Cyber Security News – Insights and Resources for CISOs

Illustration of Iranian cyberattacks targeting U.S. critical infrastructure with hacker screens, PLC, SCADA, energy facilities, and U.S. and Iran flags

News

Iranian Hackers Escalate Attacks on U.S. Critical Infrastructure, Triggering New Warnings Over PLC and SCADA Exposure

U.S. authorities have warned that Iranian-affiliated cyber actors are escalating attacks against American critical infrastructure, with a growing focus on…

Bright digital illustration of a cyberattack on the European Commission showing EU flags, a cracked padlock, a hacker with a laptop, and a “DATA BREACH” alert over a cloud infrastructure background.

News

European Commission Confirms Data Breach After Cyberattack on Europa.eu Platform

Mar 31, 2026 G.C.Moresi

The European Commission has confirmed a data breach after a cyberattack on the cloud infrastructure hosting Europa.eu. Early findings suggest…

Cybersecurity illustration of Russian CTRL malware attack using malicious LNK file, Windows Hello phishing interface, keylogging and RDP hijacking via FRP reverse proxy tunnel

News

Russian CTRL Toolkit Uses Fake Private-Key LNK Files to Stealthily Hijack RDP Through FRP Tunne

Mar 31, 2026 G.C.Moresi

Censys has disclosed a previously undocumented Russian-origin .NET toolkit called CTRL that is delivered through fake private-key LNK files and…

Audience attending Swiss Cyber AI Conference 2026 in Lugano with keynote stage focused on cybersecurity and artificial intelligence

News

Lugano at the Center of Europe’s Cybersecurity & AI Debate: Swiss Cyber AI Conference 2026 Arrives on April 14, 2026

Jan 22, 2026 G.C.Moresi

Swiss Cyber AI Conference 2026 lands in Lugano on April 14, 2026. A full-day event focused on cybersecurity in the…

Illustration of Google Chrome zero-day vulnerabilities CVE-2026-3909 and CVE-2026-3910 showing Skia graphics exploit and V8 engine attack used in active browser exploitation campaigns.

News

Chrome Under Attack: Google Patches Two Actively Exploited Zero-Day Vulnerabilities (CVE-2026-3909, CVE-2026-3910)

Mar 16, 2026 G.C.Moresi

The two Chrome zero-day vulnerabilities highlight how browsers remain a prime attack surface. Memory corruption in Skia and flaws in…

PSD2 EU payment directive illustration showing bank security shield, refund approval after phishing fraud, European Union flag and digital banking protection concept.

News

Phishing Fraud: What the EU Directive Really Says About Bank Liability

Mar 9, 2026 G.C.Moresi

The EU’s PSD2 directive transformed digital payments with stronger security, open banking and clear liability rules. But does it force…

News

Google Patches Actively Exploited Chrome Zero-Day

Feb 23, 2026 G.C.Moresi

Google patched an actively exploited Chrome zero-day (CVE-2026-2441) enabling remote code execution via a CSS use-after-free flaw. CISOs must act…

Cybersecurity illustration showing hacker exploiting vulnerabilities in cloud password managers and breaking encrypted password vault

News

Critical Vulnerabilities in Cloud Password Managers Undermine “Zero-Knowledge” Claims

Feb 17, 2026 G.C.Moresi

ETH Zurich researchers found 25 vulnerabilities in Bitwarden, LastPass, and Dashlane that can undermine “zero-knowledge” protections under a malicious server…

Zero-click remote code execution vulnerability in Claude Desktop Extensions, featuring a malicious Google Calendar event and AI model exploit

News

Exposed: Zero-Click RCE Vulnerability in Claude Desktop Extensions Puts Over 10,000 Users at Risk

Feb 12, 2026 G.C.Moresi

A critical zero-click RCE vulnerability in Claude Desktop Extensions exposes over 10,000 users to remote attacks via a malicious Google…

Illustration showing the Chrysalis backdoor attack chain used by the Lotus Blossom APT, including DLL sideloading, NSIS installer abuse, encrypted C2 communication, and advanced malware tooling.

News

The Chrysalis Backdoor: When Espionage Tooling Evolves in Plain Sight

Feb 3, 2026 G.C.Moresi

Rapid7 uncovered a Lotus Blossom espionage campaign delivering the new “Chrysalis” backdoor via a compromised Notepad++ distribution chain. The tool…

Visualization of a large-scale credential leak showing exposed email addresses and passwords, illustrating infostealer malware, credential reuse, and identity security risks faced by enterprises and CISOs.

News

149 Million Credentials Exposed: Why This Leak Matters More Than the Numbers

Jan 27, 2026 G.C.Moresi

A leaked database with 149 million credentials proves that credential compromise is now a constant risk. For CISOs and CIOs,…

Cybersecurity News, Threat Intelligence & CISO Best Practices

Latest Post

Iranian Hackers Escalate Attacks on U.S. Critical Infrastructure, Triggering New Warnings Over PLC and SCADA Exposure

European Commission Confirms Data Breach After Cyberattack on Europa.eu Platform

Russian CTRL Toolkit Uses Fake Private-Key LNK Files to Stealthily Hijack RDP Through FRP Tunne

Lugano at the Center of Europe’s Cybersecurity & AI Debate: Swiss Cyber AI Conference 2026 Arrives on April 14, 2026

Chrome Under Attack: Google Patches Two Actively Exploited Zero-Day Vulnerabilities (CVE-2026-3909, CVE-2026-3910)

Phishing Fraud: What the EU Directive Really Says About Bank Liability

Google Patches Actively Exploited Chrome Zero-Day

Critical Vulnerabilities in Cloud Password Managers Undermine “Zero-Knowledge” Claims

Exposed: Zero-Click RCE Vulnerability in Claude Desktop Extensions Puts Over 10,000 Users at Risk

The Chrysalis Backdoor: When Espionage Tooling Evolves in Plain Sight

149 Million Credentials Exposed: Why This Leak Matters More Than the Numbers

You missed

Iranian Hackers Escalate Attacks on U.S. Critical Infrastructure, Triggering New Warnings Over PLC and SCADA Exposure

European Commission Confirms Data Breach After Cyberattack on Europa.eu Platform

Russian CTRL Toolkit Uses Fake Private-Key LNK Files to Stealthily Hijack RDP Through FRP Tunne

Chrome Under Attack: Google Patches Two Actively Exploited Zero-Day Vulnerabilities (CVE-2026-3909, CVE-2026-3910)