Toute l'actualité de la Cybersécurité
Fortinet FortiWeb Vulnerability (CVE-2025-64446) Exploited in the Wild for Full Admin Takeover
2025-12-16 14:34:34
Threat actors have been actively exploiting a critical path-traversal vulnerability in Fortinet’s FortiWeb web application firewall since early October 2025, allowing unauthenticated attackers...
Most Parked Domains Now Serving Malicious Content
2025-12-16 14:14:48
Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired...
Android threats in 2025: When your phone becomes the main attack surface
2025-12-16 13:58:42
Android users spent 2025 walking a tighter rope than ever, with malware, data-stealing apps, and SMS-borne scams all climbing sharply.
Windows Admin Center Vulnerability (CVE-2025-64669) Let Attackers Escalate Privileges
2025-12-16 13:57:30
A new local privilege escalation vulnerability in Microsoft's Windows Admin Center (WAC), affecting versions up to 2.4.2.1 and environments running WAC 2411 and earlier. Tracked as CVE-2025-64669, the...
JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices
2025-12-16 13:42:07
A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0...
USN-7889-7: Linux kernel vulnerabilities
2025-12-16 13:37:01
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Media drivers;
...
The Risks of Integrating LLMs into Enterprise Apps
2025-12-16 13:35:04
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 16, 2025 –Read the full story from BreachLock Integrating LLMs (large language models) with enterprise applications...
NoName057(16) Hackers Using DDoSia DDoS Tool to Attack Organizations in NATO
2025-12-16 13:29:38
NoName057(16), also known as 05716nnm or NoName05716, has emerged as a significant threat targeting NATO member states and European organizations. The group, which originated as a covert project within...
L'Epitech accueille 2 000 lycéens en stage d'observation
2025-12-16 13:16:53
Les élèves de classe de seconde générale et technologique doivent faire un stage d'observation en entreprise durant l’été (...)
Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026
2025-12-16 13:01:56
Frankfurt am Main, Germany, 16th December 2025, CyberNewsWire
Dark Web Omertà Market Shut Downed Following the Leak of Real Server IPs
2025-12-16 12:57:52
The dark web landscape constantly shifts between emerging platforms and sudden closures, often driven by the very anonymity they promise. On November 21, 2025, a new contender named Omertà Market emerged,...
Microsoft to block Exchange Online access for outdated mobile devices
2025-12-16 12:53:25
Microsoft announced on Monday that it will soon block mobile devices running outdated email software from accessing Exchange Online services until they're updated. [...]
FreePBX Vulnerabilities Enables Authentication Bypass that Leads Remote Code Execution
2025-12-16 12:48:40
FreePBX has addressed critical vulnerabilities enabling authentication bypass and remote code execution in its Endpoint Manager module. Discovered by Horizon3.ai researchers, these flaws affect telephony...
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
2025-12-16 12:27:00
Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025.
Targets of the campaign...
Malicious NuGet Package Uses .NET Logging Tool to Steal Cryptocurrency Wallet Data
2025-12-16 12:17:59
The cybersecurity landscape has once again been rattled by a subtle yet dangerous supply chain attack. A malicious NuGet package named Tracer.Fody.NLog was discovered masquerading as a legitimate .NET...
Critical ScreenConnect Vulnerability Let Attackers Expose Sensitive Configuration Data
2025-12-16 12:13:46
ConnectWise has issued a security update for ScreenConnect™ to address a critical vulnerability that could enable attackers to expose sensitive configuration data and install untrusted extensions. The...
Photo booth flaw exposes people’s private pictures online
2025-12-16 11:46:49
A security researcher says a basic website flaw at a photo booth operator may have exposed hundreds of private customer photos.
European authorities dismantle call center fraud ring in Ukraine
2025-12-16 11:44:06
European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of more than 10 million euros. [...]
SantaStealer Attacks Users to Exfiltrates Sensitive Documents, Credentials, and Wallet Data
2025-12-16 11:35:29
A new information stealer called SantaStealer has emerged as a serious threat to Windows users worldwide. This malware-as-a-service tool is being aggressively marketed through Telegram channels and underground...
