Noticias de Ciberseguridad
- Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. "The campaign is primarily
-
6 de abril de 2026 DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) […]
-
6 de abril de 2026 Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move […]
-
6 de abril de 2026 ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even […]
-
6 de abril de 2026 How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, […]
-
6 de abril de 2026 Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) […]
-
6 de abril de 2026 BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
Germany's Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identities of two of the key figures associated […]
-
5 de abril de 2026 $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and […]
-
5 de abril de 2026 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different […]
-
5 de abril de 2026 Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. […]
-
3 de abril de 2026 China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of […]
-
3 de abril de 2026 Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code […]
-
3 de abril de 2026 UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering […]
