AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data
Cyble analyzes an AI-driven phishing campaign that abuses browser permissions to capture victims images and exfiltrate the data to attacker-controlled Telegram bots.
AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data
Cyble analyzes an AI-driven phishing campaign that abuses browser permissions to capture victims images and exfiltrate the data to attacker-controlled Telegram bots.
OpenAI says ChatGPT ads are not rolling out globally for now
OpenAI told BleepingComputer that ChatGPT ads on Free and Go plans are not yet rolling out outside the United States, even though some users noticed references to ads in the updated privacy policy.
Betterleaks, a new open-source secrets scanner to replace Gitleaks
A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules.
In March 2026, the League of Legends custom skins service Divine Skins suffered a data breach. The incident was disclosed via the service's Discord server, where Divine Skins stated that an unauthorised third party accessed part of its systems, deleted all skins from the database and exposed email addresses and usernames. The data also contained a history of purchases made by users.
In March 2026, the Turkish restaurant chain Baydöner suffered a data breach which was subsequently published to a public hacking forum. The incident exposed over 1.2M unique email addresses along with names, phone numbers, cities of residence and plaintext passwords. A small number of records also included Turkish national ID number and date of birth. In their disclosure notice, Baydöner stated that payment and financial data was not affected.
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates.
Crimes against NTDLL - Implementing Early Cascade Injection
A deep dive into building Early Cascade Injection in Rust using NTDLL shim engine internals, position-independent stubs, pointer encoding, and APC-based payload execution.
Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are unable to launch applications.
FBI seeks victims of Steam games used to spread malware
The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform.
Cyber Index PMI 2025: i 4 livelli di maturità del tessuto imprenditoriale italiano
Pmi italiane meno immature, ma strada ancora lunga da percorrere per asdottare le misure di protezione adeguate ai rischi cyber. Ecco cosa fotografa il Cyber Index PMI 2025 che misura l'indice di maturità delle Pmi
Poland's nuclear research centre targeted by cyberattack
Poland's National Centre for Nuclear Research (NCBJ) says hackers targeted its IT infrastructure, but the attack was detected and blocked before causing any impact.
Sottovalutare l'importanza reportistica nella gestione della sicurezza cyber è un punto di fallimento inevitabile, anche perché non consente all'organizzazione di disporre di una chiara visione strategica e impedisce la predisposizione di misure di mitigazione del rischio adeguate
Cyber attacco contro Stryker: sanità bersaglio di operazioni geopolitiche
Il gruppo hacker noto come Handala ha rivendicato un attacco informatico contro Stryker, multinazionale specializzata in dispositivi medici e tecnologie sanitarie utilizzate in ospedali di tutto il mondo. Ecco perché sembra un segnale di escalation nella dimensione digitale dello scontro
From VMware to what’s next: Protecting data during hypervisor migration
Hypervisor migrations can introduce hidden risks that threaten data availability and recovery. Acronis explains why verified backups and cross-platform recovery are essential during VMware transitions.
Incredibile come i sistemi multi-agent possano aggirare i controlli, rubare segreti e diventare minacce
L’adozione degli agenti AI nelle aziende sta accelerando ben oltre la fase sperimentale e finalmente sempre più organizzazioni stanno affidando a questi sistemi compiti operativi concreti. Purtroppo, spesso questo vuol dire anche dar loro accesso a dati interni, interazioni con strumenti di produttività, repository documentali, shell di sistema, workflow di automazione e persino funzioni di …
Quando il quantum colpirà, l’agilità crittografica sarà il vero vantaggio competitivo
Gli attaccanti stanno seguendo da vicino l’evoluzione del quantum perché i computer quantistici minacciano di demolire le basi della crittografia. Ecco cos'è l'agilità crittografica e quali sono i cinque livelli critici da valutare
The Week in Vulnerabilities: SolarWinds, Ivanti, and Critical ICS Exposure
Critical SolarWinds, Ivanti EPMM, Microsoft Office, and Siemens ICS vulnerabilities are being discussed on underground forums, while 15 CISA ICS advisories impacted Energy and Critical Manufacturing sectors.