Toute l'actualité de la Cybersécurité
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
2025-12-06 11:40:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV)...
Faux sites administratifs : enquête sur une menace silencieuse
2025-12-06 11:32:23
Enquête ZATAZ sur la prolifération de faux sites administratifs et leurs risques d'usurpation d'identité, avec un décryptage cyber précis et des conseils de protection....
L'espionnage numérique bouleversé par l'IA
2025-12-06 10:51:20
Analyse d'une opération d'espionnage automatisée utilisant une IA agentique. 007 en plein chamboulement !...
Researchers Hack Google's Gemini CLI Through Prompt Injections in GitHub Actions
2025-12-06 10:38:40
A critical vulnerability class dubbed “PromptPwnd,” affects AI agents integrated into GitHub Actions and GitLab CI/CD pipelines. This flaw allows attackers to inject malicious prompts via...
KinoKong - 817,808 breached accounts
2025-12-06 08:13:57
In March 2021, the Russian online streaming service KinoKong suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 800k unique email addresses...
2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now
2025-12-06 07:48:34
A critical unauthenticated remote code execution vulnerability dubbed “React2Shell” is actively being exploited in the wild, putting millions of web services at risk. On December 3, React...
The TechBeat: Why the Next Wave of AI Value Will Come from “Boring” Operations Work (12/6/2025)
2025-12-06 07:10:59
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
React2Shell Remote Code Execution (RCE) Vulnerability
2025-12-06 04:11:13
What is the Vulnerability?
React2Shell is a critical unauthenticated RCE vulnerability impacting React Server Components (RSC) and frameworks that...
Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges
2025-12-06 03:33:15
Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the aswSnx kernel driver. The flaws, now tracked collectively as CVE-2025-13032,...
Debian 11: Krita Major Heap Overflow Issue DLA-4395-1 CVE-2025-59820
2025-12-06 01:28:57
Loading a manipulated TGA file in krita, an image manipulation program, could result in a heap-based buffer overflow in KisTgaImport.
Fedora 42: Chromium High CVE-2025-13630, 13631, 13632 Advisory
2025-12-06 01:27:35
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools...
Fedora 42: abrt Critical Command Injection Vulnerability CVE-2025-12744
2025-12-06 01:27:34
Fix CVE-2025-12744
Fedora 42: cef High Type Confusion Vuln CVE-2025-13223,13224 Advisory
2025-12-06 01:27:28
Update to cef-142.0.17+g60aac24 & chromium 142.0.7444.175 (rhbz#2413981) High CVE-2025-13223: Type Confusion in V8 High CVE-2025-13224: Type Confusion in V8
Fedora 43: chromium High CVE-2025-13630 Type Confusion and more
2025-12-06 00:48:47
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools...
Fedora 43: abrt Critical Command Injection Fix CVE-2025-12744
2025-12-06 00:48:45
Fix CVE-2025-12744
Maximum-severity XXE vulnerability discovered in Apache Tika
2025-12-06 00:03:20
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it lets...