Toute l'actualité de la Cybersécurité
Firefox Releases Security Update to Fix Multiple Vulnerabilities Allowing Arbitrary Code Execution
2025-11-11 16:47:33
Mozilla has rolled out Firefox 145, addressing a series of high-severity vulnerabilities that could allow attackers to execute arbitrary code on users’ systems. Announced on November 11, 2025, the...
Researchers Uncover the Strong Links Between Maverick and Coyote Banking Malwares
2025-11-11 16:14:47
Security researchers from CyberProof have discovered significant connections between two advanced banking trojans targeting Brazilian users and financial institutions. The Maverick banking malware, identified...
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Files Anywhere on Target Systems
2025-11-11 15:44:54
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location...
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
2025-11-11 15:44:00
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.
The cybersecurity company said it observed three GootLoader...
New VanHelsing Ransomware RaaS Model Attacking Windows, Linux, BSD, ARM, and ESXi Systems
2025-11-11 15:42:22
VanHelsing has emerged as a sophisticated ransomware-as-a-service operation that fundamentally changes the threat landscape for organizations worldwide. First observed on March 7, 2025, this multi-platform...
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
2025-11-11 15:38:55
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code...
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk
2025-11-11 15:29:17
Ivanti has rolled out security updates for its Endpoint Manager product, addressing three high-severity vulnerabilities that could let authenticated local attackers write arbitrary files anywhere on the...
GlobalLogic warns 10,000 employees of data theft after Oracle breach
2025-11-11 15:24:23
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS)...
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS
2025-11-11 15:21:49
Researchers found Fantasy Hub, a Russian MaaS Android RAT that lets attackers spy, steal data, and control devices via Telegram. Zimperium researchers uncovered Fantasy Hub, a Russian-sold Android RAT...
How a CPU spike led to uncovering a RansomHub ransomware attack
2025-11-11 15:01:11
A sudden CPU spike turned out to be the first clue of an in-progress RansomHub ransomware attack. Varonis breaks down how their team traced the attack from fake browser updates to domain-admin takeover,...
Android Remote Data-Wipe Malware Attacking Users Leveraging Google's Find Hub
2025-11-11 14:53:23
A sophisticated remote data-wipe attack targeting Android devices has emerged, exploiting Google’s Find Hub service to execute destructive operations on smartphones and tablets across South Korea....
Patch now: Samsung zero-day lets attackers take over your phone
2025-11-11 14:28:04
A critical vulnerability that affects Samsung mobile devices was exploited in the wild to distribute LANDFALL spyware.
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
2025-11-11 14:20:06
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected devices....
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
2025-11-11 14:10:40
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calendar...
Keanu Reeves is Not in Love With You: The Murky World of Online Romance
2025-11-11 14:03:06
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Nov. 11, 2025 – Listen to the podcast Online romance fraud is a problem across the globe. It causes financial...
Bridging the Skills Gap: How Military Veterans Are Strengthening Cybersecurity
2025-11-11 14:00:00
From intelligence analysts to surface warfare officers, military veterans of all backgrounds are successfully pivoting to cybersecurity careers and strengthening the industry's defense capabilities.
Weaponized NuGet Packages Inject Time-Delayed Destructive Payloads to Attack ICS Systems
2025-11-11 13:49:00
A sophisticated supply chain attack has emerged, targeting industrial control systems through compromised .NET packages. The threat landscape shifted on November 5, 2025, when researchers identified nine...
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation
2025-11-11 13:37:04
A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740...
Stop Open Source Malware at the Gate with Repository Firewall
2025-11-11 13:30:01
Open source components form the backbone of innovation, but they also introduce significant security risks.
WinRAR Vulnerability Exploited by APT-C-08 to Target Government Agencies
2025-11-11 13:26:05
The notorious APT-C-08 hacking group, also known as BITTER, has been observed weaponizing a critical WinRAR directory traversal vulnerability (CVE-2025-6218) to launch sophisticated attacks against government...
Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege
2025-11-11 13:25:55
A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, has...
Devolutions Server Vulnerability Let Attackers Impersonate Users Using Pre-MFA Cookie
2025-11-11 13:20:23
A critical vulnerability in Devolutions Server could allow attackers with low-level access to impersonate other user accounts by exploiting how the application handles authentication cookies before multi-factor...
How credentials get stolen in seconds, even with a script-kiddie-level phish
2025-11-11 13:17:43
Even a sloppy, low-skill phish can wreck your day. We go under the hood of this basic credential-harvesting campaign.
Webinar: Modern Patch Management – Strategies to patch faster with less risk
2025-11-11 13:10:18
Many organizations still struggle to patch fast enough to prevent breaches. Join us December 2 at 2PM ET to learn how modern patch management strategies can reduce risk and close the remediation gap....
Phishing Scam Uses Big-Name Brands to Steal Logins
2025-11-11 12:53:10
A recent investigation by Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated phishing campaign exploiting globally recognized and regional brands to steal user credentials, marking...
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws
2025-11-11 12:47:55
SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection....
Stolen iPhones are locked tight, until scammers phish your Apple ID credentials
2025-11-11 12:35:27
Stolen iPhones are hard to hack, so thieves are phishing the owners instead. How fake ‘Find My' messages trick victims into sharing their Apple ID login.
Have I Been Pwned Adds 1.96B Accounts From Synthient Credential Data
2025-11-11 12:30:16
Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform.…
New “KomeX” Android RAT Hits Hacker Forums with Tiered Subscriptions
2025-11-11 12:22:15
A sophisticated Android remote-access trojan named KomeX RAT has emerged on underground hacking forums, with the threat actor Gendirector actively marketing the malware through tiered subscription models....
CISO's Expert Guide To AI Supply Chain Attacks
2025-11-11 11:58:00
AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations.
Download the full CISO’s expert guide...
New Phishing Campaign Targets Meta Business Suite Users
2025-11-11 11:56:19
With more than 5.4 billion social media users worldwide, Facebook remains a critical marketing channel for businesses of all sizes. This massive reach and trusted brand status, however, make it an increasingly...
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
2025-11-11 11:55:00
Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories.
"We...
Fake NPM Package With 206K Downloads Targeted GitHub for Credentials
2025-11-11 11:45:13
Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation's...
Android Trojan 'Fantasy Hub' Malware Service Turns Telegram Into a Hub for Hackers
2025-11-11 11:44:00
Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that's sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model.
According...
Kimsuky APT Takes Over South Korean Androids, Abuses KakaoTalk
2025-11-11 11:40:59
Konni, a subset of the state-sponsored DPRK cyberespionage group, first exploits Google Find Hub, which ironically aims to protect lost Android devices, to remotely wipe devices.
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors
2025-11-11 11:37:16
North Korea-linked APT Konni posed as counselors to steal data and wipe Android phones via Google Find Hub in Sept 2025. Genians Security Center researchers warn that the North Korea-linked Konni APT...
Ferocious Kitten APT Uses MarkiRAT for Keystroke and Clipboard Surveillance
2025-11-11 11:25:49
Ferocious Kitten, a covert cyber-espionage group active since at least 2015, has emerged as a persistent threat to Persian-speaking dissidents and activists within Iran. The group, known for its careful...
Why Gender Bias Persists in Machine Learning Models
2025-11-11 11:00:03
This study examines how gender bias persists in podcast recommendation models, even when gender is excluded as a feature. Using latent space visualizations, statistical tests, and multiple bias metrics...
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
2025-11-11 10:35:42
Cisco's new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose...
How the Solo Builder Economy Is Rewriting the Startup Playbook
2025-11-11 10:13:08
AI and no-code tools are fueling a new solo builder economy—where individual creators launch and scale products faster than traditional startups. Freed from VC dependence, these makers use lean tech...
Attackers Use Quantum Route Redirect to Launch Instant Phishing on M365
2025-11-11 10:03:11
KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum...
