Toute l'actualité de la Cybersécurité
Fired Intel Engineer Stolen 18,000 Files, Many of which Were Classified as “Top Secret”
2025-11-10 12:17:51
Intel has filed a federal lawsuit against a former employee accused of downloading thousands of classified documents shortly after being terminated, raising serious concerns about corporate data security...
Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting
2025-11-10 12:17:10
With a 4M cybersecurity worker shortage, agentic AI helps SOCs move beyond triage, enabling proactive security once thought impossible. With a deficit of 4 million cybersecurity workers worldwide, it's...
USN-7865-1: Linux kernel (FIPS) vulnerabilities
2025-11-10 12:06:59
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain...
Watch out for Walmart gift card scams
2025-11-10 11:41:54
The only thing you're winning here is a spot on marketing lists you never asked to join.
Threat Actors Attacking Outlook and Google Bypassing Traditional Email Defenses
2025-11-10 11:35:36
Threat actors are systematically compromising Outlook and Google mailboxes with alarming success, leveraging sophisticated techniques that sidestep traditional email defenses entirely. According to VIPRE’s...
New Report Warns of Threat Actors Actively Adopting AI Platforms to Attack Manufacturing Companies
2025-11-10 11:33:32
The manufacturing sector faces an escalating threat landscape as cybercriminals increasingly exploit cloud-based platforms and artificial intelligence services to conduct sophisticated attacks. A comprehensive...
Avec Fastnet, AWS contrôle la connectivité transatlantique de ses services
2025-11-10 11:02:40
Amazon Web Services a annoncé le lancement de Fastnet, son dernier câble sous-marin à fibre optique transatlantique qui va relier le (...)
Google's Gemini Deep Research Tool Gains Access to Gmail, Chat, and Drive Data
2025-11-10 11:02:04
Google has expanded its Gemini AI model’s Deep Research feature to pull data directly from users’ Gmail, Google Drive, and Google Chat accounts. Announced today, this update allows the tool...
Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover
2025-11-10 10:53:49
Monsta FTP users must update now! A critical pre-authentication flaw (CVE-2025-34299) allows hackers to fully take over web servers. Patch to version 2.11.3 immediately.
Bitcoin.com and Concordium Partner to Enable Privacy-First Age Verification for 75 Million Wallets
2025-11-10 10:39:34
Bitcoin.com partners with Concordium to enable zero-knowledge age verification for 75M wallets, addressing the 8B stablecoin adoption bottleneck.
How to Write Technical Specs That Actually Ship
2025-11-10 10:18:40
Technical specifications are powerful tools for shipping features from idea to production. This guide teaches you how to write specs that validate ideas early, get stakeholder buy-in, and drive implementation....
HackGPT Launches as AI-Driven Penetration Testing Suite Using GPT-4 and Other Models
2025-11-10 10:13:28
HackGPT Enterprise has officially launched as a production-ready, cloud-native AI-powered penetration testing platform designed specifically for enterprise security teams. Created by Yashab Alam, Founder...
Elastic Defend for Windows Vulnerability Let Attackers Escalate Privileges
2025-11-10 10:05:34
Elastic has disclosed a significant security vulnerability in Elastic Defend for Windows that could allow attackers to escalate their privileges on affected systems. Tracked as CVE-2025-37735 and designated...
10 Popular Black Friday Scams – How to Detect the Red Flags and Protect your wallet and Data
2025-11-10 09:59:58
Black Friday 2025 represents the most dangerous shopping season in cybercrime history, with fraudsters leveraging artificial intelligence, deepfake technology, and sophisticated social engineering tactics...
Ransomware Operators Exploit RMM Tools to Deploy Medusa and DragonForce
2025-11-10 09:57:48
Cybersecurity researchers at Zensec have exposed a sophisticated supply-chain attack campaign that weaponised trusted Remote Monitoring and Management (RMM) infrastructure to deploy ransomware across...
USN-7862-2: Linux kernel vulnerability
2025-11-10 09:54:46
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain...
USN-7860-5: Linux kernel (HWE) vulnerability
2025-11-10 09:40:01
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain...
Defender Application Guard pour Office abandonné d'ici 2027
2025-11-10 09:26:08
La fin de vie de Defender Application Guard de Microsoft (MDAG) se précise. Cette fonction, qui protège les documents Office de logiciels (...)
Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads
2025-11-10 09:19:15
Nine NuGet packages by “shanhai666” can deploy delayed payloads to disrupt databases and industrial systems. Socket’s Threat Research Team discovered nine malicious NuGet packages, published...
Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware
2025-11-10 09:11:00
Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying...
Google Cloud greffe de l'observabilité dans Vertex AI Agent Builder
2025-11-10 09:06:53
Petit à petit, Google Cloud enrichit Vertex AI Agent Builder avec des tableaux de bord d'observabilité inédits, des outils de création (...)
