Toute l'actualité de la Cybersécurité
WatchGuard Fireware OS IKEv2 Out-of-Bounds Vulnerability
2025-11-06 07:36:48
What is the Vulnerability?
A critical Out-of-Bounds Write vulnerability (CVE-2025-9242) exists in the WatchGuard Fireware OS iked process, which handles...
CISA Warns of Gladinet CentreStack and Triofox Files Vulnerability Exploited in Attacks
2025-11-06 06:24:21
The Cybersecurity and Infrastructure Security Agency has issued a critical warning regarding a newly identified vulnerability affecting Gladinet CentreStack and Triofox platforms. The flaw, tracked as...
Hyundai AutoEver Confirms Data Breach Exposing Personal Data, Including SSNs and License Info
2025-11-06 06:21:09
Hyundai AutoEver America, LLC has formally confirmed a significant data breach that compromised sensitive customer information. The automotive software provider disclosed the incident through official...
Google Issues Emergency Chrome Update to Fix Critical RCE Flaw
2025-11-06 06:07:45
Google has released an emergency security update for Chrome across all platforms, rolling out version 142.0.7444.134 and 142.0.7444.135 to address five critical and medium-severity vulnerabilities. The...
Google Warns of New PROMPTFLUX Malware Using Gemini API to Rewrite its Own Source Code
2025-11-06 06:00:14
Google Threat Intelligence Group (GTIG) has unveiled details of an experimental malware family called PROMPTFLUX, which leverages the company’s Gemini AI API to dynamically rewrite its own code,...
Gootloader Returns with a New ZIP File Tactic to Conceal Malicious Payloads
2025-11-06 05:50:28
Cybersecurity researchers have discovered a resurgent Gootloader malware campaign employing sophisticated new evasion techniques that exploit ZIP archive manipulation to evade detection and analysis....
HackedGPT: New Vulnerabilities in GPT Models Allow Attackers to Launch 0-Click Attacks
2025-11-06 05:45:09
Cybersecurity researchers at Tenable have uncovered a series of critical vulnerabilities in OpenAI’s ChatGPT that could allow malicious actors to steal private user data and launch attacks without...
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach
2025-11-06 05:40:00
SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files.
"The malicious activity...
APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data
2025-11-06 05:23:06
A sophisticated espionage campaign targeting recruitment professionals has emerged, with the APT-C-60 threat group weaponizing VHDX files to compromise organizations. The threat actors impersonate job...
Synthient Credential Stuffing Threat Data - 1,957,476,021 breached accounts
2025-11-06 04:58:49
During 2025, the threat-intelligence firm Synthient aggregated 2 billion unique email addresses disclosed in credential-stuffing lists found across multiple malicious internet sources. Comprised of email...
Chrome Emergency Update to Patch Multiple Vulnerabilities that Enable Remote Code Execution
2025-11-06 03:50:55
Google has rolled out an urgent security patch for its Chrome browser, addressing five vulnerabilities that could enable attackers to execute malicious code remotely. The update, version 142.0.7444.134/.135...
Cloudflare Scrubs Aisuru Botnet from Top Domains List
2025-11-06 02:04:36
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare's public ranking of the most frequently requested websites....
APT 'Bronze Butler' Exploits Zero-Day to Root Japan Orgs
2025-11-06 02:00:00
A critical security issue in a popular endpoint manager (CVE-2025-61932) allowed Chinese state-sponsored attackers to backdoor Japanese businesses.