╔════[ ITALY_INCIDENT ]══════
│ Una prospettiva empirica che va un po' controcorrente rispetto ai soliti toni allarmistici. Ecco i dati e i consigli che emergono del report DBIR 2026 di Verizon
L'articolo DBIR 2026, il ritorno ai fondamentali nella cyber: le 5 azioni strutturali da mettere in campo proviene da Cyber Security 360.
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.cybersecurity360.it
│ Author: Gerardo Costabile
└────────────────────────────────────┘
╔════[ ITALY_INCIDENT ]══════
│ Dall'armatura post-quantistica di ExpressVPN all'ammortamento strategico di NordVPN, fino alla trasparenza svizzera di Proton e alla scalabilità di Surfshark: guida tecnica per CISO per sfruttare la velocità delle dorsali di Toronto e Vancouver senza cadere nella rete dei mandati segreti transatlantici
L'articolo Rotta sul Canada: strategia VPN tra tunnel a 10 Gbps e la trappola dei 5 Eyes proviene da Cyber Security 360.
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.cybersecurity360.it
│ Author: Marina Perotta
└────────────────────────────────────┘
╔════[ ITALY_INCIDENT ]══════
│ Per anni il dibattito sui cookie si è concentrato quasi esclusivamente sui banner, ma nel frattempo il contesto tecnologico è cambiato molto più rapidamente delle categorie giuridiche usate per descriverlo. E su questo terreno emerge ora una frattura sempre più evidente tra l’approccio italiano e quello europeo
L'articolo Dal cookie ai tracking pixel: i rischi regolatori per le imprese proviene da Cyber Security 360.
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.cybersecurity360.it
│ Author: Tania Orrù
└────────────────────────────────────┘
╔════[ ITALY_INCIDENT ]══════
│ La Bce riunisce le banche dell’area euro martedì 26 maggio 2026 per discutere il salto di qualità imposto da modelli come Claude Mythos Preview: il punto non è solo trovare più vulnerabilità, ma correggerle in ore prima che diventino una finestra di attacco per criminali e attori statuali
L'articolo Bce, allarme sui cyberattacchi AI alle banche: il nodo è il tempo di patch proviene da Cyber Security 360.
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.cybersecurity360.it
│ Author: Alessandro Longo
└────────────────────────────────────┘
╔════[ ITALY_INCIDENT ]══════
│ Il gestore di credenziali aziendali e private lancia una promozione strategica sul mercato italiano. L'iniziativa permette alle imprese di ottimizzare i costi operativi relativi alla protezione dei dati informatici, riducendo le spese correnti legate ai sistemi di autenticazione digitale.
L'articolo Nordpass business: 14 giorni di prova gratis e senza carta di credito per gestire in sicurezza le password aziendali proviene da Cyber Security 360.
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.cybersecurity360.it
│ Author: Patrizia Chimera
└────────────────────────────────────┘
╔════[ ITALY_INCIDENT ]══════
│ Nel 2025 il ransomware ha dimostrato resilienza, capacità di evoluzione e grande adattabilità, con il dominio dei modelli di Ransomware-as-a-Service (RaaS). Le previsioni di VDC Research e Kaspersky per il 2026: attacchi sempre più subdoli con l'Agentic AI
L'articolo Ransomware, una minaccia in evoluzione: cosa aspettarsi nell’era dell’Agentic AI proviene da Cyber Security 360.
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.cybersecurity360.it
│ Author: Fabio Assolini
└────────────────────────────────────┘
╔════[ CRITICAL_CVE ]═════════
│ Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.
According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the
┌─[ METADATA ]───────────────────────┐
│ Source: https://thehackernews.com
| undefined
| undefined
└────────────────────────────────────┘
╔════[ CRITICAL_CVE ]═════════
│ CVE ID :CVE-2026-9058
Published : May 25, 2026, 1:23 p.m. | 6 hours, 11 minutes ago
Description :Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified") even when the trust status of the signer's certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == "nondetermined"). This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation.
This issue was fixed in version 463.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
┌─[ METADATA ]───────────────────────┐
│ Source: https://cvefeed.io
| CVE ID :CVE-2026-9058
| Severity: 9.3 | CRITICAL
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Monday recap. Same mess, new week.
A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers t…
┌─[ METADATA ]───────────────────────┐
│ Source: https://thehackernews.com
│ Author: info@thehackernews.com (The Hacker News)
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earli…
┌─[ METADATA ]───────────────────────┐
│ Source: https://thehackernews.com
│ Author: info@thehackernews.com (The Hacker News)
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.
RemotePE, per NCC Group subsidiar…
┌─[ METADATA ]───────────────────────┐
│ Source: https://thehackernews.com
│ Author: info@thehackernews.com (The Hacker News)
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Anthropic appears to be preparing for the public rollout of the Mythos model, which was announced in April as a restricted model that poses major security risks to private and public software. [...]…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.bleepingcomputer.com
│ Author: Mayank Parmar
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.bleepingcomputer.com
│ Author: Lawrence Abrams
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union…
┌─[ METADATA ]───────────────────────┐
│ Source: https://krebsonsecurity.com
│ Author: BrianKrebs
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.
The post Ghost CMS Vulnerability Exploited to Hack Over 700 Websites appeared first on SecurityWeek.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.securityweek.com
│ Author: Eduard Kovacs
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ The affected third-party vendor has not been named, but one possible candidate is TriZetto.
The post Oncology Institute Discloses Data Breach appeared first on SecurityWeek.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.securityweek.com
│ Author: Eduard Kovacs
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Threat actors stole files containing names and protected health information from the healthcare organization’s systems.
The post 266,000 Affected by Data Breach at Radiology Associates of Richmond appeared first on SecurityWeek.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.securityweek.com
│ Author: Ionut Arghire
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Many findings have been confirmed to be critical or high-severity vulnerabilities and the number will continue to increase.
The post Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects appeared first on SecurityWeek…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.securityweek.com
│ Author: Eduard Kovacs
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Published within a 15-minute window, the malicious tags introduced backdoors to exfiltrate CI secrets.
The post Laravel-Lang Packages Poisoned for Malware Delivery appeared first on SecurityWeek.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.securityweek.com
│ Author: Ionut Arghire
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories.
The post DocketWise Data Breach Impacts 143,000 appeared first on SecurityWeek.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://www.securityweek.com
│ Author: Ionut Arghire
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Hackers compromised FBI Chief Kash Patel’s clothing store in a ClickFix attack that tricked macOS users into installing infostealer malware.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://hackread.com
│ Author: Deeba Ahmed
└────────────────────────────────────┘
╔════[ THREAT ]══════════════
│ Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion.…
┌─[ METADATA ]───────────────────────┐
│ Source: https://hackread.com
│ Author: Waqas
└────────────────────────────────────┘