DESTAQUES

Ameaças Cibernéticas

1630 notícias
Ameaças Cibernéticas The Hacker News 🇺🇸

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation fl…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Why Account Takeovers Are Rising and How to Stop Them

Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help reduce account takeover risk. [...]

Ameaças Cibernéticas Bleeping Computer 🇺🇸

India's Telegram ban hit the UAE too. Here's how to get around it

India has banned Telegram until June 22 after the app was used to circulate leaked exam papers. CEO Pavel Durov accuses telecom Reliance of BGP hijacking that disrupted the app as far away as the UAE. Here's what happened, and how to get around the block with an MTProto proxy. [.…

Ameaças Cibernéticas Boletim Sec 🇧🇷

Falhas no FortiSandbox permitem bypass de autenticação

Atacantes estão explorando três vulnerabilidades no Fortinet FortiSandbox, produto usado por empresas para analisar arquivos suspeitos e identificar possíveis ameaças antes que elas cheguem ao ambiente corporativo. A atividade foi observada pela empresa de inteligência de ameaças…

Ameaças Cibernéticas The Hacker News 🇺🇸

The Top 10 Attack Surface Exposures in 2026

Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memo…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

CISA orders feds to patch max severity Joomla plugin flaw by Friday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js,…

Link copiado!