Agregátor RSS

Latest in a string of cases that have earned France an unfortunate title

A mother and her ten-year-old son are now free after being kidnapped for around 20 hours while the father was being extorted for hundreds of thousands of euros.…

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. "Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Program Google vyšel pro Windows, ale zatím jen v angličtině. • Vyhledávání na webu, nabízí AI, režim Lens nebo lokální vyhledávání. • Spouští se klávesovou zkratkou Alt+mezerník, stejně jako Copilot a ChatGPT.

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Statistics across all threats

The percentage of ICS computers on which malicious objects were blocked has been decreasing since the beginning of 2024. In Q4 2025, it was 19.7%. Over the past three years, the percentage has decreased by 1.36 times, and by 1.25 times since Q4 2023.

Percentage of ICS computers on which malicious objects were blocked, Q1 2023–Q4 2025

Regionally, in Q4 2025, the percentage of ICS computers on which malicious objects were blocked ranged from 8.5% in Northern Europe to 27.3% in Africa.

Regions ranked by percentage of ICS computers on which malicious objects were blocked

Four regions saw an increase in the percentage of ICS computers on which malicious objects were blocked. The most notable increases occurred in Southern Europe and South Asia. In Q3 2025, East Asia experienced a sharp increase triggered by the local spread of malicious scripts, but the figure has since returned to normal.

Changes in percentage of ICS computers on which malicious objects were blocked, Q4 2025

Feature of the quarter: worms in email

In Q4 2025, the percentage of ICS computers on which wormsinemailattachments were blocked increasedinallregions of the world.

Many of the blocked threats were related to the worm Backdoor.MSIL.XWorm. This malware is designed to persist on the system and then remotely control it.

Interestingly, this threat was not detected on ICS computers in the previous quarter, yet it appeared in all regions in Q4 2025.

A study found that the active spread of Backdoor.MSIL.XWorm via phishing emails was likely linked to the use by hackers of another malware obfuscation technique that was actively used during massive phishing campaigns in Q4 2025. These campaigns have been known since 2024 as “Curriculum-vitae-catalina”.

The attackers distributed phishing emails to HR managers, recruiters, and employees responsible for hiring. The messages were disguised as responses from job applicants with subjects such as “Resume” or “Attached Resume” and contained a malicious executable file under the guise of a curriculum vitae. Typically, the file was named Curriculum Vitae-Catalina.exe. When executed, it infected the system.

In Q4 2025, the threat spread across regions in two waves — one in October and another in November. Russia, Western Europe, South America, and North America (Canada) were attacked in October. A spike in Backdoor.MSIL.XWorm blocking was observed in other regions in November. The attack subsided in all regions in December.

The highest percentage of ICS computers on which Backdoor.MSIL.XWorm was blocked was observed in regions where threats from email clients had been historically blocked at high rates on ICS computers: Southern Europe, South America, and the Middle East.

At the same time, in Africa, where USB storage media are still actively used, the threat was also detected when removable devices were connected to ICS computers.

Selected industries

The biometrics sector has historically led the rankings of industries and OT infrastructures surveyed in this report in terms of the percentage of ICS computers on which malicious objects were blocked.

These systems are characterized by accessibility to and from the internet, as well as minimal cybersecurity controls by the consumer organization.

Rankings of industries and OT infrastructure by percentage of ICS computers on which malicious objects were blocked

In Q4 2025, the percentage of ICS computers on which malicious objects were blocked increased only in one sector: oil and gas. The corresponding figures increased in two regions: Russia, and Central Asia and the South Caucasus.

However, if we look at a broader time span, there is a downward trend in all the surveyed industries.

Percentage of ICS computers on which malicious objects were blocked in selected industries

Diversity of detected malicious objects

In Q4 2025, Kaspersky protection solutions blocked malware from 10,142 different malware families of various categories on industrial automation systems.

Percentage of ICS computers on which the activity of malicious objects from various categories was blocked

In Q4 2025, there was an increase in the percentage of ICS computers on which worms, and miners in the form of executable files for Windows were blocked. These were the only categories that exhibited an increase.

Main threat sources

Depending on the threat detection and blocking scenario, it is not always possible to reliably identify the source. The circumstantial evidence for a specific source can be the blocked threat’s type (category).

The internet (visiting malicious or compromised internet resources; malicious content distributed via messengers; cloud data storage and processing services and CDNs), email clients (phishing emails), and removable storage devices remain the primary sources of threats to computers in an organization’s technology infrastructure.

