DESTAQUES

Ameaças Cibernéticas

1638 notícias
Ameaças Cibernéticas Canaltech 🇧🇷

Show da Shakira no Rio é explorado por criminosos para atrair vítimas a golpes

No próximo dia 2 de maio, o show da Shakira “Todo Mundo no Rio” será realizado na Praia de Copacabana, com expectativa de reunir até 2,5 milhões de pessoas. O evento, além de animar os fãs, também deu ideias para os cibercriminosos, que não perderam tempo e aumentaram a criação d…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

US reportedly charges Scattered Spider hacker arrested in Finland

A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective. [...]

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Inside an OPSEC Playbook: How Threat Actors Evade Detection

Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies. [...]

Ameaças Cibernéticas Boletim Sec 🇧🇷

Hackers norte-coreanos amplia foco e passa a atacar a indústria farmacêutica

Uma campanha atribuída ao grupo norte-coreano Kimsuky está mirando empresas farmacêuticas com um arquivo disfarçado de planilha Excel para instalar malware de forma silenciosa. A operação usa como isca um suposto documento corporativo chamado “White Life Science ERP Specification…

Ameaças Cibernéticas The Hacker News 🇺🇸

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 …

Ameaças Cibernéticas Boletim Sec 🇧🇷

Falha crítica no Gemini CLI abre caminho para execução remota de código

O Google corrigiu uma falha crítica no Gemini CLI que poderia permitir execução remota de código em fluxos automatizados, sobretudo em ambientes sem interação humana, como pipelines de CI/CD. O problema afeta o pacote @google/gemini-cli no npm e também a action google-github-acti…

Ameaças Cibernéticas The Hacker News 🇺🇸

After Mythos: New Playbooks For a Zero-Window Era

When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast. Anthropic’s n…

Ameaças Cibernéticas HIPAA Clicks 🇺🇸

Medical Device Maker Medtronic Announces Data Breach

The medical device manufacturing giant Medtronic has confirmed that hackers breached its network and exfiltrated data. The company announced the […] The post Medical Device Maker Medtronic Announces Data Breach appeared first on The HIPAA Journal.

Ameaças Cibernéticas The Hacker News 🇺🇸

Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy.  Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber…

Ameaças Cibernéticas The Hacker News 🇺🇸

Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft …

Ameaças Cibernéticas The Hacker News 🇺🇸

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could a…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Robinhood account creation flaw abused to send phishing emails

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. [...]

Ameaças Cibernéticas CISO Advisor 🇧🇷

Framework de sabotagem atacou cinco anos antes do Stuxnet

Pesquisadores da empresa de segurança americana SentinelLABS descobriram um framework de sabotagem cibernética até agora não documentado, chamado fast16, cujos componentes principais datam de 2005 – cinco anos antes do Stuxnet, conforme análise publicada pela companhia. O compone…

Link copiado!