Toute l'actualité de la Cybersécurité


Deux suspects Scattered Spider face à la justice

2025-12-10 11:56:44
Deux jeunes Britanniques liés à Scattered Spider nient toute implication dans l'attaque contre TfL, sur fond de coopérations NCA–FBI et de charges passibles de la perpétuité....

Lire la suite »

Fuite massive chez Coupang, 33,7 millions de comptes exposés

2025-12-10 11:38:28
Fuite géante chez Coupang : 33,7 millions de comptes exposés et le modèle sud-coréen de protection des données sous pression....

Lire la suite »

Microsoft Outlook Vulnerability Let Attackers Execute Malicious Code Remotely

2025-12-10 11:22:23
Microsoft has patched a critical remote code execution (RCE)vulnerability in Outlook that could allow attackers to execute malicious code on vulnerable systems. The flaw, tracked as CVE-2025-62562, was...

Lire la suite »

Cryptomixer perquisitionné, 29 millions en bitcoins saisis

2025-12-10 11:14:32
Cryptomixer démantelé : Europol, la Suisse et l'Allemagne frappent un mixeur bitcoin clé du blanchiment crypto et saisissent plus de 25 millions d'euros....

Lire la suite »

Faux site TickMill : un hub d'arnaque démantelé

2025-12-10 11:01:30
Le Justice stoppe un faux site TickMill birman et cible les réseaux d'arnaque crypto liés aux centres d'escroquerie régionaux....

Lire la suite »

North Korean Hackers Exploit React2Shell Vulnerability in the Wild to Deploy EtherRAT

2025-12-10 11:00:28
A novel, highly sophisticated malware strain targeting vulnerable React Server Components, signaling a significant evolution in how state-sponsored threat actors are exploiting the critical React2Shell...

Lire la suite »

01flip: Multi-Platform Ransomware Written in Rust

2025-12-10 11:00:12
01flip is a new ransomware family fully written in Rust. Activity linked to 01flip points to alleged dark web data leaks. The post 01flip: Multi-Platform Ransomware Written in Rust appeared first on...

Lire la suite »

Why Mathematicians Still Struggle to Define Equality in the Computer Age

2025-12-10 11:00:04
The article unpacks why the everyday mathematical idea of equality is far more subtle than it appears, showing how attempts to formalize it in theorem provers like Lean reveal gaps between mathematical...

Lire la suite »

Unnecessary Risk: The Persistence of Open Source Vulnerabilities

2025-12-10 11:00:01
Log4Shell was supposed to be the wake-up call that changed everything. Four years later, the data says otherwise.

Lire la suite »

Not a Lucid Web3 Dream Anymore: x402, ERC-8004, A2A, and The Next Wave of AI Commerce

2025-12-10 10:50:13
This article is divided into four parts, each of which builds the context you need for the next. Part 1 explains how x402 fits into existing Web2 and enterprise billing flows, and how it can move companies...

Lire la suite »

The Future of AI Infrastructure: Consolidation for Giants, Vertical Solutions for Startups

2025-12-10 10:36:10
John Wang is the Head of Neo Ecosystem Growth and Managing Director of Neo Ecofund. His latest focus on SpoonOS represents a bold bet on democratizing AI infrastructure. SpoonOS recently launched the...

Lire la suite »

Patch Tuesday décembre 2025 : une faille critique exploitée à corriger rapidement

2025-12-10 10:33:26
Les administrateurs système et les équipes sécurité ont encore un peu de travail pour ce mois décembre avec le traditionnel (...)

Lire la suite »

Ukrainian Woman in US Custody for Aiding Russian NoName057 Hacker Group

2025-12-10 10:10:59
Ukrainian national Victoria Dubranova is in U.S. custody, accused of supporting Russian hacker group NoName057 in cyberattacks on critical infrastructure. She has pleaded not guilty.

Lire la suite »

FortiSandbox OS command injection Vulnerability Let Attackers execute Malicious code

2025-12-10 10:07:03
Fortinet has released a critical security update for its FortiSandbox analysis appliances to fix a dangerous vulnerability. If left unpatched, this flaw could allow attackers to take control of the underlying...

Lire la suite »

Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code

2025-12-10 09:48:52
Security update addressing a dangerous Windows PowerShell vulnerability that allows attackers to execute malicious code on affected systems. The vulnerability, tracked as CVE-2025-54100, was publicly...

Lire la suite »

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

2025-12-10 09:33:51
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security...

Lire la suite »

Can a Crypto Founder Be Punished Twice for the Same Crime? The Anatoly Legkodymov Extradition Case

2025-12-10 09:29:11
Anatoly Legkodymov, founder of peer-to-peer exchange Bitzlato, spent 18 months in pretrial detention before pleading guilty to operating an unlicensed money transmission business. A federal judge ruled...

Lire la suite »

A Simple Guide to KZG Commitments and Why Ethereum Needs Them to Scale

2025-12-10 09:17:43
This article demystifies polynomial commitment schemes and explains how KZG lets provers commit to polynomials and later prove evaluations with tiny, verifiable proofs. It then shows how zk-rollups, Proto-Danksharding...

Lire la suite »

CISA Warns of WinRAR 0-Day RCE Vulnerability Exploited in Attacks

2025-12-10 08:59:30
A high-priority warning regarding a critical security flaw in WinRAR, the popular file compression tool used by millions of Windows users. The vulnerability, tracked as CVE-2025-6218, is currently being...

Lire la suite »

Why Real-World Data Breaks AI Systems Long Before the Models Fail

2025-12-10 08:59:09
AI systems which require dependable output results need to verify their input data before they start processing new information entries. Real-time traffic patterns in live environments surpass the capabilities...

