LUNCH NEWS | Early Birds Morning [top] |
Automated cyberattacks are compromising Fortinet FortiGate firewalls worldwide by exploiting a critical authentication bypass flaw. Even patched systems remain at risk as hackers create rogue admin accounts and steal sensitive configurations, forcing urgent defensive measures and raising concerns about patch reliability.
At Pwn2Own Automotive 2026 in Tokyo, hackers uncovered 29 zero-day vulnerabilities in EV chargers and vehicle systems on the contest's second day, earning record-breaking rewards and raising urgent questions about car cybersecurity.
PopEVE, a cutting-edge AI tool, is slashing years from the diagnostic journey for rare diseases by identifying critical genetic mutations and reducing false positives - offering new hope to millions.
Healthcare privacy is about more than just following regulations. Our investigative report reveals how technical cookies, analytic tracking, and fragmented responsibilities leave patient data vulnerable - and why collaboration is the missing key to real security.
#Healthcare Privacy | #Data Security | #Compliance Challenges
The European Union is poised to ban Chinese technology from its key infrastructure sectors, aiming to reduce security risks but facing major challenges over supply chain dependence and economic impact.
Hospitals across Italy are facing a relentless wave of cyber attacks, from ransomware to phishing scams. With patient safety and data at risk, experts say only new laws and a culture of cyber vigilance can offer hope.
Attackers exploited a severe SmarterMail authentication bypass only two days after a patch was released, highlighting the dangers of vague security disclosures and slow communications.
A fake SymPy package on PyPI tricked developers into installing a stealthy cryptominer on Linux. Discover the technical tricks behind this memory-only attack and its implications for the open-source supply chain.
Google Workspace’s security isn’t as airtight as you think. Discover the most common weaknesses, why attackers love them, and how smart teams are patching the cracks.
A dangerous flaw in the binary-parser library threatens Node.js applications with remote code execution. Immediate upgrades and secure coding practices are essential to prevent exploitation.
A critical flaw in BIND 9 allows attackers to remotely crash DNS servers using malformed records, threatening Internet stability. Immediate patching is required as no workaround exists.
The notoriously tough-to-emulate PlayStation 3 has met its match: RPCS3 now runs nearly three-quarters of its game library. Learn how this emulator is safeguarding classic games and what it takes to join the retro gaming revolution.
Ukraine is sharing frontline war data with Western allies to train advanced AI models, aiming for digital innovation and strategic leverage in the conflict with Russia and amid concerns over Chinese tech influence.
Cybercriminals are targeting Italy’s SPID digital identity system through advanced phishing campaigns, putting millions at risk of identity theft and fraud. The Revenue Agency warns of the growing threat and urges citizens to stay vigilant.
Nightspire has claimed a 30GB ransomware breach against Service Lane eAdvisor, marking another escalation in cyber extortion tactics. Here’s what we know about the attack, the group, and the broader implications.
Furl has secured $10 million to develop AI-driven autonomous remediation technology, aiming to help security teams move from endless alerts to automated fixes. Can Furl’s solution finally end the cybersecurity backlog?
FortiGate firewalls are under siege as attackers exploit critical authentication flaws, automate attacks, and outpace recent patches. Read our investigation into the new threat wave and urgent mitigation steps.
Claroty’s $150 million Series F funding marks a pivotal moment in the battle to defend critical infrastructure from escalating cyber-physical threats. With an 80% valuation surge and aggressive expansion, Claroty is setting the pace for the CPS security market - and eyeing a Wall Street debut.
#Cybersecurity | #Critical Infrastructure | #Series F Funding
MORNING NEWS | Early Birds [top] |
Karp, Thiel, and Musk offer radically different blueprints for the West’s technological future - from state power to cosmic ambition. Their clash reveals the high-stakes battle over who will govern the era of AI.
Super-users of generative AI enjoy instant productivity boosts, but mounting evidence shows a troubling side: diminished memory, creativity, and human connection. Inside the hidden costs of two hours a day with GenAI.