Huawei pourrait fermer son usine en France avant même son ouverture
2025-12-16 11:33:31
Huawei a construit sa première usine européenne en Alsace, mais la production n'a toujours pas commencé. Entre tensions politiques, inquiétudes sur la cybersécurité et rumeurs de revente, l'avenir...
Why Data Security and Privacy Need to Start in Code
2025-12-16 11:30:00
AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid growth in both the number of applications and the pace of...
Étude de KnowBe4 : 96 % des organisations peinent à sécuriser leurs équipes
2025-12-16 11:17:54
Le rapport 2025 sur l'état du risque humain montre une augmentation des incidents liés au facteur humain ainsi que des violations impliquant des applications d'IA. Tribune – KnowBe4, la plateforme...
ESET Research analyse les cybermenaces du second semestre 2025, l'IA se place au cœur des attaques
2025-12-16 11:14:56
ESET Research dévoile son rapport semestriel couvrant la période de juin à novembre 2025. Ce document analyse les tendances du paysage des menaces, observées à la fois par la télémétrie ESET et...
Google is discontinuing its dark web report: why it matters
2025-12-16 11:10:40
Google will discontinue its dark web report early next year, prompting mixed reactions. How does dark web monitoring actually help keep you safe?
The First Mile of Trusted AI Development
2025-12-16 11:00:02
We've Been Building Toward This Moment
For months, I've been writing about a growing tension at the center of AI-powered development: AI can now generate code at extraordinary speed, yet our...
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
2025-12-16 10:58:00
Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure.
Cybersecurity company Arctic Wolf said it observed active...
How to Build Real-World Web3 Infrastructure Using Symfony 7.4
2025-12-16 10:52:49
PHP isn't obsolete—it's a quiet workhorse of Web3 infrastructure. This guide shows how to build a production-ready Ethereum integration using Symfony 7, PHP 8, standard Web3 libraries, and passwordless...
Des cybercriminels revendiquent le piratage du ministère de l'Intérieur
2025-12-16 10:38:23
L’alerte a été lancée en fin de semaine dernière par la place Beauvau à la suite d’informations publiées (...)
Popular Chrome Extension with Over 6 Million Installs Captures User Inputs to AI Chatbots
2025-12-16 10:36:24
A widely trusted Chrome extension with more than 6 million users has been discovered secretly collecting and selling conversations from major AI platforms. Urban VPN Proxy, which carries Google’s...
La chasse aux sorcières de Washington pour imposer sa doctrine IA
2025-12-16 10:10:50
La Maison Blanche enclenche un train de mesures face aux États américains dont les lois entrent en conflit avec sa doctrine IA.
The post La chasse aux sorcières de Washington pour imposer sa doctrine...
700Credit Data Breach Impacts Millions of Car Owners
2025-12-16 10:03:33
US auto loan service 700Credit confirms a data breach exposed names, addresses, and Social Security numbers of dealership customers. Free credit monitoring is offered.
God Mode On: how we attacked a vehicle's head unit modem
2025-12-16 10:00:13
Kaspersky researchers describe how they gained access to a vehicle's head unit by exploiting a single vulnerability in its modem.
De l'IA autonome au vol de données de santé personnelles : les cybermenaces qui marqueront l'année 2026
2025-12-16 09:40:28
De l’IA autonome au vol de données de santé personnelles : les cybermenaces qui marqueront 2026. Après une année record de violations de données en 2025, les experts en cybersécurité préviennent...
SoundCloud Confirms Data Breach – Hackers Exfiltrated User Account Data
2025-12-16 09:37:08
SoundCloud has confirmed a security incident involving unauthorized access to user data, revealing that hackers exfiltrated email addresses and public profile information from approximately 20% of its...
Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity
2025-12-16 09:20:52
Hackers tied to ShinyHunters extort PornHub after stealing search and viewing history of Premium users in a Mixpanel data breach. PornHub faces extortion after hackers linked to ShinyHunters allegedly...
Drawing good architecture diagrams
2025-12-16 08:57:53
Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.
Le Cesin cerne les risques géopolitiques de la cybersécurité
2025-12-16 08:56:56
En 2025, la géopolitique est devenue un enjeu central pour les DSI, et a fortiori les RSSI. La présidence de Donald Trump, les conflits au (...)