In Q4 2025, the percentage of ICS computers on which malicious objects from various sources were blocked decreased. All sources except email clients saw their lowest levels in three years.

Percentage of ICS computers on which malicious objects from various sources were blocked

The same computer can be attacked by several categories of malware from the same source during a quarter. That computer is counted when calculating the percentage of attacked computers for each threat category, but is only counted once for the threat source (we count unique attacked computers). In addition, it is not always possible to accurately determine the initial infection attempt. Therefore, the total percentage of ICS computers on which various categories of threats from a certain source were blocked can exceed the percentage of computers affected by the source itself.

• In Q4 2025, the percentage of ICS computers on which threats from the internet were blocked decreased to 7.67% and reached its lowest level since the beginning of 2023. The main categories of internet threats are malicious scripts and phishing pages, and denylisted internet resources. The percentage ranged from 3.96% in Northern Europe to 11.33% in South Asia.
• The main categories of threats from email clients blocked on ICS computers were malicious scripts and phishing pages, spyware, and malicious documents. Most of the spyware detected in phishing emails was delivered as a password archive or a multi-layered script embedded in office document files. The percentage of ICS computers on which threats from email clients were blocked ranged from 0.64% in Northern Europe to 6.34% in Southern Europe.
• The main categories of threats that were blocked when removable media was connected to ICS computers were worms, viruses, and spyware. The percentage of ICS computers on which threats from removable media were blocked ranged from 0.05% in Australia and New Zealand to 1.41% in Africa.
• The main categories of threats that spread through network folders in Q4 2025 were viruses, AutoCAD malware, worms, and spyware. The percentage of ICS computers on which threats from network folders were blocked ranged from 0.01% in Northern Europe to 0.18% in East Asia.

Threat categories

Typical attacks blocked within an OT network are multi-step sequences of malicious activities, where each subsequent step of the attackers is aimed at increasing privileges and/or gaining access to other systems by exploiting the security problems of industrial enterprises, including OT infrastructures.

Malicious objects used for initial infection

In Q4 2025, the percentage of ICS computers on which denylisted internet resources were blocked decreased to 3.26%. This is the lowest quarterly figure since the beginning of 2022, and it has decreased by 1.8 times since Q2 2025.

Percentage of ICS computers on which denylisted internet resources were blocked, Q1 2023–Q4 2025

Regionally, the percentage of ICS computers on which denylisted internet resources were blocked ranged from 1.74% in Northern Europe to 3.93% in Southeast Asia, which displaced Africa from first place. Russia rounded out the top three regions for this indicator.

The percentage of ICS computers on which malicious documents were blocked increased for three consecutive quarters. However, in Q4 2025 it decreased by 0.22 pp to 1.76%.

Percentage of ICS computers on which malicious documents were blocked, Q1 2023–Q4 2025

Regionally, the percentage ranged from 0.46% in Northern Europe to 3.82% in Southern Europe. In Q4 2025, the indicator increased in Eastern Europe, Russia, and Western Europe.

The percentage of ICS computers on which malicious scripts and phishing pages were blocked decreased to 6.58%. Despite the decline, this category led the rankings of threat categories in terms of the percentage of ICS computers on which they were blocked.

Percentage of ICS computers on which malicious scripts and phishing pages were blocked, Q1 2023–Q4 2025

Regionally, the percentage ranged from 2.52% in Northern Europe to 10.50% in South Asia. The indicator increased in South Asia, South America, Southern Europe, and Africa. South Asia saw the most notable increase, at 3.47 pp.

Next-stage malware

Malicious objects used to initially infect computers deliver next-stage malware — spyware, ransomware, and miners — to victims’ computers. As a rule, the higher the percentage of ICS computers on which the initial infection malware is blocked, the higher the percentage for next-stage malware.

In Q4 2025, the percentage of ICS computers on which spyware, ransomware and web miners were blocked decreased. The rates were:

• Spyware: 3.80% (down 0.24 pp). For the second quarter in a row, spyware took second place in the rankings of threat categories in terms of the percentage of ICS computers on which it was blocked.
• Ransomware: 0.16% (down 0.01 pp).
• Web miners: 0.24% (down 0.01 pp), this is the lowest level observed thus far in the period under review.

The percentage of ICS computers on which miners in the form of executable files for Windows were blocked increased to 0.60% (up 0.03 pp).

Self-propagating malware

Self-propagating malware (worms and viruses) is a category unto itself. Worms and virus-infected files were originally used for initial infection, but as botnet functionality evolved, they took on next-stage characteristics.

