US official accuses China of supporting, exploiting cyber scam crisis in Southeast Asia
Diventare resilienti by design: proteggere il perimetro non basta più
Le organizzazioni si concentrano ancora troppo sulla sicurezza perimetrale, trascurando le minacce informatiche legate alle interconnessioni con le supply chain e le terze parti,come fornitori e partner: lo indicano i risultati dell’ultimo rapporto presentato da Zscaler, che pone l’attenzione anche sui rischi emergenti, tra cui intelligenza artificiale e sviluppi del quantum computing
Gemini sul Dark Web: strumento di difesa o nuova frontiera del controllo?
Google ha integrato Gemini in Google Threat Intelligence per monitorare automaticamente il Dark Web: fino a 10 milioni di post al giorno analizzati con una precisione dichiarata del 98%. Un salto tecnologico reale che pone domande scomode su cosa significhi affidare la nostra superficie di rischio a un’unica piattaforma commerciale
Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware
UK sanctions Xinbi marketplace linked to Asian scam centers
The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia.
Apple rolls out age verification to UK iPhone users
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know
Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online.
Top Dark Web Telegram Groups & Channels (2026)
Discover how darknet Telegram channels operate, which channel types matter most for cyber defense, and what separates useful threat intelligence from noise.
WhatsApp rolls out more AI features, iOS multi-account support
WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer between iOS and Android devices.
TikTok for Business accounts targeted in new phishing campaign
Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages.
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it.
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits.
EU investigating Snapchat and pornography sites in child safety crackdown
Russia arrests suspected owner of LeakBase cybercrime forum
Russian police arrested a Taganrog resident believed to be the owner of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools.
Talos Takes: 2025 insights from Talos and Splunk
This episode of Talos Takes breaks down the 2025 Year in Review as well as Splunk's Top 50 Cybersecurity Threats report.
Russia detains alleged admin of LeakBase cybercrime forum weeks after global crackdown
UK sanctions Chinese crypto marketplace tied to scam compounds
Suspected RedLine infostealer malware admin extradited to US
An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years.
Nova Scotia Power Data Breach Compromises Data of Over 900,000 Users
Following the Nova Scotia Power data breach, the company took steps to contain the incident.
An AI gateway designed to steal your data
Dissecting the supply-chain attack on LiteLLM – a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how to protect yourself.
1-15 March 2026 Cyber Attacks Timeline
In the first half of March 2026 I collected 95 events (6.34 events/day) with a threat landscape dominated by malware once ahead of account takeovers and ransomware.
Global Magecart Campaign Puts Banks Under Pressure, Leveraging Redsys Payment Mimicry and Hijacking
Read ANY.RUN report featuring both executive-level insights and technical analysis of the campaign.
Three Individuals Charged for Trying to Smuggle ‘America-Made’ AI Tech Worth $170M
US DOJ charges two US and one Chinese national for attempting to smuggle $170 million worth 'America-made' AI tech to China.
Resilienza digitale 2.0: integrare l’AI nel perimetro di sicurezza DORA
Il passaggio alla Resilienza 2.0 non è più solo una scelta competitiva, ma un imperativo metodologico. Ecco come possiamo integrare l'AI nel perimetro di sicurezza senza che questa diventi il "punto di rottura" sistemico previsto dal legislatore
La nuova Cyber Strategy USA va oltre i confini nazionali: i 6 pilastri operativi
La strategia tocca temi centrali per l'intero ecosistema cyber globale: dalla postura offensiva nella gestione delle minacce, alla deregolamentazione del settore privato, fino alla supremazia nelle tecnologie emergenti come intelligenza artificiale e crittografia post-quantistica. Ecco i 6 pillar della Cyber Strategy nazionale della Casa Bianca
Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update
Node.js patches CVE-2026-21637 and other flaws across versions 20.x–25.x, fixing DoS risks, HTTP bugs, and permission model issues.
Attacco alla sanità: ecco perché una cartella clinica vale fino a mille euro nel dark web
I dati sanitari non sono solo dati sottratti, ma una chiave capace di aprire molte porte. Ed è proprio questa versatilità criminale a determinarne il valore di una cartella clinica che, in seguito ad un cyber attacco, finisce nel dark web
Coruna: the framework used in Operation Triangulation
Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the Operation Triangulation exploit.
Port of Vigo Hit by Ransomware Attack, Cargo Systems Disrupted
The Port of Vigo cyberattack incident also points to a broader trend, cyberattacks are no longer limited to data theft.
The Energy Sector’s Ransomware Nightmare: Why Critical Infrastructure Can’t Catch a Break
Ransomware attacks on the energy sector are rising fast, exposing legacy systems, OT risks, and global threats. Learn why resilience matters now.!