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie
2025-11-11 09:55:12
Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability,...
U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog
2025-11-11 08:59:43
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency...
openSUSE: Kernel Important Update for Security 2025:4043-1 CVE-2022-50252
2025-11-11 08:30:15
An update that solves five vulnerabilities and has one security fix can now be installed.
SUSE: Kernel Important Security Fix for Multiple Issues 2025:4043-1
2025-11-11 08:30:14
* bsc#1246019 * bsc#1248631 * bsc#1249207 * bsc#1249208 * bsc#1249847
SUSE: Kernel Critical Problems Resolved DoS 2025:4046-1 Update
2025-11-11 08:30:08
* bsc#1248631 * bsc#1249207 * bsc#1249208 * bsc#1249847 * bsc#1252946
openSUSE: Kernel Important Security Fixes CVE-2022-50252 2025:4046-1
2025-11-11 08:30:08
An update that solves four vulnerabilities and has one security fix can now be installed.
Jumper Exchange Announces Cross-Rollup Routing Update and Releases “2025 Layer-2 Outlook”
2025-11-11 08:11:10
Jumper Exchange has announced an update to its cross-rollup routing engine. The release tightens liquidity sourcing and route selection across Arbitrum, OP Mainnet, Base, Starknet, zkSync Era, Linea,...
Cyber Action Toolkit: breaking down the barriers to resilience
2025-11-11 07:59:36
How the NCSC's ‘Cyber Action Toolkit' is helping small businesses to improve their cyber security.
Critical Triofox bug exploited to run malicious payloads via AV configuration
2025-11-11 07:28:05
Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform's antivirus feature. Google’s Mandiant researchers spotted threat actors exploiting...
The TechBeat: What a Privacy-First Social Platform Actually Looks Like (11/11/2025)
2025-11-11 07:11:01
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
Rivian CEO Lands a Musk-esque .6 Billion Pay Package
2025-11-11 05:24:16
CEO of Rivian, RJ Scaringe, was given a .6 billion pay package. He will only receive the compensation if a series of stock and operating income milestones are reached over the course of several years....
China Grants Exemptions for Nexperia Car Chips After EU Tensions
2025-11-11 05:11:23
Nexperia is based in the Netherlands but is owned by a Chinese company named Wingtech. Wingtech sends its chips from the Netherlands to China for the finishing touches and then sends the chips to various...
You Thought It Was Over? Authentication Coercion Keeps Evolving
2025-11-11 04:30:09
A new type of authentication coercion attack exploits an obscure and rarely monitored remote procedure call (RPC) interface.
The post You Thought It Was Over? Authentication Coercion Keeps Evolving appeared...
MIVPG: Multi-Instance Visual Prompt Generator for MLLMs
2025-11-11 03:13:13
MIVPG enhances MLLMs by using Multi-Instance Learning to incorporate correlated visual data. It outperforms the simplified Q-former across diverse visual-language tasks, proving superior effectiveness....
Fedora 42: dotnet 8.0 Release Notification FEDORA-2025-f74de9283d
2025-11-11 01:26:23
This is the October 2025 release of .NET 8. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.21/8.0.121.md Runtime: https://github.com/dotnet/core/blob/main/release-
Fedora 42: cef High Updates for Multiple CVEs FEDORA-2025-313f6d7702
2025-11-11 01:26:22
Update to 141.0.7390.122 High CVE-2025-12036 chromium: Inappropriate implementation in V8 High CVE-2025-11756: Use after free in Safe Browsing High CVE-2025-11458: Heap buffer overflow in Sync High CVE-2025-11460:...
APT37 hackers abuse Google Find Hub in Android data-wiping attacks
2025-11-11 00:46:40
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices. [...]
Educational Byte: How to Find and Install a Fully Decentralized Node on Obyte
2025-11-11 00:30:08
Obyte is a decentralized network powered by nodes instead of banks or miners. This guide breaks down how its different node types—full, light, and Order Provider (witness) nodes—work together to verify...