To spread across ICS networks, viruses and worms rely on removable media and network folders and are distributed in the form of infected files, such as archives with backups, office documents, pirated games and hacked applications. In rarer and more dangerous cases, web pages with network equipment settings, as well as files stored in internal document management systems, product lifecycle management (PLM) systems, resource management (ERP) systems and other web services are infected.

In Q4 2025, the percentage of ICS computers on which worms were blocked increased by 1.6 times to 1.60%. As mentioned above, this increase is related to a global phishing attack that spread the Backdoor.MSIL.XWorm backdoor worm across all regions of the world. The percentage increased in all regions. The biggest increase (up by 2.16 times) was in Southern Europe. The malware was primary distributed through email clients, and Southern Europe led the way in terms of the percentage of ICS computers on which threats from email clients were blocked.

The percentage of ICS computers on which viruses were blocked decreased to 1.33%.

AutoCAD malware

This category of malware can spread in a variety of ways, so it does not belong to a specific group.

After an increase in the previous quarter, the percentage of ICS computers on which AutoCAD malware was blocked decreased to 0.29% in Q4 2025.

For more information on industrial threats see the full version of the report.

Vuln old enough to drive lands on CISA's exploited list

While Microsoft was rolling out its bumper Patch Tuesday updates this week, US cybersecurity agency CISA was readying an alert about a 17-year-old critical Excel flaw now under exploit.…

Co se letos nejvíc hraje na Xboxu? Vyšli jsme z oficiálních žebříčků, které Xbox vydává, a našli nejoblíbenější hry pro modely X, S i starší One.

Microsoft confirmed on Tuesday that some Windows Server 2025 devices will boot into BitLocker recovery after installing the April 2026 KB5082063 Windows security update. [...]

Command prefix will require password by default

The latest version of Raspberry Pi OS now requires a password for sudo by default.…

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s AI Security and Exposure Report 2026 reflects that momentum: every CISO [email protected]

Mercusys MR25BE lze v několika obchodech koupit už za 1000 Kč. • Jde o nejdostupnější router s podporou Wi-Fi 7. • Má všechny potřebné funkce, jednoduché nastavení a láká na EasyMesh.

Microsoft has finally fixed a known issue that was causing systems running Windows Server 2019 and 2022 to "unexpectedly" upgrade to Windows Server 2025. [...]

Open Rights Group says years of reliance on US giants have left Britain exposed

Britain has spent years wiring its public sector into US Big Tech, and a new report says that dependence could quickly become a national security headache.…

V Chile spatřil první světlo dalekohled PoET • Jeho úkolem bude pozorovat Slunce a hledat exoplanety • Na Slunci se budou vědci učit, jak v datech pracovat s hvězdnou aktivitou

Psst: Come close. I’ve got something to share with you, and I don’t want everyone around here to hear it.

Oh — hi! Sorry, I didn’t realize you were here. I was actually talking out loud to my phone just now, as one does, thanks to a nifty new air gesture I set up that activates my device’s voice search anytime I bring the thing close to my face.

Kinda wild, right? It is — and it’s also a massive efficiency-enhancer for those of us enlightened enough to be using Android. (Sorry, iPhone pals. But hey, Apple might give you a watered down version of something similar in another seven to 17 years, and it’s sure to be ~completely magical~. Hang tight!)

Usually, when we think about Android gestures, we think about the standard on-screen swipes and taps that help us navigate our devices — or maybe even the advanced maneuvers that make it even faster to fly around a phone like a total nerd wizard. Today, though, we’re gonna broaden our view of “gesture” to include a simple kind of physical movement that doesn’t even involve any direct device contact.

It’s a brilliantly easy way to interact with your Googley gizmo and open up new productivity-boosting possibilities — and, oh yes: It’s yet another fantastic feat you’d only be able to accomplish here in the land of Android.

[Oh, hey — love shortcuts? My free Android Shortcut Supercourse will teach you tons of advanced time-savers. Start here!]

Your Android air gesture advantage

All right — first things first: The wand we need for this fancy feat of ours is a splendidly useful Android power-user tool called MacroDroid.

MacroDroid is an advanced automation app that’s been appreciated by advanced Android phone owners for many a moon now. It can help you set up all sorts of experience-enhancing awesomeness, and the purpose we’re using for it today represents just a tiny fraction of its potential.

