Toute l'actualité de la Cybersécurité


Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File

2025-12-11 07:44:07
Security researchers have uncovered a significant threat targeting developers through the VS Code Marketplace. A coordinated campaign involving 19 malicious extensions has been actively infiltrating the...

Lire la suite »

It didn't take long: CVE-2025-55182 is now under active exploitation

2025-12-11 07:30:41
Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here's what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed,...

Lire la suite »

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

2025-12-11 05:56:00
Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations...

Lire la suite »

USN-7924-1: libpng vulnerabilities

2025-12-11 05:26:40
It was discovered that libpng incorrectly handled memory when processing certain PNG files, which could result in an out-of-bounds memory access. If a user or automated system were tricked into opening...

Lire la suite »

USN-7923-1: Qt vulnerability

2025-12-11 04:18:33
It was discovered that Qt did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue...

Lire la suite »

Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data

2025-12-11 04:15:59
A critical information disclosure vulnerability in Windows Defender Firewall Service, which could allow authorized attackers to access sensitive heap memory on affected systems. The vulnerability, tracked...

Lire la suite »

Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code and Bypass Security

2025-12-11 03:37:52
Critical security updates for Acrobat and Reader are available, addressing multiple vulnerabilities that could allow attackers to execute arbitrary code and bypass essential security features. Adobe...

Lire la suite »

Google Warns of Chrome 0-Day Vulnerability Actively Exploited in the wild

2025-12-11 03:34:25
Google has released an urgent security update for the Chrome browser to address a high-severity zero-day vulnerability that is currently being exploited in the wild. This emergency patch is part of the...

Lire la suite »

HTB Academy: Windows CMD and PowerShell

2025-12-11 03:06:01
I did say that I needed to work on my Windows sys admin skills and also my PowerShell-fu and so here I am. As per the usual when it comes to my Academy content, I will just be covering the skill assessment...

Lire la suite »

Fedora 42: Fix for Tinyproxy High Integer Overflow CVE-2025-63938

2025-12-11 01:01:45
Add upstream patch to fix CVE-2025-63938.

Lire la suite »

Fedora 42: perl-CGI-Simple Important HTTP Response Splitting CVE-2025-40927

2025-12-11 01:01:43
1.282 - Sanitize all user-supplied values before inserting into HTTP headers; Fixed CVE-2025-40927.

Lire la suite »