Toute l'actualité de la Cybersécurité
Google Cloud lance des serveurs MCP managés pour ses services
2025-12-11 11:26:03
Petit à petit, l’automatisation s’invite dans le développement des agents IA et, en particulier, dans leur manière d’interagir (...)
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
2025-12-11 10:30:00
A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz.
The...
Top 10 Data Anonymization Solutions for 2026
2025-12-11 10:27:55
Every business today has to deal with private information – whether it is about customers, employees, or financial…
ValleyRAT Malware Uses Stealthy Driver Install to Bypass Windows 11 Protections
2025-12-11 10:17:44
ValleyRAT, also known as Winos or Winos4.0, has emerged as one of the most sophisticated backdoors targeting organizations worldwide. This modular malware family represents a significant threat to Windows...
Microsoft fixes Windows Explorer white flashes in dark mode
2025-12-11 10:09:52
Microsoft has fixed a known issue that caused bright white flashes when launching File Explorer in dark mode on Windows 11 systems after installing the KB5070311 optional update. [...]
Copilot's No-Code AI Agents Liable to Leak Company Data
2025-12-11 10:00:00
Microsoft puts the power of AI in the hands of everyday non-technical Joes. It's a nice idea, and a surefire recipe for security issues.
2 Chinese Hackers Trained in Cisco Program Now Leading Sophisticated Attacks on Cisco Devices
2025-12-11 09:35:30
The cybersecurity world faces an ironic threat as two Chinese hackers who once excelled in Cisco’s training program are now leading sophisticated attacks against the company’s devices. Yuyang...
CastleLoader Malware Now Uses Python Loader to Bypass Security
2025-12-11 09:28:08
Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory....
Avec SecNumCloud en perspective, Numspot voit au-delà d'OUTSCALE
2025-12-11 09:18:05
Numspot se positionne désormais en plate-forme « portable » et s'oriente vers des partenariats avec des fournisseurs européens de cloud d'infrastructure.
The post Avec SecNumCloud en perspective,...
New Multi-Platform 01flip Ransomware Supports Multi-platform Architecture, Including Windows and Linux
2025-12-11 09:16:44
Security researchers at Palo Alto Networks discovered a new ransomware threat in June 2025 that marks a significant shift in malware development tactics. The 01flip ransomware family emerges as a fully...
Deutsche Börse se dote d'un centre dédié à l'IA responsable
2025-12-11 09:12:17
« Nous voulons garantir la transparence, la gouvernance et la conformité dans un environnement hautement réglementé, sans pour (...)
Evroc et Suse lancent une offre cloud européenne sur Kubernetes
2025-12-11 09:02:54
Suivant le regain d'intérêt pour des offres IT européennes, Evroc et Suse apportent leur pierre à l'édifice. Les (...)
Un pack Trend Micro pour sécuriser les développements IA
2025-12-11 08:49:22
A l'occasion de l'évènement d'AWS re: Invent 2025 qui s'est déroulé la semaine dernière, Trend Micro a annoncé (...)
ITS Integra absorbe QosGuard
2025-12-11 08:49:06
L'infogéreur et opérateur cloud ITS Integra, filiale d'ITS Group, enrichit son portefeuille de services autour de l'amélioration de (...)
Pro-Russia Hacktivist Support: Ukrainian Faces US Charges
2025-12-11 08:29:54
Ukrainian Victoria Dubranova, 33, faces US charges for aiding pro-Russia hacktivist groups CARR and NoName057(16) in global cyberattacks. A Ukrainian woman, Victoria Dubranova (33), has been charged in...
Threat Actors Leverage ChatGPT to Attack Mac Devices With AMOS InfoStealer
2025-12-11 08:14:56
A new AMOS InfoStealer campaign is abusing trust in ChatGPT to infect Mac devices under the guise of simple troubleshooting help. Victims search for a fix to a sound problem, click a sponsored ChatGPT...
Google fixes eighth Chrome zero-day exploited in attacks in 2025
2025-12-11 08:01:21
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. [...]
Cyber deception trials: what we've learned so far
2025-12-11 07:55:27
An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.
Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File
2025-12-11 07:44:07
Security researchers have uncovered a significant threat targeting developers through the VS Code Marketplace. A coordinated campaign involving 19 malicious extensions has been actively infiltrating the...
It didn't take long: CVE-2025-55182 is now under active exploitation
2025-12-11 07:30:41
Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here's what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed,...
Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw
2025-12-11 07:09:00
Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild.
The vulnerability, rated high...
Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution
2025-12-11 05:56:00
Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations...
USN-7924-1: libpng vulnerabilities
2025-12-11 05:26:40
It was discovered that libpng incorrectly handled memory when processing
certain PNG files, which could result in an out-of-bounds memory access.
If a user or automated system were tricked into opening...
USN-7923-1: Qt vulnerability
2025-12-11 04:18:33
It was discovered that Qt did not correctly handle certain memory
operations. If a user or automated system were tricked into opening a
specially crafted file, an attacker could possibly use this issue...
Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data
2025-12-11 04:15:59
A critical information disclosure vulnerability in Windows Defender Firewall Service, which could allow authorized attackers to access sensitive heap memory on affected systems. The vulnerability, tracked...
Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code and Bypass Security
2025-12-11 03:37:52
Critical security updates for Acrobat and Reader are available, addressing multiple vulnerabilities that could allow attackers to execute arbitrary code and bypass essential security features. Adobe...
Google Warns of Chrome 0-Day Vulnerability Actively Exploited in the wild
2025-12-11 03:34:25
Google has released an urgent security update for the Chrome browser to address a high-severity zero-day vulnerability that is currently being exploited in the wild. This emergency patch is part of the...
HTB Academy: Windows CMD and PowerShell
2025-12-11 03:06:01
I did say that I needed to work on my Windows sys admin skills and also my PowerShell-fu and so here I am. As per the usual when it comes to my Academy content, I will just be covering the skill assessment...
Fedora 42: Fix for Tinyproxy High Integer Overflow CVE-2025-63938
2025-12-11 01:01:45
Add upstream patch to fix CVE-2025-63938.
Fedora 42: perl-CGI-Simple Important HTTP Response Splitting CVE-2025-40927
2025-12-11 01:01:43
1.282 - Sanitize all user-supplied values before inserting into HTTP headers; Fixed CVE-2025-40927.