#Generative AI | #Cognitive Offloading | #Illusion of Competence
Once seen as a risky move, Bitcoin is now finding its way into mainstream corporate finance. This feature investigates the changing strategies, motivations, and challenges as companies integrate digital assets into their business models.
The battle for the future of software development is heating up as AI-powered code assistants like Codex, Claude Code, and Antigravity promise to revolutionize how programmers write, debug, and deploy code.
Europe, the US, and China are battling over how to regulate AI-generated content. Discover the legal models, court battles, and shifting definitions of authorship shaping the creative future.
Italy’s advertising regulators are clamping down on misleading health claims by pharma influencers on social media. With new injunctions and tighter rules, both brands and influencers face unprecedented scrutiny.
#Pharma Influencers | #Regulatory Guidelines | #Health Marketing
AI is reshaping education across the globe, from automating teacher tasks to providing secret lessons for Afghan girls. But as benefits multiply, so do concerns over critical thinking, privacy, and widening inequality. Experts urge swift, thoughtful action before the window for responsible AI integration closes.
#AI in Education | #Educational Equity | #Student Engagement
European businesses are turning cybersecurity into a strategic asset, leveraging robust digital defenses to gain trust, comply with strict regulations, and stand out in a crowded market.
Small and medium-sized enterprises have become the preferred targets for hackers, with nearly half of all cyberattacks aimed at them. Learn why SMEs are vulnerable, the devastating impact of attacks, and how specialized partners can help turn cybersecurity into a business asset.
Andrea Galeazzi’s account takeover reveals how today’s phishing attacks exploit OAuth permissions, AI-driven social engineering, and user trust - leaving even two-factor authentication powerless. Here’s how it happened, what it means, and how you can protect yourself.
Cyber insurance is booming among Italian SMEs, but many are blindsided by exclusions and denied claims. Discover what’s really covered, why prevention is essential, and how to avoid costly surprises.
Cisco’s Unified Communications platforms are under active attack due to a high-severity vulnerability (CVE-2026-20045) that allows remote, unauthenticated code execution. Organizations must patch immediately to prevent compromise.
Apple is reportedly preparing to overhaul Siri with a new chatbot-style interface, enabling persistent conversations and deeper integration across its ecosystem. As the tech giant leans into conversational AI, experts debate whether the move will set a new standard for privacy-conscious assistants or introduce new risks.
#Siri | #AI Chatbot | #Apple
The BBC is making YouTube the main stage for original programming, marking a transformative shift in how it reaches and monetizes global audiences. This feature investigates the broadcaster's strategy, the technical and creative changes ahead, and the implications for the future of public service media.
A team of hackers has revived the Nintendo Wii's pizza ordering channel, letting users order Domino's directly from the classic console. This feature explores the technical and cultural story behind this retro cyber comeback.
ClearFake is back with advanced tactics: leveraging legitimate Windows scripts and blockchain infrastructure, this malware campaign spreads through fake CAPTCHA prompts and evades takedowns. Learn how it works and how to defend your organization.
The Android.Phantom malware campaign harnesses AI and real-time device control to transform infected Android phones into automated ad-fraud bots and spyware - often hidden in games and popular app mods.
A sophisticated malware campaign is targeting Russian Windows users with business-themed lures, disabling Microsoft Defender, stealing data, and deploying ransomware - all without exploiting vulnerabilities.
#Windows Malware | #Cybersecurity Threats | #Cryptocurrency Hijacking
A fake SymPy Python package named sympy-dev evaded detection with in-memory cryptomining malware, exposing thousands of developers in a sophisticated supply chain attack.
A sophisticated ClickFix campaign lures Facebook users with fake verification pages, guiding them to surrender their session tokens and enabling instant account hijacking. Investigative breakdown of the attack's methods, infrastructure, and defense tips.