Lire la suite »

Les profils en IA, data et cybersécurité sont durs à recruter

2025-12-10 08:55:34
Les informaticiens et informaticiennes, notamment ceux et celles avec des compétences pointues et spécialisées en data, IA ou cybersécurité (...)

Lire la suite »

Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days

2025-12-10 08:50:00
Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability that has been actively exploited in the wild. Of the 56 flaws,...

Lire la suite »

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

2025-12-10 08:47:02
Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws. Microsoft Patch Tuesday security updates for December 2025 addressed 57 vulnerabilities...

Lire la suite »

Gemini Zero-Click Vulnerability Let Attackers Access Gmail, Calendar, and Docs

2025-12-10 08:01:05
A critical zero-click vulnerability dubbed “GeminiJack” in Google Gemini Enterprise and previously Vertex AI Search that let attackers steal sensitive corporate data from Gmail, Calendar,...

Lire la suite »

New Portuguese Law Shields Ethical Hackers from Prosecution

2025-12-10 08:00:25
Portugal updates its cybercrime law (Decree Law 125/2025) to grant ethical hackers a 'safe harbour' from prosecution. Learn the strict rules researchers must follow, including immediate disclosure to...

Lire la suite »

Patch Tuesday - December 2025

2025-12-10 07:50:42
Microsoft is publishing a relatively light 54 new vulnerabilities this December 2025 Patch Tuesday, which is significantly lower than we have come to expect over the past couple of years. Today's list...

Lire la suite »

The Screen Is the API

2025-12-10 07:36:39
While llms.txt helps AI read the web and APIs help them connect, neither solves the infinite customization found in the economically important tasks in enterprise software. The real solution lies in computer-use...

Lire la suite »

The Analyst Behind DIRECTV's Churn Reduction Strategy

2025-12-10 07:29:59
Wael Breich, an analytics leader at DIRECTV, transforms raw subscriber data into retention and revenue strategy. His work links engagement to survival rates, builds scalable churn models, and enables...

Lire la suite »

The 'Sudo' Problem: Why Google is Locking Down AI Agents Before They Break the Web

2025-12-10 07:14:46
Google has released a whitepaper on how they are architecting security for Chrome's new Agentic capabilities.

Lire la suite »

Automating Incident Response: How to Reduce Malware Forensics Time by 99% with Python and VirusTotal

2025-12-10 07:14:45
The average time to resolve a cyber incident is 43 days. Manually analyzing 5,000 files takes 80 hours. We will build a pipeline that aggressively removes "Safe" files using three layers.

Lire la suite »

Can Your AI Actually Use a Computer? A 2025 Map of Computer‑Use Benchmarks

2025-12-10 07:14:40
This article maps today's computer use benchmarks across three layers (UI grounding, web agents, full OS use), shows how a few anchors like ScreenSpot, Mind2Web, REAL, OSWorld and CUB are emerging,...

Lire la suite »

The Rise of Centralized IAM: Managing Identities in a Digital World

2025-12-10 07:14:35
Centralized Identity and Access Management (IAM) can handle both human and non-human identities. IAM platforms assign necessary permissions, monitor activities, and ensure all identities are managed securely...

Lire la suite »

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

2025-12-10 04:50:00
Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet vulnerabilities...

Lire la suite »

Microsoft 365 Services Disruption in Australia: Users Face Access Issues in Accessing Services

2025-12-10 03:53:47
Users across Australia are currently grappling with significant disruptions to critical business tools as Microsoft 365 services experience a widespread outage. The incident, which began on the morning...

Lire la suite »

Windows Cloud Files Mini Filter Driver 0-Day Vulnerability Exploited in the Wild

2025-12-10 03:06:37
Microsoft has released urgent security updates to address a zero-day vulnerability in the Windows Cloud Files Mini Filter Driver (cldflt.sys) that is currently being exploited in the wild. Assigned the...

Lire la suite »

Fedora 43: python3.14 Critical Update Addresses Quadratic Complexity Bug

2025-12-10 01:34:15
This is the second maintenance release of Python 3.14

Lire la suite »

Fedora 43: python3-docs Update 2025-e235793f10 - Maintenance Release

2025-12-10 01:34:15
This is the second maintenance release of Python 3.14

Lire la suite »

Fedora 43: lunasvg Critical Update for Various Flaws 2025-58c0baba42

2025-12-10 01:34:09
Unbundle plutovg from lunasvg, this avoids shipping a duplicate library with conflicting files. Update lunasvg to consume the plutovg version already available in the repositories and to fix various CVEs....

Lire la suite »

Fedora 43: imhex Security Advisory for lunasvg CVE Updates 2025-58c0baba42

2025-12-10 01:34:09
Unbundle plutovg from lunasvg, this avoids shipping a duplicate library with conflicting files. Update lunasvg to consume the plutovg version already available in the repositories and to fix various CVEs....

Lire la suite »

Fedora 42: lunasvg Important Library Conflict Fix FEDORA-2025-9b6b49071f

2025-12-10 00:48:30
Unbundle plutovg from lunasvg, this avoids shipping a duplicate library with conflicting files. Update lunasvg to consume the plutovg version already available in the repositories and to fix various CVEs....

Lire la suite »

Fedora 42: Imhex Security Enhancements for Library Conflicts and CVE Fixes

2025-12-10 00:48:29
Unbundle plutovg from lunasvg, this avoids shipping a duplicate library with conflicting files. Update lunasvg to consume the plutovg version already available in the repositories and to fix various CVEs....

Lire la suite »

Japanese Firms Suffer Long Tail of Ransomware Damage

2025-12-10 00:00:00
Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to recover.

Lire la suite »