Category of intelligence

Vulnerabilities

News about security failures, exploits and vulnerabilities in systems

Stories published: 742 Showing up 9 articles per page

Reinvented ClickFix: False CAPTCHA, signed App-V and execution in memory of the Amatera stealer

Vulnerabilities

January 27, 2026 6 min de lectura 248

Reinvented ClickFix: False CAPTCHA, signed App-V and execution in memory of the Amatera stealer

Cybersecurity researchers have brought to light a chain of attack that combines an old acquaintance of web deception - ClickFix-type false CAPTCHAs - with a less expected maneuver…

Ransomware 2.0: The extortion that is no longer only technical, but a crisis of reputation and compliance

Vulnerabilities

January 27, 2026 6 min de lectura 136

Ransomware 2.0: The extortion that is no longer only technical, but a crisis of reputation and compliance

For years the approach against the Ransomware was basically technological: strengthening backup, deploying endpoints detection and practicing recovery manuals. However, that parad…

CTEM continuous exposure management that reduces real risk

Vulnerabilities

January 27, 2026 5 min de lectura 155

CTEM continuous exposure management that reduces real risk

For years, cybersecurity has ceased to be just a matter of patches and detectors: today the teams want to understand where threats are crossed with real weaknesses within their ow…

Office off-cycle patch fixes CVE-2026-21509: vulnerability that already allowed to avoid COM / OLE protections and facilitate targeted attacks

Vulnerabilities

January 27, 2026 4 min de lectura 147

Office off-cycle patch fixes CVE-2026-21509: vulnerability that already allowed to avoid COM / OLE protections and facilitate targeted attacks

Microsoft launched an off-cycle patch to correct a high-gravity vulnerability in Microsoft Office that is already being used in targeted attacks. Identified as CVE-2026-21509, the…

PeckBirdy the JScript frame that operates on browsers and opens doors without a trace

Vulnerabilities

January 27, 2026 6 min de lectura 146

PeckBirdy the JScript frame that operates on browsers and opens doors without a trace

Security researchers have identified a command and control framework based on JScript which is being exploited by actors aligned with China since 2023. The central part of this ca…

Stanley the subscription malware that deceives with extensions in the Chrome Web Store

Vulnerabilities

January 27, 2026 5 min de lectura 170

Stanley the subscription malware that deceives with extensions in the Chrome Web Store

A new subscription malware service has alerted researchers and security officials: under the commercial name of "Stanley," who offers it promises malicious extensions for browsers…

False CAPTCHA, signed binaries and steganography: the chain of attack that operates in memory to steal data

Vulnerabilities

January 26, 2026 5 min de lectura 208

False CAPTCHA, signed binaries and steganography: the chain of attack that operates in memory to steal data

In recent months, a chain of infection has emerged that combines classical social engineering with increasingly refined techniques to pass unnoticed. The researchers BlackPoint Cy…

Security alert: CVE-2026-21509 threatens Microsoft Office and demands emergency patches

Vulnerabilities

January 26, 2026 4 min de lectura 144

Security alert: CVE-2026-21509 threatens Microsoft Office and demands emergency patches

Microsoft has published this week off-schedule security updates to correct a high-gravity vulnerability in Microsoft Office that is already being exploited in attacks. The failure…

The espionage campaign that takes advantage of the tax fear in India to install a backdoor using legitimate tools

Vulnerabilities

January 26, 2026 5 min de lectura 194

The espionage campaign that takes advantage of the tax fear in India to install a backdoor using legitimate tools

Cybersecurity researchers have identified an active campaign that is exploiting fiscal fear to infect equipment in India with a backdoor in several phases, apparently for espionag…

Explore RadarBytes

Vulnerabilities

Reinvented ClickFix: False CAPTCHA, signed App-V and execution in memory of the Amatera stealer

Ransomware 2.0: The extortion that is no longer only technical, but a crisis of reputation and compliance

CTEM continuous exposure management that reduces real risk

Office off-cycle patch fixes CVE-2026-21509: vulnerability that already allowed to avoid COM / OLE protections and facilitate targeted attacks

PeckBirdy the JScript frame that operates on browsers and opens doors without a trace

Stanley the subscription malware that deceives with extensions in the Chrome Web Store

False CAPTCHA, signed binaries and steganography: the chain of attack that operates in memory to steal data

Security alert: CVE-2026-21509 threatens Microsoft Office and demands emergency patches

The espionage campaign that takes advantage of the tax fear in India to install a backdoor using legitimate tools

Disable your ad blocker

Vulnerabilities

Manage your cookies