Toute l'actualité de la Cybersécurité
New Rust Malware “ChaosBot” Hides Command-and-Control Inside Discord
2025-10-22 06:29:03
A sophisticated, Rust-based malware dubbed ChaosBot has been exposed utilizing the Discord platform for its Command and Control (C2) operations. This isn’t your average botnet; it’s a new...
Hackers Exploited 34 Zero-Day Vulnerabilities And Earned 2,500 In Pwn2Own Ireland 2025
2025-10-22 06:28:17
The first day of Pwn2Own Ireland 2025 wrapped up with a bang, as security researchers uncovered 34 unique zero-day vulnerabilities across various smart devices. Not a single attempt failed, leading to...
Threat Actors Compromise Xubuntu Website To Deliver Malicious Windows Executable
2025-10-22 06:11:34
Threat actors infiltrated the official Xubuntu website, redirecting torrent downloads to a malicious ZIP file containing Windows-targeted malware. The incident, uncovered on October 18, 2025, highlights...
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure
2025-10-22 06:06:48
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been quickly...
New Salt Typhoon Attacks Leverage Zero-Days and DLL Sideloading
2025-10-22 05:44:05
Salt Typhoon represents one of the most persistent and sophisticated cyber threats targeting global critical infrastructure today. Believed to be linked to state-sponsored actors from the People’s...
Hackers Exploit OAuth Apps to Keep Cloud Access Even After Password Resets
2025-10-22 04:57:29
Cloud account takeover attacks have evolved beyond simple credential theft. Cybercriminals are now exploiting OAuth applications to maintain persistent access to compromised environments, bypassing traditional...
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
2025-10-22 04:38:00
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution.
The vulnerabilities in...
Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code
2025-10-22 02:30:18
Google has swiftly addressed a high-severity flaw in its Chrome browser’s V8 JavaScript engine, releasing an emergency update to thwart potential remote code execution attacks. The vulnerability,...
Fedora 41: Critical Performance Fixes for mingw-exiv2 CVE-2025-54080
2025-10-22 01:32:01
Update to exiv2-0.28.7, fixes CVE-2025-54080 and CVE-2025-55304.
Fedora 41: inih Critical Performance Flaw CVE-2025-54080, CVE-2025-55304
2025-10-22 01:32:00
Update to exiv2-0.28.7, fixes CVE-2025-54080 and CVE-2025-55304.
Fedora 41: mod_http2 Update for Assertion Error CVE-2025-49630
2025-10-22 01:31:59
version update
Ubuntu 24.04: Linux Kernel Critical Information Leak USN-7833-2
2025-10-22 00:29:20
Several security issues were fixed in the Linux kernel.
Ubuntu 25.04: Critical Info Leak Vulnerability in Linux Kernel USN-7834-1
2025-10-22 00:29:02
Several security issues were fixed in the Linux kernel.
Ubuntu 25.04: Linux Kernel Critical Data Leak Advisory USN-7833-1
2025-10-22 00:28:44
Several security issues were fixed in the Linux kernel.
USN-7833-2: Linux kernel (Real-time) vulnerabilities
2025-10-22 00:27:11
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially...
USN-7834-1: Linux kernel (Azure) vulnerabilities
2025-10-22 00:02:00
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially...