Toute l'actualité de la Cybersécurité
Cloudflare Outage Hits Internet with 500 Internal Server Error
2025-12-05 09:16:43
A major disruption swept across the internet today as Cloudflare, a critical backbone for millions of websites, reported widespread issues with its Dashboard and APIs, triggering 500 Internal Server Errors...
Cloudflare down, websites offline with 500 Internal Server Error
2025-12-05 09:12:15
Cloudflare is down, as websites are crashing with a 500 Internal Server Error. Cloudflare is investigating the reports. [...]
ClayRat Android Malware Steals SMS Messages, Call Logs and Capture Victim Photos
2025-12-05 08:54:45
A dangerous new Android spyware variant called ClayRat has emerged as a significant threat to mobile device security worldwide. First identified in October by the zLabs team, this malware represents a...
LVMH avance prudemment sur les agents IA
2025-12-05 08:51:49
Après 5 ans de travail sur la data, l'IA et l'IA générative, le groupe LVMH franchit progressivement une nouvelle étape en (...)
Galaxy Z TriFold : Samsung joue la carte « station de travail »
2025-12-05 08:28:04
Avec son premier smartphone à double pliage, Samsung choisit l'angle « station de travail portable », à l'appui d'un mode desktop autonome.
The post Galaxy Z TriFold : Samsung joue la carte « station...
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
2025-12-05 08:14:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's...
Beware of Solana Phishing Attacks That Let Hackers Initiate Unauthorized Account Transfer
2025-12-05 07:58:29
A dangerous new wave of phishing attacks is targeting Solana users by changing wallet ownership permissions rather than stealing private keys. A victim lost more than USD 3 million in a single attack,...
Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely
2025-12-05 07:36:11
A critical command injection vulnerability in the open-source network monitoring tool Cacti allows authenticated attackers to execute arbitrary code remotely, potentially compromising the entire monitoring...
Splunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissions
2025-12-05 06:54:03
A high-severity vulnerability has been disclosed in Splunk affecting its Enterprise and Universal Forwarder products for Windows, stemming from incorrect file permissions during installation and upgrades....
SEEDSNATCHER Android Malware Attacking Users to Exfiltrate Sensitive Data and Execute Malicious Commands
2025-12-05 06:37:22
SeedSnatcher represents a significant threat to cryptocurrency users worldwide. Packaged under the seemingly innocent name “Coin” and distributed through Telegram, this Android malware has...
JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
2025-12-05 05:40:00
A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week.
The vulnerability,...
New Stealthy Linux Malware Combines Mirai-Derived DDoS Botnet and Fileless Cryptominer
2025-12-05 05:25:08
Security researchers have uncovered a sophisticated Linux malware campaign that merges Mirai-derived DDoS botnet capabilities with a stealthy fileless cryptominer, representing a significant evolution...
China-Nexus Hackers Actively Exploiting React2Shell Vulnerability (CVE-2025-55182) in the Wild
2025-12-05 04:16:35
China-nexus threat groups are racing to weaponize the new React2Shell bug, tracked as CVE-2025-55182, only hours after its public disclosure. The flaw sits in React Server Components and lets an attacker...
PoC Exploit Released for Critical React, Next.js RCE Vulnerability (CVE-2025-55182)
2025-12-05 03:39:21
A proof-of-concept (PoC) exploit for CVE-2025-55182, a maximum-severity remote code execution (RCE) flaw in React Server Components, surfaced publicly this week, heightening alarms for developers worldwide....
Secure Boot: Strengthening Linux System Integrity from the Firmware Up
2025-12-05 03:19:52
Secure Boot sits at the point where firmware and operating system trust intersect, and it decides what code is allowed to start the machine. Most systems treat it like background plumbing, but it has...
Oracle Identity Manager Pre-Auth RCE
2025-12-05 03:15:17
What is the Vulnerability?
CVE-2025-61757 is a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager's REST...
Fedora 42: libcoap Security Update 2025-6a43695048 for Denial of Service
2025-12-05 02:43:01
Update to security release 4.3.5a
Fedora 42: timg Memory-Safety Fixes Update FEDORA-2025-f0df882417
2025-12-05 02:43:00
Rebuilt with latest patched stb_image: memory-safety fixes
Fedora 42: fcgi 2.4.7 Fix CVE-2025-23016 Important Advisory
2025-12-05 02:42:56
2.4.7 release, fixes CVE-2025-23016
Fedora 42: alexvsbus Memory Safety Update 2025-9831accfe9
2025-12-05 02:42:53
Rebuilt against patched stb_image Initial build for F42
Fedora 42: CuraEngine 5.4.0 Memory Safety Fix FEDORA-2025-fc872e9426
2025-12-05 02:42:52
Rebuilt with latest patched stb_image: memory-safety fixes
Fedora 42: xpdf Update 2025-e72c726192 Critical Buffer Overflow Issues
2025-12-05 02:42:51
Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs: CVE-2024-2971 CVE-2024-3247 CVE-2024-3248