The CISA KEV (Known Exploited Vulnerabilities) catalog lists actively exploited vulnerabilities. Structure, addition criteria, BOD 22-01, and SIEM/SOAR integration guide for European organizations.
Analysis of the Dropbox Sign (ex-HelloSign) breach: API key attack chain, exfiltration of 68 million accounts, impact on eSignature certificates and GDPR notification obligations.
A critical vulnerability in the Kubernetes admission controller allows privilege escalation through ServiceAccount token manipulation. Technical analysis, cloud-native impact and remediation plan.
Evolution of MFA fatigue attacks (push bombing) in 2026, combination with AitM phishing, number matching deployment at Microsoft, Okta and Duo, and recommended configuration for enterprises.
The UNC3944/Scattered Spider group launches new social engineering campaigns targeting European IT helpdesks. TTP analysis, MGM/Caesars parallels, and defense plan.
The European AI Regulation enters full application on August 2, 2026. GPAI obligations, articulation with NIS2 and DORA, high-risk system mapping, compliance plan.
Fortinet confirms attackers established persistent read access on FortiGate SSL-VPN appliances via symbolic links, exploiting CVE-2024-55591, CVE-2024-21762 and CVE-2022-42475. DFIR analysis and remediation plan.
A LayerX study published in April 2026 reveals that AI-powered browser extensions have 60% more vulnerabilities, access cookies 3 times more often, and have seen their permissions grow 6 times faster than traditional extensions.
An Android banking trojan connected to Cambodia's cybercrime networks is actively targeting users in 21 countries. Overlay attacks, SMS interception, accessibility abuse. Analysis and protection measures.
CISA has added two critical Ivanti vulnerabilities (CVE-2026-1281 and CVE-2026-1340, CVSS 9.1) to its KEV catalog with a remediation deadline of April 11, 2026. Analysis, context, and priority actions.
The ShinyHunters group is threatening to publish Rockstar Games Snowflake data on April 14, 2026. The breach allegedly runs through Anodot, a third-party AI analytics provider. Another supply chain attack case.
The UNC6783 group impersonates IT support staff by phone, then redirects victims to fake Okta login pages to bypass MFA in real time. A practical guide for detection and defense.