Toute l'actualité de la Cybersécurité
Les salaires IT repartent doucement à la hausse en 2026
2025-12-09 15:02:01
Après plusieurs années marquées par des tensions extrêmes sur le marché français du recrutement IT, 2025 aura (...)
New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources
2025-12-09 13:53:06
Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature. Revealing how malicious servers can exploit LLM-integrated applications to conduct resource...
Proofpoint Acquires Hornetsecurity in .8 Billion Deal to Strengthen SMB Cybersecurity
2025-12-09 13:42:50
Proofpoint, Inc., a pioneer in human-centric cybersecurity, has finalized its .8 billion acquisition of Hornetsecurity Group, a dominant European provider of AI-driven Microsoft 365 security solutions....
Face à VMware, Vates s'associe à Nexsan
2025-12-09 13:41:34
Avec les changements de pratiques commerciales de Broadcom sur VMware, beaucoup d’entreprises réfléchissent à des alternatives (...)
Malicious VS Code on Microsoft Registry Captures Your Screen and Steals Your WiFi Passwords
2025-12-09 13:37:16
Cybercriminals are increasingly weaponizing developer environments, as seen in a newly discovered malware campaign infiltrating the Visual Studio Code Marketplace. Unlike typical extensions that simply...
Prompt injection is a problem that may never be fixed, warns NCSC
2025-12-09 13:34:02
The NCSC warns that prompt injection is unlikely to be mitigated in the same way SQL injection was. How do they compare?
Global Costs of Software Supply Chain Attacks On The Rise
2025-12-09 13:33:37
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 9, 2025 – Read the full story from Wiz Due to their cascading effect, supply chain attacks are costlier...
Google défend le modèle de sécurité agentique de Chrome
2025-12-09 13:19:16
Face aux craintes que suscitent les navigateurs IA, Google détaille la manière dont il encadre l'usage agentique de Chrome.
The post Google défend le modèle de sécurité agentique de Chrome appeared...
Google Announces 10 New AI Features for Google Chrome Powered by Gemini
2025-12-09 13:17:04
Google has unveiled the most significant upgrade to Chrome in its history, integrating advanced AI capabilities powered by Gemini to transform how users browse the web. These features are designed to...
SimpleX Chat X Account Hacked, Fake Site Promotes Crypto Wallet Scam
2025-12-09 13:05:37
SimpleX Chat's X account hacked to promote fake crypto site urging users to connect wallets. Site mimicked official design to steal funds.
Zoom Rooms for Windows and macOS Flaws Enable Privilege Escalation and Sensitive Data Leaks
2025-12-09 13:03:30
Zoom has disclosed two critical security vulnerabilities in its Zoom Rooms software for Windows and macOS, which could allow attackers with local access to escalate privileges or expose sensitive information....
EU fines X 0m, tied to verification rules that make impostor scams easier
2025-12-09 12:57:28
The core problem persists: anyone can still buy a 'verified' checkmark from X, so don't take their authenticity for granted.
Poltronesofà, ransomware et données clients oubliées : et voilà !
2025-12-09 12:55:23
Rançongiciel chez Poltronesofà : fuite de données anciennes, risques de fraude et interrogations sur la conservation des informations clients à l'ère du RGPD....
GhostPenguin Backdoor With Zero-Detection Attacking Linux Servers Uncovered Using AI-Automated Tools
2025-12-09 12:40:04
A previously undocumented Linux backdoor named GhostPenguin has been discovered evading detection for over four months. This multi-threaded C++ malware establishes remote shell access and file-system...
Hackers Exploiting Vulnerabilities in Ivanti Connect Secure to Deploy MetaRAT Malware
2025-12-09 11:53:04
A China-based attack group has launched a targeted campaign against Japanese shipping and transportation companies by exploiting critical vulnerabilities in Ivanti Connect Secure (ICS). The campaign,...
Deepfakes, AI resumes, and the growing threat of fake applicants
2025-12-09 11:49:28
Attackers are blending automation, impersonation, and social engineering to get inside organizations. Here's how to spot the signs.
Microsoft investigates Copilot outage affecting users in Europe
2025-12-09 11:48:39
Microsoft is working to mitigate an ongoing incident that has been blocking users in Europe from accessing the company's AI-powered Copilot digital assistant. [...]
How to Streamline Zero Trust Using the Shared Signals Framework
2025-12-09 11:30:00
Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don't share signals reliably. 88% of organizations...
Goodbye, dark Telegram: Blocks are pushing the underground out
2025-12-09 11:25:55
Kaspersky researchers analyze changes in the lifespan of a shadow Telegram channel, blocks, and migration to other platforms.
Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
2025-12-09 11:14:00
Google on Monday announced a set of new security features in Chrome, following the company's addition of agentic artificial intelligence (AI) capabilities to the web browser.
To that end, the tech giant...
