Toute l'actualité de la Cybersécurité
Gainsight Expands Impacted Customer List Following Salesforce Security Alert
2025-11-27 07:03:00
Gainsight has disclosed that the recent suspicious activity targeting its applications has affected more customers than previously thought.
The company said Salesforce initially provided a list of 3 impacted...
Hackers Exploiting Fake Battlefield 6 Popularity to Deploy Stealers and C2 Agents
2025-11-27 07:00:55
Since its release in October, Battlefield 6 has become one of the year’s most anticipated game launches. However, cybercriminals have quickly seized on this popularity to distribute malicious software....
Threat Actors Allegedly Listed iOS 26 Full‑Chain 0‑Day Exploit on Dark Web
2025-11-27 06:37:17
A threat actor operating under the alias ResearcherX has posted what they claim to be a full‑chain zero‑day exploit targeting Apple's recently released iOS 26 operating system. The listing, which...
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
2025-11-27 06:23:48
Cybercriminals are successfully targeting Apple users through a sophisticated social engineering scheme that tricks victims into running harmful commands on their computers. The threat, called FlexibleFerret,...
New Malware-as-a-Service Olymp Loader Advertised on Hacker Forums with It's Anti-analysis and Detection Features
2025-11-27 05:47:09
A new Malware-as-a-Service (MaaS) threat named “Olymp Loader” appeared in June 2025, aggressively advertised on underground hacker forums like XSS and HackForums. Advertised by an operator...
Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack
2025-11-27 05:26:13
A significant gap in Microsoft Teams’ B2B guest access allows attackers to bypass Defender for Office 365 protections, creating unprotected zones for phishing and malware delivery. At Cybersecurity...
New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request
2025-11-27 02:15:14
A newly discovered critical vulnerability in the Next.js framework allows attackers to crash self-hosted servers using a single HTTP request, requiring negligible resources to execute. Discovered by researchers...
Docker-BuildKit Memory Allocation Fix in Fedora 41: FEDORA-2025-1ccd7dbf40
2025-11-27 01:13:38
Update to release v0.26.1 Update to release v0.26.0 Resolves: rhbz#2412681, rhbz#2412761 Upstream new features and fixes dependency override for moby/policy-helper needed for license (default
Fedora 41: docker-buildx Critical Mem Exhaustion Fix CVE-2025-58185
2025-11-27 01:13:38
Update to release v0.30.1 Upstream fix Update to release v0.30.0 Resolves: rhbz#2413270 Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
Fedora 42: docker-buildkit CVE-2025-58183 Critical Unbounded Allocation
2025-11-27 01:00:15
Update to release v0.26.1 Update to release v0.26.0 Resolves: rhbz#2412681, rhbz#2412761 Upstream new features and fixes dependency override for moby/policy-helper needed for license (default
Fedora 43: 7zip Critical Directory Traversal RCE CVE-2025-11001
2025-11-27 00:48:05
Various CVE fixes, most importantly CVE-2025-11001 This also backports the Debian patch (PR unfortunately stalled upstream, with no communication from upstream developers) to not echo passwords when dealing...