Toute l'actualité de la Cybersécurité
ServiceNow en passe d'acquérir Armis pour 7 Md$
2025-12-15 10:49:59
La période de fin d’année est souvent propice aux emplettes. ServiceNow aurait, selon Bloomberg, jeté son dévolu (...)
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
2025-12-15 09:44:38
Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React…
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
2025-12-15 09:24:00
Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical...
Microsoft: December security updates cause Message Queuing failures
2025-12-15 09:04:59
Microsoft has confirmed that the December 2025 security updates are breaking Message Queuing (MSMQ) functionality, affecting enterprise applications and Internet Information Services (IIS) websites. [...]...
Cheops conjugue souveraineté, sécurité et IA
2025-12-15 09:04:24
« C'est la première fois que Cheops réalise un Tour de France dans 11 villes avec ses partenaires technologiques (ndlr : (...)
Google double la surveillance de Gemini dans Chrome
2025-12-15 08:55:31
Après avoir reconnu que son agent de navigation Chrome alimenté par Gemini pouvait être amené à effectuer des actions (...)
CloudSEK Hiring CTF Writeup
2025-12-15 08:43:18
During this weekend (Saturday), I participated in the CloudSek Hiring CTF, which consisted of four challenges focused on practical skills in web exploitation and scripting. In this write-up, I've combined...
Advanced Search Techniques for Exposed Information — By Reju Kole
2025-12-15 08:42:46
Advanced Search Techniques for Exposed Information — By Reju KolePicture Created by Leonardo AIWhen Private Information Becomes Public on Google.A. Unprotected .git Repository ExposureSometimes...
Bypassing Multi-Layer Browser Isolation & AV Controls Through Gateway Path Mismanagement
2025-12-15 08:41:40
Image generated by deepaiIntroductionBrowser-isolation platforms are increasingly deployed in enterprise environments to protect users from malicious websites, phishing payloads, and file-based threats.Many...
Azure Blob Container to Initial Access Lab Walkthrough : Pwned-Labs
2025-12-15 08:41:30
Azure Blob Container to Initial Access Lab Walkthrough : Pwned-Labshttps://labs.pwnedlabs.io/azure-blob-container-to-initial-accessHey there, Maverick here back again with another dive into the wild...
How I Check for Subdomain Takeovers Part 1
2025-12-15 08:41:12
Subdomain takeovers is a high risk vulnerability that negatively impacts businesses, but if found, can result in big rewards for a bug…Continue reading on InfoSec Write-ups »
When AI Gossips: How I Eavesdropped on a Federated Learning System
2025-12-15 08:40:54
You know that feeling when you’re at a party, and you can piece together everyone’s drama just by listening to random conversation…Continue reading on InfoSec Write-ups »
Writeup for picoCTF challenge “Secrets”
2025-12-15 08:40:32
Navigate nested directories through CSS file paths and learn why security through obscurity failsContinue reading on InfoSec Write-ups »
From Shell to Stealth: Building AV-Evasive Binary
2025-12-15 08:39:25
What if antivirus detection isn't about what you write… but how you hide it?In this blog series , we will walk through process of developing a simple reverse shell payload, mutating its binary,...
Hack the Box Walkthrough: Cap
2025-12-15 08:38:58
HTB Intro to Red Team: CapHello again and welcome to the start of a new series I'm working on in preparation for taking the HTB Certified Penetration Testing Student (CPTS) exam. Hack the Box recently...
Hack the Box Starting Point: Three
2025-12-15 08:38:39
Hello everyone and welcome back to the HTB Starting Point series I've been working on for way too long now. Took a little break for the Thanksgiving weekend, I hope everyone enjoyed themselves. Now...
Cyber deception trials: what we've learned so far
2025-12-15 08:17:28
An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.
A week in security (December 8 – December 14)
2025-12-15 08:03:00
A list of topics we covered in the week of December 8 to December 14 of 2025
Frogblight threatens you with a court case: a new Android banker targets Turkish users
2025-12-15 07:00:57
Kaspersky researchers have discovered a new Android banking Trojan targeting Turkish users and posing as an app for accessing court case files via an official government webpage. The malware is being...
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
2025-12-15 05:33:00
The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test...
Fedora 43: Firefox Update 2025-f20b9f321d - Aarch64 Crashes Fixed
2025-12-15 01:28:41
Fixed aarch64 crashes Updated to latest upstream (146.0)
Fedora 42: Firefox Aarch64 Crash Fix Advisory 2025-4984e74557
2025-12-15 01:10:47
Fixed aarch64 crashes Updated to latest upstream (146.0)
Chromium Medium Problems in Password Manager and Toolbar for Fedora 42
2025-12-15 01:10:47
Update to 143.0.7499.109 * High: Under coordination * Medium CVE-2025-14372: Use after free in Password Manager * Medium CVE-2025-14373: Inappropriate implementation in Toolbar
Debian 11: ruby-sidekiq DLA-4407-1 CVE-2021-30151 XSS Risk
2025-12-15 00:50:16
ruby-sidekiq, a simple, efficient background processing for Ruby, had a couple of vulnerabilities as follows: CVE-2021-30151 Sidekiq allows XSS via the queue name of the live-poll feature when Internet...
Debian 11: ruby-git Critical Command Injection Vulnerabilities DLA-4406-1
2025-12-15 00:46:04
A couple of vulnerabilities were reported against ruby-git, a Ruby interface to the Git revision control system, that could lead to a command injection and execution of an arbitrary ruby code by having...