Avec le rachat d'Artemys, Spie ICS muscle ses activités cloud et sécurité
2025-12-16 08:54:54
Le prestataire de services IT Artemys devrait rejoindre les équipes de Spie ICS début 2026, filiale du groupe Spie, cette dernière (...)
Debunking the "99.8% Accurate IP Data" Claim
2025-12-16 08:37:14
Most “99%+ accurate” IP geolocation claims are misleading because there's no shared dataset, no standard methodology, and no way to validate global accuracy across billions of constantly changing...
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
2025-12-16 08:21:00
The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT...
The TechBeat: 12 Best Web Scraping APIs in 2025 (12/16/2025)
2025-12-16 07:10:57
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
The AI Developer Productivity Paradox: Why It Feels Fast but Delivers Slow
2025-12-16 06:46:50
AI coding tools feel like they boost productivity, but studies show they often slow developers down due to debugging, rework, and misaligned outputs. This article breaks down the perception gap, why complexity...
IPv6 and CTV: The Measurement Challenge From the Fastest-Growing Ad Channel
2025-12-16 06:45:05
IPv6's privacy features—rapid address rotation, prefix reassignment, and massive address space—are breaking traditional digital advertising measurement, with CTV feeling the impact first. IPinfo...
I Ported My AI "Perceptual Grid Engine" to a Quantum Processor (and it Survived)
2025-12-16 06:36:30
Using my PGE architecture to make more coherent quantum computing.
3:2:1 Is Still Necessary. It's Just No Longer Sufficient.
2025-12-16 06:32:04
3:2:1 is a baseline, not a preservation strategy. Long-term data survival depends on fixity, provenance, true geo-dispersion, and intentional redundancy. Without continuous integrity verification and...
The "Concrete Foundation" Fallacy: Why Your Quick-and-Dirty Database Schema is a Ticking Time Bomb
2025-12-16 06:31:39
Most startups fail at scale because of poor database design, not buggy code.
Slotozilla Reports Q3 2025 Momentum: SBC Lisbon, Partnerships, and Deluxe Bonuses
2025-12-16 06:30:51
Slotozilla's achievements are anchored in participation at the SBC Summit Lisbon, partner expansion, and an upgraded offer catalogue.
French Interior Minister says hackers breached its email servers
2025-12-16 06:20:13
The French interior minister confirmed that a cyberattack breached the Interior Ministry, compromising its email servers. The French Interior Minister Laurent Nunez announced on Friday that threat actors...
Holiday Gaming Is a Network Stress Test and Your PC Is Probably the Weak Link
2025-12-16 06:19:12
Holiday gaming spikes network congestion — not because servers fail, but because your PC competes with dozens of background apps for bandwidth. December's surge in devices, uploads, syncs, and streams...
Google to Shut Down Dark Web Monitoring Tool in February 2026
2025-12-16 06:02:00
Google has announced that it's discontinuing its dark web report tool in February 2026, less than two years after it was launched as a way for users to monitor if their personal information is found on...
Building a QA Ecosystem: How Bootstrapping Led to Global Impact
2025-12-16 05:58:27
Bootstrapped companies Kualitee and Kualitatem built a global QA ecosystem driven by human insight, AI-enabled tools, and a philosophy that quality should be proactive, not reactive. Their combination...
Forget Authenticity – It's The Age Of The Founder Story
2025-12-16 04:00:08
Authenticity in marketing is dead. It was doomed by corporate hypocrisy and buried by a Gen Z audience that instinctively tunes out fakery. Trust is migrating from faceless institutions to human personalities,...
SoundCloud confirms breach after member data stolen, VPN access disrupted
2025-12-16 00:38:47
Audio streaming platform SoundCloud has confirmed that outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database exposing users'...
USN-7937-1: Linux kernel (Azure FIPS) vulnerabilities
2025-12-16 00:21:35
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain...
Multiples vulnérabilités dans Moodle (16 décembre 2025)
16/12/2025
De multiples vulnérabilités ont été découvertes dans Moodle. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance...
Multiples vulnérabilités dans Tenable Nessus (16 décembre 2025)
16/12/2025
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à l'intégrité des données.
Vulnérabilité dans Trend Micro Apex One (16 décembre 2025)
16/12/2025
Une vulnérabilité a été découverte dans Trend Micro Apex One. Elle permet à un attaquant de provoquer une exécution de code arbitraire.