A critical authentication flaw in Fortinet’s SSO is being weaponized by hackers to hijack admin access on firewalls worldwide. Despite urgent patches, exploitation continues, highlighting the need for swift mitigation and zero-trust security.
A newly discovered zero-day flaw in Cisco Unified Communications products is being actively exploited, allowing attackers to seize total control of enterprise systems. Immediate patching is essential to prevent catastrophic breaches.
Atlassian, GitLab, and Zoom scrambled this week to patch over two dozen critical and high-severity vulnerabilities. Here's what you need to know - and why updating now is more urgent than ever.
#Atlassian | #GitLab | #Zoom
A University of Canberra study finds Australian critical infrastructure operators are dangerously unaware and unprepared for drone-enabled cyber-attacks, calling for urgent reforms and greater industry collaboration.
MITRE’s ESTM 3.0 introduces a powerful, system-agnostic approach to defending embedded systems at the heart of critical infrastructure. This feature explores the framework’s key innovations and its impact on cyber defense.
The EU’s Cyber Resilience Act is forcing every software vendor to reveal their code’s DNA via SBOMs. Explore how standards like SPDX 3.0 and CycloneDX are transforming digital risk management.
A new WhatsApp scam uses emotional appeals and trusted contacts to hijack accounts and spread rapidly, exposing both individuals and organizations to fraud and extortion. Here’s how the attack works - and how to defend yourself.
Automated cybercriminal campaigns are exploiting a dangerous FortiCloud SSO flaw in Fortinet FortiGate firewalls, enabling attackers to bypass authentication, create backdoor accounts, and export sensitive configurations. Even the latest firmware appears vulnerable, raising urgent concerns for organizations worldwide.
Microsoft is rolling out major AI-driven updates to Notepad and Paint in Windows 11, introducing expanded Markdown support, real-time text generation, and a new Coloring Book mode - though not all users will benefit equally.
Apple is quietly tapping Google’s Gemini AI to power its next wave of iPhone intelligence, including a smarter, more capable Siri. This investigative feature explores the technical, strategic, and privacy implications of this unprecedented Big Tech partnership.
Cisco Unified Communications products are under active attack from a zero-day flaw granting remote root access. With no workaround and limited patches, security teams face a critical race to protect enterprise infrastructure.
A newly discovered flaw in Fortinet’s SSO login lets attackers bypass authentication and seize control of firewalls. With over 25,000 exposed devices and fixes still pending, organizations are urged to act fast.
Critical vulnerabilities in Chainlit, a widely used open-source AI framework, allow unauthenticated attackers to exfiltrate sensitive credentials and take over cloud environments. Organizations are urged to patch immediately and review AI security practices.
With the rise of quantum computing, the global race for post-quantum cryptography is on. Experts predict a 1000% market surge by 2035 - learn what’s at stake and why the world must unite to stay secure.
#Post-quantum cryptography | #Quantum threat | #Cybersecurity collaboration
Cybercriminals are exploiting holiday downtime and fake LastPass maintenance emails to trick users into surrendering their master passwords. Discover how the scam works and how to stay safe.
A new hybrid clock combines the logic of binary numbers with digital gradients, adjusting for how humans perceive brightness. Explore how this inventive timepiece is reshaping how we tell - and see - time.
A new zero-day vulnerability in Cisco’s Unified CM and Webex platforms is being actively exploited, allowing attackers to seize root control. Learn the urgent details, affected products, and why patching is critical.
LTSpice lacks a built-in potentiometer, but engineers have devised smart workarounds using parameterized resistors and the .step command. Dive into the investigative story of how the community keeps analog spirit alive in digital simulations.
Ransomfeed, the leak site used by OnSight, is shaking up the world of cybercrime with its brazen, professional approach to data extortion. From exploiting remote access vulnerabilities to publishing stolen data in waves, their tactics are forcing organizations to rethink their defenses.
