes.
·haveibeenpwned.com·
Scuf Gaming - 128,683 breached accounts
Sound Radix - 292,993 breached accounts
Sound Radix - 292,993 breached accounts
In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. Attributed to unauthorised access to a customer support platform, the incident impacted 293k unique email addresses and names of users who had interacted with their support team. Sound Radix advised that whilst there is no evidence their broader user database was accessed, it is possible that additional data including hashed passwords may have been exposed. No financial or credit card information was impacted.
·haveibeenpwned.com·
Sound Radix - 292,993 breached accounts
Magento sotto attacco: PolyShell, sfruttamento di massa in pochi giorni
Magento sotto attacco: PolyShell, sfruttamento di massa in pochi giorni
La vulnerabilità “PolyShell” in Magento Open Source e Adobe Commerce è passata dalla disclosure alla compromissione su larga scala in tempi estremamente rapidi: secondo Sansec, azienda specializzata in sicurezza informatica, lo sfruttamento di massa è iniziato il 19 marzo 2026, appena due giorni dopo la divulgazione pubblica, e oggi le tracce di attacco risultano presenti …
·securityinfo.it·
Magento sotto attacco: PolyShell, sfruttamento di massa in pochi giorni
GitHub adds AI-powered bug detection to expand security coverage
GitHub adds AI-powered bug detection to expand security coverage
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks.
·bleepingcomputer.com·
GitHub adds AI-powered bug detection to expand security coverage
PolyShell attacks target 56% of all vulnerable Magento stores
PolyShell attacks target 56% of all vulnerable Magento stores
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.
·bleepingcomputer.com·
PolyShell attacks target 56% of all vulnerable Magento stores
Bubble AI app builder abused to steal Microsoft account credentials
Bubble AI app builder abused to steal Microsoft account credentials
Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps.
·bleepingcomputer.com·
Bubble AI app builder abused to steal Microsoft account credentials
New Torg Grabber infostealer malware targets 728 crypto wallets
New Torg Grabber infostealer malware targets 728 crypto wallets
A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets.
·bleepingcomputer.com·
New Torg Grabber infostealer malware targets 728 crypto wallets
Citrix urges admins to patch NetScaler flaws as soon as possible
Citrix urges admins to patch NetScaler flaws as soon as possible
Citrix has patched two NetScaler ADC and NetScaler Gateway vulnerabilities, one of which is very similar to the CitrixBleed and CitrixBleed2 flaws exploited in zero-day attacks in recent years.
·bleepingcomputer.com·
Citrix urges admins to patch NetScaler flaws as soon as possible
Analisi statica del codice: con LiSA la tecnologia italiana sale sul podio mondiale
Analisi statica del codice: con LiSA la tecnologia italiana sale sul podio mondiale
LiSA, il framework di Ca’ Foscari per la verifica del software, conquista il terzo posto a SVCOMP 2026 nella categoria Java. Progetto co-finanziato da SERICS, si basa su interpretazione astratta. Integrato dalla NSA in Ghidra, si candida come tecnologia italiana per l’analisi statica del codice
·cybersecurity360.it·
Analisi statica del codice: con LiSA la tecnologia italiana sale sul podio mondiale
Paid AI Accounts Are Now a Hot Underground Commodity
Paid AI Accounts Are Now a Hot Underground Commodity
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale.
·bleepingcomputer.com·
Paid AI Accounts Are Now a Hot Underground Commodity
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
Kali Linux 2026.1, the first release of the year, is now available for download, featuring 8 new tools, a theme refresh, and a new BackTrack mode for Kali-Undercover.
·bleepingcomputer.com·
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
AI Omnibus, così l’UE vuole riscrivere le regole: cosa cambia per privacy e compliance
AI Omnibus, così l’UE vuole riscrivere le regole: cosa cambia per privacy e compliance
Le commissioni IMCO e LIBE del Parlamento UE hanno adottato il mandato negoziale sul cosiddetto “omnibus digitale” che modifica l’AI Act: tra le proposte il rinvio delle scadenze per i sistemi ad alto rischio, più flessibilità per le imprese e un nuovo divieto per le applicazioni di “nudificazione”. Voto in plenaria atteso il 26 marzo
·cybersecurity360.it·
AI Omnibus, così l’UE vuole riscrivere le regole: cosa cambia per privacy e compliance
TP-Link warns users to patch critical router auth bypass flaw
TP-Link warns users to patch critical router auth bypass flaw
TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.
·bleepingcomputer.com·
TP-Link warns users to patch critical router auth bypass flaw
Anatomy of a Cyber World Global Report 2026
Anatomy of a Cyber World Global Report 2026
The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report also includes Incident Response findings based on real-world cases identified and mitigated in 2025.
·securelist.com·
Anatomy of a Cyber World Global Report 2026
The FCC Just Blocked Every New Foreign-Made Router from the U.S. Market
The FCC Just Blocked Every New Foreign-Made Router from the U.S. Market
As of March 23, no new model of router can receive U.S. market authorization unless it clears a security review by the Department of War or the Department of Homeland Security first, the FCC said.
·thecyberexpress.com·
The FCC Just Blocked Every New Foreign-Made Router from the U.S. Market