Toute l'actualité de la Cybersécurité

Germany calls in Russian Ambassador over air traffic control hack claims

2025-12-13 18:14:19
Germany summoned Russia's ambassador over alleged cyberattacks on air traffic control and a disinformation campaign ahead of national elections. Germany summoned Russia's ambassador after accusing...

Virtual Reality: A Bold New Era for Workforce Learning

2025-12-13 17:00:04
Virtual reality (VR) is a new way to create learning states that the brain treats as real. VR is the first medium that lets us engineer experiences, not just deliver content. It creates emotional learning,...

The HackerNoon Newsletter: Flight Recorder: A New Go Execution Tracer (12/13/2025)

2025-12-13 16:02:05
How are you, hacker? 🪐 What's happening in tech today, December 13, 2025? The HackerNoon Newsletter brings the HackerNoon ...

UK's ICO Fine LastPass £1.2 Million Over 2022 Security Breach

2025-12-13 15:35:18
UK's ICO fines LastPass £1.2M for the 2022 data breach that exposed 1.6 million users' data. Learn how a flaw in an employee's personal PC led to the massive security failure.

Flight Recorder: A New Go Execution Tracer

2025-12-13 15:00:08
The flight recorder is just the latest addition to the Go developer's toolbox for diagnosing the inner workings of running applications.

Why Do People Keep Fantasizing About AI Bringing On the Apocalypse?

2025-12-13 14:30:07
Michael Reilly: Some tech people like talking about things in apocalyptic terms. The more dangerous their tech sounds, the more attention it gets, he says. This shiny-object narrative distracts from the...

Google Warns Multiple Hacker Groups Are Exploiting React2Shell to Spread Malware

2025-12-13 13:49:03
Google Threat Intelligence Group (GTIG) has issued a warning regarding the widespread exploitation of a critical security flaw in React Server Components. Known as React2Shell (CVE-2025-55182), this...

Empire 6.3.0 Launches With New Features for Red Teams and Penetration Testers

2025-12-13 13:39:59
BC Security has announced the release of Empire 6.3.0, the latest iteration of the widely used post-exploitation and adversary emulation framework. This update reinforces Empire's position as a premier...

CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks

2025-12-13 13:00:57
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability in Google Chromium’s ANGLE graphics engine to its Known Exploited Vulnerabilities (KEV)...

10 Proven Ways to Reduce Misalignment Between Stakeholders in Product Teams

2025-12-13 13:00:11
Product managers spend countless hours debating opinions and clarifying context. Misalignment is the invisible tax on every tech organization. This article outlines 10 tactics to reduce misalignment and...

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

2025-12-13 12:33:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog,...

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

2025-12-13 10:48:52
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure...

Cyberinfo de la semaine du 13 décembre 2025

2025-12-13 09:28:02
Cyberinfo de la semaine du 13 décembre 2025 - Cyberattaques, fuites massives & espionnage : l'actu cybersécurité de la semaine....

Rust-Based Luca Stealer Spreads Across Linux and Windows Systems

2025-12-13 08:33:23
Threat actors are increasingly abandoning traditional languages like C and C++ in favor of modern alternatives such as Golang, Rust, and Nim. This strategic shift enables developers to compile malicious...

Debian 11: Thunderbird Critical Code Execution Fix DLA-4405-1

2025-12-13 08:19:49
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For Debian 11 bullseye, these problems have been fixed in version 1:140.6.0esr-1~deb11u1....

Beyond Authentication — Exploiting a Nasty IDOR in Profile Update Functionality

2025-12-13 07:57:06
Beyond Authentication — Exploiting a Nasty IDOR in Profile Update FunctionalityIt wasn't a complex SQL injection or a tricky deserialization flaw. It was a failure to ask one simple question:...

