Toute l'actualité de la Cybersécurité
A Multi-Stage Phishing Kit Using Telegram to Harvest Credentials and Bypass Automated Detection
2025-11-15 07:06:13
Phishing attacks continue to be one of the most persistent threats targeting organizations worldwide. Cybercriminals are constantly improving their methods to steal sensitive information, and a recently...
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
2025-11-15 06:58:38
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added...
Akira Ransomware Targets Over 250 Organizations, Extracts Million in Ransom Payments – New CISA Report
2025-11-15 06:09:37
A new advisory from the Cybersecurity and Infrastructure Security Agency reveals that Akira ransomware has become one of the most active threats targeting businesses worldwide. Since March 2023, this...
When Reading the Source Code Is the Real Hack: A Web Challenge Story | v1t CTF
2025-11-15 05:57:48
Sometimes the best hacking tool is just… reading comprehensionDifficulty: Beginner-Friendly | Category: Web ExploitationHello everyoneI'm Chetan Chinchulkar (aka omnipresent), and we're switching gears!...
Reflected XSS → DVWA Walkthrough: Learn How User Input Can Trigger a Script Execution
2025-11-15 05:56:06
🕵Hey! I'm Adwaith, an aspiring offensive security enthusiast, and I'm excited to walk you through the Reflected XSS lab in DVWA, where we'll see how a simple input field can lead to script execution.Click...
SQL Injection: Listing Database Contents on Non-Oracle Databases
2025-11-15 05:55:12
UNION-based SQL injection used to enumerate database tables, extract credential columns, dump usernames and passwords, and log in as the…Continue reading on InfoSec Write-ups »
Lumma Stealer Uses Browser Fingerprinting to Collect Data and for Stealthy C&C Server Communications
2025-11-15 03:45:39
Lumma Stealer has emerged as a serious threat in the cybercrime world, targeting users through fake software updates and cracked applications. This information-stealing malware targets the collection...
Critical FortiWeb WAF Flaw Exploited in the Wild, Enabling Full Admin Takeover
2025-11-15 03:10:56
Fortinet has issued an urgent advisory warning of a critical vulnerability in its FortiWeb web application firewall (WAF) product, which attackers are actively exploiting in the wild. Identified as CVE-2025-64446,...
Fedora 41: Security Update for OpenTofu 1.10.7 Addresses Vulnerabilities
2025-11-15 01:45:29
Update to 1.10.7
Fedora 41: Critical Advisory for containerd Update v1.7.29 Threats
2025-11-15 01:45:28
Update to v1.7.29
Debian 12: python-http-client-receive-data Low 2025-01a4c2b1e
2025-11-15 01:45:26
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses
Fedora 41: uv Python Package Update 2025-00e5b3d89c Critical DoS Advisory
2025-11-15 01:45:26
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses
Fedora 41: rust-reqsign Critical AWS DoS Threat Advisory 2025-00e5b3d89c
2025-11-15 01:45:25
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses
Fedora 41: Rust Reqsign File Read Tokio Important Issue 2025-00e5b3d89c
2025-11-15 01:45:25
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses