Toute l'actualité de la Cybersécurité


New Mirai Botnet Variant ‘Broadside' Actively Attacking Users in the Wild

2025-12-09 10:50:15
A sophisticated new variant of the Mirai botnet, named “Broadside,” has emerged as an active threat targeting maritime shipping companies and vessel operators. The malware exploits a critical...

Lire la suite »

Microsoft Copilot Disruption in the UK: Users Face Access Issues and Degraded Features

2025-12-09 10:30:10
Microsoft 365 services encountered a snag today, leaving users in the United Kingdom struggling to access Microsoft Copilot or experiencing reduced functionality in key features. The outage, flagged on...

Lire la suite »

{ Tribune Expert } – L'évolution du risque interne

2025-12-09 10:08:36
À mesure que les adversaires utilisent des sites de confiance pour se dissimuler à la vue de tous, ils se connectent plutôt que de « pirater » leur accès aux organisations. The post { Tribune Expert...

Lire la suite »

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

2025-12-09 10:03:42
Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish police arrested three Ukrainian nationals for allegedly...

Lire la suite »

AI-Powered Free Security-Audit Checklist for 2026 – ISO 27001, SOC 2, NIST, NIS 2 and GDPR Compliance

2025-12-09 10:00:15
In many companies, audit preparation in 2025 still feels like 2005: Excel lists, scattered evidence, copy & paste from old answers, long coordination loops. At the same time, requirements are increasing...

Lire la suite »

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

2025-12-09 09:35:00
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions...

Lire la suite »

Vade acquis par Proofpoint : Bercy valide sans répondre aux inquiétudes

2025-12-09 09:31:53
En contrepartie d'engagements portant essentiellement sur l'emploi, la France autorise Proofpoint à mettre - indirectement - la main sur Vade. The post Vade acquis par Proofpoint : Bercy valide sans...

Lire la suite »

Authorities Arrested Hackers With Specialized FLIPPER Hacking Equipment Used to Attack IT Systems

2025-12-09 09:30:29
Authorities in Warsaw have arrested three suspected hackers found carrying specialized FLIPPER hacking equipment. Other tools are allegedly intended to attack IT and telecommunications systems. The suspects,...

Lire la suite »

Zimperium découvre un nouveau variant plus sophistiqué du spyware ClayRat

2025-12-09 09:21:24
zLabs, la division de recherche de Zimperium annonce la découverte d'une variante nettement plus sophistiquée de ClayRat, une famille de spyware Android, présentée dans le rapport d'octobre 2025...

Lire la suite »

Operation FrostBeacon Attacking Finance and Legal Departments with Cobalt Strike Malware

2025-12-09 09:00:19
A sophisticated malware campaign has emerged targeting financial and legal sectors in the Russian Federation, delivering the notorious Cobalt Strike remote access tool to organizations handling sensitive...

Lire la suite »

Axis acquiert FF Group pour enrichir ses caméras de surveillance

2025-12-09 08:53:49
Axis Communications, le fabricant de caméras de vidéosurveillance vient d’acquérir FF Group, un éditeur tchèque (...)

Lire la suite »

Notifications Apple : le CERT-FR alerte sur l'espionnage

2025-12-09 08:47:18
Depuis 2021, Apple prévient certaines cibles d'opérations de surveillance sophistiquées. Le CERT-FR vient de lancer une recherche auprés de français impactés....

Lire la suite »

New Multi-stage JS#SMUGGLER Malware Attack Delivers ‘NetSupport RAT' to Gain Full System Control

2025-12-09 08:25:36
A new malware campaign using multiple attack stages has been discovered that delivers NetSupport RAT through hidden web-based redirects and obfuscated code. The attack unfolds in three stages, starting...

Lire la suite »

CISA Warns of D-Link Routers Buffer Overflow Vulnerability Exploited in Attacks

2025-12-09 08:20:51
A critical buffer overflow vulnerability affecting D-Link routers has been added to the CISA catalog of Known Exploited Vulnerabilities, indicating active exploitation in the wild. The flaw, tracked as...

Lire la suite »

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

2025-12-09 08:07:00
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions...

Lire la suite »

SAP Security Patch Day: Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products

2025-12-09 07:54:02
SAP released 14 new security notes on its monthly Security Patch Day on December 9, 2025, addressing vulnerabilities across key products, including SAP Solution Manager, NetWeaver, Commerce Cloud, and...

Lire la suite »

USN-7916-1: python-apt vulnerability

2025-12-09 06:41:41
Julian Andres Klode discovered that python-apt incorrectly handled deb822 configuration files. An attacker could use this issue to cause python-apt to crash, resulting in a denial of service.

Lire la suite »

Burp Suite's Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities

2025-12-09 06:27:24
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and...

Lire la suite »

USN-7412-3: GnuPG vulnerability

2025-12-09 05:14:53
USN-7412-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GnuPG incorrectly...

Lire la suite »

AIs Quiet Move Into the Linux Kernel Raises New Linux Kernel Security Questions

2025-12-09 03:12:59
AI-written patches are starting to land in kernel discussions, and the timing has people watching closely. The code looks ordinary at first glance, yet the review notes keep circling the same point: something...

Lire la suite »

Fedora 41 ABRT Critical Command Injection Vulnerability Fix CVE-2025-12744

2025-12-09 01:38:40
Fix CVE-2025-12744

Lire la suite »

Fedora 42: mingw-libpng Important Heap Buffer Overflow Vuln 2025-9d0f04f316

2025-12-09 01:11:17
Update to libpng-1.6.51.

Lire la suite »

Fedora 43: mingw-libpng Critical Buffer Overflow Advisories 2025-f54c75f2f9

2025-12-09 00:54:28
Update to libpng-1.6.51.

Lire la suite »

FinCEN data shows .5B in ransomware payments, record spike in 2023

2025-12-09 00:26:49
Ransomware payments reported to FinCEN exceeded .5B by 2024, with 2023 marking a record year at .1B across 1,512 incidents. FinCEN analyzed ransomware trends using Bank Secrecy Act (BSA) reports filed...

Lire la suite »

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

2025-12-09 00:00:05
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations. [...]

Lire la suite »