MITRE: TryHackMe Room Walkthrough

2025-12-13 07:54:10
This TryHackMe room walkthrough will discuss the various resources MITRE has made available for the cybersecurity community.Continue reading on InfoSec Write-ups »

Stored Cross-Site Scripting: HTML Context (Nothing Encoded)

2025-12-13 07:54:03
Stored XSS occurs when malicious input is saved on the server and executed every time a user loads the affected page.Continue reading on InfoSec Write-ups »

From Recon to RCE: Hunting React2Shell (CVE-2025–55182) for Bug Bounties

2025-12-13 07:53:14
A step-by-step walkthrough covering discovery, validation and real-world exploitation in React and Next.js applicationsContinue reading on InfoSec Write-ups »

The TechBeat: Leader or No Leader, That is the Question (12/13/2025)

2025-12-13 07:10:57
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

New Phantom Stealer Campaign Hits Windows Machines Through ISO Mounting

2025-12-13 06:23:29
Researchers have uncovered a sophisticated phishing campaign originating in Russia that deploys the Phantom information-stealing malware via malicious ISO files. The attack, dubbed “Operation MoneyMount-ISO,”...

Mageia 9: Golang Critical DNS Constraint Advisory MGASA-2025-0326

2025-12-13 05:46:10
MGASA-2025-0326 - Updated golang packages fix security vulnerabilities

Mageia 9: Codeblocks Receives Important Bugfix Update MGAA-2025-0104

2025-12-13 05:46:09
MGAA-2025-0104 - Updated codeblocks packages fix bug

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

2025-12-13 05:32:00
Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of...

React2Shell Remote Code Execution (RCE) Vulnerability

2025-12-13 02:46:40
What is the Vulnerability? React2Shell is a critical unauthenticated RCE vulnerability impacting React Server Components (RSC) and frameworks that...

Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users

2025-12-13 02:44:13
Apple patches two WebKit zero-day flaws actively exploited in sophisticated attacks targeting specific iPhone users running iOS versions prior to 26. The iOS 26.2 and iPadOS 26.2 updates, released...

The Hidden Cost of “Free” Apps and the Battle for Your Attention

2025-12-13 01:41:42
The “free” model of popular apps often disguises data collection, behavioral profiling, and monetization of user attention. Features like infinite scroll, autoplay, and push notifications aren't about...

Why 'Crypto Games' Fail But 'Games With Crypto' Succeed

2025-12-13 01:28:34
Traditional "crypto games" fail because they prioritize tokens over fun, but "games with crypto" succeed by making blockchain optional or invisible. Three approaches work: hiding crypto entirely (Off...

Fedora 41: Apptainer CVE-2025-65105 Security Fix Advisory

2025-12-13 01:27:27
Apply fuse2fs patches that were accidentally empty Update to upstream 1.4.5, including a fix for CVE-2025-65105

Fedora 43: Apptainer 1.4.5 Important Fix CVE-2025-65105

2025-12-13 01:12:52
Apply fuse2fs patches that were accidentally empty Update to upstream 1.4.5, including a fix for CVE-2025-65105

Mistral Bets on Enterprise “Vibe Coding” With Devstral 2 and an Open-Source CLI Agent

2025-12-13 01:00:00
Mistral, the French frontier AI model lab most recently valued at €11.7 billion, has launched a duo of open-weight coding models.

Fedora 42: apptainer 1.4.5 Moderate Patch Adjustments for CVE-2025-65105

2025-12-13 00:50:49
Apply fuse2fs patches that were accidentally empty Update to upstream 1.4.5, including a fix for CVE-2025-65105

Fake Microsoft Teams and Google Meet Downloads Spread Oyster Backdoor

2025-12-13 00:17:14
The Oyster backdoor (also known as Broomstick) is targeting the financial world, using malicious search ads for PuTTY, Teams, and Google Meet.

Emergency fixes deployed by Google and Apple after targeted attacks

2025-12-13 00:08:15
Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates after uncovering...

List of 14 new domains

2025-12-13 00:00:00
.fr alexandercasino-bet[.fr] (registrar: NETIM) assistances-sg-intranet[.fr] (registrar: Hostinger operations UAB) carplusfrance[.fr] (registrar: OVH) carrefoursa[.fr] (registrar: EPAG Domainservices...