How Contextualized AI Analytics Can Strengthen Design Education
2025-12-09 11:00:04
This article examines how contextualizing AI-based multiscale design analytics—through indexical linking and visual annotations—enhances instructors' ability to interpret student work, deliver meaningful...
New Mirai Botnet Variant ‘Broadside' Actively Attacking Users in the Wild
2025-12-09 10:50:15
A sophisticated new variant of the Mirai botnet, named “Broadside,” has emerged as an active threat targeting maritime shipping companies and vessel operators. The malware exploits a critical...
Microsoft Copilot Disruption in the UK: Users Face Access Issues and Degraded Features(Updated)
2025-12-09 10:30:10
Microsoft 365 services encountered a snag today, leaving users in the United Kingdom struggling to access Microsoft Copilot or experiencing reduced functionality in key features. The outage, flagged on...
Wall Street's Underrated Advantage: What Top Firms Get Right
2025-12-09 10:14:59
Client retention in asset management isn't just about performance—it's about clarity. As regulatory pressure rises and investors demand transparency, firms that deliver clear, compliant, and customizable...
{ Tribune Expert } – L'évolution du risque interne
2025-12-09 10:08:36
À mesure que les adversaires utilisent des sites de confiance pour se dissimuler à la vue de tous, ils se connectent plutôt que de « pirater » leur accès aux organisations.
The post { Tribune Expert...
Polish Police arrest 3 Ukrainians for possessing advanced hacking tools
2025-12-09 10:03:42
Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish police arrested three Ukrainian nationals for allegedly...
Marché de la cybersécurité en 2026 : l'IA déclenche une crise de confiance numérique
2025-12-09 10:03:41
Alors que l'IA se généralise et que les environnements numériques deviennent plus complexes, les experts Zscaler dévoilent les tendances majeures qui redéfiniront la cybersécurité en 2026. Un...
Educators Embrace Multiscale Analytics to Help Students Understand Their Design Processes Better
2025-12-09 10:00:22
As classroom sizes expand, instructors increasingly rely on multiscale design analytics to streamline assessment, enhance feedback, and support students' self-reflection—while emphasizing that analytics...
AI-Powered Free Security-Audit Checklist for 2026 – ISO 27001, SOC 2, NIST, NIS 2 and GDPR Compliance
2025-12-09 10:00:15
In many companies, audit preparation in 2025 still feels like 2005: Excel lists, scattered evidence, copy & paste from old answers, long coordination loops. At the same time, requirements are increasing...
The Hidden Backbone of Smooth Global Commerce: Urgency for Robust Infrastructure
2025-12-09 09:44:59
Global commerce depends on infrastructure that can withstand massive data growth, AI workloads, and skyrocketing cloud demand. Ajay Prasad manages worldwide compute, storage, and disaster-recovery systems...
CVE-2025-55182 Exploitation Hits the Smart Home
2025-12-09 09:37:00
Shortly after details of CVE-2025-55182 became public, we began noticing large volumes of exploitation attempts across our endpoint and network sensors. The vulnerability, informally referred to as React2Shell,...
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
2025-12-09 09:35:00
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565.
Cybersecurity company Sophos said it investigated almost 40 intrusions...
Vade acquis par Proofpoint : Bercy valide sans répondre aux inquiétudes
2025-12-09 09:31:53
En contrepartie d'engagements portant essentiellement sur l'emploi, la France autorise Proofpoint à mettre - indirectement - la main sur Vade.
The post Vade acquis par Proofpoint : Bercy valide sans...
Le chiffre de l'année : Kaspersky a détecté quotidiennement un demi-million de malwares en 2025
2025-12-09 09:26:28
En 2025, les systèmes de détection de Kaspersky ont identifié en moyenne 500 000 malwares par jour, ce qui représente une augmentation de 7 % par rapport à 2024. Cette progression est notamment due...
Zimperium découvre un nouveau variant plus sophistiqué du spyware ClayRat
2025-12-09 09:21:24
zLabs, la division de recherche de Zimperium annonce la découverte d'une variante nettement plus sophistiquée de ClayRat, une famille de spyware Android, présentée dans le rapport d'octobre 2025...
Visual Analytics Transform How Teachers Understand Structure in Student Designs
2025-12-09 09:00:04
A qualitative study of instructors shows that multiscale design analytics provide new pedagogical insights, aid exploration and interpretation of AI-generated measures, strengthen assessment and feedback,...
Axis acquiert FF Group pour enrichir ses caméras de surveillance
2025-12-09 08:53:49
Axis Communications, le fabricant de caméras de vidéosurveillance vient d’acquérir FF Group, un éditeur tchèque (...)
Notifications Apple : le CERT-FR alerte sur l'espionnage
2025-12-09 08:47:18
Depuis 2021, Apple prévient certaines cibles d'opérations de surveillance sophistiquées. Le CERT-FR vient de lancer une recherche auprés de français impactés....
