Toute l'actualité de la Cybersécurité
NCSC handing over the baton of smart meter security: a decade of progress
2025-11-27 08:54:47
Why transferring the Commercial Product Assurance scheme to industry ownership marks an important milestone.
Hackers Actively Attacking Telecommunications & Media Industry to Deploy Malicious Payloads
2025-11-27 08:45:32
Cybercriminals are launching increasingly sophisticated attacks against the telecommunications and media industry, focusing their efforts on deploying malicious payloads that compromise critical infrastructure....
New ASUS firmware patches critical AiCloud vulnerability
2025-11-27 08:33:32
ASUS released new firmware to address multiple vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. ASUS has issued new firmware addressing nine security vulnerabilities,...
Gainsight Expands Impacted Customer List Following Salesforce Security Alert
2025-11-27 07:03:00
Gainsight has disclosed that the recent suspicious activity targeting its applications has affected more customers than previously thought.
The company said Salesforce initially provided a list of 3 impacted...
Hackers Exploiting Fake Battlefield 6 Popularity to Deploy Stealers and C2 Agents
2025-11-27 07:00:55
Since its release in October, Battlefield 6 has become one of the year’s most anticipated game launches. However, cybercriminals have quickly seized on this popularity to distribute malicious software....
Threat Actors Allegedly Listed iOS 26 Full‑Chain 0‑Day Exploit on Dark Web
2025-11-27 06:37:17
A threat actor operating under the alias ResearcherX has posted what they claim to be a full‑chain zero‑day exploit targeting Apple's recently released iOS 26 operating system. The listing, which...
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
2025-11-27 06:23:48
Cybercriminals are successfully targeting Apple users through a sophisticated social engineering scheme that tricks victims into running harmful commands on their computers. The threat, called FlexibleFerret,...
China Software Developer Network - 6,414,990 breached accounts
2025-11-27 05:49:56
In 2011, the China Software Developer Network (CSDN) suffered a data breach that exposed over 6M user records. The data included email addresses alongside usernames and plain text passwords.
New Malware-as-a-Service Olymp Loader Advertised on Hacker Forums with It's Anti-analysis and Detection Features
2025-11-27 05:47:09
A new Malware-as-a-Service (MaaS) threat named “Olymp Loader” appeared in June 2025, aggressively advertised on underground hacker forums like XSS and HackForums. Advertised by an operator...
Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack
2025-11-27 05:26:13
A significant gap in Microsoft Teams’ B2B guest access allows attackers to bypass Defender for Office 365 protections, creating unprotected zones for phishing and malware delivery. At Cybersecurity...
New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request
2025-11-27 02:15:14
A newly discovered critical vulnerability in the Next.js framework allows attackers to crash self-hosted servers using a single HTTP request, requiring negligible resources to execute. Discovered by researchers...
Docker-BuildKit Memory Allocation Fix in Fedora 41: FEDORA-2025-1ccd7dbf40
2025-11-27 01:13:38
Update to release v0.26.1 Update to release v0.26.0 Resolves: rhbz#2412681, rhbz#2412761 Upstream new features and fixes dependency override for moby/policy-helper needed for license (default
Fedora 41: docker-buildx Critical Mem Exhaustion Fix CVE-2025-58185
2025-11-27 01:13:38
Update to release v0.30.1 Upstream fix Update to release v0.30.0 Resolves: rhbz#2413270 Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
Fedora 42: docker-buildkit CVE-2025-58183 Critical Unbounded Allocation
2025-11-27 01:00:15
Update to release v0.26.1 Update to release v0.26.0 Resolves: rhbz#2412681, rhbz#2412761 Upstream new features and fixes dependency override for moby/policy-helper needed for license (default
Fedora 43: 7zip Critical Directory Traversal RCE CVE-2025-11001
2025-11-27 00:48:05
Various CVE fixes, most importantly CVE-2025-11001 This also backports the Debian patch (PR unfortunately stalled upstream, with no communication from upstream developers) to not echo passwords when dealing...