Toute l'actualité de la Cybersécurité
Service de Veille ZATAZ : détecter fuites de données, accès compromis et usurpations avant l'incident
2025-12-26 17:39:01
Veille cyber proactive : détection de fuites de données, identifiants compromis, usurpations et signaux dark web. Un service accessible, personnalisé, utilisé par des acteurs exigeants....
The Infinite Loop of "Fixing the Build": How to Escape CI/CD Purgatory
2025-12-26 17:00:16
DevOps is becoming more like "Copy-Paste DevOps," where we drag the same mediocre, insecure pipeline configuration from project to project, inheriting its flaws like a genetic defect. We need an architect...
A Quiet Conversation About Our Year in Code
2025-12-26 17:00:08
Software engineers are reflecting on the past year and looking forward to 2026. Here are some questions to help you think about your own path into 2026, and how you can improve.
How Anonymous Instagram Stories Viewing Changed My Social Media Strategy
2025-12-26 16:08:52
Anonymous Instagram Story viewing isn't about stalking—it's about strategy. This article explores how viewing public Stories without leaving a digital footprint reshaped competitive research, reduced...
The HackerNoon Newsletter: The Most Dangerous Person on Your Team is Dave (And He Just Quit) (12/26/2025)
2025-12-26 16:02:01
How are you, hacker?
🪐 What's happening in tech today, December 26, 2025?
The
HackerNoon Newsletter
brings the HackerNoon
...
Trust Wallet Chrome Extension Breach Caused Million Crypto Loss via Malicious Code
2025-12-26 15:31:00
Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a "security incident" that led to the loss of approximately million.
The issue,...
Mentorship and Diversity: Shaping the Next Generation of Cyber Experts
2025-12-26 15:15:00
Patricia Voight, CISO at Webster Bank, shares her expertise on advancing cybersecurity careers, combating financial crimes, and championing diversity in a rapidly changing industry.
Coding Rust With Claude Code and Codex
2025-12-26 15:00:09
Rust's compiler acts as an automatic expert reviewer for each edit the AI makes. Rust is becoming the foundation for reliable AI-assisted development. The Rust compiler doesn't just say “Error'...
Popular NPM Package lotusbail Exposed as Trojan Stealing WhatsApp Chats
2025-12-26 14:58:49
Koi Security uncovers lotusbail, a malicious npm package with 56K downloads that steals WhatsApp messages and installs a persistent backdoor. Learn how to protect your data.
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
2025-12-26 14:44:00
A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System (DNS) requests to deliver its...
Aflac confirms June data breach affecting over 22 million customers
2025-12-26 14:22:59
A June data breach exposed the personal information of more than 22 million Aflac customers, the company confirmed. A data breach in June exposed the information of more than 22 million Aflac customers,...
Meet the Writer: Two-Time Founder Sam Bhattacharyya on Accidentally Finding Product-Market Fit
2025-12-26 13:41:13
Sam is a startup founder, with an AI/ML background, a 6 year old son with whom he speaks in Mandarin, and some interesting stories from his first startup, as well as some interesting projects on the roadmap....
As More Coders Adopt AI Agents, Security Pitfalls Lurk in 2026
2025-12-26 13:04:07
Developers are leaning more heavily on AI for code generation, but in 2026, the development pipeline and security need to be prioritized.
TrustWallet Chrome Extension Hacked – Users Reporting Millions in Losses
2025-12-26 12:10:40
Many Trust Wallet users saw their wallets drained of over million after a security breach in the Chrome browser extension version 2.68.0, released on December 24, 2025. Blockchain investigator ZachXBT...
Dark Reading Opens The State of Application Security Survey
2025-12-26 12:00:48
Take part in the new survey from Dark Reading and help uncover trends, challenges, and solutions shaping the future of application security.
Spotify cracks down on unlawful scraping of 86 million songs
2025-12-26 10:51:04
Spotify shut down accounts after Anna's Archive scraped and published data on 86 million songs, confirming action against unlawful scraping. Spotify disabled user accounts after an open-source group...
Trust Wallet confirms extension hack led to million crypto theft
2025-12-26 09:47:08
Several users of the Trust Wallet Chrome extension report having their cryptocurrency wallets drained after installing a compromised extension update released on December 24, prompting an urgent response...
EasyRemote by Septeo, alternative française de prise en main
2025-12-26 09:28:29
EasyRemote by Septeo : prise en main à distance française, hébergement ISO 27001, chiffrement et traçabilité....
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
2025-12-26 09:27:00
A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection.
LangChain...
Only 1% of Phase 6 Remains as This .035 DeFi Crypto Enters Its Final Accumulation Window
2025-12-26 09:15:56
Mutuum Finance (MUTM) is a DeFi crypto built around lending and borrowing. It is preparing to activate these systems with its V1 launch. MUTM is currently priced at .035.
