Toute l'actualité de la Cybersécurité


Face à Excel et Google Sheets, Proton lance son tableur

2025-12-04 12:13:00
Petit à petit, la suite Workspace de Proton s’enrichit pour être une alternative européenne et sécurisée aux offres (...)

Lire la suite »

5 Threats That Reshaped Web Security This Year [2025]

2025-12-04 11:30:00
As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques,...

Lire la suite »

USN-7910-1: Linux kernel (Azure FIPS) vulnerabilities

2025-12-04 11:23:32
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain...

Lire la suite »

USN-7909-3: Linux kernel (FIPS) vulnerabilities

2025-12-04 11:14:34
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; ...

Lire la suite »

USN-7909-2: Linux kernel (Real-time) vulnerabilities

2025-12-04 11:03:24
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; ...

Lire la suite »

Numerical Tests Highlight OTFS's Spectral-Efficiency Gains Over OFDM

2025-12-04 11:00:05
Simulations across delay, Doppler, and bandwidth variations show that OFDM suffers heavy ICI, aliasing, and mobility-driven estimation errors, while OTFS maintains more stable performance and higher spectral...

Lire la suite »

Sécurité des e-mails : l'option multifournisseur s'impose

2025-12-04 10:43:07
L'évolution du marché des solutions de sécurité des e-mails rend aussi opportunes que nécessaires les stratégies multifournisseurs. The post Sécurité des e-mails : l’option multifournisseur...

Lire la suite »

USN-7889-4: Linux kernel vulnerabilities

2025-12-04 10:36:44
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; ...

Lire la suite »

Hackers Using Evilginx to Steal Session Cookies and Bypass Multi-Factor Authentication Tokens

2025-12-04 10:32:01
A sophisticated phishing toolkit known as Evilginx is empowering attackers to execute advanced attacker-in-the-middle (AiTM) campaigns with alarming success. These attacks are engineered to steal temporary...

Lire la suite »

USN-7879-4: Linux kernel vulnerabilities

2025-12-04 10:22:14
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Several...

Lire la suite »

New ‘Sryxen' Stealer Bypasses Chrome Encryption via Headless Browser Technique

2025-12-04 10:11:53
A new information stealer called Sryxen has emerged in the underground malware market, targeting Windows systems with advanced techniques to harvest browser credentials and sensitive data. Sold as Malware-as-a-Service,...

Lire la suite »

GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections

2025-12-04 09:27:00
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating...

Lire la suite »

USN-7909-1: Linux kernel vulnerabilities

2025-12-04 09:26:45
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; ...

Lire la suite »

Trois clés pour embarquer les employés dans la cybersécurité

2025-12-04 09:19:36
Dans de nombreuses entreprises, les directives de sécurité informatique se heurtent à la résistance des employés qui (...)

Lire la suite »

Hackers Leverage Velociraptor DFIR Tool for Stealthy C2 & Ransomware Delivery

2025-12-04 09:15:16
Legitimate administrative tools are increasingly becoming the weapon of choice for sophisticated threat actors aiming to blend in with normal network activity. A recent campaign has highlighted this dangerous...

Lire la suite »

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

2025-12-04 09:11:43
Cloudflare blocked a record 29.7 Tbps DDoS attack from the AISURU botnet. The 69-second attack set a new high, though the target remains undisclosed. Cloudflare stopped a record 29.7 Tbps DDoS attack...

Lire la suite »

AWS enrichit son offre Transform avec des agents IA

2025-12-04 09:08:42
« Aujourd’hui, la modernisation n’est plus une option pour les entreprises », souligne Akshat Tyagi, directeur adjoint (...)

Lire la suite »

Entretien Yves Pellemans, DG délégué Cheops Technology : « Il faut maîtriser le coût de l'IA »

2025-12-04 08:56:58
Suite des entretiens du Monde Informatique avec Yves Pellemans, directeur général délégué de Cheops Technology. Recruté (...)

Lire la suite »

Hackers Actively Exploiting Worpress Plugin Vulnerability to Execute Remote Code

2025-12-04 08:36:53
A critical remote code execution vulnerability in the Sneeit Framework WordPress plugin has come under active exploitation by threat actors, posing an immediate risk to thousands of websites worldwide....

Lire la suite »

Vim for Windows Vulnerability Let Attackers Execute Arbitrary Code

2025-12-04 08:22:53
A critical security vulnerability has been discovered in Vim for Windows that could allow attackers to execute malicious code on users’ computers. The vulnerability, identified as CVE-2025-66476,...

Lire la suite »

Akamai Patches HTTP Request Smuggling Vulnerability in Edge Servers

2025-12-04 08:20:43
A critical HTTP request smuggling vulnerability in Akamai’s edge server infrastructure has been successfully fixed. The vulnerability, identified as CVE-2025-66373, stemmed from improper processing...

Lire la suite »

Kohler's Encrypted Smart Toilet Camera is not Actually end-to-end Encrypted

2025-12-04 08:17:43
Kohler’s 0 smart toilet camera system, marketed with promises of “end-to-end encryption,” does not actually implement the security standard as commonly understood in the cybersecurity...

Lire la suite »

CISA Releases Five ICS Advisories Covering Vulnerabilities, and Exploits Surrounding ICS

2025-12-04 08:00:09
The Cybersecurity and Infrastructure Security Agency released five critical Industrial Control Systems advisories on December 2, 2025, addressing significant security threats across industrial environments....