EARLY BIRDS | [top] |
A hacker has achieved 150 MS/s DAC output using the Raspberry Pi Pico 2 microcontroller, a feat once thought possible only with expensive FPGAs. This breakthrough could democratize high-speed signal generation for makers and engineers.
A new leak of LockBit 5.0’s affiliate panel exposes the group’s active operations and multi-platform ransomware variants, showing how the syndicate adapts and endures after law enforcement disruptions.
A 2026 investigation finds that nearly two-thirds of third-party web apps access confidential data without approval, with marketing tools and public-sector sites among the riskiest. Learn how these silent permissions are fueling a new era of cyber risk.
Sinobi ransomware has targeted OnSight, a renowned UK film production services company, potentially compromising sensitive data and disrupting major film projects. This attack highlights growing cyber risks in the creative sector.
ShuBee, a trusted supplier for plumbers and electricians, became the latest victim of a ransomware attack. Our feature investigates how the breach unfolded and what it signals about rising cyber threats to small businesses.
Ransomware syndicates are turning cyber-attacks into public spectacles, using fear and reputation as weapons. Discover how these digital arsonists are igniting chaos and what it means for their victims.
Modernistic Garden Pet Supply Ltd has reportedly fallen victim to a ransomware attack, with criminals claiming to have stolen sensitive company data. The incident underscores how even small, specialized businesses are vulnerable to sophisticated cyber threats.
Mumbai’s Asian Heart Institute has fallen victim to a major ransomware attack, with hackers threatening to leak sensitive patient data. As cyber extortionists target Asian healthcare, experts warn of rising risks to critical infrastructure and patient safety.
Bayside Dental fell victim to a ransomware attack that locked vital files and put patient data at risk, highlighting the urgent cybersecurity challenges faced by smaller clinics.
Midway Windows and Doors, a key supplier in the construction industry, has been hit by a ransomware attack. This feature explores the methods behind the cybercrime, its impact on the supply chain, and lessons for small businesses.
Cemtech has been hit by a sophisticated ransomware attack, disrupting operations and exposing major vulnerabilities in the construction materials sector. Our investigation reveals how cybercriminals infiltrated the company and what this means for industrial cybersecurity.
A dramatic ransomware attack has rocked CE-Electronics, exposing sensitive data and disrupting operations. This investigative feature unpacks how the attack unfolded, the tactics used, and what it signals for the future of cyber defense in the electronics industry.
Despite recent patches, Fortinet FortiGate firewalls are being hacked via a critical authentication bypass. Attackers are exploiting the FortiCloud SSO feature, leaving thousands of organizations vulnerable until a new, fully effective update arrives.
PcComponentes faces breach allegations after hacker leaks customer data, but the company says there was no system breach - just credential stuffing with reused passwords. Here’s the real story and what it means for online security.
A new breed of Android malware is using artificial intelligence to secretly click ads and drain your phone’s resources, all while hiding in plain sight. Discover how these advanced trojans operate and what you can do to stay safe.
Cisco has patched a critical zero-day vulnerability in its Unified Communications and Webex Calling products. The flaw, actively exploited in the wild, allowed attackers to gain root access on servers. Immediate patching is necessary, as no workarounds exist.
Two severe flaws in Chainlit, a leading AI development framework, allow attackers to access sensitive files and internal cloud resources. Enterprises using outdated versions risk silent, devastating breaches unless they patch immediately.
A worldwide spam surge exploited Zendesk ticket systems, turning customer support into a global spam engine. Discover how attackers bypassed filters and what it means for digital trust.
After sweeping layoffs and program cuts, CISA’s acting director insists the agency is more focused than ever. But as lawmakers question whether America’s cyber defenses are now too thin, the future of U.S. infrastructure security hangs in the balance.
Turin is rapidly emerging as a leader in Italy’s quantum computing race, thanks to its collaborative ecosystem of research, business, and investment. Dive into how this regional model is setting the pace for Italy’s technological future.