Why 100 Percent Test Coverage is Not Possible — Lessons from Testing Banking and Healthcare Systems
2025-12-26 08:05:14
Quality is not about testing everything; quality is about testing what is most important.
What I Learned Building a Food Delivery Analytics Tool with AI
2025-12-26 08:03:29
I used AI “vibe coding” to build a Chrome extension that analyzed my DoorDash history. It took a few hours, revealed some uncomfortable spending habits, and made me realize AI isn't replacing engineers...
Tether Is No Longer Just a Stablecoin Company
2025-12-26 08:03:00
If you believe financial inclusion matters more than institutional turf, Tether has done more in a decade than the World Bank did in 80 years.
Small Language Models Beat GPT-4 for Our Use Case: 94% Cost Reduction
2025-12-26 08:01:02
We slashed our AI costs by 94% switching from GPT-4 to small language models. Better performance, happier customers, ,730 monthly savings. Here's how.
The Architectural Mistake That Turns GTM Platforms Into Unreconcilable Ledgers
2025-12-26 08:00:40
Revenue systems rarely fail loudly. They fail through slow accumulation of policy debt, inconsistent approvals, and misaligned incentives. Fixing them requires treating governance as architecture, not...
Parrot 7.0 Released with New Penetration Testing and AI Tools
2025-12-26 05:04:39
Parrot OS 7.0, codenamed Echo, launches as a complete system rewrite based on Debian 13, bringing KDE Plasma 6, Wayland by default, and fresh penetration testing tools, including a dedicated AI category....
Utair - 401,400 breached accounts
2025-12-26 04:28:29
In August 2020, news broke of a data breach of Russian airline Utair that dated back to the previous year. The breach contained over 400k unique email addresses along with extensive personal information...
The Windows Event IDs Every Cybersecurity Professional Must Know
2025-12-26 04:25:04
A beginner-friendly breakdown of the Windows logs security teams rely on to detect attacks, insider threats, and suspicious activity.Continue reading on InfoSec Write-ups »
From SSRF to RCE: A 7-Step Chain Against PostHog
2025-12-26 04:17:54
When a 24-hour research window turned into a 7-step RCE chain, we found that PostHog’s SSRF, a ClickHouse 0day, and default PostgreSQL…Continue reading on InfoSec Write-ups »
TryHackMe: Daily Bugle Walkthrough
2025-12-26 04:17:36
Before I even deployed the machine, I’ll be honest — I hesitated.Continue reading on InfoSec Write-ups »
TryHackMe: Expose — Walkthrough
2025-12-26 04:17:11
Expose is an engaging machine that at first seems a bit confusing. You’re left wondering which port to dig into or where the entry point…Continue reading on InfoSec Write-ups »
️♂️ OSINT Using AI Vision: Extracting Secrets From Screenshots
2025-12-26 04:16:34
Welcome back to The Hacker’s Log 🏴☠️ — today we’re diving into one of the most underrated OSINT techniques: using AI Vision to extract…Continue...
Bug Bounty Isn't About Tools — It's About Thinking Like the App
2025-12-26 04:12:39
Hey there!😁Continue reading on InfoSec Write-ups »
Oracle Linux 8: ELSA-2025-23732 Important httpd Update for CVE-2025-55753
2025-12-26 03:04:19
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Debian LTS: postgresql-13 Critical DoS Integer Wraparound CVE-2025-12817
2025-12-26 02:31:47
A couple of vulnerabilities were discovered in postgresql-13, the widely-popular database management system: CVE-2025-12817 Missing authorization in PostgreSQL CREATE STATISTICS command allows a table...
Fedora 42: ov Critical Info Leak Fixed in 0.50.2 FEDORA-2025-9ded4c3651
2025-12-26 01:00:04
Update to 0.50.2
Fedora 42: docker-buildkit Update CVE-2024-25621 Important Fixes
2025-12-26 00:59:57
Update to release v0.26.3 Resolves CVE-2024-25621: rhbz#2419004, rhbz#2419033, rhbz#2419427 Upstream fix
Fedora 43: Critical Advisory for Excessive CPU Usage with chezmoi
2025-12-26 00:48:34
Update to 2.68.1
Fedora 43: ov 0.50.2 Critical Memory Exhaustion and Data Leak Alert
2025-12-26 00:48:33
Update to 0.50.2
Multiples vulnérabilités dans les produits IBM (26 décembre 2025)
26/12/2025
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service...
Multiples vulnérabilités dans VMware Tanzu Platform (26 décembre 2025)
26/12/2025
De multiples vulnérabilités ont été découvertes dans VMware Tanzu Platform. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans le noyau Linux d'Ubuntu (26 décembre 2025)
26/12/2025
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans le noyau Linux de SUSE (26 décembre 2025)
26/12/2025
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement...
Multiples vulnérabilités dans le noyau Linux de Red Hat (26 décembre 2025)
26/12/2025
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, un déni de service et...