Lire la suite »

New Scanner Tool for Detecting Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182)

2025-12-04 07:24:08
A new security assessment tool has been released to help researchers and administrators identify React Server Components (RSC) endpoints potentially exposed to CVE-2025-55182. Developed as a lightweight...

Lire la suite »

New Report Warns of 68% Of Actively Serving Phishing Kits Protected by CloudFlare

2025-12-04 07:20:49
A new security report reveals a troubling reality about the state of online phishing operations. Recent research has uncovered over 42,000 validated URLs and domains actively serving phishing kits, command-and-control...

Lire la suite »

The TechBeat: Porting Scientific Algorithms from MATLAB to JavaScript (12/4/2025)

2025-12-04 07:10:50
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

Why OTFS Outperforms OFDM in High-Mobility Scenarios

2025-12-04 07:00:07
The article explains how OTFS leverages the slow-varying nature of the delay-Doppler domain to interpolate and extrapolate channel states, enabling accurate tracking, lower pilot overhead, and reduced...

Lire la suite »

'MuddyWater' Hackers Target Israeli Orgs With Retro Game Tactic

2025-12-04 07:00:00
Iran's top state-sponsored APT is usually rather crass. But in a recent spate of attacks, it tried out some interesting evasion tactics, including delving into Snake, an old-school mobile game.

Lire la suite »

Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts

2025-12-04 06:52:00
Cloudflare on Wednesday said it detected and mitigated the largest ever distributed denial-of-service (DDoS) attack that measured at 29.7 terabits per second (Tbps). The activity, the web infrastructure...

Lire la suite »

Tired of Learning 50 New Concepts to Build a Form? Say Hello to Lighthouse for PHP

2025-12-04 06:22:17
TL;DR: I built Lighthouse PHP Framework because modern frameworks got too complex. It lets you handle forms in views (like PHP intended), uses SQLite out of the box, includes security by default, and...

Lire la suite »

Why I Built Allos to Decouple AI Agents From LLM Vendors

2025-12-04 06:17:42
Allos is a Python SDK for building AI agents that can switch between OpenAI, Anthropic, and more with a single command. Allos is built on a single philosophy: developers deserve the freedom to choose...

Lire la suite »

X Is Auto-Loading Your Links—Affiliates Just Found a Way to Turn It Into CPM Cash

2025-12-04 06:13:56
X recently rolled out a feature that preloads external links in tweets the moment they appear in someone's feed. This is the biggest opportunity affiliate marketers have seen since the early days of...

Lire la suite »

How Request–Response Really Works

2025-12-04 06:12:23
Learn how the request–response model really works under the hood.

Lire la suite »

If You Need to Brag About How Complex It Is, You've Probably Built It Wrong

2025-12-04 06:04:59
Complexity is one of the biggest enemies of any software system. As the complexity increases, the quality goes down. It is always a good idea to take a step back from new feature development.

Lire la suite »

How I Access My Home NAS from Anywhere (Without Doxxing My IP) Using Cloudflare Tunnel

2025-12-04 06:03:18
I'll soon travel to Australia for weeks, and I want to continue publishing content. How do I access it securely from there without exposing my home network and compromising my privacy?

Lire la suite »

Seven Silent Career Killers: Why Your Promotion Keeps Getting Delayed

2025-12-04 06:01:23
Instead of complaining, blaming and sobbing, you need to look for patterns that unintentionally might be holding you back.

Lire la suite »

Beyond the Server: Why Cloud Finance is Now the Science of Power Stranding

2025-12-04 06:00:10
How do you accurately deploy capital for power infrastructure years in advance when customer utilization - the speed, size, and shape of the workloads - is changing by the minute?

Lire la suite »

From Fixed Labels to Prompts: How Vision-Language Models Are Re-Wiring Object Detection

2025-12-04 05:50:03
Object detection has evolved from hand-crafted features to deep CNNs with much higher accuracy, but most production systems are still stuck with fixed label sets that are expensive to update. New open-vocabulary,...

Lire la suite »

CVE-2025-66478: RCE in React Server Components

2025-12-04 04:21:47
Bulletin ID: AWS-2025-030 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/12/03 20:00 PM PST Description: AWS is aware of the recently disclosed CVE-2025-55182 which affects...

Lire la suite »

Fedora 42: usd Important Security Update for 3D Format 2025-073e4f7991

2025-12-04 01:02:55
Rebuilt with stb_image patched for two new security bugs.

Lire la suite »

Ubuntu 23.04: xyz Enhanced Security Vulnerabilities Update 2025-4bd12a45g3

2025-12-04 01:02:51
Patch two newly-reported memory-safety bugs in stb_image: https://github.com/nothings/stb/issues/1860 https://github.com/nothings/stb/issues/1861

Lire la suite »

Fedora 43: Ubertooth Critical Security Update for Bluetooth 2025-0cc929ff17

2025-12-04 00:53:25
PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs.

Lire la suite »

Fedora 43: Important Update for tinyproxy Integer Overflow Issue

2025-12-04 00:53:25
Add upstream patch to fix CVE-2025-63938.

Lire la suite »

Fedora 43: usd Security Advisory 2025-0cc929ff17 - PySide6 Update

2025-12-04 00:53:25
PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs.

Lire la suite »

Security Important Stb Image Fix in Fedora 43 Python-ezdxf Update

2025-12-04 00:53:24
PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs.

Lire la suite »