Over the Martin Luther King Jr. Day weekend, cybercriminals launched a sophisticated phishing blitz against LastPass customers. Using AI-generated emails disguised as urgent maintenance alerts, attackers tried to steal master passwords and compromise entire vaults. While LastPass reports no breaches so far, the campaign highlights the growing role of AI in social engineering - and the need for vigilant, multifactor-protected defenses.
North Korean threat actors have escalated the ‘Contagious Interview’ campaign, using Visual Studio Code to deliver hidden backdoors to developers through fake job assignments. The operation targets blockchain and crypto professionals, blending social engineering with technical exploits.
#North Korean hackers | #Visual Studio Code | #cybersecurity
North Korea's PurpleBravo campaign weaponized fake job interviews to breach more than 3,000 global targets, using malicious code delivered during coding assessments to compromise companies in tech, finance, and AI sectors.
RCA once dared to challenge IBM’s mainframe supremacy, unveiling powerful computers with cutting-edge features. But despite bold innovation, RCA’s ambitions were crushed by IBM’s dominance, soaring costs, and market inertia - leaving their legacy a forgotten chapter in computing history.
#RCA | #IBM | #mainframe
OpenRiak, the open-source successor to Riak, is making waves for its speed and resilience in distributed data. We investigate its origins, technical innovations, and why the community is rallying behind it.
Dive into the clandestine world of Nespresso Vertuo Next coffee machine repairs, where hackers uncover hidden design flaws, repair challenges, and the proprietary tricks behind your morning brew.
The enigmatic group Handala has claimed responsibility for a stealthy breach of the i24 Channel, raising urgent questions about the rise of silent operators in cybercrime.
Sinobi ransomware gang has listed Modernistic Garden & Pet Supply LTD in the Bahamas as its newest victim, signaling a shift in cybercrime targets to regional businesses and raising urgent cybersecurity concerns.
#Sinobi ransomware | #Cybersecurity awareness | #Caribbean businesses
The Play ransomware group has named Midway Windows and Doors among its latest victims, signaling a surge in attacks as 2026 begins. Here’s what you need to know about the incident and the broader ransomware landscape.
A new investigation reveals that millions are vulnerable to cybercrime through SMS-based login links. Discover how a shortcut for convenience is exposing personal data to hackers - and what you should know to stay safe.
#SMS Authentication | #Cybersecurity Risks | #Identity Theft
Hackers seized Iranian TV airwaves with a message from exiled royalty, exposing the regime’s vulnerabilities during a period of deadly unrest and digital suppression.
Orthopaedic Specialists of Massachusetts has fallen victim to a serious ransomware attack, with hackers claiming to have seized sensitive patient data and demanding a ransom. The incident highlights growing threats to healthcare cybersecurity and the risks faced by patients and providers alike.
Serometrix-LLC has become the latest target of ransomware gangs, as revealed by a post on Ransomfeed. This feature investigates the attack, its implications for supply chain security, and the evolving tactics of cybercriminals.
Bolttech, a global insurtech firm, has reportedly been breached by a ransomware gang, raising serious concerns over data security in the insurance technology sector. Discover what happened, how, and why it matters.
A dramatic ransomware attack by the Clipper gang on a leading petroleum company exposed vulnerabilities in critical infrastructure, prompting urgent action across the energy sector.
A new ransomware attack on Mettler Partner exposes the growing threat to business partners in the digital supply chain. Read how attackers infiltrate, extort, and disrupt critical operations.
The notorious Qilin ransomware gang has claimed a new victim: the Ensenada Entrepreneurial Development Center in Mexico. This attack underscores rising cyber risks for business innovation hubs and highlights the evolving tactics of cyber extortionists.
Qilin has listed Mutest as its latest ransomware victim, signaling an escalating threat in cyber extortion tactics. This feature investigates the attack's details, the role of leak sites, and what this means for organizations everywhere.
#Qilin | #Mutest | #Ransomware