loading=”lazy” width=”400px”>Cyberkriminelle verschicken ihre Malware als PDF-Dateien getarnt. IDG Der Security-Anbieter Malwarebytes hat kürzlich vor einer besonders perfiden Phishing-Kampagne gewarnt. Die Angreifer tarnen dabei ihre Malware als gewöhnliches PDF-Dokument. Mitarbeiter sind es gewohnt, Bestellungen oder Rechnungen im PDF-Format zu erhalten.… Read More "Vorgetäuschte PDFs bergen neue Gefahren"
Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead 22 Jan 2026 • , 6 min. read Apple Pay is clearly a hit with consumers. According to estimates,… Read More "Common Apple Pay scams, and how to stay safe"
System administrators are likely to have a busy February after Microsoft released updates to fix six actively exploited zero-day vulnerabilities, three of which have been publicly disclosed. The zero-days are as follows: CVE-2026-21510 is a security feature bypass vulnerability in… Read More "Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday"
In my recent articles for CSO, I’ve talked about the limits of current SOC models and the importance of rehearsal. This time, I want to focus on something that’s becoming increasingly clear: purple teaming has lost its depth. We’ve turned… Read More "The hard part of purple teaming starts after detection"
As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development 23 Jan 2026 • , 4 min. read AI chatbots have become a big part of all of our lives… Read More "Children and chatbots: What parents should know"
The US Cybersecurity and Infrastructure Security Agency (CISA) has published an initial list of hardware and software product categories that support or are expected to support post-quantum cryptography (PQC) standards. The list aims to guide organizations in planning PQC adoption… Read More "CISA Releases List of Post-Quantum Cryptography Product Categories"
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. “The intrusion relied on a social engineering scheme… Read More "North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations"
In 2026, the cybersecurity industry is expected to cross a threshold it has never reached before: More than 50,000 publicly disclosed software vulnerabilities in a single year. According to a new forecast from the Forum of Incident Response and Security… Read More "CISOs must separate signal from noise as CVE volume soars"
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper 23 Jan 2026 • , 2 min. read UPDATE (January 30th, 2026): For a technical breakdown of the incident affecting a company in Poland’s energy sector,… Read More "Sandworm behind cyberattack on Poland’s power grid in late 2025"
A surge in phishing attacks which exploit email routing settings and misconfigured domain spoofing protections to spoof domains and make malicious emails appear as if they were sent from within the organization are targeting Microsoft 365 accounts. Microsoft Threat Intelligence… Read More "Phishing attacks exploit misconfigured emails to target Microsoft 365"
