Goodbye, dark Telegram: Blocks are pushing the underground out
Kaspersky researchers analyze changes in the lifespan of a shadow Telegram channel, blocks, and migration to other platforms.
New BYOVD loader behind DeadLock ransomware attack
Cisco Talos has uncovered a new DeadLock ransomware campaign using a previously unknown BYOVD loader to exploit a Baidu Antivirus driver vulnerability, letting threat actors disable EDR defenses and escalate attacks.
Prima multa del Digital Services Act a X: la fine dell’illusione Muskiana?
La vicenda della multa a X rappresenta l’inizio di un confronto destinato a durare nel tempo tra la UE e Musk che dovrà decidere se adeguarsi alle regole europee o continuare su una linea di scontro ideologico che potrebbe portare a nuove sanzioni, con influenze anche per le altre piattaforme online. I punti cardine
Track Evolving Cyber Threat Landscape for Your Industry & Country in Real Time
Prioritize alerts, cut noise, and focus on attacks that matter. Get real-time industry and geo context for any threat or IOC with ANY.RUN.
Il punto cieco della NIS 2: l’articolo 24 del decreto e la sicurezza dei sistemi OT
Quattro aree sottovalutate della NIS 2 sono da rivedere per costruire una postura realmente resiliente. Ecco perché l’articolo 24 impone una revisione radicale della governance interna, integrando gli OT nella postura NIS 2
Quantum safety: la sicurezza finanziaria entra nell’era post-quantistica
La quantum safety diventa centrale per il settore finanziario: minacce future, crittografia post-quantistica e sfide di migrazione.
React2Shell: più di 160.000 indirizzi IP vulnerabili, oltre 30 organizzazioni già colpite
React2Shell, vulnerabilità di React che consente l'esecuzione di codice da remoto, è stata sfruttata dagli attaccanti per colpire oltre 30 organizzazioni.
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations.
FTC upholds ban on stalkerware founder Scott Zuckerman
Zuckerman, who used to run the stalkerware apps SpyFone and SpyTrac, claimed the ban is hurting his unrelated business.
The Data Breach the Trumbull County Denied: 350 GB of Sensitive Data Published by the Anubis Group
Trumbull County (Ohio) was hit by a severe cyberattack in the first days of November 2025, carried out by the ransomware group Anubis. Despite multiple public
Malicious VSCode extensions on Microsoft's registry drop infostealers
Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, and hijack browser sessions.
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
Trump plans executive order curbing state AI laws
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
A new report by the Financial Crimes Enforcement Network (FinCEN) shows that ransomware activity peaked in 2023 before falling in 2024, following a series of law enforcement actions targeting the ALPHV/BlackCat and LockBit ransomware gangs.
Meta proposal for less data sharing is approved by European Commission
Poland arrests Ukrainians utilizing 'advanced' hacking equipment
The police in Poland arrested three Ukrainian nationals for allegedly attempting to damage IT systems in the country using hacking equipment and for obtaining "computer data of particular importance to national defense."
Google Chrome adds new security layer for Gemini AI agentic browsing
Google Chrome is introducing a new security architecture designed to protect upcoming agentic AI browsing features powered by Gemini.
From Endpoint Compromise to Enterprise Breach: Mapping the Infostealer Attack Chain
We map the global infostealer attack chain step-by-step, from initial infection to enterprise-level account takeover.
Petco’s security lapse affected customers’ SSNs, drivers’ licenses and more
Petco said the exposure was due to an error in an application, and that it is notifying victims’ whose data was affected.
Russian kids revolt as Kremlin bans Roblox, other popular apps
Researchers track dozens of organizations affected by React2Shell compromises tied to China’s MSS
Three hacking groups, two vulnerabilities and all eyes on China
How Agentic BAS AI Turns Threat Headlines Into Defense Strategies
Picus Security explains why relying on LLM-generated attack scripts is risky and how an agentic approach maps real threat intel to safe, validated TTPs. Their breakdown shows how teams can turn headline threats into reliable defense checks without unsafe automation.
Zero-Day to Zero-Hour: React2Shell (CVE-2025-55182) Becomes One of the Most Rapidly Weaponized RSC Vulnerability
China-nexus groups rapidly exploited React2Shell (CVE-2025-55182). Learn how the React Server Components flaw was weaponized within minutes of disclosure.
Russian police bust bank-account hacking gang that used NFCGate-based malware
UK intelligence warns AI 'prompt injection' attacks might never go away
Advent of Configuration Extraction – Part 2: Unwrapping QuasarRAT’s Configuration
Learn how QuasarRAT configuration extraction works using pythonnet, dnlib and IL analysis to recover encrypted .NET malware settings.
CERT-AGID 29 novembre – 5 dicembre: phishing a tema Governo italiano e Agenzia delle Entrate
Settimana segnata da un forte incremento dei fake PagoPA, dall’emergere di phishing che imita il Governo e l’Agenzia delle Entrate e da nuove minacce mobili distribuite via SMS.
OpenAI denies rolling out ads on ChatGPT paid plans
ChatGPT is allegedly showing ads to those who pay $20 for the Plus subscription, but OpenAI says this is an app recommendation feature, not an ad.
Portugal updates cybercrime law to exempt security researchers
Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.