Toute l'actualité de la Cybersécurité
Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands
2025-11-14 11:38:48
Cisco has released security updates to address two critical vulnerabilities in Unified Contact Center Express (Unified CCX) that could allow unauthenticated attackers to execute arbitrary commands with...
Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques
2025-11-14 11:28:17
Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based...
Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years
2025-11-14 11:22:00
Security researcher Paul McCarty uncovered a significant coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, as it has been named, consists of more than 43,000 spam packages...
Microsoft annualise les mises à jour pour Configuration Manager
2025-11-14 11:04:14
Petit changement pour SCCM (system center configuration manager) de Microsoft. En effet, l'éditeur a annoncé qu'en 2026 le cycle des mises (...)
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
2025-11-14 10:47:22
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security...
GitHub piège Actions avec un paquet npm malveillant
2025-11-14 10:37:54
Les outils de développement deviennent une cible de plus en plus importante pour les cybercriminels. Dans le catalogue de vecteurs, les paquets (...)
Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns
2025-11-14 10:37:00
Key Takeaways:
85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date.
1,590 victims disclosed across 85 leak sites, showing high,...
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors
2025-11-14 10:12:12
The Washington Post has publicly disclosed a significant data breach involving external hacking of its Oracle E-Suite system, impacting over 9,700 employees and contractors worldwide. The breach notification,...
Concurrence dans l'IA : le procès Musk contre Apple et OpenAI aura lieu
2025-11-14 10:08:24
Un juge fédéral valide la plainte de X et xAI, obligeant Apple et OpenAI à répondre aux accusations d'entrave à la concurrence dans l'IA.
The post Concurrence dans l’IA : le procès Musk...
Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign
2025-11-14 09:53:00
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a "highly sophisticated espionage campaign"...
ASUS warns of critical auth bypass flaw in DSL series routers
2025-11-14 09:52:37
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. [...]
Comment la virtualisation sur OpenShift a évolué depuis la fusion Broadcom-VMware
2025-11-14 09:42:04
Six versions mineures d'OpenShift sont sorties depuis l'acquisition de VMware par Broadcom. Focus sur l'évolution fonctionnelle de la brique de virtualisation.
The post Comment la virtualisation sur...
Le plan d'Octave Klaba pour remettre OVH sur les rails
2025-11-14 09:39:50
Jeudi 20 novembre prochain, OVH invite ses clients et partenaires à la maison de la Mutualité (Paris) pour la prochaine édition (...)
Germany's BSI issues guidelines to counter evasion attacks targeting LLMs
2025-11-14 09:32:50
Germany's BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany's BSI warns of rising evasion attacks on LLMs, issuing guidance...
Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks
2025-11-14 09:30:39
A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites. The security flaw, recently patched...
Les données nucléaires au coeur de l'accord EDF avec Bleu et S3NS
2025-11-14 09:14:42
En complément de ses hébergements internes, qui accueillent 80% de ses données selon le groupe, EDF vient de référencer (...)
Malicious Chrome Extension as Ethereum Wallet Enables Full Wallet Takeover
2025-11-14 09:00:55
A deceptive Chrome extension named Safery: Ethereum Wallet has emerged as a serious threat to cryptocurrency users. Published on the Chrome Web Store on November 12, 2024, this extension masquerades as...
Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts
2025-11-14 09:00:00
Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb WAF that could allow an attacker to take over admin accounts and completely compromise...
Critical Zoho Analytics Plus Flaw Allows Attackers to Run Arbitrary SQL Queries
2025-11-14 08:58:18
A critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise, posing a severe risk to organizations running affected versions. Tracked as CVE-2025-8324,...
Washington Post Oracle E-Suite Breach Exposes Data of Over 9,000 Staff and Contractors
2025-11-14 08:46:12
The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure. The breach,...
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft
2025-11-14 08:30:05
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that...
Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack
2025-11-14 08:12:21
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied...
Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks
2025-11-14 08:08:31
A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply the patch immediately...
Android Photo Frame App Infects Devices With Malware, Allows Full Remote Takeover
2025-11-14 08:01:07
A recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget into a potent tool for cybercriminals....
Kraken Cross-Platform Ransomware Attacking Windows, Linux, and VMware ESXi Systems in Enterprise Environments
2025-11-14 07:51:13
In August 2025, a new ransomware threat emerged with capabilities that fundamentally changed how organizations should approach enterprise security. Kraken, a Russian-speaking cybercriminal group, began...
Microsoft Teams Introduces Premium Feature to Prevent Screenshots and Screen Recording
2025-11-14 07:35:32
Microsoft has launched a new security feature in Teams Premium called “Prevent screen capture,” designed to block screenshots and recordings during sensitive meetings. This feature will be...
New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware
2025-11-14 07:00:42
A growing social engineering technique called ClickFix has emerged as one of the most successful methods for distributing malware in recent months. This attack tricks users into copying and running commands...
IBM vise l'avantage quantique en tandem avec le HPC
2025-11-14 06:58:05
La connexion avec les environnements HPC prend de l'importance dans le discours d'IBM sur l'informatique quantique.
The post IBM vise l’avantage quantique en tandem avec le HPC appeared first on...
Android Photo Frames App Downloads Malware, Giving Hackers Control of The Device Without User Interaction
2025-11-14 06:37:52
Digital photo frames have become a standard household device for displaying family memories, and most users assume these simple gadgets prioritize simplicity over complexity. However, a troubling discovery...
Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
2025-11-14 05:55:33
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party cloud system....
CISA Warns: Akira Ransomware Has Extracted M After Targeting Hundreds
2025-11-14 05:45:44
A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating...
Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets
2025-11-14 05:20:25
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network packets. The...
DoorDash hit by new data breach in October exposing user information
2025-11-14 04:38:44
DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia,...
Beware of Fake Bitcoin Tool That Hides DarkComet RAT Malware With it
2025-11-14 04:25:59
The rise of cryptocurrency has created new opportunities for cybercriminals to exploit unsuspecting users. Attackers are now disguising the notorious DarkComet remote access trojan as Bitcoin-related...
Fortinet FortiWeb flaw with public PoC exploited to create admin users
2025-11-14 02:41:28
A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication [...]
Fedora 43: SeaMonkey 2.53.22 Update FEDORA-2025-5f24a0c1ba
2025-11-14 01:28:56
Update to 2.53.22
Fedora 43: docker-buildkit Critical DoS Memory Exhaustion CVE-2025-58185
2025-11-14 01:28:55
Update to v0.25.2 CVE-2025-58183; Resolves: rhbz#2412529 CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945 CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013 CVE-2025-61723;...
Fedora 43: runc High Risk Security Fix 2025-ebd4913540 CVE-2025-31133
2025-11-14 01:28:54
Update to release v1.3.3
Fedora 43: gh Update Advisory Critical CVE-2025-58189 and CVE-2025-61725
2025-11-14 01:28:50
Update to 2.83.0
Fedora 41: Lasso 2.9.0 Critical Buffer Overflow Fix CVE-2025-46705
2025-11-14 01:09:20
Update to 2.9.0 Fixes CVE-2025-46705
Fedora 41: SeaMonkey 2.53.22 Advisory FEDORA-2025-e49d776723
2025-11-14 01:09:19
Update to 2.53.22