A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. «The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign,» Fortinet FortiGuard Labs researcher Cara Lin said in a technical breakdown published this week. «These documents…
A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues that leave critical energy infrastructure vulnerable to cyber threats. The findings are based on
Os presentamos un completo análisis del primer router de ASUS con Docker integrado, el nuevo modelo es el ASUS ROG Rapture GT-BE19000AI, y es el router más rápido y potente que existe actualmente. Si eres un usuario «avanzado» y quieres tener el mejor rendimiento inalámbrico, cableado, y posibilidad de instalar Docker directamente en el router…
Las Intellexa Leaks han transformado a Predator de un “producto de spyware mercenario parcialmente entendido” en una plataforma de vigilancia ofensiva con un nivel industrial totalmente mapeado. Los videos de entrenamiento filtrados, la documentación interna de OPSEC, los materiales de marketing y los registros corporativos brindan una visión inédita de cómo Intellexa diseña, despliega y…
Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. «In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the…
Opera GX llegará a Linux en el primer trimestre de 2026. Así lo ha adelantado la cuenta oficial del navegador en X, confirmando que la compañía prepara por fin una versión nativa para el escritorio del pingüino, aunque sin concretar todavía fechas exactas ni detalles técnicos adicionales más allá del marco temporal. Opera GX es…
Cybersecurity researchers have discovered an ongoing campaign that’s targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit (TRU), involves using phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive, ultimately granting the threat
A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system. The vulnerability, tracked as CVE-2026-22709, carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system. «In vm2 for version 3.10.0, Promise.prototype.then…
Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s recap shows that pattern clearly. Attackers are moving faster than defenses, mixing old tricks with new paths. “Patched” no longer means safe, and every day, software keeps becoming the entry point. What follows is a…
Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not…