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
2025-12-09 08:07:00
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.
The VS Code extensions...
Why the World Trusts Sravan Reddy Kathi With Its Most Fragile Systems
2025-12-09 07:44:59
For over two decades, Sravan Reddy Kathi has transformed fragile, high-risk digital systems into resilient, failure-proof infrastructure that millions rely on. His work elevates global-scale platforms...
Redefining Reliability: Thanvi's Framework for DNS Security, Automation, and Zero-Failure Systems
2025-12-09 07:29:59
Senior reliability engineer Yogesh Thanvi is redefining infrastructure resilience with sub-minute DNS propagation, DNSSEC-driven security, and full-stack validation frameworks. His automation, distributed...
INE Earns G2 Winter 2026 Badges Across Global Markets
2025-12-09 07:22:58
INE has been recognized with seven G2 Winter 2026 badges. Awards include Leader status in the Online Course Providers Grid Report, Momentum Leader recognition in two major training categories, and regional...
The TechBeat: Exploiting EIP-7702 Delegation in the Ethernaut Cashback Challenge — A Step-by-Step Writeup (12/9/2025)
2025-12-09 07:10:55
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
USN-7916-1: python-apt vulnerability
2025-12-09 06:41:41
Julian Andres Klode discovered that python-apt incorrectly handled
deb822 configuration files. An attacker could use this issue to cause
python-apt to crash, resulting in a denial of service.
Oracle Linux 10 ELSA-2025-22395 Kernel Moderate Security Advisory
2025-12-09 06:37:06
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 10 ELSA-2025-21931 Kernel Moderate Update - Multiple CVEs
2025-12-09 06:37:04
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 9: ELSA-2025-22790 webkit2gtk3 Important Security Update
2025-12-09 06:35:25
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 ELSA-2025-22801 Kernel Moderate DoS Security Advisory
2025-12-09 06:34:22
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 ELSA-2025-22789 Webkit2gtk3 Important Remote Access Fix
2025-12-09 06:34:20
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 ELSA-2025-22760 abrt Important Security Issue
2025-12-09 06:34:18
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
From Chaos to Clarity: The Engineering Mindset Behind Purva Desai's Data Platforms
2025-12-09 05:59:59
Purva Desai builds high-reliability data ecosystems for distributed operations, transforming fragmented pipelines into scalable, observability-driven platforms. From cutting analytics latency by 60% to...
The Velocity–Comprehension Gap: Why AI Products Lose Users Even as They Improve
2025-12-09 05:39:40
AI teams ship faster than users can update their mental models. That mismatch, the Velocity–Comprehension Gap, causes behavioral drift, UX desync, and Meaning Debt. Your product improves.
Your users...
AI-Driven Architecture at Scale: The Ravi Teja Pagidoju Approach to Industrial Efficiency
2025-12-09 05:29:59
Ravi Teja Pagidoju designs AI-driven, cloud-native systems that eliminate inefficiency across retail, healthcare, and telecom. His contributions include diffusion-based planogram generation, enterprise...
USN-7412-3: GnuPG vulnerability
2025-12-09 05:14:53
USN-7412-1 fixed a vulnerability in GnuPG. This update provides the
corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that GnuPG incorrectly...
AIs Quiet Move Into the Linux Kernel Raises New Linux Kernel Security Questions
2025-12-09 03:12:59
AI-written patches are starting to land in kernel discussions, and the timing has people watching closely. The code looks ordinary at first glance, yet the review notes keep circling the same point: something...
Security for AI Building, Not Security for AI Buildings
2025-12-09 02:08:37
AWS re:Invent 2025 Shows What "Shift Left" Can Mean for AI Security
Although I wasn't at AWS re:Invent in person this year (only the second one I've missed since 2013), I sat at home closely...
FinCEN data shows .5B in ransomware payments, record spike in 2023
2025-12-09 00:26:49
Ransomware payments reported to FinCEN exceeded .5B by 2024, with 2023 marking a record year at .1B across 1,512 incidents. FinCEN analyzed ransomware trends using Bank Secrecy Act (BSA) reports filed...
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
2025-12-09 00:00:05
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations. [...]
Multiples vulnérabilités dans les produits SAP (09 décembre 2025)
09/12/2025
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service...
Multiples vulnérabilités dans VMware Tanzu RabbitMQ (09 décembre 2025)
09/12/2025
De multiples vulnérabilités ont été découvertes dans VMware Tanzu RabbitMQ. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié...
Vulnérabilité dans Citrix XenServer (09 décembre 2025)
09/12/2025
Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Multiples vulnérabilités dans les produits Microsoft (09 décembre 2025)
09/12/2025
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans les produits Siemens (09 décembre 2025)
09/12/2025
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni...