Ajax football club hack exposed fan data, enabled ticket hijack
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people.
CISA: New Langflow flaw actively exploited to hijack AI workflows
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents.
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on
A puppet made me cry and all I got was this t-shirt
In this week's newsletter, Amy draws parallels between the collaborative themes of "Project Hail Mary" and the massive team effort behind the newly released Talos Year in Review report.
Diventare resilienti by design: proteggere il perimetro non basta più
Le organizzazioni si concentrano ancora troppo sulla sicurezza perimetrale, trascurando le minacce informatiche legate alle interconnessioni con le supply chain e le terze parti,come fornitori e partner: lo indicano i risultati dell’ultimo rapporto presentato da Zscaler, che pone l’attenzione anche sui rischi emergenti, tra cui intelligenza artificiale e sviluppi del quantum computing
Gemini sul Dark Web: strumento di difesa o nuova frontiera del controllo?
Google ha integrato Gemini in Google Threat Intelligence per monitorare automaticamente il Dark Web: fino a 10 milioni di post al giorno analizzati con una precisione dichiarata del 98%. Un salto tecnologico reale che pone domande scomode su cosa significhi affidare la nostra superficie di rischio a un’unica piattaforma commerciale
UK sanctions Xinbi marketplace linked to Asian scam centers
The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia.
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know
Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online.
Discover how darknet Telegram channels operate, which channel types matter most for cyber defense, and what separates useful threat intelligence from noise.
WhatsApp rolls out more AI features, iOS multi-account support
WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer between iOS and Android devices.
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it.
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits.
Russia arrests suspected owner of LeakBase cybercrime forum
Russian police arrested a Taganrog resident believed to be the owner of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools.
Suspected RedLine infostealer malware admin extradited to US
An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years.
Dissecting the supply-chain attack on LiteLLM – a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how to protect yourself.
In the first half of March 2026 I collected 95 events (6.34 events/day) with a threat landscape dominated by malware once ahead of account takeovers and ransomware.
Resilienza digitale 2.0: integrare l’AI nel perimetro di sicurezza DORA
Il passaggio alla Resilienza 2.0 non è più solo una scelta competitiva, ma un imperativo metodologico. Ecco come possiamo integrare l'AI nel perimetro di sicurezza senza che questa diventi il "punto di rottura" sistemico previsto dal legislatore