Toute l'actualité de la Cybersécurité


Piratage chez SFR : encore un accés non autorisé !

2025-12-17 09:44:59
SFR, accès non autorisé, données personnelles, réseau fixe, CNIL, phishing, smishing, référence client, cybersécurité...

Lire la suite »

Cellik Android Malware with One-Click APK Builder Let Attackers Wrap its Payload Inside with Google Play Store Apps

2025-12-17 09:40:33
Cellik represents a significant evolution in Android Remote Access Trojan capabilities, introducing sophisticated device control and surveillance features previously reserved for advanced spyware. This...

Lire la suite »

Avec le verre, Ewigbyte veut figer les données pour toujours

2025-12-17 09:02:58
Ewigbyte ambitionne de rebattre les cartes de l’archivage avec son stockage sur verre, visant directement le domaine (...)

Lire la suite »

NVIDIA Isaac Lab Vulnerability Let Attackers Execute Malicious Code

2025-12-17 09:01:19
A critical security update addressing a dangerous deserialization vulnerability in NVIDIA Isaac Lab, a component of the NVIDIA Isaac Sim framework. The flaw could allow attackers to execute arbitrary...

Lire la suite »

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

2025-12-17 08:17:07
U.S. CISA adds a vulnerability impacting multiple products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet Multiple Products...

Lire la suite »

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

2025-12-17 08:14:00
A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code,...

Lire la suite »

New GhostPoster Attack Leverages PNG Icon to Infect 50,000 Firefox Users

2025-12-17 07:11:53
A sophisticated new malware campaign dubbed “GhostPoster” has been uncovered, leveraging a clever steganography technique to compromise approximately 50,000 Firefox users. The attack vector...

Lire la suite »

Afripol Focuses on Regional Cyber Challenges, Deepening Cooperation

2025-12-17 07:00:00
Rapid digitization, uneven cybersecurity know-how, and growing cybercriminal syndicates in the region have challenged law enforcement and prosecutors.

Lire la suite »

Chrome Security Update – Patch for Critical Vulnerabilities that Enables Remote Code Execution

2025-12-17 06:33:43
Google has released Chrome version 143.0.7499.146/.147 to address critical security vulnerabilities that could enable remote code execution on affected systems. The update is now rolling out to Windows...

Lire la suite »

Subdomain Roulette: How Forgotten Hosts Became My Golden Ticket to Admin Panels

2025-12-17 06:32:16
Free link 🎈Continue reading on InfoSec Write-ups »

Lire la suite »

Agentic AI Red Teaming: The Hottest Cybersecurity Career of 2026 (Beginner-Friendly Guide)

2025-12-17 06:32:05
How to Start a Career in Agentic AI Red Teaming (New 2026 Path)Continue reading on InfoSec Write-ups »

Lire la suite »

React2Shell: CVE-2025–55182 | TryHackMe Write-Up

2025-12-17 06:31:54
Non-members are welcome to access the full story here.Continue reading on InfoSec Write-ups »

Lire la suite »

How I Hacked an Entrepreneur

2025-12-17 06:30:58
I was searching for a bug bounty programme using google dorks when I found a private vdp. It was a bit old but I thought why not give it a…Continue reading on InfoSec Write-ups »

Lire la suite »

The Return of The Luhn Algorithm

2025-12-17 06:29:48
A deep dive into how BIN ranges, Luhn, and a design flaw revealed cardholder PIIs.SummaryWhen testing a bank's assets, I noticed something in a request that no one else had noticed, which disclosed...

Lire la suite »

Known-Plaintext Attack on PHP-Proxy: From Broken Encryption to FastCGI RCE

2025-12-17 06:28:34
How a Caesar cipher implementation turned URL encryption into a complete server compromise through known-plaintext attack and FastCGI protocol exploitationIntroductionI discovered PHP-Proxy while researching...

Lire la suite »

HackSmarter Arasaka AD Lab Writeup

2025-12-17 06:27:42
By: Vedant Bhalgama (@ActiveXSploit)HackSmarter is a new cybersecurity learning platform created by Tyler Ramsbey. It offers courses, hands-on labs, and more — an excellent place to sharpen your...

Lire la suite »

Call/Message anyone on Facebook directly, bypassing the message requests ($$$$+$$$$$)

2025-12-17 06:24:50
An Interesting bug on a not-so-interesting Meta Platform — Messenger KidsThis is me, Samip Aryal from Nepal writing about one of my more unusual bug discoveries, this specifically found in BountyCon...

Lire la suite »

Discovering Cloud Misconfigurations with Google Dorks

2025-12-17 06:22:34
Picture Created by Sora AIFind exposed sensitive data in AWS, Google Cloud, and other platforms when private information becomes searchable on Google.A. Exposed Cloud StorageCloud storage services...

Lire la suite »

The Unconventional OSINT: How Dark Web Tools Gave Me the Edge to Find a $ Bug ️‍♂️

2025-12-17 06:19:07
Free Link🎈Continue reading on InfoSec Write-ups »

Lire la suite »

Gladinet CentreStack & Triofox Insecure Cryptography Vulnerability

2025-12-17 06:11:46
What is the Vulnerability? CVE-2025-14611 is a high-severity insecure cryptography vulnerability affecting Gladinet CentreStack and Triofox products...

Lire la suite »

BlindEagle Hackers Attacking Organization to Abuse Trust and Bypass Email Security Controls

2025-12-17 05:36:27
In a sophisticated cyberespionage campaign, the BlindEagle threat actor has once again targeted Colombian government institutions. This latest operation specifically zeroed in on an agency under the Ministry...

Lire la suite »

Fedora 42: Fix for mod_md Bug Related to CVE-2025-55753 Advisory

2025-12-17 01:32:38
This update includes the latest upstream release of mod_md, with various bug fixes and enhancements. See https://github.com/icing/mod_md/releases for more information. A fix for the security vulnerability...

Lire la suite »

Fedora 42: conda-build 25.4.0 Critical Code Execution 2025-eb0eab6793

2025-12-17 01:32:35
Update to 25.4.0

Lire la suite »

Critical Update for Fedora 42: WebKitGTK Fixes Crashes and CVE-2025-13947

2025-12-17 01:32:34
Fix seeking and looping of media elements that set the loop property. Fix several crashes and rendering issues. Fix CVE-2025-13947, CVE-2025-43458, CVE-2025-66287

Lire la suite »

Fedora 43: util-linux Update 2.41.4 Urgent CVE-2025-14105

2025-12-17 01:14:16
upstream stable upgrade from 2.41.1 to 2.41.3 (CVE-2025-14104 and other issues)

Lire la suite »

Fedora 43: assimp Library Critical CVE-2025-11277 Update

2025-12-17 01:14:11
Backport fix for CVE-2025-11277

Lire la suite »

Fedora 43: mod_md Important Apache HTTP Server Fix CVE-2025-55753

2025-12-17 01:14:09
This update includes the latest upstream release of mod_md, with various bug fixes and enhancements. See https://github.com/icing/mod_md/releases for more information. A fix for the security vulnerability...

Lire la suite »

Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene

2025-12-17 00:00:57
Cyber hygiene is just as vital as personal hygiene. Unit 42 shares tips for people of all experience levels to keep their digital lives secure. The post Stay Secure: Why Cyber Hygiene Should Be Part...

Lire la suite »