But it’s a good one. So to start, go grab the app, if you don’t already have it installed. It’s free with an optional premium upgrade that eliminates ads throughout its setup interface and enables some extra capabilities (which aren’t required for anything we’re about to go over). It doesn’t sell or share any sort of user data or require any disconcerting permissions.

Got it? Good. Now:

• Open up MacroDroid and make your way through its initial welcome screens.
• Once you see the app’s main menu screen, with a bunch of colorful boxes, flip the toggle in the upper-right corner into the on and active position to activate MacroDroid and get it up and running.
• Then, tap the first box in the list — the one that says “Add Macro.”

width="1024" height="1018" sizes="auto, (max-width: 1024px) 100vw, 1024px">That first box is the only one you need to mess with on the main MacroDroid menu screen.

JR Raphael, Foundry

• Now, in the red box labeled “Triggers,” tap the little plus symbol and then select “Sensors” followed by “Proximity Sensor.”
• Make sure “Near” is selected in the pop-up that appears and tap “OK.”
• Then, in the blue box labeled “Actions,” tap the little plus symbol and then select “Device Actions” followed by “Voice Search.”

At this point, your screen should look a little somethin’ like this:

Your Android air gesture recipe — almost ready to serve you.

JR Raphael, Foundry

And, guess what? Our work here is almost done! Give yourself a preemptive pat on the back for encouragement, and let’s wrap this bad boy up so you can start putting it to proper use:

• All that’s left now is give this macro we created a name by tapping the “Enter macro name” line at the tippity-top of the screen and typing in any title you like — “Raise,” “Raise for input,” “Herman T. Schmidthopper,” or anything at all, really. It doesn’t make much difference, and you’re the only one who’ll ever see it.
• Last but not least, with that out of the way, tap the left-facing arrow in the upper-left corner of the screen and confirm you want to save your creation.

You should then see it showing up and activated in the MacroDroid macro list:

Your custom Android air gesture is there and active. Excelsior!

JR Raphael, Foundry

And with that, take a deep breath: You did it! Look at you, you splendid little virtual sorcerer, you.

At this point, all that’s left is to test out your awe-inspiring new air gesture by raising your phone up close to your forehead, as if you’re about to whisper a saucy secret into its screen. (Don’t worry. I’m not listening.)

Once the phone gets close enough, the proximity sensor should detect your closeness (ooh, baby…) — and you should see a prompt for your voice search show up on the screen.

The very first time that happens, you’ll probably have to tell it that you want this action to use Google — or whatever virtual assistant you prefer, if you’ve got others installed — for your voice search.

Then, every subsequent time you bring the phone close to your suspiciously shiny mug, it’ll instantly fire up your preferred voice input companion, and you can just yap away with whatever question or command you want.

width="800" height="825" sizes="auto, (max-width: 800px) 100vw, 800px">This is me bringing my phone close to my face. Can you feel my excitement?!

JR Raphael, Foundry

The interesting twist here is that recent signs suggest Samsung is developing a similar sort of setup for its future Galaxy gizmos — but there, it looks like the air gesture will be limited to letting you raise your phone to talk to Bixby, which obviously isn’t something anyone actually wants.

The beauty of this approach is that (a) you can use it this instant, on any Android device, no matter who made it — and (b) you’ve got complete control over how it works. You could play around with having a totally different kind of action launch when you move your phone close to your face, or you could even shake up the gesture itself to involve something else entirely (like, for instance, shaking) instead of the proximity move.

Here on Android, the power is squarely in your hands. And now, you know exactly how to embrace it.

Air five!

Get even more advanced shortcut knowledge with my free Android Shortcut Supercourse. You’ll learn tons of time-saving tricks!

NAS dnes zvládá spoustu dalších úkolů, stačí doinstalovat patřičný balíček a službu nastavit. My se podíváme na dvě užitečné služby: vlastní cloud s bezpečným trezorem.

Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one is rated Low in severity. Ninety-three of the flaws are Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive

Exclusive  Security researchers hijacked three popular AI agents that integrate with GitHub Actions by using a new type of prompt injection attack to steal API keys and access tokens, and the vendors who run agents didn’t disclose the problem.…

Pálení čarodějnic je tisíciletý zvyk. Udělejte na svém počítači to samé a vyměňte starý software za čerstvě nový od Goodoffer24.com, ať už půjde o Windows 11 Pro, Office 2019 nebo hry!

Ryzen 9 9950X3D2, který se chystá na příští týden, je vybaven V-cache na obou procesorových čipletech. Přestože do vydání ještě nějaký čas zbývá, můžeme se podívat na výkon ve SPECView…