DESTAQUES

Ameaças Cibernéticas

1628 notícias
Ameaças Cibernéticas CISO Advisor 🇧🇷

Containers Linux: CISA alerta para exploração ativa

A agência de cibersegurança dos Estados Unidos (CISA) reportou a exploração ativa de uma falha no kernel Linux que permite a invasores escapar de containers e assumir o controle dos sistemas hospedeiros, conforme comunicado da própria agência publicado no último dia 5. A vulnerab…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Silent Ransom Group targets law firms with fake IT support calls

The Silent Ransom Group extortion gang is actively targeting U.S. law firms and professional services organizations in social engineering attacks that often lead to data theft within hours of initial contact, according to a new report by cybersecurity firm Mandiant. [...]

Ameaças Cibernéticas CISO Advisor 🇧🇷

Derrubada do XSS criou quatro plataformas de cibercrime

O ecossistema do cibercrime de língua russa, antes centralizado no fórum XSS (desarticulado pela Europol em julho de 2025), fragmentou-se em quatro plataformas concorrentes, segundo relatório da Flashpoint divulgado no dia 3 deste mês. O fórum original, que por mais de 20 anos fo…

Ameaças Cibernéticas The Hacker News 🇺🇸

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data business Bright Data markets heavily to the AI industry. The co…

Ameaças Cibernéticas The Hacker News 🇺🇸

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabili…

Ameaças Cibernéticas The Hacker News 🇺🇸

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an autonomous AI agent. The same week, Google shipped Chrome 14…

Ameaças Cibernéticas The Hacker News 🇺🇸

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and Micr…

Ameaças Cibernéticas CISO Advisor 🇧🇷

Plugins WordPress acumulam 2.738 falhas no T1 de 2026

A Wordfence registrou 2.738 vulnerabilidades em plugins do WordPress no primeiro trimestre de 2026, um aumento de 24% em relação ao trimestre anterior, com destaque para falhas de cross-site scripting (XSS) e SQL Injection, segundo pesquisa da empresa de segurança divulgada em 5 …

Ameaças Cibernéticas The Hacker News 🇺🇸

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the informa…

Ameaças Cibernéticas The Hacker News 🇺🇸

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of dist…

Link copiado!