L'ANSSI vous donne rendez-vous à la ECW 2025
2025-11-10 08:57:41
L'ANSSI vous donne rendez-vous à la ECW 2025
anssiadm
lun 10/11/2025 - 08:57
Du 17 au 20 novembre 2025, l'ANSSI participera à la 10e édition de l'European Cyber...
MAD-CAT Meow Attack Tool to Simulate Real-World Data Corruption Attacks
2025-11-10 08:51:04
MAD-CAT (Meow Attack Data Corruption Automation Tool) targets MongoDB, Elasticsearch, Cassandra, Redis, CouchDB, and Hadoop HDFS, exactly the systems hit in the original wave. This persistent threat inspired...
GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs
2025-11-10 08:51:00
Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code (VS...
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
2025-11-10 08:49:03
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote...
Critical runc Vulnerabilities Put Docker and Kubernetes Container Isolation at Risk
2025-11-10 08:05:30
Three critical vulnerabilities in runc, the container runtime powering Docker, Kubernetes, and other containerization platforms. These flaws could allow attackers to escape container isolation and gain...
Q4 2025 Milestone, V1 Protocol Launch Planned for Mutuum Finance (MUTM)
2025-11-10 08:04:46
Mutuum Finance (MUTM) is preparing to roll out its V1 protocol on the Sepolia testnet in Q4 2025. This major milestone marks the shift from planning to tangible delivery. The token is currently priced...
A week in security (November 3 – November 9)
2025-11-10 08:02:00
A list of topics we covered in the week of November 3 to November 9 of 2025
Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case
2025-11-10 08:01:20
An extract from “The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy” by Francesco Cancellato, published by Rizzoli on November 11, 2025. This surveillance...
Monsta web-based FTP Remote Code Execution Vulnerability Exploited
2025-11-10 07:38:21
A critical remote code execution vulnerability in Monsta FTP, a popular web-based FTP client used by financial institutions and enterprises worldwide. The flaw, now tracked as CVE-2025-34299, affects...
APT Groups Target Construction Firms to Steal RDP, SSH, and Citrix Credentials
2025-11-10 07:27:37
The construction industry has emerged as a primary target for sophisticated cyber adversaries in 2025, with threat actors including state-sponsored APT groups, ransomware operators, and organized cybercriminal...
The TechBeat: Klink Finance Partners with M20 Chain to Expand Web3 Earning Opportunities to Over 6 Million Users (11/10/2025)
2025-11-10 07:10:57
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
Ex-Intel Employee Hid 18,000 Sensitive Documents Prior to Leaving the Company
2025-11-10 07:01:53
Intel is pursuing legal action against a former software engineer who the company claims downloaded thousands of confidential files shortly after being fired in July. The incident highlights growing concerns...
LangGraph Deserialization Flaw Enables Execution of Malicious Python Code
2025-11-10 06:54:25
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component,...
Elastic Defend for Windows Vulnerability Allows Threat Actors to Gain Elevated Access
2025-11-10 06:43:49
Elastic has released a security advisory addressing a significant vulnerability in Elastic Defend that could allow attackers to escalate their privileges on Windows systems. The vulnerability, tracked...
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
2025-11-10 06:21:51
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access...
HackGPT: AI-Powered Penetration Testing Platform Includes GPT-4 and Other AI Engines
2025-11-10 03:29:26
HackGPT Enterprise is a new tool made for security teams focuses on being scalable and compliant, meeting the growing need for effective vulnerability assessments. The platform supports multi-model AI,...
Fedora 41: xorg-x11-server-Xwayland Important CVE Fixes 2025-0e29263f5a
2025-11-10 02:50:33
Update to xwayland 24.1.9, CVE fix for: CVE-2025-62229, CVE-2025-62230, CVE-2025-62231
Fedora 43: Chromium High Security Issues CVE-2025-12725, 12726, 12727
2025-11-10 00:48:46
Update to 142.0.7444.134 * High CVE-2025-12725: Out of bounds write in WebGPU * High CVE-2025-12726: Inappropriate implementation in Views * High CVE-2025-12727: Inappropriate implementation in V8 * Medium...
Fedora 43 Pydantic Moderate Bug Fix Security Update 2025-312ac3e645
2025-11-10 00:47:44
Pydantic 2.12.4 This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.
Fedora 43: rust-reqsign Critical Signing Issue Advisory 2025-312ac3e645
2025-11-10 00:47:44
Pydantic 2.12.4 This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.
Fedora 43: Critical Rust-Reqsign Update for Http Send Reqwest Serialization
2025-11-10 00:47:44
Pydantic 2.12.4 This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.
Fedora 43: rust-reqsign-file-read-tokio Critical DoS Threat 2025-312ac3e645
2025-11-10 00:47:44
Pydantic 2.12.4 This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.
QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025
2025-11-10 00:01:33
QNAP patched seven zero-days used at Pwn2Own 2025 affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3. Taiwanese vendor QNAP patched seven zero-day vulnerabilities exploited at...